Encryption / Decryption from file

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Encryption / Decryption from file

Manuel Arguelles
Hello list,

I'm new here, I'm trying to encrypt / decrypt text in a file using the rc4,
the problem is that I'm not getting good results, here's what I'm doing for
encryption:

#include <stdio.h>
#include <stdlib.h>
#include <openssl/bio.h>
#include <openssl/evp.h>

int main(void)
{
        char buf[1024];
        int total, len, written;
        BIO *file = BIO_new_file("out.bin", "w");
        BIO *buffer = BIO_new(BIO_f_buffer());
        BIO *cipher = BIO_new(BIO_f_cipher());

        strcpy(buf, "Simple Text to Encrypt");

        BIO_set_cipher(cipher, EVP_rc4(), "mysecretkey", NULL, 1);

        BIO_push (cipher, buffer);
        BIO_push (buffer, file);

        len = strlen(buf);
        written = 0;
        for (total = 0; total < len; total += written) {
                if ((written = BIO_write(cipher, buf + total, len - total)) <=
0) {
                        if (BIO_should_retry(cipher)) {
                                written =0;
                                continue;
                        }
                        break;
                }
        }
        BIO_flush(cipher);
        BIO_free_all(cipher);
}

compiled it, and when executed I get a out.bin, then when I try to decrypt it
it fails:

$ openssl enc -d -rc4 -in out.bin -k mysecretkey
bad magic number

what I'm I doing wrong? maybe the -k -K -iv options? as BIO_set_cipher as well
maybe?

Regards and thank for your time
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Encryption / Decryption from file

Kyle Hamilton
'bad magic number' could actually be an OS error.  Has that openssl
binary worked for you before on other commands?

-Kyle H

On 3/9/06, Manuel Arguelles <[hidden email]> wrote:

> Hello list,
>
> I'm new here, I'm trying to encrypt / decrypt text in a file using the rc4,
> the problem is that I'm not getting good results, here's what I'm doing for
> encryption:
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <openssl/bio.h>
> #include <openssl/evp.h>
>
> int main(void)
> {
>         char buf[1024];
>         int total, len, written;
>         BIO *file = BIO_new_file("out.bin", "w");
>         BIO *buffer = BIO_new(BIO_f_buffer());
>         BIO *cipher = BIO_new(BIO_f_cipher());
>
>         strcpy(buf, "Simple Text to Encrypt");
>
>         BIO_set_cipher(cipher, EVP_rc4(), "mysecretkey", NULL, 1);
>
>         BIO_push (cipher, buffer);
>         BIO_push (buffer, file);
>
>         len = strlen(buf);
>         written = 0;
>         for (total = 0; total < len; total += written) {
>                 if ((written = BIO_write(cipher, buf + total, len - total)) <=
> 0) {
>                         if (BIO_should_retry(cipher)) {
>                                 written =0;
>                                 continue;
>                         }
>                         break;
>                 }
>         }
>         BIO_flush(cipher);
>         BIO_free_all(cipher);
> }
>
> compiled it, and when executed I get a out.bin, then when I try to decrypt it
> it fails:
>
> $ openssl enc -d -rc4 -in out.bin -k mysecretkey
> bad magic number
>
> what I'm I doing wrong? maybe the -k -K -iv options? as BIO_set_cipher as well
> maybe?
>
> Regards and thank for your time
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Encryption / Decryption from file

Dr. Stephen Henson
In reply to this post by Manuel Arguelles
On Thu, Mar 09, 2006, Manuel Arguelles wrote:

>
> $ openssl enc -d -rc4 -in out.bin -k mysecretkey
> bad magic number
>
> what I'm I doing wrong? maybe the -k -K -iv options? as BIO_set_cipher as well
> maybe?
>

With the default options the 'enc' command uses a salted key derivation
algorithm which avoids certain known plaintext attacks. Those are particularly
important with stream ciphers such as RC4. It also includes some data at the
beggining of the data so that form can be recognized.

Your program seems to be using the passphrase directly as the key. So the two
formats are incompatible and the 'enc' program is detecting that.

