Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

CyaSSL and Block Ciphers

Help
WJX
2009-05-12
2013-04-23
  • WJX
    WJX
    2009-05-12

    Hi,

    I wanted to know if I can use Block Ciphers with CyaSSL like:

    #include <openssl/ssl.h>
    #include <openssl/evp.h>

    int encrypt(char* in_data, char* out_data, int data_len)
    {
         DES_ECB_Encryption enc;

         enc.SetKey(key, 256);
         enc.Process(out_data, in_data, data_len);

    }

    or it's just a YaSSL feature? Do I miss something?

    Thank you.

     
    • WJX
      WJX
      2009-05-12

      *****More info******

      the fact is: it not reconize `DES_ECB_Encryption'. what should i must include? this is not wrapped by evp.h? In fact I did not sse any of this in the header, Do I should include it from the ctaocrypt/include?

       
      • Todd Ouska
        Todd Ouska
        2009-05-12

        While both yaSSL and CyaSSL have an OpenSSL compatibility layer for SSL functionality, each have their own crypto API.  yaSSL's is in C++ and CyaSSL's is in C.

        To use CyaSSL's crypto look at ctaocrypt/test/test.c for examples, e.g., DES can be used with:

        Des enc;

        Des_SetKey()
        Des_CbcEncrypt()

        the header is <des3.h> which includes both DES and 3DES.

         
    • WJX
      WJX
      2009-05-12

      I don't see any IV support too... Im lost there is no Decryptfinal for random plaintext size? Do I did'nt understood basic stuff?

       
      • Todd Ouska
        Todd Ouska
        2009-05-12

        ECB mode doesn't have an IV and shouldn't ever be used.  CBC mode, which CyaSSL supports, does have an IV and it is set during the SetKey call.

        Block padding at the end of plaintext is typically an application issue.  For example, SSL uses a few different types and sets it up itself, it then calls CTaoCrypt to actually encrypt the data.

         
    • WJX
      WJX
      2009-05-12

      Thank for the fast answer, I will be able to continue like if it was a google search, thanks a lot, I will try to figure it out.

       
    • WJX
      WJX
      2009-05-13

      By: Todd Ouska (touska) - 2009-05-12 17:42:
      "Block padding at the end of plaintext is typically an application issue. For example, SSL uses a few different types and sets it up itself, it then calls CTaoCrypt to actually encrypt the data."

      I would like to use the same logic as CYaSSL. Can you easily point me in the CYaSSL source where it is done? I searched a lot, I tried also many stuff to padding.

      I also tried the ARC4 Stream Cipher with almost the same code as test.c, but the functions output nothing in output bytes or output length, but it's not important for this post.

      Thanks,

       
      • Todd Ouska
        Todd Ouska
        2009-05-13

        BuildMessage() in cyassl_int.c is a good place to look.  There you will see padding in action, take a look at the pad variable.

        There is no output length for a stream cipher, the output length is the input length.  Are you not passing an input length?  Take a closer look at the example.

         
      • Todd Ouska
        Todd Ouska
        2009-05-13

        Actually, the test.c code for Arc4Process() is misleading by name, the .outputlen variable is the same as .inputlen which was copied from another spot.  The variable is read-only and an input length parameter.  Sorry for the confusion.

         
    • WJX
      WJX
      2009-05-17

      Hi,

      Just to say, I finally put my brain to ON and write padding block functions, its only fews lines and work in every condition, so now I can use any block cipher as stream cipher.