1MCRYPT(3) Library Functions Manual MCRYPT(3)
2
6 libmcrypt - encryption/decryption library
7
9 [see also mcrypt.h for more information]
10
12 The libmcrypt is a data encryption library. The library is thread safe
13 and provides encryption and decryption functions. This version of the
14 library supports many encryption algorithms and encryption modes. Some
15 algorithms which are supported: SERPENT, RIJNDAEL, 3DES, GOST, SAFER+,
16 CAST-256, RC2, XTEA, 3WAY, TWOFISH, BLOWFISH, ARCFOUR, WAKE and more.
17 OFB, CBC, ECB, nOFB, nCFB and CFB are the modes that all algorithms may
19 function. ECB, CBC, encrypt in blocks but CTR, nCFB, nOFB, CFB and OFB
20 in bytes (streams). Note that CFB and OFB in the rest of the document
21 represent the "8bit CFB or OFB" mode. nOFB and nCFB modes represents a
22 n-bit OFB/CFB mode, n is used to represent the algorithm's block size.
23 The library supports an extra STREAM mode to include some stream algo‐
24 rithms like WAKE or ARCFOUR.
25 In this version of the library all modes and algorithms are modular,
27 which means that the algorithm and the mode is loaded at run-time.
28 This way you can add algorithms and modes faster, and much easier.
29 LibMcrypt includes the following symmetric (block) algorithms:
31 DES: The traditional DES algorithm designed by IBM and US NSA. Uses 56
33 bit key and 64 bit block. It is now considered a weak algorithm, due to
34 its small key size (it was never intended for use with classified
35 data).
36 3DES or Triple DES: DES but with multiple (triple) encryption. It
38 encrypts the plaintext once, then decrypts it with the second key, and
39 encrypts it again with the third key (outer cbc mode used for cbc).
40 Much better than traditional DES since the key is now 168 bits (actu‐
41 ally the effective key length is 112 bits due to the meet-in-the-middle
42 attack).
43 CAST-128: CAST was designed in Canada by Carlisle Adams and Stafford
45 Tavares. The original algorithm used a 64bit key and block. The algo‐
46 rithm here is CAST-128 (also called CAST5) which has a 128bit key and
47 64bit block size.
48 CAST-256: CAST-256 was designed by Carlisle Adams. It is a symmetric
50 cipher designed in accordance with the CAST design procedure. It is an
51 extention of the CAST-128, having a 128 bit block size, and up to 256
52 bit key size.
53 xTEA: TEA stands for the Tiny Encryption Algorithm. It is a feistel
55 cipher designed by David Wheeler & Roger M. Needham. The original TEA
56 was intended for use in applications where code size is at a premium,
57 or where it is necessary for someone to remember the algorithm and code
58 it on an arbitrary machine at a later time. The algorithm used here is
59 extended TEA and has a 128bit key size and 64bit block size.
60 3-WAY: The 3way algorithm designed by Joan Daemen. It uses key and
62 block size of 96 bits.
63 SKIPJACK: SKIPJACK was designed by the US NSA. It was part of the ill-
65 fated "Clipper" Escrowed Encryption Standard (EES) (FIPS 185) proposal.
66 It operates on 64bit blocks and uses a key of 80 bits. SKIPJACK is pro‐
67 vided only as an extra module to libmcrypt.
68 BLOWFISH: The Blowfish algorithm designed by Bruce Schneier. It is bet‐
70 ter and faster than DES. It can use a key up to 448 bits.
71 TWOFISH: Twofish was designed by Bruce Schneier, Doug Whiting, John
73 Kelsey, Chris Hall, David Wagner for Counterpane systems. Intended to
74 be highly secure and highly flexible. It uses a 128bit block size and
75 128,192,256 bit key size. (Twofish is the default algorithm)
76 LOKI97: LOKI97 was designed by Lawrie Brown and Josef Pieprzyk. It has
78 a 128-bit block length and a 256bit key schedule, which can be initial‐
79 ized using 128, 192 or 256 bit keys. It has evolved from the earlier
80 LOKI89 and LOKI91 64-bit block ciphers, with a strengthened key sched‐
81 ule and a larger keyspace.
