encryption - Working with EVP and OpenSSL, coding in C -


i've seen many questions on openssl , evp, not many clear answers, figured i'd still post question here , hope better feedback.

the materials given me signed file "symmetrickey.bin", rsa key set "privatekey_a.pem", "publickey_a.pem", , other user's public key "publickey_b.pem".

what need is:

  1. unsign symmetrickey.bin , store text file.
  2. encrypt message.txt using symmetrickey.txt , algorithm aes example.
  3. sign encrypted message privatekey_a.pem , write file cipher.bin.
  4. after need unsign , verify signature on cipher.bin.
  5. then decrypt message our symmetric key write file.

the issues i'm having understanding how implement openssl evp libraries. api page not clear values each function comes from. example, evp_openinit() getting ek or length of ek "ekl"? "prvi" private key? , how know type? these things i'm not given.

i've looked @ many implementations , don't answer questions or give crazy code little no explanation of what's going on or values coming from. i'm posting here last resort...

for sign/unsign key part need further information, how signature done? example, signature x byte length @ end of file , can removed?

for items 2-5 in list following code surely assist, based on examples openssl documentation more comments , adaptations needs. feel free ask if have questions not commented!

crpytor.c

#include <string.h> #include <stdio.h> #include <unistd.h> #include <openssl/evp.h>  #define appname "c"  #define chunk_size 512 int do_crypt(file *in, file *out, int do_encrypt) {     /* allow enough space in output buffer additional block */     unsigned char inbuf[chunk_size];     unsigned char outbuf[chunk_size + evp_max_block_length];     int inlen;     int outlen;     evp_cipher_ctx ctx;     /* bogus key , iv: we'd set these      * source.      */     unsigned char key[] = { 0x13, 0xa3, 0xb4, 0xc1, 0x24, 0x19, 0xf5, 0x23, 0x18, 0xef, 0xca, 0x12, 0x4c, 0x9f, 0x14, 0xfe };     unsigned char iv[] = { 0x92, 0x1c, 0x23, 0x3f, 0x5e, 0x10, 0x3d, 0x9a };     /* don't set key or iv because modify parameters */     evp_cipher_ctx_init(&ctx);     /* using blowfish encryption cbc algorithm, can use whichever supported in openssl if wish */     evp_cipherinit_ex(&ctx, evp_bf_cbc(), null, null, null, do_encrypt);     evp_cipher_ctx_set_key_length(&ctx, 16);     /* finished modifying parameters can set key , iv */     evp_cipherinit_ex(&ctx, null, null, key, iv, do_encrypt);     for(;;)     {         inlen = fread(inbuf, 1, chunk_size, in);         if(inlen <= 0) break;         if(!evp_cipherupdate(&ctx, outbuf, &outlen, inbuf, inlen))         {             /* error */             evp_cipher_ctx_cleanup(&ctx);             return -1;         }         fwrite(outbuf, 1, outlen, out);     }     if(!evp_cipherfinal_ex(&ctx, outbuf, &outlen))     {         /* error */         evp_cipher_ctx_cleanup(&ctx);         return -1;     }     fwrite(outbuf, 1, outlen, out);     evp_cipher_ctx_cleanup(&ctx);     rewind(in);     rewind(out);     return 0; }  /* standalone encryptor entry point */ int main(int argc, char** argv) {     file *encode_file;     file *decode_file;     int enc_or_dec;     if (argc < 4)     {         printf("usage: %s [plain file] [encrypted file] [0/1 deccrypt/encrypt]\n", argv[0]);         return -1;     }     encode_file = fopen(argv[1], "r");     decode_file = fopen(argv[2], "w+");     /* stupid decimal translation */     enc_or_dec = *argv[3]-48;      do_crypt(encode_file, decode_file, enc_or_dec);     return 0; }

and makefile:

all:     gcc cryptor.c -o cryptor -g -lcrypto -i ../openssl-1.0.1f-host/include clean:     rm cryptor

this code not use evp_openinit() because used decryption, while method (and needs) require both encryption or decryption. while can use evp_openinit() initialize decryption context, replaced single call suitable decryption 2 calls suitable both encryption , decryption.

from man page:

evp_openinit() initializes cipher context ctx decryption cipher type. decrypts encrypted symmetric key of length ekl bytes passed in ek parameter using private key priv. iv supplied in iv parameter. evp_openupdate() , evp_openfinal() have same properties evp_decryptupdate() , evp_decryptfinal() routines, documented on evp_encryptinit(3) manual page.

evp_openinit() key files

if signed file referring public key file in rsa/dsa or similar format, can use this stackoverflow question better method mine key extraction file automatically (and uses evp_openinit() require)


Comments

Post a Comment

Popular posts from this blog

jquery - How do you format the date used in the popover widget title of FullCalendar? -

Image
in fullcalendar, how format date used in popover widget title when clicking '+n more'? code: <div class="fc-popover fc-more-popover"> <div class="fc-header fc-widget-header"> <span class="fc-close fc-icon fc-icon-x"></span> <span class="fc-title">tuesday, april 7</span> ... </div> ... </div> you use daypopoverformat that. determines date format of title of popover created eventlimitclick option. must date formatting string. default value "dddd, mmmm d" english , "ll" other languages.
Read more

asp.net mvc - SSO between MVCForum and Umbraco7 -

i need integrate sso between mvcforum (forum of company) , umbraco7 (manages cms company). however struggling shared authentication work. tried several ways suggested on other threads still not running expected. here did: 1. in mvcforum (forum.mywebsite.com) 1.1. machine key in web.xml: <machinekey validationkey="the same key umbraco7" decryptionkey="the same key umbraco7" validation="sha1" decryption="aes" /> 1.2. authenticate forms in web.xml <forms name="my-sso-auth" protection="all" path="/" timeout="43200" domain="forum.mywebsite.com" loginurl="/members/logon" enablecrossappredirects="true" /> 2. in umbraco7 (news.mywebsite.com) 2.1. machine key in web.xml: <machinekey validationkey="the same key mvcforum" decryptionkey="the same key mvcforum" validation="sha1" decryption="aes" /> 2.2. a...
Read more

Python Tkinter keyboard using bind -

i have problem using bind option can click button in keyboard, , call function once key pressed. tried taking other codes have similar purpose , saw i'm doing pretty same, though still have problem must've missed. thankful if me this. here's code: # -*- coding: utf-8 -*- #imports tkinter import * pil import imagetk, image import time import tkmessagebox #===========================================================================================================================================# #tkinter class class app(frame): def __init__(self, master=none): frame.__init__(self, master) self.pack() #===========================================================================================================================================# #game pieces classes class board: def __init__(self, rows = 7, columns = 6, picture_height = none, picture_width = none): self.rows = rows self.columns = columns self.picture ...
Read more