You can make the 'enc' command do the same if you use the -nosalt option.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Encryption / Decryption from file

Manuel Arguelles
In reply to this post by Kyle Hamilton
well yes:

$ cat in.txt
hello
$ openssl enc -e -rc4 -out out.bin -k mysecretkey -in in.txt
$ openssl enc -d -rc4 -in out.bin -k mysecretkey
hello

and the openssl api should be compatible with the binary cli right??

Regards

On Thu 09 Mar 2006 18:05, Kyle Hamilton wrote:

> 'bad magic number' could actually be an OS error.  Has that openssl
> binary worked for you before on other commands?
>
> -Kyle H
>
> On 3/9/06, Manuel Arguelles <[hidden email]> wrote:
> > Hello list,
> >
> > I'm new here, I'm trying to encrypt / decrypt text in a file using the
> > rc4, the problem is that I'm not getting good results, here's what I'm
> > doing for encryption:
> >
> > #include <stdio.h>
> > #include <stdlib.h>
> > #include <openssl/bio.h>
> > #include <openssl/evp.h>
> >
> > int main(void)
> > {
> >         char buf[1024];
> >         int total, len, written;
> >         BIO *file = BIO_new_file("out.bin", "w");
> >         BIO *buffer = BIO_new(BIO_f_buffer());
> >         BIO *cipher = BIO_new(BIO_f_cipher());
> >
> >         strcpy(buf, "Simple Text to Encrypt");
> >
> >         BIO_set_cipher(cipher, EVP_rc4(), "mysecretkey", NULL, 1);
> >
> >         BIO_push (cipher, buffer);
> >         BIO_push (buffer, file);
> >
> >         len = strlen(buf);
> >         written = 0;
> >         for (total = 0; total < len; total += written) {
> >                 if ((written = BIO_write(cipher, buf + total, len -
> > total)) <= 0) {
> >                         if (BIO_should_retry(cipher)) {
> >                                 written =0;
> >                                 continue;
> >                         }
> >                         break;
> >                 }
> >         }
> >         BIO_flush(cipher);
> >         BIO_free_all(cipher);
> > }
> >
> > compiled it, and when executed I get a out.bin, then when I try to
> > decrypt it it fails:
> >
> > $ openssl enc -d -rc4 -in out.bin -k mysecretkey
> > bad magic number
> >
> > what I'm I doing wrong? maybe the -k -K -iv options? as BIO_set_cipher as
> > well maybe?
> >
> > Regards and thank for your time
> > ______________________________________________________________________
> > OpenSSL Project                                 http://www.openssl.org
> > User Support Mailing List                    [hidden email]
> > Automated List Manager                           [hidden email]
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Encryption / Decryption from file

Manuel Arguelles
In reply to this post by Dr. Stephen Henson
you mean like this?

$ openssl enc -d -rc4 -in out.bin -k mysecretkey -nosalt
¨Å¥
óVRCÑÆMðù6o

or maybe using the -K -iv options

key[0]=0xA0; key[1]=0xA1;
iv[0]=0xB0; iv[1]=0xB1;
BIO_set_cipher(cipher, EVP_rc4(), key, iv, 1);

can I use
openssl enc -d -rc4 -in out.bin -K A0A1 -iv B0B1

??


On Thu 09 Mar 2006 18:23, Dr. Stephen Henson wrote:

> On Thu, Mar 09, 2006, Manuel Arguelles wrote:
> > $ openssl enc -d -rc4 -in out.bin -k mysecretkey
> > bad magic number
> >
> > what I'm I doing wrong? maybe the -k -K -iv options? as BIO_set_cipher as
> > well maybe?
>
> With the default options the 'enc' command uses a salted key derivation
> algorithm which avoids certain known plaintext attacks. Those are
> particularly important with stream ciphers such as RC4. It also includes
> some data at the beggining of the data so that form can be recognized.
>
> Your program seems to be using the passphrase directly as the key. So the
> two formats are incompatible and the 'enc' program is detecting that.
>
> You can make the 'enc' command do the same if you use the -nosalt option.
>
> Steve.
> --
> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
> OpenSSL project core developer and freelance consultant.
> Funding needed! Details on homepage.
> Homepage: http://www.drh-consultancy.demon.co.uk
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Encryption / Decryption from file

