5.21. Querying Cipher Configuration Properties in OpenSSL
Problem
You want to get information about a particular cipher context in OpenSSL.
Solution
For most properties, OpenSSL provides macros for accessing them. For other things, we can access the members of the cipher context structure directly.
To get the actual object representing the cipher:
EVP_CIPHER *EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx);
To get the block size of the cipher:
int EVP_CIPHER_CTX_block_size(EVP_CIPHER_CTX *ctx);
To get the key length of the cipher:
int EVP_CIPHER_CTX_key_length(EVP_CIPHER_CTX *ctx);
To get the length of the initialization vector:
int EVP_CIPHER_CTX_iv_length(EVP_CIPHER_CTX *ctx);
To get the cipher mode being used:
int EVP_CIPHER_CTX_mode(EVP_CIPHER_CTX *ctx);
To see if automatic padding is disabled:
int pad = (ctx->flags & EVP_CIPH_NO_PADDING);
To see if we are encrypting or decrypting:
int encr = (ctx->encrypt);
To retrieve the original initialization vector:
char *iv = (ctx->oiv);
Discussion
The EVP_CIPHER_CTX_cipher(
)
function is actually implemented as a macro
that returns an object of type EVP_CIPHER
. The
cipher itself can be queried, but interesting queries can also be
made on the context object through appropriate macros.
All functions returning lengths return them in bytes.
The EVP_CIPHER_CTX_mode(
)
function returns one of the following
predefined values:
EVP_CIPH_ECB_MODE EVP_CIPH_CBC_MODE EVP_CIPH_CFB_MODE EVP_CIPH_OFB_MODE
Get Secure Programming Cookbook for C and C++ now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.