[openssl-users] BIO_seek() on bio_f_cipher with EVP_aes_256_ctr

William King william.king at quentustech.com
Thu Aug 11 15:38:20 UTC 2016 

Same decryption issue happens if I run something like:

char buffer[1024] = {}, buffer2[1024] = {0};
size_t pos = BIO_tell(enc);
BIO_read(enc, buffer, 1024);
BIO_seek(enc, pos);
BIO_read(enc, buffer2, 1024);
if (memcmp(buffer, buffer2, 1024)) {
printf("Mismatched\n");
} else {
printf("Matched\n");
}


Does the BIO_seek() not handle incrementing or decrementing the IV
counter? is there a callback that needs to be set to calculate what the
IV counter value should be for a given file position for the cipher?

William King
Senior Engineer
Quentus Technologies, INC
1037 NE 65th St Suite 273
Seattle, WA 98115
Main:   (877) 211-9337
Office: (206) 388-4772
Cell:   (253) 686-5518
william.king at quentustech.com

On 8/11/16 10:29 AM, William King wrote:
> Without any of the error checking code in place, this is what I'm testing:
> 
> /* START CODE BLOCK */
> const EVP_CIPHER *cipher = EVP_aes_256_ctr();
> const EVP_MD *digest = EVP_sha256();
> BIO *enc = BIO_new(BIO_f_cipher());
> BIO *in = BIO_new(BIO_s_file());
> EVP_CIPHER_CTX *ctx = NULL;
> char *path = "/path/to/file.wav", *key = "fake secret key", *iv = "fake iv";
> 
> BIO_get_cipher_ctx(enc, &context->ctx);
> 
> if (BIO_read_filename(in, path) <= 0 ) {
> 	assert(0);
> }
> 
> BIO_push(enc, in);
> 
> BIO_set_cipher(enc, cipher, key, iv, 0);
> 
> BIO_seek(enc, 2056);
> 
> BIO_read(enc, buffer, 128);
> 
> /* END CODE BLOCK */
> 
> What I'm finding is that using fread() of the unencrypted file and
> comparing that to the BIO_seek() then BIO_read(), the data is not
> properly decrypted. Comparing fread() of the unencrypted file, to just
> doing BIO_read()'s does decrypt the file correctly.
> 
> William King
> Senior Engineer
> Quentus Technologies, INC
> 1037 NE 65th St Suite 273
> Seattle, WA 98115
> Main:   (877) 211-9337
> Office: (206) 388-4772
> Cell:   (253) 686-5518
> william.king at quentustech.com
> 
> On 8/9/16 2:10 PM, William King wrote:
>> What is needed to be able to BIO_seek() on a bio_f_cipher() with a
>> cipher of EVP_aes_256_ctr() without the counter, or IV or another
>> internal state getting corrupted?
>>
>> It seems that doing a seek any direction results in corrupted output.
>>

More information about the openssl-users mailing list