blowfish from openSSL to kernel cryptoAPI

blowfish from openSSL to kernel cryptoAPI

[Tzvi Chumash]

Hi,

I'm trying (without much success) to decrypt in-kernel 
(2.6.18-194.el5PAE) a cipher that was created using openSSL 
(0.9.8e-fips-rhel5) using blowfish with a 56-byte key/8-byte iv. Are the 
implementations incompatible (i.e. can't encrypt in one and decrypt in 
the other?) or am I doing something wrong?

Thanks,

Tzvi

Re: blowfish from openSSL to kernel cryptoAPI

[Jari Ruusu]

Tzvi Chumash wrote:
> I'm trying (without much success) to decrypt in-kernel
> (2.6.18-194.el5PAE) a cipher that was created using openSSL
> (0.9.8e-fips-rhel5) using blowfish with a 56-byte key/8-byte iv. Are the
> implementations incompatible (i.e. can't encrypt in one and decrypt in
> the other?) or am I doing something wrong?

Check byte order of the two implementations. Many blowfish implementations
got byte order wrong. Does it help if you swap byte order from
0-1-2-3-4-5-6-7 to 7-6-5-4-3-2-1-0 of key/data/IV before and after crypto
operation?

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

Re: blowfish from openSSL to kernel cryptoAPI

[Tzvi Chumash]

Thanks for your response, Jari. I tried changing the byte ordering on 
the key,iv and the data(before and after decrypt) and the result is 
still wrong. Unless someone has another idea, I will have to change the 
user-space part to also encrypt in-kernel instead of using openSSL...

I was assuming that given the same parameters (e.g. encryption 
algorithm, CBC, key, iv), the cipher data would be equivalent between 
different implementations (in this case openSSL/cryptoapi). Was that a 
wrong assumption?

Thanks again,

Tzvi


On 5/3/2011 10:48 AM, Jari Ruusu wrote:
> Tzvi Chumash wrote:
>> I'm trying (without much success) to decrypt in-kernel
>> (2.6.18-194.el5PAE) a cipher that was created using openSSL
>> (0.9.8e-fips-rhel5) using blowfish with a 56-byte key/8-byte iv. Are the
>> implementations incompatible (i.e. can't encrypt in one and decrypt in
>> the other?) or am I doing something wrong?
>
> Check byte order of the two implementations. Many blowfish implementations
> got byte order wrong. Does it help if you swap byte order from
> 0-1-2-3-4-5-6-7 to 7-6-5-4-3-2-1-0 of key/data/IV before and after crypto
> operation?
>

Re: blowfish from openSSL to kernel cryptoAPI

[Emanuele Cesena]

[-- Attachment #1: Type: text/plain, Size: 547 bytes --]

On Tue, 2011-05-03 at 11:46 -0400, Tzvi Chumash wrote:
> I was assuming that given the same parameters (e.g. encryption 
> algorithm, CBC, key, iv), the cipher data would be equivalent between 
> different implementations (in this case openSSL/cryptoapi). Was that a 
> wrong assumption?
> 
It may be a stupid remark... anyway, OpenSSL uses key/iv "internally"
and exposes to the user passphrase and salt. Did you check that you have
not confused them?

Best,
-- 
Emanuele Cesena <emanuele.cesena@gmail.com>

Il corpo non ha ideali

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 5998 bytes --]

Re: blowfish from openSSL to kernel cryptoAPI

[Tzvi Chumash]

On 5/3/2011 12:19 PM, Emanuele Cesena wrote:
> It may be a stupid remark... anyway, OpenSSL uses key/iv "internally"
> and exposes to the user passphrase and salt. Did you check that you have
> not confused them?

I'm not using the command line openssl to produce the cipher.. the API 
says nothing about a salt or a passphrase:

  int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
                 ENGINE *impl, unsigned char *key, unsigned char *iv);

relevant parts of my openSSL code:
...
rc = EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, env_key, env_iv);
...
rc = EVP_EncryptUpdate(&ctx, out, &olen, in, ilen);
...
rc = EVP_EncryptFinal_ex(&ctx, out+olen, &olen);

where
EVP_CIPHER_CTX ctx;
unsigned char env_key[56];
unsigned char env_iv[8];
unsigned char *in, *out;
int rc, ilen, olen;


Thanks,

Tzvi

Re: blowfish from openSSL to kernel cryptoAPI

[Herbert Xu]

Tzvi Chumash <tzvi@research.att.com> wrote:
>
> I'm not using the command line openssl to produce the cipher.. the API 
> says nothing about a salt or a passphrase:
> 
>  int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
>                 ENGINE *impl, unsigned char *key, unsigned char *iv);
> 
> relevant parts of my openSSL code:
> ...
> rc = EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, env_key, env_iv);
> ...
> rc = EVP_EncryptUpdate(&ctx, out, &olen, in, ilen);
> ...
> rc = EVP_EncryptFinal_ex(&ctx, out+olen, &olen);
> 
> where
> EVP_CIPHER_CTX ctx;
> unsigned char env_key[56];
> unsigned char env_iv[8];
> unsigned char *in, *out;
> int rc, ilen, olen;

Please show us the user-space and kernel code you used for this
so we can check for ourselves.

Thanks!
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt