Boost Users :

Date view	Thread view	Subject view	Author view

Subject: Re: [Boost-users] boost.Iostream OpenSSL Filter
From: Will Mason (willchido_at_[hidden])
Date: 2012-08-28 17:41:17

Next message: Cliff Green: "Re: [Boost-users] Using boost::Asio for connected UDP socket"
Previous message: Adi Shavit: "[Boost-users] [Boost.Test] Linker chooses “wrong” main function"
In reply to: exocoder: "Re: [Boost-users] boost.Iostream OpenSSL Filter"

Hello,

On Wed, Aug 8, 2012 at 3:47 PM, exocoder <exocoder_at_[hidden]> wrote:

> Thank you Wil, Just been studying the example code in the link you
> kindly provided. I notice though, that these examples encrypt the entire
> file in memory before calling 'EVP_CipherFinal_ex( ... )'. My
> understanding is that without calling this function, decryption of the
> file will fail. I not sure how compatible this would be with a
> boost.Iostream filter, which will write the encrypted data on the fly?
>
> I guess I could just place the data into a memory buffer, and calling
> EVP_CypherFinal_ex then writing the data when close is called, but this
> feels like an ugly solution, that would break the expected operation of
> an iostream.
>

You can't encrypt or decrypt anything with a block cipher without some kind
of finalization of the operation. Finalizing on close seems appropriate.
Otherwise, you'll have to use a stream cipher, like RC4, but that would
really limit the capabilities of the filter.

Sorry for the delay, cheers,
Will

>
> On Wed, 2012-08-08 at 13:29 -0500, Will Mason wrote:
> > Hello,
> >
> > On Wed, Aug 8, 2012 at 1:10 PM, exocoder <exocoder_at_[hidden]> wrote:
> > Thank you for the info Neil,
> > I am looking at the example that you pointed to, need to get
> > my head around the issues of
> > initialising/closing OpenSSL in the filter. It seems that
> > every OpenSSL example uses a different
> > interface :(
> >
> >
> > I think the OpenSSL EVP interface is the one you
> > want: http://www.openssl.org/docs/crypto/EVP_EncryptInit.html#
> >
> >
> > Cheers,
> > Will
> >
> >
> >
> > Again Thank you for the advice.
> >
> > On Mon, 2012-08-06 at 15:40 -0600, Neil Nelson wrote:
> > > exocoder,
> > >
> > > Upon just reading the docs at
> > >
> > >
> >
> http://www.boost.org/doc/libs/1_50_0/libs/iostreams/doc/index.html
> > >
> > > and particularly
> > >
> > > 2.2.8. Multi-Character Filters
> > >
> > > It looks like you could take the code from the following
> > page
> > >
> > >
> >
> http://stackoverflow.com/questions/1007337/encrypting-and-decrypting-a-small-file-using-openssl
> > >
> > > with the critical line being
> > >
> > > AES_cfb128_encrypt(indata, outdata, bytes_read, &key,
> > ivec, &num,
> > > AES_ENCRYPT);
> > >
> > > that reads and writes to memory buffers. Two other aspects
> > are: (1)
> > > software using encryption is export restricted and you can
> > research that
> > > if needed for your application, (2) key management is likely
> > the more
> > > complicated part, and (3) use of initialization vectors
> > (added random
> > > bytes at the beginning of the input data).
> > >
> > > Neil Nelson
> > >
> > > > I am currently looking at using OpenSSL to write
> > information to an
> > > > encrypted file on-the-fly so to speak. I have been
> > researching my
> > > > options for doing this, and have come across the
> > Boost.Iostream library,
> > > > which promises to be a very elegant solution (The
> > documentation even
> > > > suggests that filters can be written to provide
> > encryption/decryption
> > > > using OpenSSL).
> > > > It would seem that my best approach would be to use the
> > BIO_f* interface
> > > > to encrypt a memory buffer, which could be written by
> > overloading
> > > > write(). However the OpenSSL documentation is particularly
> > sparse when
> > > > it comes to file/memory encryption and I would appreciate
> > any advice on
> > > > how to do this.
> > > > Thank you in advance for any help proffered.
> > >
> > > _______________________________________________
> > > Boost-users mailing list
> > > Boost-users_at_[hidden]
> > > http://lists.boost.org/mailman/listinfo.cgi/boost-users
> >
> >
> >
> > _______________________________________________
> > Boost-users mailing list
> > Boost-users_at_[hidden]
> > http://lists.boost.org/mailman/listinfo.cgi/boost-users
> >
> > _______________________________________________
> > Boost-users mailing list
> > Boost-users_at_[hidden]
> > http://lists.boost.org/mailman/listinfo.cgi/boost-users
>
>
> _______________________________________________
> Boost-users mailing list
> Boost-users_at_[hidden]
> http://lists.boost.org/mailman/listinfo.cgi/boost-users
>

text/html attachment: attachment

Next message: Cliff Green: "Re: [Boost-users] Using boost::Asio for connected UDP socket"
Previous message: Adi Shavit: "[Boost-users] [Boost.Test] Linker chooses “wrong” main function"
In reply to: exocoder: "Re: [Boost-users] boost.Iostream OpenSSL Filter"

Date view	Thread view	Subject view	Author view

Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net