Symbian Crypto Library headers/libs published!

[cdavies]

An exciting day for Symbian developers, you no longer need to rely on OpenSSL for all your crypto needs (at least for 9.1+...) because the Symbian crypto library headers and libs are at long last published...

Get them here: http://developer.symbian.com/forum/ann.jspa?annID=14

The crypto library adds asymmetric ciphers RSA, DSA and DH and symmetric ciphers AES, 3DES, DES, RC4, RC2 to the already published hash library.

In addition, you get a trimmed down version of the big integer library including support for generating large primes, various sorts of block cipher padding, and PBE.

No PKCS decoders or unified keystore published yet, we can but hope.

[Paul.Todd]

or ECC or FIPS compliance but then again its not in the devkits either....

I posted a blog entry about it last night, the petran example code is also being shipped

[mayur_24]

An exciting day for Symbian developers, you no longer need to rely on OpenSSL for all your crypto needs (at least for 9.1+...) because the Symbian crypto library headers and libs are at long last published...

Get them here: http://developer.symbian.com/forum/ann.jspa?annID=14

The crypto library adds asymmetric ciphers RSA, DSA and DH and symmetric ciphers AES, 3DES, DES, RC4, RC2 to the already published hash library.

In addition, you get a trimmed down version of the big integer library including support for generating large primes, various sorts of block cipher padding, and PBE.

No PKCS decoders or unified keystore published yet, we can but hope.

That is some good news.
So no more porting hassles .
--Mayur.

[b0ssY]

Hi all,

Can this Crypto Library be used with S60 2nd Edition? Just wondering, though I went to the link and realised its for 3rd edition only.

*Hoping that someone would reply "yes"

Thanks.

[mayur_24]

The answer is a 'NO'.
The device binaries are ARMV5 not ARMI so they are not binary compatible with 2nd edition devices at all.
--Mayur.

[b0ssY]

Hi,

Thanks for the reply! Do you know, by chance, of any 3rd party Encryption method that is usable for s60 2nd edition? I would require 3DES encryption though.

Thanks

[mayur_24]

You can check out this library:
http://www.eskimo.com/~weidai/cryptlib.html
Also usually with the encryption standard you get a default implentation,you can try using that as well.
http://archive.devx.com/sourcebank/d...rceNum=1028081
--Mayur.

[b0ssY]

Hi Mayur,

Appreciated your reply. But looks like porting over from these libraries you had mentioned needs quite a bit of work here. (just started on symbian c++ learning only)

Guess I have to work harder

Thanks.

[mayur_24]

Yes,you are welcome and as you said it would be better to finish off Symbian c++ basics first.
And porting is usually a tiresome job.
--Mayur.

[pzul_wisner]

The openSSL libraries are also available with Open C.

[b0ssY]

Hi all,

I have tried to port over a 3des code from http://xyssl.org/code/source/des/

I can compile it successfully on Symbian with minor changes.

However, I can't seem to encrypt any message with it. It returns me with error. [I'm using s60 3rd edition]

Can someone take a look at the codes and see whether is it compatible with Symbian?

Thanks deeply.

[mayur_24]

Hi all,

I have tried to port over a 3des code from http://xyssl.org/code/source/des/

I can compile it successfully on Symbian with minor changes.

However, I can't seem to encrypt any message with it. It returns me with error. [I'm using s60 3rd edition]

Can someone take a look at the codes and see whether is it compatible with Symbian?

Thanks deeply.

I had a quick glance and the code seems fine.
Can you point out what error code you are getting?
--Mayur.

[b0ssY]

Hi Mayur,

Thanks for your reply as always I didn't know if I port it successfully (or correctly I meant). I kept the unsigned chars and unsigned longs -> is that alright with Symbian? Because I know there's this TUint8s and TUint32s that represent unsigned char and unsigned long respectively. Should I use them instead?

I also included the epoc32/include/libc for <string.h> in the 3des.h file (as what I called it). And it compiles successfully after that. Do I need to create a class for it? As I noticed that it has no class to it.

The method I did to do 3des operation was:

des3_context* a;
des3_set_3key(a,key) <-- key is unsigned char[24], does this mean its a 24-byte key?

At this point, the program gave me an error: App Closed: encrypt (that's my program's name)
Sorry if I made stupid mistakes because my C++ isn't that good too.

Thanks for any input given. Awaiting eagerly.

b0ssY

[cdavies]

Yes, 3DES uses a key totalling 24 bytes in length. Think of it as keying 3 separate DES implementations, each requiring 8 bytes of key material (or, er, 7 bytes of key material and some parity bits *cough* NSA paranoia *cough*)

The code isn't after a string for this parameter, it needs a full 24 byte key which is usually generated by a psuedo-random function seeded by the passphrase.

Your other problem is the context parameter. This is essentially C-style code. It's expecting something of the form:

Code:

des3_context context;
des3_set_3key(&context, key);

Again, I have to say, if you don't know what you're doing with encryption and decryption don't try until you do. There are so many potential pitfalls that will mean your program offers no security whatsoever, you have to understand them to be able to avoid them.

[b0ssY]

Hi cdavies,

Thanks for your helpful input! Perhaps I should read up some books on encryption/decryption

Hmm, actually I'm happy just to be able to get this triple-des implementation up and working first, after which I will then try to understand what problems are there with this encryption/decryption concept... Then I will try and improve the security of my program then.

So sorry if I sound like those people who want to get something working without knowing what is the thing about...

Thanks!
b0ssY