Initialization Vector for EVP_rc4() ?
Bugcollect.com
I need to exchange encrypted content with an existing application on Windows with an RC4 key that is salted as per http://msdn.microsoft.com/en-us/library/aa387782%28v=vs.85%29.aspx (KP_SALT_EX). Note that this is not a passphrase and salt key derivation, but a cipher initialized with some a known key and known initialization vector, similar to a block cipher.
I think technically RC4 does not have an IV, but what is the equivalent operation I can perform in openssl to get the cipher in the desired state? Specifying the salt as the iv param in EVP_EncryptInit does not work.
TIA,
~ Remus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
re est
PMHager
> I need to exchange encrypted content with an existing application
> on Windows with an RC4 key that is salted as per
> http://msdn.microsoft.com/en-us/library/aa387782%28v=vs.85%29.aspx
> (KP_SALT_EX). Note that this is not a passphrase and salt key derivation,
> but a cipher initialized with some a known key and known initialization
> vector, similar to a block cipher.
> I think technically RC4 does not have an IV, but what is the equivalent
> operation I can perform in openssl to get the cipher in the desired state?
> Specifying the salt as the iv param in EVP_EncryptInit does not work.
As it seems Microsoft did not sufficiently document the key parameters
KP_SALT and KP_SALT_EX. Some time ago I had a similar problem when I tried
to decrypt a MS PFX container. This is what I could find out so far:
With the RC4 algorithm and a key length of 40 bits the salt value works as
a switch to either use a true 40-bit mode, identical to EVP_rc4_40(), or
a 128-bit mode with bits 40 to 127 set to zero, similar to EVP_rc4(). With
a key length different from 40 a salt is not supported.
With the dwFlags parameter in CryptSetKeyParam(hKey,KP_SALT,pbData,dwFlags)
you can toggle between them: zero sets the true 40-bit mode, and non zero
sets the default zero-padded 128-bit mode. A value at pbData does not seem
to have any influence.
Might be with KP_SALT_EX you can set these 88 bits to a value in the blob,
but I have not tried that.
--
Peter-Michael Hager - acm senior - HAGER-ELECTRONICS GmbH - Germany
Dr. Stephen Henson
> Hello,
>
> I need to exchange encrypted content with an existing application on Windows with an RC4 key that is salted as per http://msdn.microsoft.com/en-us/library/aa387782%28v=vs.85%29.aspx (KP_SALT_EX). Note that this is not a passphrase and salt key derivation, but a cipher initialized with some a known key and known initialization vector, similar to a block cipher.
>
> I think technically RC4 does not have an IV, but what is the equivalent operation I can perform in openssl to get the cipher in the desired state? Specifying the salt as the iv param in EVP_EncryptInit does not work.
>
IIRC correctly this was originally to comply with export regulations where
part of the key was in plain text.
I think you concatenate the CryptoAPI key and salt values to produce a key you
can provide to OpenSSL. In some cases you may have to append zeros so the
result is 128 bits in length.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
Bugcollect.com
Hello,
I need to exchange encrypted content with an existing application on Windows with an RC4 key that is salted as per http://msdn.microsoft.com/en-us/library/aa387782%28v=vs.85%29.aspx (KP_SALT_EX). Note that this is not a passphrase and salt key derivation, but a cipher initialized with some a known key and known initialization vector, similar to a block cipher.
I think technically RC4 does not have an IV, but what is the equivalent operation I can perform in openssl to get the cipher in the desired state? Specifying the salt as the iv param in EVP_EncryptInit does not work.
TIA,
~ Remus