…and what the nice folks at OpenSSL gratiously provide me with is this. 🙂
Now, since you shouldn’t be guessing when using cryptography, I come here for confirmation: what is the function call I want to use?
What I understood
A 128 bits key is 16 byte large, so I’ll need double DES (2 × 8 byte). This leaves me with only a few function calls:
void DES_ede2_cfb64_encrypt(const unsigned char *in,
unsigned char *out, long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_cblock *ivec, int *num, int enc);
void DES_ede2_cbc_encrypt(const unsigned char *input,
unsigned char *output, long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_cblock *ivec, int enc);
void DES_ede2_cfb64_encrypt(const unsigned char *in,
unsigned char *out, long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_cblock *ivec, int *num, int enc);
void DES_ede2_ofb64_encrypt(const unsigned char *in,
unsigned char *out, long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_cblock *ivec, int *num);
In this case, I guess the function I want to call DES_ede2_cfb64_encrypt, although I’m not so sure — I definitely don’t need padding here and I’d have to care about what ivec and num are, and how I want to generate them…
What am I missing?
DES_ede2_cbc_encryptis the normal choice. As forivec(an 8-byte array), one of its functions is to prevent the same message encrypting to the same ciphertext in a predictable way; if an adversary can tell from two ciphertexts whether or not they encrypt the same plaintext (or just the same initial blocks), they might be able to use that information. So you use a differentivecfor each message; it doesn’t have to be secret, just different. If you’re really sure that you don’t need it, you can set it to eight zero bytes. (For instance, if you’re just using the key once, it’s safe to do this.)