I have a CryptoAPI code for encrypting / decrypting data using AES-128 and a key obtained from a password using SHA-256.
How can I write an equivalent implementation of OpenSSL so that I can encrypt data with it and then decrypt it using CryptoAPI and vice versa?
Trying to use EVP_BytesToKey with EVP_aes_128_cbc () and EVP_sha256 () does not work as-is. (βDoesn't work,β I mean, cannot decrypt encrypted CryptoAPI data and vice versa. This works to decrypt encrypted OpenSSL data).
Any idea or good link?
Thanks in advance.
Here is the Windows CryptoAPI code:
// Get the handle to the default provider. if(CryptAcquireContext( &hCryptProv, NULL, MS_ENH_RSA_AES_PROV, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) { _tprintf( TEXT("A cryptographic provider has been acquired. \n")); } else { goto Exit_PrepareCAPI; } // Create a hash object. if(!CryptCreateHash( hCryptProv, HASH_ALGORITHM, 0, 0, &hHash)) { goto Exit_PrepareCAPI; } // Hash in the password data. if(!CryptHashData( hHash, (BYTE*) strPassword.c_str(), strPassword.length(), (DWORD)0)) { goto Exit_PrepareCAPI; } // Derive a session key from the hash object. if(!CryptDeriveKey( hCryptProv, ENCRYPT_ALGORITHM, hHash, 0x00800000 /*128 bit*/, &hKey)) { goto Exit_PrepareCAPI; } DWORD cryptMode = CRYPT_MODE_CBC; if(!CryptSetKeyParam( hKey, KP_MODE, (BYTE*)&cryptMode, 0)) { goto Exit_PrepareCAPI; } if(!CryptGetHashParam( hHash, HP_HASHSIZE, (BYTE *)&dwHashLen, &dwHashLenSize, 0)) { goto Exit_PrepareCAPI; } pbHash = new BYTE[dwHashLen]; if(!CryptGetHashParam( hHash, HP_HASHVAL, pbHash, &dwHashLen, 0)) { goto Exit_PrepareCAPI; } SecureZeroMemory( ivBuff, sizeof(ivBuff) ); for(DWORD i = 16, j = 0 ; i < dwHashLen ; i++, j++) { ivBuff[j] = pbHash[i]; } if(!CryptSetKeyParam( hKey, KP_IV, ivBuff, 0)) { goto Exit_PrepareCAPI; } // // Read the data into pre-allocated pbBuffer // // Encrypt data. if(!CryptEncrypt( hKey, NULL, fEOF, 0, pbBuffer, &dwCount, dwBufferLen)) { goto Exit_MyEncryptFile; } Exit_MyEncryptFile: // Cleanup allocated objects