Re: blowfish from openSSL to kernel cryptoAPI

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Thanks for your response, Jari. I tried changing the byte ordering on the key,iv and the data(before and after decrypt) and the result is still wrong. Unless someone has another idea, I will have to change the user-space part to also encrypt in-kernel instead of using openSSL...
I was assuming that given the same parameters (e.g. encryption algorithm, CBC, key, iv), the cipher data would be equivalent between different implementations (in this case openSSL/cryptoapi). Was that a wrong assumption? 

Thanks again,

Tzvi


On 5/3/2011 10:48 AM, Jari Ruusu wrote:

Tzvi Chumash wrote:

I'm trying (without much success) to decrypt in-kernel
(2.6.18-194.el5PAE) a cipher that was created using openSSL
(0.9.8e-fips-rhel5) using blowfish with a 56-byte key/8-byte iv. Are the
implementations incompatible (i.e. can't encrypt in one and decrypt in
the other?) or am I doing something wrong?


Check byte order of the two implementations. Many blowfish implementations
got byte order wrong. Does it help if you swap byte order from
0-1-2-3-4-5-6-7 to 7-6-5-4-3-2-1-0 of key/data/IV before and after crypto
operation?




--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

Add to Google