#21 mcrypt key modes
I've spent some time reading different manpages and examples in vain; I cannot
figure out how the key modes function in mcrypt.
I would like to know what input mcrypt expects and what's done to the
key internally before encryption.
- What´s the default input format? Binary? Hex? String?
- Is the key hashed (SHA-1? as told in an old manpage),
padded/truncated to fit the algoritm?
I'm encrypting with a password (string). If I stick to the default key
mode, should the key passed to mcrypt be in binary form? Should it be
truncated to the appropriate length?
I've tested to hash the key to HEX, trunkate it and binarise it with
pack (as in the example in the php manpage). As an alternative I've tested
to hash it directly to binary form and not truncate. Both ways work as a
charm, but are not compatible: the same password cannot decrypt both
variants.
Ideally I would like to use some keywrapping eg PBKDF2. What key mode
would be appropriate? How to proceed?
