Topic: wolfSSL and Block Ciphers

[Migrated from SourceForge forums]

weejamx
(2009-05-12 21:15:23 UTC)

Hi,

I wanted to know if I can use Block Ciphers with wolfSSL like:

#include <openssl/ssl.h>
#include <openssl/evp.h>

int encrypt(char* in_data, char* out_data, int data_len)
{
     DES_ECB_Encryption enc;

     enc.SetKey(key, 256);
     enc.Process(out_data, in_data, data_len);
}

or it's just a YaSSL feature? Do I miss something?

Thank you.
weejamx


weejamx
(2009-05-12 21:18:24 UTC)

*****More info******

the fact is: it not reconize `DES_ECB_Encryption'. what should i must include? this is not wrapped by evp.h? In fact I did not sse any of this in the header, Do I should include it from the ctaocrypt/include?

I don't see any IV support too... Im lost there is no Decryptfinal for random plaintext size? Do I did'nt understood basic stuff?


touska
(2009-05-12 21:31:06 UTC)

While both yaSSL and wolfSSL have an OpenSSL compatibility layer for SSL functionality, each have their own crypto API.  yaSSL's is in C++ and wolfSSL's is in C.

To use wolfSSL's crypto look at wolfcrypt/test/test.c for examples, e.g., DES can be used with:

Des enc;

Des_SetKey()
Des_CbcEncrypt()

the header is <des3.h> which includes both DES and 3DES.


touska
(2009-05-12 21:42:56 UTC)

ECB mode doesn't have an IV and shouldn't ever be used.  CBC mode, which wolfSSL supports, does have an IV and it is set during the SetKey call.

Block padding at the end of plaintext is typically an application issue.  For example, SSL uses a few different types and sets it up itself, it then calls wolfCrypt to actually encrypt the data.


weejamx
(2009-05-12 21:58:38 UTC)

Thank for the fast answer, I will be able to continue like if it was a google search, thanks a lot, I will try to figure it out.


weejamx
(2009-05-13 22:31:00 UTC)

By: Todd Ouska (touska) - 2009-05-12 17:42:

"Block padding at the end of plaintext is typically an application issue. For example, SSL uses a few different types and sets it up itself, it then calls CTaoCrypt to actually encrypt the data."

I would like to use the same logic as wolfSSL. Can you easily point me in the wolfSSL source where it is done? I searched a lot, I tried also many stuff to padding.

I also tried the ARC4 Stream Cipher with almost the same code as test.c, but the functions output nothing in output bytes or output length, but it's not important for this post.

Thanks


touska
(2009-05-13 23:01:20 UTC)

BuildMessage() in cyassl_int.c is a good place to look.  There you will see padding in action, take a look at the pad variable.

There is no output length for a stream cipher, the output length is the input length.  Are you not passing an input length?  Take a closer look at the example.


touska
(2009-05-13 23:06:56 UTC)

Actually, the test.c code for Arc4Process() is misleading by name, the .outputlen variable is the same as .inputlen which was copied from another spot.  The variable is read-only and an input length parameter.  Sorry for the confusion.


weejamx
(2009-05-17 15:15:21 UTC)

Hi,

Just to say, I finally put my brain to ON and write padding block functions, its only fews lines and work in every condition, so now I can use any block cipher as stream cipher.