82 RC2: RC2 (RC stands for Rivest Cipher) was designed by Ron Rivest. It
84 uses block size of 64 bit and a key size from 8 to 1024 bits. It is
85 optimized for 16bit microprocessors (reflecting its age). It is
86 described in the RFC2268.
87 ARCFOUR: RC4 was designed by Ron Rivest. For several years this algo‐
89 rithm was considered a trade secret and details were not available. In
90 September 1994 someone posted the source code in the cypherpunks mail‐
91 ing list. Although the source code is now available RC4 is trademarked
92 by RSADSI so a compatible cipher named ARCFOUR is included in the
93 mcrypt distribution. It is a stream cipher and has a maximum key of
94 2048 bits.
95 RC6: RC6 was designed by Ron Rivest for RSA labs. In mcrypt it uses
97 block size of 128 bit and a key size of 128/192/256 bits. Refer to RSA
98 Labs and Ron Rivest for any copyright, patent or license issues for the
99 RC6 algorithm. RC6 is provided only as an extra module to libmcrypt.
100 RIJNDAEL: Rijndael is a block cipher, designed by Joan Daemen and Vin‐
102 cent Rijmen, and was approved for the USA's NIST Advanced Encryption
103 Standard, FIPS-197. The cipher has a variable block length and key
104 length. Rijndael can be implemented very efficiently on a wide range of
105 processors and in hardware. The design of Rijndael was strongly influ‐
106 enced by the design of the block cipher Square. There exist three ver‐
107 sions of this algorithm, namely: RIJNDAEL-128 (the AES winner) , RIJN‐
108 DAEL-192 , RIJNDAEL-256 The numerals 128, 192 and 256 stand for the
109 length of the block size.
110 MARS: MARS is a 128-bit block cipher designed by IBM as a candidate for
112 the Advanced Encryption Standard. Refer to IBM for any copyright,
113 patent or license issues for the MARS algorithm. MARS is provided only
114 as an extra module to libmcrypt.
115 PANAMA: PANAMA is a cryptographic module that can be used both as a
117 cryptographic hash function and as a stream cipher. It designed by Joan
118 Daemen and Craig Clapp. PANAMA (the stream cipher) is included in libm‐
119 crypt.
120 WAKE: WAKE stands for Word Auto Key Encryption, and is an encryption
122 system for medium speed encryption of blocks and of high security.
123 WAKE was designed by David J. Wheeler. It is intended to be fast on
124 most computers and relies on repeated table use and having a large
125 state space.
126 SERPENT: Serpent is a 128-bit block cipher designed by Ross Anderson,
128 Eli Biham and Lars Knudsen as a candidate for the Advanced Encryption
129 Standard. Serpent's design was limited to well understood mechanisms,
130 so that could rely on the wide experience of block cipher cryptanaly‐
131 sis, and achieve the highest practical level of assurance that no
132 shortcut attack will be found. Serpent has twice as many rounds as are
133 necessary, to block all currently known shortcut attacks. Despite these
134 exacting design constraints, Serpent is faster than DES.
135 IDEA: IDEA stands for International Data Encryption Algorithm and was
137 designed by Xuejia Lai and James Massey. It operates on 64bit blocks
138 and uses a key of 128 bits. Refer to Ascom-Tech AG for any copyright,
139 patent or license issues for the IDEA algorithm. IDEA is provided only
140 as an extra module to libmcrypt.
141 ENIGMA (UNIX crypt): A one-rotor machine designed along the lines of
143 Enigma but considerable trivialized. Very easy to break for a skilled
144 cryptanalyst. I suggest against using it. Added just for completeness.
