Hi all, So, I found some hints on stack overflow (https://stackoverflow.com/questions/6772465/is-there-any-c-api-in-openssl-to-derive-a-key-from-given-string) and an implementation with pyCrypto (https://gist.github.com/mimoo/11383475). I still can't get the expected results but these raise some questions: how many iteration of PBKDF must I do ? Must the result of the encryption be hashed with HMAC ? Kind regards, Alexis. Le ven. 1 févr. 2019 à 13:58, Alexis BRENON @OpenSSL <brenon.alexis+openssl@xxxxxxxxx> a écrit : > > i everyone, > > I am looking for some documentation on how to pad and/or derive my > message and my key (from simple password), to mimic AES 128 ECB > en/decryption. > > For a decorative purpose (no security consideration in mind), I used > openssl to encrypt a small message (less than 16 bytes) with a small > key (less than 16 bytes). I used an AES 128 ECB encryption algorithm > with no salt. Here is the command line I used: > printf 'my message' | openssl enc -aes-128-ecb -nosalt -pass pass:word > This gave me a block of 16 bytes that I plotted with a script. Then I > have another script which rebuild the ciphered message from the list > of 0s and 1s that I can enter manually and then decrypt the message > with: > openssl enc -d -aes-128-ecb -nosalt -pass pass:word > And this worked like a charm. > > However, recently I saw that running these commands output a warning: > *** WARNING : deprecated key derivation used. > Using -iter or -pbkdf2 would be better. > So I decided to re-write the scripts to make the en/decryption on > their own, not relying on future implementations of openssl. Since > then, I could not reproduce the same results as the ones obtained with > openssl (compatibility required to be able to decrypt already printed > arts). > > My scripts are in Python and I use pycrypto library which provides AES > 128 ECB algorithms but does not make any padding (it is the > responsability of the user to pad her data). It seems that the message > should be padded using PKCS7 (RFC 2315) standard. Nevertheless, I did > not really understand how to pad/derive a 128 bits key from my simple > password. In openssl code base, it seems to use some CRYPTO_128_wrap > function, but I don't understand it very well. > > So, do you know some documentation or example on how to achieve the > same behavior than openssl. Is there anything that I also must take > care of ? > > Kind regards, > Alexis. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
