HPE Community
Operating System - Linux
1751972 Members
4755 Online
108784 Solutions
New Discussion

a library in C that support DES decrypt (cryptography functions)

 
SOLVED
Go to solution
Adisuria Wangsadinata_1
Honored Contributor

‎04-10-2007 07:04 PM

‎04-10-2007 07:04 PM

a library in C that support DES decrypt (cryptography functions)

Hi Folks,

Good day to you !
I'm a newbie on C language and I've got a project with C language.

Here is the background of the problem :

The project requirement stated that files to be FTP-ed must be encrypted. From .net (windows environment), we’ll be encrypting using System.Security.Cryptography before sending the file through FTP. On HP-UX side, we need the C program to decrypt this file.

We couldn’t find a library in C that supports cryptography. We did come across several customized library, but they’re not open source. So, could you advice if we have any library in C for cryptography functions?

The plan is to use a symmetric algorithms that’s supported by .net API, namely DES, Triple DES, RC2 or Rijndael.

However, since we’re new to this, we’re open to suggestion.

Please kindly advise.

Regards,
AW


now working, next not working ... that's unix
0 Kudos
7 REPLIES 7
Steven Schweda
Honored Contributor

‎04-10-2007 07:39 PM

‎04-10-2007 07:39 PM

Re: a library in C that support DES decrypt (cryptography functions)

Rather than settle on a plan for which
software is available at only one end, I'd
look at encryption systems which might work
at both ends, and see if any of those is
suitable. Perhaps:

http://gnupg.org/

It should satisfy the "open source"
requirement, if nothing else.
0 Kudos
Matti_Kurkela
Honored Contributor

‎04-10-2007 08:07 PM

‎04-10-2007 08:07 PM

Re: a library in C that support DES decrypt (cryptography functions)

How about OpenSSL?
It is available to HP-UX for free from software.hp.com, and widely used in many software projects.

http://www.openssl.org/

Despite the name, it allows you to use its encryption/decryption/digest algorithms for any data, not just SSL connections. It supports at least DES, Triple-DES and RC2; current versions support Rijndael (AES) too.

The documentation available on the OpenSSL web site is rather sparse: I'd recommend you to find a good OpenSSL book for programming reference. I'm not a programmer, but O'Reilly's "Network security with OpenSSL" looks good to me.

MK
MK
0 Kudos
Ralph Grothe
Honored Contributor

‎04-10-2007 10:46 PM

‎04-10-2007 10:46 PM

Re: a library in C that support DES decrypt (cryptography functions)

As Matti wrote,
OpenSSL is definitely *the* Open Source crypto library for your purpose.
If you haven't installed it yet you should find the HP-UX port either on the application CD sets, or you can download it from the software website of HPs'
e.g.
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=OPENSSL11I

Btw, if you have the HP-UX apache installed you already have it beneath the server root as in /opt/hpws/apache

The OpenSSL lib also comes with a reference application binary that lets you encode and decode an lots of ciphers (see manpages of "openssl" and "enc" in particular).

For instance if you want to produce some char noise (of /etc/issue) in Tripple DES you can say

$ openssl enc -des3 -e -pass pass:secret -nosalt < /etc/issue

vSìt~3I7[Cú·9à ®n~ê;$s1eàà à 묪éòæ6]½$


and likewise decode in one shot

$ openssl enc -des3 -e -pass pass:secret -nosalt < /etc/issue | openssl enc -des3 -d -pass pass:secret -nosalt
GenericSysName [HP Release B.11.11] (see /etc/issue)
Madness, thy name is system administration
0 Kudos
Adisuria Wangsadinata_1
Honored Contributor

‎04-11-2007 05:11 PM

‎04-11-2007 05:11 PM

Re: a library in C that support DES decrypt (cryptography functions)

Hi Steven, Mutti & Raplh,

Thank you, appriciate your help.

We just need to decrypt the DES on HP-UX side (has been encrypt before on windows system). Can OpenSSL do decrypt also ?

The chart is like below :

files on windows system > encrypt using system.security.cryptography > ftp to HP-UX system > decrypt the files > file will be use on HP-UX job process

Sorry to ask the basic thing, since I'm totally newbie for this.

Appreciate your kind attention and help.

Regards,
AW
now working, next not working ... that's unix
0 Kudos
Steven Schweda
Honored Contributor

‎04-11-2007 05:36 PM

‎04-11-2007 05:36 PM

Re: a library in C that support DES decrypt (cryptography functions)

> The project requirement stated that files
> to be FTP-ed must be encrypted. [...]

