Hello,
I'm trying to use the CFB1 mode for AES-128.
However I'm having a bit of trouble interpreting the encrypt output.
I believe the EVP_EnvryptUpdate should get the data length in BITS (other
algorithms it should use in bytes). Is it correct?
How can I interpret the output correctly?
I got my testing data from the FIPS140 test vectors.
Here is a quick code snippet to illustrate it:
#include <openssl/evp.h>
#include <string.h>
int main() {
unsigned char outbuf[1024];
int outlen, tmplen;
// From FIPS 140 test vectors (CFB1MCT128.rsp):
// COUNT = 0
// KEY = 6f219ca589944101d9b8d1997ec7f384
// IV = 00179d5c1f0436af09de22c09825b02d
// PLAINTEXT = 0
// CIPHERTEXT = 0
unsigned char key[] = {0x6f, 0x21, 0x9c, 0xa5, 0x89, 0x94,
0x41, 0x01, 0xd9, 0xb8, 0xd1, 0x99, 0x7e, 0xc7, 0xf3, 0x84};
unsigned char iv[] = {0x00, 0x17, 0x9d, 0x5c, 0x1f, 0x04,
0x36, 0xaf, 0x09, 0xde, 0x22, 0xc0, 0x98, 0x25, 0xb0, 0x2d};
unsigned char intext[] = {0x00};
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit_ex(&ctx, EVP_aes_128_cfb1(), NULL, key, iv);
// EVP_EnvryptUpdate expects the number of bits or bytes in
CFB1 mode?
int datalen = 1;
if (!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext,
datalen)) return 1;
if (!EVP_EncryptFinal_ex(&ctx, outbuf + outlen, &tmplen))
return 1;
outlen += tmplen;
EVP_CIPHER_CTX_cleanup(&ctx);
for (int ii = 0; ii < outlen; ++ii) printf("%02x",
outbut[ii]);
printf("\n");
// outbuf should contain CIPHERTEXT. However, it contains
one single byte: 0x47 (71 decimal).
return 0;
}
Thanks very much.
Best,
Marcus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150519/85e78f02/attachment.html>
