Hi!

I will have to do a little decryption to an application we are working on. I was wondering if there are simple examples of c development to do this.

I have created an encrypted file with openssl:

Now I'd like to decode it with a c program I'll do for testing/learning about the openssl api.

Thanks in advance.

My notes on openssl includes this...

http://www.ict.griffith.edu.au/antho.../openssl.hints

Also see my notes in
http://www.ict.griffith.edu.au/antho..._encrypt.hints

I have a C program the uses openssl to do file encryption.
I downloaded it from
http://tldp.org/LDP/LGNET/87/vinayak.html
It makes for good reading on just how to do it.


WARNING: the openssl password hashing function (user passphrase to cryptographic key) used for file encryption, is just a single pass hasshing function (PBKDF1.5, its very fast). This is appropriate for one time data stream use, but not for long term file encryption.

A fast hashing function basically makes a dictionary attack (just try every reasonable password) on an encrypted file quite feasible.


However the openssl library has the newer iteritive hash function included. this uses the hashing function hundreds (or thousands) of times, so that it takes about 1/2 a second to convert a user passphrase to cryptographic key. That makes a dictionary attack (with the salt) too long to be really useful.

Unfortunatally this function PKCS5_PBKDF2_HMAC_SHA1() is not available from the command line. But trival C programs can make it accessable to command line.
http://www.imagemagick.org/Usage/software/#pbkdf2

I created a perl equivelent to create my own encrypt file program with a well documented encryption technique (using standard encryption methods) whcih produces a openssl file encryption, but using this iterated hashing function for added security.
Download from...
http://www.ict.griffith.edu.au/antho...re/#encryption

The program is very readable with lots of comments. It works in a very similar way to "aespipe", though that uses the less secure, default openssl file encryption methods.

NOTE: the encryption used is the same, only a interactive hashing method is used, which also needs a file header to encrypted file.

I have in fact implemented the equivelent openssl file encryptin in a perl script like the above, just to verify exactly what is being done.

1 members found this post helpful.

Thanks.... I'll take a look at your stuff plus I found this:

http://www.ibm.com/developerworks/li...ssl/index.html

ANd linked from that article:

http://www.linuxjournal.com/article/4822
http://www.linuxjournal.com/article/5487

I decided to get it straight from the horse's mouth so downloaded openssl's code. I have reached this in the openssl code:

Roughly line 490-495 in apps/openssl.c... however I can't figure out where this is taking me (considering I'm making the call to openssl as I said in my first post). Where would I land when working with aes-256-cbc?

Thanks in advance.

Just to provide more info... if I look in fp->name, I get aes-256-cbc which is fine. However I don't know where the FUNCTION structure is set up for aes (which would lead me to where func() is going, right?)

Would it be easier to use mcrypt instead?

mcrypt is good, with much of the configuration (encryption method to use) set via environment variables.

however when I looked at it I noted that...

1/ The passphrase can not be provided by a file descriptor.
For example you can not make use of a GUI password prompter (like "ssh-askpass")
Though perhaps a named pipe can be substituted.

2/ It also does not use the PBKDF2 iterative hashing of the passphrase to cryptographic key
(jsut like "openssh enc")

That second point was why I ended up creating the "encrypt.pl" script. It also does not read the passphrase from a file descriptor, but as it is interpreted perl, that can be easilly added as future options.

ASIDE: I have updated the "encrypt" script so that its ability to decrypt "openssl enc" files is performed using the Crypt::CBC perl module. This was done to avoid the need to call "openssl" command from the perl, and validate that the the actual AES data encryption used is the same. The script just uses the improved the passphrase hashing technique for added security.

I would prefer to see openssl enc improved with the same hashing technique. It has all the parts, just needs to be implemented on command line (with appropriate file magic change).

---

NOTE: You may also like to look at my "ks" script which saves encrypted files in hashed filenames in a "key store", (looks like a EncFS filesystem but actually isn't). It also stores a command (and other information) with the encrypted data, and normally uses that command to process the encrypted data.

That command can be a simple 'read-only display' program.

More commonly, it is encrypted file system mounting command, which uses the encrypted data,
(the master key and configuration data for that mount) to do the mount. This means the users
password unlockes the key-store. The Key store unlocks and mounts the larger ENCFS directory-level encrypted file system, (which may be kept 'in-the-cloud').

This seperates encryption info from the encryption file system (more secure), uses a stronger binary key for the actual encrypted file system, and allows users to change their password, without needed to re-encrypt that whole file system. LUKS dmcrypt under linus also uses a similar technqiue.