So, is the _real_ problem that you need to
transfer files, you plan to use FTP to do
that, and FTP is insecure?

If so, there are other file transfer methods
which are more secure than FTP. For example:

man sftp

I assume that it's possible to find an
ssh/sftp client for the Windows system.

It might be helpful to back up a little, and
decide what your _functional_ requirements
are, and then look at different possible
implementation methods which will satisfy
those requirements. You know more about this
project than I do, but it sounds to me as if
you may be trying to find the best way to
implement a poor solution to what may be a
fairly simple requirement. A clear
specification of the actual requirement may
open the door for people to suggest some
better ways to satisfy the actual
requirement, which may be more helpful than
collecting different ways to do the wrong
thing.
0 Kudos
Ralph Grothe
Honored Contributor

‎04-11-2007 08:20 PM

‎04-11-2007 08:20 PM

Solution

Re: a library in C that support DES decrypt (cryptography functions)

Hi Adi,

sure, OpenSSL can en- and decipher DES as well,
in fact a bewildering lot of various DES incantations.
After you have installed, either the prebuilt depot from the link I posted yesterday (the easiest if you want to develop under hpux), or compiled the whole OpenSSL suite from the sources, simply issue the following command:

$ openssl list-cipher-commands|grep des
des
des-cbc
des-cfb
des-ecb
des-ede
des-ede-cbc
des-ede-cfb
des-ede-ofb
des-ede3
des-ede3-cbc
des-ede3-cfb
des-ede3-ofb
des-ofb
des3
desx


As you can see this is only filtered for DES ciphers.
Please, note that writing cryptographic applications is a very demanding challenge (although APIs as the OpenSSL are a tremendous relief).
To select the appropriate cipher requires a good understanding of cryptography and the chosen algorithms as well (and coding skills I should add).
I assume you picked this subject as kind of an exercise, maybe in a programming class.
So I trust you have a textbook or some paper that explains the basics of the DES algorithm (which I am afraid to admid lack the knowledge of).
Honestly, as you mentioned you were a C newbie, I would have picked a more tangible programming task for a start, where you (or your teacher) probably chose one of the most demanding.

Some of the offered ciphers even may be "protected" by patents held by various companies,
or their use may even be deemed illegal in certain countries (although, as I understand it, the OpenSSL maintainers strive to rid their code mostly from anything possibly susceptible to patent infringements).
The README states that clearly:


Various companies hold various patents for various algorithms in various
locations around the world. _YOU_ are responsible for ensuring that your use
of any algorithms is legal by checking if there are any patents in your
country. The file contains some of the patents that we know about or are
rumored to exist. This is not a definitive list.


As said, the openssl command itself is a reference implementation of the OpenSSL API.
Since it is Open Source you can actually look how the OpenSSL developers made use of their API.
If you installed the latest HP depot it actually installed binaries for both the 0.9.7 and 0.9.8 branch, with 0.9.7 making the default one (but toggable).
As can be read from the README.hp these binaries were compiled with hpux-cc (see the mentioned configure line).
Also were certain ciphers excluded (probably owe to the aforementioned patent issues, viz.
no-rc5 no-idea no-krb5 no-mdc2).
So if you have no license for the HP ansic compiler but must resort to gcc I would assume that library binaries aren't of much use to you, and you would have to compile them with gcc from the sources (but I may be wrong).
Nevertheless, the HP depot also includes the sources their depot was built from (but may be patched).
e.g.
$ ll /opt/openssl/src/openssl-0.9.7l.tar.gz
-r--r--r-- 1 bin bin 4373131
/opt/openssl/src/openssl-0.9.7l.tar.gz

At least you find a demos subdir in the tarball which I presume holds many coding examples that may be helpful to your task.

Anyway, if you decide to delve deeper into the OpenSSL I would recommend you get this O'Reilly title (though a bit dated still very useful)
http://www.oreilly.com/catalog/openssl/index.html

Madness, thy name is system administration
0 Kudos
Adisuria Wangsadinata_1
Honored Contributor

‎04-12-2007 04:00 AM

‎04-12-2007 04:00 AM

Re: a library in C that support DES decrypt (cryptography functions)

Hi Steven & Ralph,

Again thanks for your kind help and your contribution, really appreciate it.

With your guide, I will try to study the OpenSSL and I wish this project can be match with the specification.

Thanks & Best Regards,
AW - from the red dot country.
now working, next not working ... that's unix
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.