How to generate key schedule for openssl 3des decryption on iphone

2.3k views Asked by At

I need to decrypt some data that has been 3des encoded on system running mono (C#)

I need to use openssl and decrypt on the iPhone.

I found an example which looks like this, and it runs without error on the iphone when I have openssl etc installed, but generates the wrong result for my test case which I've verified on the encoding system. The initialisation vector is correct, but what should I set the key schedule to since the only information I have is the input?

   DES_cblock ivec[] = {0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};   
   DES_key_schedule  ks1, ks2, ks3; 

   // What (and how) should I set ks1/2/3 to?

   DES_ede3_cbc_encrypt(input,output, 24*8, &ks1, &ks2, &ks3,ivec, DES_DECRYPT);

The decoding on the mono system is done with the following code;

   TripleDESCryptoServiceProvider m_des = new TripleDESCryptoServiceProvider();

   byte[] IV ={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
   m_des.KeySize = 24*8;

   MemoryStream memStream = new MemoryStream();
   CryptoStream cryptStream = new CryptoStream(memStream,m_des.CreateDecryptor(key, IV), CryptoStreamMode.Write);

   cryptStream.Write(input, 0, input.Length);
   cryptStream.FlushFinalBlock();

As far as I can tell, the key schedule isn't being specified, so I don't know what to set it to? I guess it gets derived from the key ... penny starting to drop ... but how?

Any ideas? (ideally from people with openssl expertise, use of this library is a pre-requisite for the project)

1

There are 1 answers

1
President James K. Polk On BEST ANSWER

Starting with the typedef for a DES_cblock:

typedef unsigned char DES_cblock[8];

Fill in you own code for the comments and use something like:

DES_key_schedule ks1, ks2, ks3;
DES_cblock key_8bytes;

/* ... copy the first 64 bits of the 192 bits into key_8bytes....*/
DES_set_key_unchecked(&key_8bytes, &ks1);

/* ... copy the second 64 bits of the 192 bits into key_8bytes....*/
DES_set_key_unchecked(&key_8bytes, &ks2);

/* ... copy the final 64 bits of the 192 bits into key_8bytes....*/
DES_set_key_unchecked(&key_8bytes, &ks3);