Topic: wc_AesSetIV(...)

The documentation shows that I should call wc_AesSetKey, then wc_AesSetIV, then w_AesCbcEncrypt.

Is it really necessary to call SetIV being as the call to SetKey also takes the IV as input?  It seems to work OK without calling it, but I just want to confirm that there's not some side effect that I'm missing.



2 (edited by Jacob 2015-12-08 16:53:34)

Re: wc_AesSetIV(...)

Hi gawiz,

Yes that will work, and is ok.

For the reason why... the wc_AesSetIV function is for adjusting the IV on the fly after the key has already been set. This is helpful at times in a SSL/TLS connection but is not needed to be explicitly called for use. You are correct that the SetKey allows for setting up the IV in the AES key structure.

Was the documentation looked at for use with a TLS/SSL connection? We have a wolfCrypt one at … rence.html

As an example:

Aes enc;
Aes dec;

const byte key[] = {  // some 24 byte key };
const byte iv[] = { // some 16 byte iv };

byte plain[32];   // an increment of 16, fill with data
byte cipher[32];

// encrypt
wc_AesSetKey(&enc, key, sizeof(key), iv, AES_ENCRYPTION);
wc_AesCbcEncrypt(&enc, cipher, plain, sizeof(plain));

cipher now contains the cipher text from the plain text.

// decrypt
wc_AesSetKey(&dec, key, sizeof(key), iv, AES_DECRYPTION);
wc_AesCbcDecrypt(&dec, plain, cipher, sizeof(cipher));

plain now contains the original plaintext from the cipher text.