145 GOST: A former soviet union's algorithm. An acronym for "Gosudarstven‐
147 nyi Standard" or Government Standard. It uses a 256 bit key and a 64
148 bit block.
149 The S-boxes used here are described in the Applied Cryptography book
150 by Bruce Schneier. They were used in an application for the Central
151 Bank of the Russian Federation.
152 Some quotes from gost.c: The standard is written by A. Zabotin
153 (project leader), G.P. Glazkov, and V.B. Isaeva. It was accepted and
154 introduced into use by the action of the State Standards Committee of
155 the USSR on 2 June 1989 as No. 1409. It was to be reviewed in 1993,
156 but whether anyone wishes to take on this obligation from the USSR is
157 questionable.
158 This code is based on the 25 November 1993 draft translation by Alek‐
159 sandr Malchik, with Whitfield Diffie, of the Government Standard of the
160 U.S.S.R. GOST 28149-89, "Cryptographic Transformation Algorithm",
161 effective 1 July 1990. (Whitfield.Diffie@eng.sun.com) Some details
162 have been cleared up by the paper "Soviet Encryption Algorithm" by
163 Josef Pieprzyk and Leonid Tombak of the University of Wollongong, New
164 South Wales. (josef/leo@cs.adfa.oz.au)
165 SAFER: SAFER (Secure And Fast Encryption Routine) is a block cipher
167 developed by Prof. J.L. Massey at the Swiss Federal Institute of Tech‐
168 nology. There exist four versions of this algorithm, namely: SAFER
169 K-64 , SAFER K-128 , SAFER SK-64 and SAFER SK-128. The numerals 64 and
170 128 stand for the length of the user-selected key, 'K' stands for the
171 original key schedule and 'SK' stands for the strengthened key schedule
172 (in which some of the "weaknesses" of the original key schedule have
173 been removed). In mcrypt only SAFER SK-64 and SAFER SK-128 are used.
174 SAFER+: SAFER+ was designed by Prof. J.L. Massey, Prof. Gurgen H.
176 Khachatrian and Dr. Melsik K. Kuregian for Cylink. SAFER+ is based on
177 the existing SAFER family of ciphers and provides for a block size of
178 128bits and 128, 192 and 256 bits key length.
179 A short description of the modes supported by libmcrypt:
183 STREAM: The mode used with stream ciphers. In this mode the keystream
185 from the cipher is XORed with the plaintext. Thus you should NOT ever
186 use the same key.
187 ECB: The Electronic CodeBook mode. It is the simplest mode to use with
189 a block cipher. Encrypts each block independently. It is a block mode
190 so plaintext length should be a multiple of blocksize (n*blocksize).
191 CBC: The Cipher Block Chaining mode. It is better than ECB since the
193 plaintext is XOR'ed with the previous ciphertext. A random block should
194 be placed as the first block (IV) so the same block or messages always
195 encrypt to something different. It is a block mode so plaintext length
196 should be a multiple of blocksize (n*blocksize).
197 CFB: The Cipher-Feedback Mode (in 8bit). This is a self-synchronizing
199 stream cipher implemented from a block cipher. This is the best mode to
200 use for encrypting strings or streams. This mode requires an IV.
201 OFB: The Output-Feedback Mode (in 8bit). This is a synchronous stream
203 cipher implemented from a block cipher. It is intended for use in noisy
204 lines, because corrupted ciphertext blocks do not corrupt the plaintext
205 blocks that follow. Insecure (because used in 8bit mode) so it is rec‐
206 ommended not to use it. Added just for completeness.
207 nOFB: The Output-Feedback Mode (in nbit). n Is the size of the block of
209 the algorithm. This is a synchronous stream cipher implemented from a
210 block cipher. It is intended for use in noisy lines, because corrupted
211 ciphertext blocks do not corrupt the plaintext blocks that follow. This
212 mode operates in streams.
