Kiefer, Sascha wrote:
>
> if you use the unsimplefied version of the cryptoapi you have to reverse
> the bytes auf your results before using them.
>


I'm not sure that the translation is correct at all. Since the derived keys
and the encrypted data are completely different.

If EVP_BytesToKey() gives not appropriable key then may be I should try some
other functions. I have read about
http://www.openssl.org/docs/crypto/EVP_BytesToKey.html EVP_BytesToKey()
that
"Newer applications should use more standard algorithms such as PKCS#5 v2.0
for key derivation".

Which of them should I use?

Would it be helpful if I show my runnable sources of 3DES encoding with
CryptoAPI and OpenSSL?



Kiefer, Sascha wrote:
>
>>
>>Hi!
>>
>>I am trying to convert my code of 3DES encoding from Windows CryptoAPI to
>>OpenSSL. Could you verify the code attached and may be point me to
>>appropriate OpenSSL functions?
>>
>>/////////////////////////////////////////////////
>>////////////////////////////////////////////////
>>// Windows CryptoAPI // OpenSSL
>>
>> //
>>HCRYPTPROV hProv; //
>>CryptAcquireContext(&hProv, NULL, //
>> MS_ENHANCED_PROV, PROV_RSA_FULL, //
>> CRYPT_VERIFYCONTEXT)); //
>>
>> //
>>HCRYPTHASH hHash; //
>>CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash); //
>> //
>>unsigned char *user_key, ukeyl; //
>>CryptHashData(hHash, user_key, ukeyl, 0); //
>> //
>> //
>>// 192-bit or 24-byte key length // unsigned
>>char *user_key, user_key_len;
>>const unsigned int derived_key_len = 0xC0 << 0x10; // unsigned char
>>*derived_key, derived_key_len;
>> //
>>unsigned char *iv = NULL;
>>HCRYPTKEY hKey; //
>>CryptDeriveKey(hProv, CALG_3DES, //

derived_key_len
>>= EVP_BytesToKey(
>> hHash, derived_key_len, &hKey); //
>>EVP_des_ede3_cbc(), EVP_md5(), NULL,
>> //
>>
>>user_key, user_key_len, 1,
>> //
>>
>>derived_key, iv);
>> //
>> //
>>EVP_CIPHER_CTX ctx = {};
>> //
>>EVP_EncryptInit(&ctx,
>> //
>>
>>EVP_des_ede3_cbc(), derived_key, iv);
>> //
>>const unsigned char* text; // const
>>unsigned char* text;
>>int encoded_len; //
>>unsigned char* encoded;
>>bool FinalBlock = false; // int
>>text_len, encoded_len;
>> //
>>CryptEncrypt(hKey, 0, FinalBlock, 0, //
>>EVP_EncryptUpdate(&ctx,
>> text, &encoded_len, 1024); // encoded,
>>&encoded_len, text, text_len);
>> //
>>FinalBlock = true; //
>>CryptEncrypt(hKey, 0, FinalBlock, 0, //
>>EVP_EncryptFinal_ex(&ctx,
>> text, &encoded_len, 1024); // encoded +
>>encoded_len, NULL);
>>
>>--
>>View this message in context:
>>http://www.nabble.com/DES3%3A-Window...9809.html#a134
>>03663
>>Sent from the OpenSSL - User mailing list archive at Nabble.com.
>>
>>__________________________________________________ ____________________
>>OpenSSL Project http://www.openssl.org
>>User Support Mailing List openssl-users@openssl.org
>>Automated List Manager majordomo@openssl.org

> __________________________________________________ ____________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majordomo@openssl.org
>
>


--
View this message in context: http://www.nabble.com/DES3%3A-Window...html#a13409345
Sent from the OpenSSL - User mailing list archive at Nabble.com.

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org