Hello, We are using Openssl-1.0.2a with FIPS 2.0.9 on Linux PPC environment. We have code that we assume needs updating, to avoid using low level routines in FIPS. For example, our snmp v3 implementation currently decrypts/encrypts using AES_set_encrypt_key() and AES_cfb128_encrypt(). The old decryption routine is as follows: BOOL /* TRUE:=ok, FALSE=error condition */ sc_aes_decrypt(SN_PRIVPROT privProto, /* usm priv protocol type */ UCHAR * key, /* priv key */ UINT keylen, /* priv key length */ UCHAR * iv, /* iv buffer */ UINT ivlen, /* iv length */ UCHAR * ciphertext, /* encrypted buffer: the cipher text */ UINT ctlen, /* encrypted data length */ UCHAR * plaintext, /* OUT: decrypted buffer */ int *ptlen) { /* IN: decrypt buf len, OUT: decrypt data */ static char fname[] = "sc_aes_decrypt"; AES_KEY aes_key; char my_iv[16]; int new_ivlen = 0; int ret; ret = AES_set_encrypt_key(key, (keylen * 8), &aes_key); if (ret < 0) { errorMsg("%s: call to AES_set_encrypt_key() failed (error=%d)", fname, ret); return FALSE; } memcpy(my_iv, iv, ivlen); /* * Decrypt the data. */ AES_cfb128_encrypt(ciphertext, plaintext, ctlen, &aes_key, my_iv, &new_ivlen, AES_DECRYPT); *ptlen = ctlen; return TRUE; } AES_set_encrypt_key() is no longer useable in FIPS mode as shown in the following code snippet from openssl-1.0.2a/crypto/aes/aes_misc.c - /* FIPS wrapper functions to block low level AES calls in FIPS mode */ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) { #ifdef OPENSSL_FIPS fips_cipher_abort(AES); #endif return private_AES_set_encrypt_key(userKey, bits, key); } I could not find a parallel routine for AES_set_encrypt_key() in the high level EVP routines. I also looked on the Openssl wiki. Do I need one? Does one exist? I am attempting to replace the old code with FIPS safe EVP routines EVP_CIPHER_CTX_init(), EVP_DecryptInit_ex() using EVP_aes_128_cfb, EVP_DecryptUpdate(), EVP_DecryptFinal_ex() and EVP_CIPHER_CTX_cleanup(). The data passed into the decrypt routine is not a fixed length (not necessarily a multiple of block size). Is that the correct path? Are there any gotchas I should watch out for, for example, with padding issues? I am asking because my first attempt at the new code results in a decryption error from Openssl crypto/evp/evp_enc.c EVP_DecryptFinal_ex() line 519 if (b > 1) { if (ctx->buf_len) { EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH); return (0); } Any help/guidance would be most appreciated. Thank you. Phil Bellino Principal Software Engineer | MRV Communications Inc. 300 Apollo Drive | Chelmsford, MA 01824 Phone: 978-674-6870 | Fax: 978-674-6799 www.mrv.com [MRV-email] [E-Banner]<http://www.mrv.com/landing/video-datasheet-mrvs-optidriver-platform> The contents of this message, together with any attachments, are intended only for the use of the person(s) to whom they are addressed and may contain confidential and/or privileged information. If you are not the intended recipient, immediately advise the sender, delete this message and any attachments and note that any distribution, or copying of this message, or any attachment, is prohibited. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150406/dc75d1f3/attachment-0001.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 6563 bytes Desc: image001.png URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150406/dc75d1f3/attachment-0001.png>