How to do AES-256-CBC encryption with EVP_CIPHER_CTX now opaque?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

I am relatively new to using OpenSSL libraries in C so please accept my apologies if this may sound simple for most of you.

I have an algorithm that I implemented in 1.0.1c to perform AES-256-CBC encryption, which no longer compiles due to EVP_CIPHER_CTX now being opaque in 1.1.0+.  Here is the algorithm in question (Objective-C mixed in..):

+(NSData *)encryptReport:(NSData *)report usingKey:(NSData *)key withIV:(NSData *)iv
{
    const unsigned BUFSIZE=4096;
    unsigned char *read_buf = malloc(BUFSIZE);
    unsigned char *cipher_buf;
    unsigned blocksize;
    int out_len;
    int reportIndex = 0;
    EVP_CIPHER_CTX ctx;

    EVP_CipherInit(&ctx, EVP_aes_256_cbc(), key.bytes, iv.bytes, 1);
    blocksize = EVP_CIPHER_CTX_block_size(&ctx);
    cipher_buf = malloc(BUFSIZE + blocksize);
    memset(cipher_buf,0,BUFSIZE + blocksize);

    NSMutableData *encryptedData = [NSMutableData dataWithCapacity:report.length + blocksize];
    while (1) {

        // Read in data in blocks until EOF. Update the ciphering with each read.
        int numRead = MIN(BUFSIZE,(int)report.length-reportIndex);
        memcpy(read_buf, &report.bytes[reportIndex], numRead);

        EVP_CipherUpdate(&ctx, cipher_buf, &out_len, read_buf, numRead);
        [encryptedData appendBytes:cipher_buf length:out_len];
        if (numRead < BUFSIZE) { // EOF
            break;
        }
        reportIndex += numRead;
    }

    // Now cipher the final block and write it out.

    EVP_CipherFinal(&ctx, cipher_buf, &out_len);
    [encryptedData appendBytes:cipher_buf length:out_len];

    // Free memory
    free(cipher_buf);
    free(read_buf);
    return [NSData dataWithData:encryptedData];
}

The error I get is “Variable has incomplete type ‘EVP_CIPHER_CTX’ (aka ‘struct evp_cipher_ctx_st’)”.  Looking at the diff between the releases, I can see the structure definition has been removed.  

Question 1: Are there other functions I should have been using to implement AES-256-CBC than the EVP methods above?

Question 2: If EVP is the way to go for implementing AES-256-CBC, which functions should I be looking at to not require EVP_CIPHER_CTX variable declaration?

Thanks!

Dave Poirier
skype: ekscrypto
twitter: @ekscrypto
facebook: /ekscrypto

All I need is a towel, everything else can be answered by 42.



-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux