encryption - Working with EVP and OpenSSL, coding in C -


i've seen many questions on openssl , evp, not many clear answers, figured i'd still post question here , hope better feedback.

the materials given me signed file "symmetrickey.bin", rsa key set "privatekey_a.pem", "publickey_a.pem", , other user's public key "publickey_b.pem".

what need is:

  1. unsign symmetrickey.bin , store text file.
  2. encrypt message.txt using symmetrickey.txt , algorithm aes example.
  3. sign encrypted message privatekey_a.pem , write file cipher.bin.
  4. after need unsign , verify signature on cipher.bin.
  5. then decrypt message our symmetric key write file.

the issues i'm having understanding how implement openssl evp libraries. api page not clear values each function comes from. example, evp_openinit() getting ek or length of ek "ekl"? "prvi" private key? , how know type? these things i'm not given.

i've looked @ many implementations , don't answer questions or give crazy code little no explanation of what's going on or values coming from. i'm posting here last resort...

for sign/unsign key part need further information, how signature done? example, signature x byte length @ end of file , can removed?

for items 2-5 in list following code surely assist, based on examples openssl documentation more comments , adaptations needs. feel free ask if have questions not commented!

crpytor.c

#include <string.h> #include <stdio.h> #include <unistd.h> #include <openssl/evp.h>  #define appname "c"  #define chunk_size 512 int do_crypt(file *in, file *out, int do_encrypt) {     /* allow enough space in output buffer additional block */     unsigned char inbuf[chunk_size];     unsigned char outbuf[chunk_size + evp_max_block_length];     int inlen;     int outlen;     evp_cipher_ctx ctx;     /* bogus key , iv: we'd set these      * source.      */     unsigned char key[] = { 0x13, 0xa3, 0xb4, 0xc1, 0x24, 0x19, 0xf5, 0x23, 0x18, 0xef, 0xca, 0x12, 0x4c, 0x9f, 0x14, 0xfe };     unsigned char iv[] = { 0x92, 0x1c, 0x23, 0x3f, 0x5e, 0x10, 0x3d, 0x9a };     /* don't set key or iv because modify parameters */     evp_cipher_ctx_init(&ctx);     /* using blowfish encryption cbc algorithm, can use whichever supported in openssl if wish */     evp_cipherinit_ex(&ctx, evp_bf_cbc(), null, null, null, do_encrypt);     evp_cipher_ctx_set_key_length(&ctx, 16);     /* finished modifying parameters can set key , iv */     evp_cipherinit_ex(&ctx, null, null, key, iv, do_encrypt);     for(;;)     {         inlen = fread(inbuf, 1, chunk_size, in);         if(inlen <= 0) break;         if(!evp_cipherupdate(&ctx, outbuf, &outlen, inbuf, inlen))         {             /* error */             evp_cipher_ctx_cleanup(&ctx);             return -1;         }         fwrite(outbuf, 1, outlen, out);     }     if(!evp_cipherfinal_ex(&ctx, outbuf, &outlen))     {         /* error */         evp_cipher_ctx_cleanup(&ctx);         return -1;     }     fwrite(outbuf, 1, outlen, out);     evp_cipher_ctx_cleanup(&ctx);     rewind(in);     rewind(out);     return 0; }  /* standalone encryptor entry point */ int main(int argc, char** argv) {     file *encode_file;     file *decode_file;     int enc_or_dec;     if (argc < 4)     {         printf("usage: %s [plain file] [encrypted file] [0/1 deccrypt/encrypt]\n", argv[0]);         return -1;     }     encode_file = fopen(argv[1], "r");     decode_file = fopen(argv[2], "w+");     /* stupid decimal translation */     enc_or_dec = *argv[3]-48;      do_crypt(encode_file, decode_file, enc_or_dec);     return 0; }

and makefile:

all:     gcc cryptor.c -o cryptor -g -lcrypto -i ../openssl-1.0.1f-host/include clean:     rm cryptor

this code not use evp_openinit() because used decryption, while method (and needs) require both encryption or decryption. while can use evp_openinit() initialize decryption context, replaced single call suitable decryption 2 calls suitable both encryption , decryption.

from man page:

evp_openinit() initializes cipher context ctx decryption cipher type. decrypts encrypted symmetric key of length ekl bytes passed in ek parameter using private key priv. iv supplied in iv parameter. evp_openupdate() , evp_openfinal() have same properties evp_decryptupdate() , evp_decryptfinal() routines, documented on evp_encryptinit(3) manual page.

evp_openinit() key files

if signed file referring public key file in rsa/dsa or similar format, can use this stackoverflow question better method mine key extraction file automatically (and uses evp_openinit() require)


Comments

Post a Comment

Popular posts from this blog

asp.net mvc - SSO between MVCForum and Umbraco7 -

i need integrate sso between mvcforum (forum of company) , umbraco7 (manages cms company). however struggling shared authentication work. tried several ways suggested on other threads still not running expected. here did: 1. in mvcforum (forum.mywebsite.com) 1.1. machine key in web.xml: <machinekey validationkey="the same key umbraco7" decryptionkey="the same key umbraco7" validation="sha1" decryption="aes" /> 1.2. authenticate forms in web.xml <forms name="my-sso-auth" protection="all" path="/" timeout="43200" domain="forum.mywebsite.com" loginurl="/members/logon" enablecrossappredirects="true" /> 2. in umbraco7 (news.mywebsite.com) 2.1. machine key in web.xml: <machinekey validationkey="the same key mvcforum" decryptionkey="the same key mvcforum" validation="sha1" decryption="aes" /> 2.2. a
Read more

Python Tkinter keyboard using bind -

i have problem using bind option can click button in keyboard, , call function once key pressed. tried taking other codes have similar purpose , saw i'm doing pretty same, though still have problem must've missed. thankful if me this. here's code: # -*- coding: utf-8 -*- #imports tkinter import * pil import imagetk, image import time import tkmessagebox #===========================================================================================================================================# #tkinter class class app(frame): def __init__(self, master=none): frame.__init__(self, master) self.pack() #===========================================================================================================================================# #game pieces classes class board: def __init__(self, rows = 7, columns = 6, picture_height = none, picture_width = none): self.rows = rows self.columns = columns self.picture
Read more

ubuntu - Selenium Node Not Connecting to Hub, Not Opening Port -

i'm trying set demo selenium grid. have digital ocean ubuntu 14.02 droplet. (i have 2 , tried set using 2 different machines got nowhere.) i'm trying run hub , node both locally. here input both hub, node, , nmap results. https://gist.github.com/mekhami/d5bbecca5ff0de9d2dc9 so, node starting tcp connection reset , port it's supposed operate on closed. i have had no luck in number of different options , configurations work. but... of course, worked randomly once. don't know why, don't know did, know 1 brief moment, node connected , saw on grid console. tried run test , went down again , i've never seen come up. please let me know more information can provide. update: randomly came online again. don't know happened, might related timeout or time_wait or going on. this because vm/server not have enough entropy available. to resolve problem, install haveged (or other similar things). the instructions of how install haveged on ubu
Read more