213 nCFB: The Cipher-Feedback Mode (in nbit). n Is the size of the block of
215 the algorithm. This is a self synchronizing stream cipher implemented
216 from a block cipher. This mode operates in streams.
217 CTR: The Counter Mode. This is a stream cipher implemented from a block
219 cipher. This mode uses the cipher to encrypt a set of input blocks,
220 called counters, to produce blocks that will be XORed with the plain‐
221 text. In libmcrypt the counter is the given IV which is incremented at
222 each step. This mode operates in streams.
223 Error Recovery in these modes: If bytes are removed or lost from the
225 file or stream in ECB, CTR, CBC and OFB modes, are impossible to
226 recover, although CFB and nCFB modes will recover. If some bytes are
227 altered then a full block of plaintext is affected in ECB, nOFB and CTR
228 modes, two blocks in CBC, nCFB and CFB modes, but only the correspond‐
229 ing byte in OFB mode.
230 Encryption can be done as follows:
233 A call to function: MCRYPT mcrypt_module_open( char *algorithm, char*
235 algorithm_directory, char* mode, char* mode_directory);
236 This function associates the algorithm and the mode specified. The
238 name of the algorithm is specified in algorithm, eg "twofish", and the
239 algorithm_directory is the directory where the algorithm is (it may be
240 null if it is the default). The same applies for the mode. The library
241 is closed by calling mcrypt_module_close(), but you should not call
242 that function if mcrypt_generic_end() is called before. Normally it
243 returns an encryption descriptor, or MCRYPT_FAILED on error.
244 A call to function: int mcrypt_generic_init( MCRYPT td, void *key, int
246 lenofkey, void *IV);
247 This function initializes all buffers for the specified thread The max‐
249 imum value of lenofkey should be the one obtained by calling
250 mcrypt_get_key_size() and every value smaller than this is legal. Note
251 that Lenofkey should be specified in bytes not bits. The IV should
252 normally have the size of the algorithms block size, but you must
253 obtain the size by calling mcrypt_get_iv_size(). IV is ignored in ECB.
254 IV MUST exist in CFB, CBC, STREAM, nOFB and OFB modes. It needs to be
255 random and unique (but not secret). The same IV must be used for
256 encryption/decryption. After calling this function you can use the
257 descriptor for encryption or decryption (not both). Returns a negative
258 value on error.
259 To encrypt now call:
261 int mcrypt_generic( MCRYPT td, void *plaintext, int len);
263 This is the main encryption function. td is the encryption descriptor
265 returned by mcrypt_generic_init(). Plaintext is the plaintext you wish
266 to encrypt and len should be the length (in bytes) of the plaintext and
267 it should be k*algorithms_block_size if used in a mode which operated
268 in blocks (cbc, ecb, nofb), or whatever when used in cfb or ofb which
269 operate in streams. The plaintext is replaced by the ciphertext.
270 Returns 0 on success.
271 To decrypt you can call:
273 int mdecrypt_generic( MCRYPT td, void *ciphertext, int len);
275 The decryption function. It is almost the same with mcrypt_generic.
277 Returns 0 on success.
278 When you're finished you should call:
280 int mcrypt_generic_end( MCRYPT td);
282 This function terminates encryption specified by the encryption
284 descriptor (td). Actually it clears all buffers, and closes all the
285 modules used. Returns a negative value on error. This function is
286 deprecated. Use mcrypt_generic_deinit() and mcrypt_module_close()
287 instead.
288 int mcrypt_generic_deinit( MCRYPT td);
290 This function terminates encryption specified by the encryption
292 descriptor (td). Actually it clears all buffers. The difference with
293 mcrypt_generic_end() is that this function does not close the modules
294 used. Thus you should use mcrypt_module_close(). Using this function
295 you gain in speed if you use the same modules for several encryptions.
