I'd like to use the OpenSSL library to decrypt some AES data. The code has access to the key. This project already uses libopenssl for something else, so I'd like to stick to this library.
I went looking directly into /usr/include/openssl/aes.h
since the OpenSSL site is light on documentation. The only decrypt function is this one:
void AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key);
Unfortunately, this doesn't have a way to specify the length of the in
pointer, so I'm not sure how that would work.
There are several other functions which I believe take a numeric parm to differentiate between encryption and decryption. For example:
void AES_ecb_encrypt(*in, *out, *key, enc);
void AES_cbc_encrypt(*in, *out, length, *key, *ivec, enc);
void AES_cfb128_encrypt(*in, *out, length, *key, *ivec, *num, enc);
void AES_cfb1_encrypt(*in, *out, length, *key, *ivec, *num, enc);
void AES_cfb8_encrypt(*in, *out, length, *key, *ivec, *num, enc);
void AES_cfbr_encrypt_block(*in, *out, nbits, *key, *ivec, enc);
void AES_ofb128_encrypt(*in, *out, length, *key, *ivec, *num);
void AES_ctr128_encrypt(*in, *out, length, *key, ivec[], ecount_buf[], *num);
void AES_ige_encrypt(*in, *out, length, *key, *ivec, enc);
void AES_bi_ige_encrypt(*in, *out, length, *key, *key2, *ivec, enc);
From what I understand using Google, the enc
parm gets set to AES_ENCRYPT
or AES_DECRYPT
to specify which action needs to take place.
Which brings me to my 2 questions:
- What do these names mean? What is ecb, cbc, cfb128, etc..., and how do I decide which one I should be using?
- What is the
unsigned char *ivec
parm needed for most of these, and where do I get it from?
See Question&Answers more detail:
os