2 replies to this topic

[c0mputer-fr0d]

anyone familiar with cryptolibc++ I really want to make a file encrypter and can anyone help me this is the code I have.

#include <iostream>
#include "stdio.h"
#include <fstream>
#include "conio.h"
#include "aes.h"
#include "modes.h"

using namespace std;

void decrypt();

int main(int argc, char *argv[]){
	if(argv[1] == NULL){
			   return 0;}
	ifstream In ("test.txt",ifstream::binary);
	In.open("argv[1]");
	if (!In.good())
	return 1;
	aes256_context ctx;
	aes256_init(&ctx, argv[2]);
	char *buf [] = {'\0'};
	while(!In.eof()){
	  In.getline(buf,512);

what I really want to know is how to use cipher block chaining because code book is really week from what I've studied. I also want to know how to declare the initialization vector is it just a regular integer or does it have to be unsigned char hex value?all the documentation on the api is crap imo.Help! Thanks</fstream></iostream>

[TheNut]

I don't know cryptolib, but AES does operate on unsigned data. In its native implementation, AES does use a simple electronic code book (ECB) cipher algorithm. This is indeed a poor choice because your encrypted content is susceptible to repetition, much like how a hash string can be broken much more easily if you don't salt the data beforehand. With AES, the initialization vector is sort of like a salt, helping to jiggle the input block before it's sent to the AES block cipher. The initialization vector is a 128 bit unsigned string, regardless if you use AES 128, 192, or 256 bit. Whether you want to concatenate 2 long long ints, 4 ints, or 16 random bytes is up to you. Just stay consistent with this approach between your encryption and decryption. Don't confuse your code by using hexadecimal digits. Either write an English password of 16 chars (like you would do for your key) or setup a random array of 16 bytes. "1234567890123456" is just as valid, albeit poor choice, for an IV. If you're hard coding this, I suggest you don't use a char string for your key or your IV since a hacker will be able to track that easily in your exe.


I took a quick glance at the cyptolib API and it supports an IV parameter, so that suggests it supports other block ciphers such as CBC and CFB (the two most popular ones). FYI an ECB doesn't use an IV, so that's the first indicator. I'm not sure where you would specify the block cipher mode, but I'm sure if you read through their manual or scan their headers you might find something.

If you're interested in writing your own lightweight, portable AES class, you can learn more about the algorithm by reading FIPS-197. It's not all that hard and might be a preferable alternative if you're looking for something simpler and more easily portable. Just throwing that option out if you're interested.

[c0mputer-fr0d]

Thank you, I couldn't find much in the way of modes of operation but I have since found some documentation on how to use the actual functions with just regular ecb. I'm currently working on a big crypto program with a gui. It will crypt text,files,and programs as well as generate random keys and get checksums. I'ts a big project and I hope I will see it through unlike other programs I wanted to do.
Also I was thinking of having them(me) input the key so that it only exists once in the input stream and then never again.