Dr. Stephen Henson
On Thu, Mar 09, 2006, Manuel Arguelles wrote:

> you mean like this?
>
> $ openssl enc -d -rc4 -in out.bin -k mysecretkey -nosalt
> ¨Å¥
> óVRCÑÆMðù6o
>
> or maybe using the -K -iv options
>
> key[0]=0xA0; key[1]=0xA1;
> iv[0]=0xB0; iv[1]=0xB1;
> BIO_set_cipher(cipher, EVP_rc4(), key, iv, 1);
>
> can I use
> openssl enc -d -rc4 -in out.bin -K A0A1 -iv B0B1
>

Well RC4 is a stream cipher meaning that it doesn't have an IV. Also the
buffer passed to the key argument must contain a key of the required length.
If it isn't it will use whatever data is in memory after the supplied pointer.

In the case of RC4 the default length is 128 bits so for test purposes use a
string with exactly 16 characters in it.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Encryption / Decryption from file

Manuel Arguelles
Nothing :(

I just used the 16 character (and more) key but nothing, openssl complains
when I pass a -K without a -iv should I use -k instead?

so far I can't decrypt anything with the cli that was encrypted with the lib,
is there any documentation about that? for rc4 or similar ciphers? (no iv)

thanks

On Thu 09 Mar 2006 19:47, Dr. Stephen Henson wrote:

> On Thu, Mar 09, 2006, Manuel Arguelles wrote:
> > you mean like this?
> >
> > $ openssl enc -d -rc4 -in out.bin -k mysecretkey -nosalt
> > ¨Å¥
> > óVRCÑÆMðù6o
> >
> > or maybe using the -K -iv options
> >
> > key[0]=0xA0; key[1]=0xA1;
> > iv[0]=0xB0; iv[1]=0xB1;
> > BIO_set_cipher(cipher, EVP_rc4(), key, iv, 1);
> >
> > can I use
> > openssl enc -d -rc4 -in out.bin -K A0A1 -iv B0B1
>
> Well RC4 is a stream cipher meaning that it doesn't have an IV. Also the
> buffer passed to the key argument must contain a key of the required
> length. If it isn't it will use whatever data is in memory after the
> supplied pointer.
>
> In the case of RC4 the default length is 128 bits so for test purposes use
> a string with exactly 16 characters in it.
>
> Steve.
> --
> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
> OpenSSL project core developer and freelance consultant.
> Funding needed! Details on homepage.
> Homepage: http://www.drh-consultancy.demon.co.uk
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Encryption / Decryption from file

Dr. Stephen Henson
On Fri, Mar 10, 2006, Manuel Arguelles wrote:

> Nothing :(
>
> I just used the 16 character (and more) key but nothing, openssl complains
> when I pass a -K without a -iv should I use -k instead?
>
> so far I can't decrypt anything with the cli that was encrypted with the lib,
> is there any documentation about that? for rc4 or similar ciphers? (no iv)
>

Note that you have to use the hex format of the key for the -K option. So
you'd pass 16 characters in your program and use the 32 hex digits
representing their values for the -K option.

Just use anything for -iv, it wont be used for RC4.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Encryption / Decryption from file

Manuel Arguelles
Done, thanks!! :D

On Fri 10 Mar 2006 11:54, Dr. Stephen Henson wrote:

> On Fri, Mar 10, 2006, Manuel Arguelles wrote:
> > Nothing :(
> >
> > I just used the 16 character (and more) key but nothing, openssl
> > complains when I pass a -K without a -iv should I use -k instead?
> >
> > so far I can't decrypt anything with the cli that was encrypted with the
> > lib, is there any documentation about that? for rc4 or similar ciphers?
> > (no iv)
>
> Note that you have to use the hex format of the key for the -K option. So
> you'd pass 16 characters in your program and use the 32 hex digits
> representing their values for the -K option.
>
> Just use anything for -iv, it wont be used for RC4.
>
> Steve.
> --
> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
> OpenSSL project core developer and freelance consultant.
> Funding needed! Details on homepage.
> Homepage: http://www.drh-consultancy.demon.co.uk
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]