[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU Crypto] GNU Crypto and OpenSSL
From: |
Ben |
Subject: |
Re: [GNU Crypto] GNU Crypto and OpenSSL |
Date: |
Sun, 04 Jan 2004 01:43:37 -0800 |
Thanks a bunch for pointing me in the right direction on this. I fixed
up my code and thought I had it down, but now I am having another
problem. Only the first 8 bytes (1 block) of my data is being
encrypted, the rest is just 0's. I have 16 bytes total, and CBC mode is
supposed to encrypt multiples of 8 bytes right? Here is my encryption
function:
public byte[] encPayload(byte[] data, String keyStr) {
byte[] encData = new byte[data.length];
byte[] ivec = new byte[8];
Map attrib = new HashMap();
/* Set ivec to all 0's */
for(int i = 0; i < ivec.length; i++)
ivec[i] = 0;
IMode blowfish_cbc = ModeFactory.getInstance(Registry.CBC_MODE,
Registry.BLOWFISH_CIPHER, 8);
attrib.put(IMode.IV, ivec);
attrib.put(IMode.KEY_MATERIAL, keyStr.getBytes());
attrib.put(IMode.STATE, new Integer(IMode.ENCRYPTION));
try {
blowfish_cbc.init(attrib);
}
catch (InvalidKeyException e) {
System.out.println("ERROR: "+e.toString());
System.exit(1);
}
blowfish_cbc.update(data, 0, encData, 0);
return encData;
}
What am I doing wrong here?
Thanks again,
Ben
On Sun, 2004-01-04 at 00:16, Casey Marshall wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> >>>>> "Ben" == Ben <address@hidden> writes:
>
> Ben> Hi, I am trying to write a Java program that exchanges
> Ben> Blowfish-encrypted data with a C program. The C program uses the
> Ben> OpenSSL libraries (BF_cbc_encrypt() specifically) to do the
> Ben> encryption/decryption, and the Java program is using the GNU
> Ben> Crypto Blowfish class. It isn't working. I am thinking this
> Ben> might be because of the initialization vector. BF_cbc_encrypt
> Ben> requires an initialization vector, which I have set to 0, but I
> Ben> can't find a way to set this or even see that it exists in GNU
> Ben> Crypto. Is it possible to make these two libraries work
> Ben> together?
>
> You need to use the mode API for CBC. The cipher API is a low-level,
> ECB-only one.
>
> Your Java application would look something like this:
>
> ===
> import gnu.crypto.Registry;
> import gnu.crypto.IMode;
> import gnu.crypto.ModeFactory;
>
> ...
>
> Map attrib = ...;
> IMode blowfish_cbc = ModeFactory.getInstance(Registry.CBC_MODE,
> Registry.BLOWFISH_CIPHER, 8);
>
> attrib.put(IMode.IV, your_iv); // byte[]
> attrib.put(IMode.KEY_MATERIAL, your_key); // byte[]
> attrib.put(IMode.STATE, new Integer(IMode.ENCRYPTION));
>
> blowfish_cbc.init(attrib);
>
> // in and out are byte[], offsets are int.
> blowfish_cbc.update(in, in_offset, out, out_offset);
>
> ...
> ===
>
> Also note that our CBC mode does not allow the input buffer to be the
> same as the output buffer. This will probably change eventually.
>
> Cheers.
>
> - --
> Casey Marshall || address@hidden
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
> Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/>
>
> iD8DBQE/98v4gAuWMgRGsWsRAjq/AJ4xODc2TlZGjGw+6ViEo0AFxdL3agCfa4Ra
> u92koxfcLow6ijfQDfVNeEo=
> =4aLx
> -----END PGP SIGNATURE-----
--
Ben <address@hidden>