Sunday, November 1, 2015

SSL Ciphers

I just checked in support for doing encryption/decryption through OpenSSL.  Crack provides a wrapper library (crack.crypt.ssl.cipher) that allows you to encrypt/decrypt using a writer, so for example to encrypt:

     import crack.crypt.ssl EVP_aes_256_cbc, EncryptWriter;

     backing := (cwd/'outfile').writer();
     out := EncryptWriter(EVP_aes_256_cbc(), key, backing);
     for (data := src.read(1024))
         out.write(data);
     out.close();   # You must explicitly close (or make them go out of scope).


There were a few ciphers (specifically the AES CCM and GCM ciphers) that didn't pass a round-trip test.  These require some special setup that I don't feel motivated to figure out.