2

I am trying to use OpenSSL for an AES encryption/decryption. The code looks as follows:

// Buffers
unsigned char encryptedbuffer[1024];
unsigned char outbuffer[1024];

unsigned char key[128/8];
memset(key, 0, sizeof(key));

AES_KEY enc;
AES_KEY dec;

AES_set_encrypt_key(key, 128, &enc);
AES_set_decrypt_key(key, 128, &dec);

unsigned char text[] = "Hello World";

cout << text << endl;

AES_encrypt(text,encryptedbuffer,&enc);
AES_decrypt(encryptedbuffer,outbuffer,&dec);

cout << outbuffer << endl;

On compilation the program crashes, giving only a windows message that the program stopt working. So far I have found out that it happens on the call of AES_set_encrypt_key(key, 128, &enc); Any ideas what I am doing wrong?

I am using eclipse (MinGW) on windows and have installed OpenSSL 1.0.1i.

EDIT: I linked the OpenSSL lib to Eclips by going to

  1. Project >> Properties >> C/C++ Build >> Settings
  2. Under MinGW C++ Linker to Libraries
  3. Under Libraries (-l) I includet libeay32 and ssleay32
  4. Under Library search path (-L) I put my path to the OpenSSL lib file (C:\OpenSSL-Win64\lib)

I have already seen in other forums that a lot of suggestions mentioned the libs ssl and crypto. These however are not part of my OpenSSL instalation (Windows).

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
user1878965
  • 21
  • 1
  • 3
  • Note that you are probably much better off using the [EVP_ functionality of OpenSSL](http://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption) as it defines the higher level API. No need for special AES_KEY macro's there. – Maarten Bodewes Sep 10 '14 at 22:06
  • Deleted my answer, digging deep in the code I found out that the second param of AES_set_encrypt_key *should* be in bits (thank you OpenSSL documentation). Your key still it too big of course. – Maarten Bodewes Sep 10 '14 at 22:19
  • You are not setting the FIPS flag by chance? As that would result in a `OpenSSLDie`. – Maarten Bodewes Sep 10 '14 at 22:22
  • No, I am not setting the FIPS flag – user1878965 Sep 11 '14 at 08:39
  • 1
    I repeat: "AES_set_encrypt_key"; size should be in bits. – Maarten Bodewes Sep 11 '14 at 08:41
  • Note that FIPS is a precompiler directive... if you run *against* a library with FIPS mode on, you could run into this issue. EVP mode should avoid that. – Maarten Bodewes Sep 11 '14 at 08:47
  • How can I find out if I run against a library with FIPS mode on? I will try using EVP mode. – user1878965 Sep 11 '14 at 08:58
  • http://stackoverflow.com/questions/18616573/how-to-check-fips-140-2-support-in-openssl – Maarten Bodewes Sep 11 '14 at 09:44
  • EVP also leads to crashing. I also included how I linked my libs to Eclips, maybe I did something wrong there. – user1878965 Sep 11 '14 at 11:41
  • This may be more related to the build environment indeed. Is it the first OpenSSL function you are calling? Try to call a random one that does not require parameters! AES_KEY is just a struct, so it is unlikely to cause issues. – Maarten Bodewes Sep 11 '14 at 12:32
  • Yes, it is the first function. Others also lead to crashing e.g. `AES_options();`. – user1878965 Sep 11 '14 at 13:46
  • Tagged it MinGW instead of Windows... This seems to be a linker or runtime problem. Uh, I don't have any information on that... Sorry, I'm out :( – Maarten Bodewes Sep 11 '14 at 14:02
  • 1
    You should *not* use `AES_encrypt` and friends. That's a software-only implementation, so you will not enjoy hardware support, like AES-NI. You should be using `EVP_*` functions. See [EVP Symmetric Encryption and Decryption](https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption) on the OpenSSL wiki. In fact, you should probably be using authenticated encryption because it provides *both* confidentiality and authenticity. See [EVP Authenticated Encryption and Decryption](https://wiki.openssl.org/index.php/EVP_Authenticated_Encryption_and_Decryption) on the OpenSSL wiki. – jww Jul 01 '15 at 21:21

0 Answers0