296 Returns a negative value on error.
297 int mcrypt_module_close( MCRYPT td);
299 This function closes the modules used by the descriptor td.
301 These are some extra functions that operate on modules that have been
304 opened: These functions have the prefix mcrypt_enc_*.
305 int mcrypt_enc_set_state(MCRYPT td, void *state, int size); This func‐
307 tion sets the state of the algorithm. Can be used only with block algo‐
308 rithms and certain modes like CBC, CFB etc. It is usefully if you want
309 to restart or start a different encryption quickly. Returns zero on
310 success. The state is the output of mcrypt_enc_get_state().
311 int mcrypt_enc_get_state(MCRYPT td, void *state, int *size); This func‐
313 tion returns the state of the algorithm. Can be used only certain modes
314 and algorithms. The size will hold the size of the state and the state
315 must have enough bytes to hold it. Returns zero on success.
316 int mcrypt_enc_self_test( MCRYPT td);
318 This function runs the self test on the algorithm specified by the
320 descriptor td. If the self test succeeds it returns zero.
321 int mcrypt_enc_is_block_algorithm_mode( MCRYPT td);
323 Returns 1 if the mode is for use with block algorithms, otherwise it
325 returns 0. (eg. 0 for stream, and 1 for cbc, cfb, ofb)
326 int mcrypt_enc_is_block_algorithm( MCRYPT td);
328 Returns 1 if the algorithm is a block algorithm or 0 if it is a stream
330 algorithm.
331 int mcrypt_enc_is_block_mode( MCRYPT td);
333 Returns 1 if the mode outputs blocks of bytes or 0 if it outputs bytes.
335 (eg. 1 for cbc and ecb, and 0 for cfb and stream)
336 int mcrypt_enc_get_block_size( MCRYPT td);
338 Returns the block size of the algorithm specified by the encryption
340 descriptor in bytes. The algorithm MUST be opened using mcrypt_mod‐
341 ule_open().
342 int mcrypt_enc_get_key_size( MCRYPT td);
344 Returns the maximum supported key size of the algorithm specified by
346 the encryption descriptor in bytes. The algorithm MUST be opened using
347 mcrypt_module_open().
348 int* mcrypt_enc_get_supported_key_sizes( MCRYPT td, int* sizes)
350 Returns the key sizes supported by the algorithm specified by the
352 encryption descriptor. If sizes is zero and returns NULL then all key
353 sizes between 1 and mcrypt_get_key_size() are supported by the algo‐
354 rithm. If it is 1 then only the mcrypt_get_key_size() size is supported
355 and sizes[0] is equal to it. If it is greater than 1 then that number
356 specifies the number of elements in sizes which are the key sizes that
357 the algorithm supports. The returned value is allocated with malloc, so
358 you should not forget to free it.
359 int mcrypt_enc_get_iv_size( MCRYPT td);
361 Returns size of the IV of the algorithm specified by the encryption
363 descriptor in bytes. The algorithm MUST be opened using mcrypt_mod‐
364 ule_open(). If it is '0' then the IV is ignored in that algorithm. IV
365 is used in CBC, CFB, OFB modes, and in some algorithms in STREAM mode.
366 int mcrypt_enc_mode_has_iv( MCRYPT td);
368 Returns 1 if the mode needs an IV, 0 otherwise. Some 'stream' algo‐
370 rithms may need an IV even if the mode itself does not need an IV.
371 char* mcrypt_enc_get_algorithms_name( MCRYPT td);
373 Returns a character array containing the name of the algorithm. The
375 returned value is allocated with malloc, so you should not forget to
376 free it.
377 char* mcrypt_enc_get_modes_name( MCRYPT td);
379 Returns a character array containing the name of the mode. The
381 returned value is allocated with malloc, so you should not forget to
382 free it.
383 These are some extra functions that operate on modules: These functions
386 have the prefix mcrypt_module_*.
387 int mcrypt_module_self_test (char* algorithm, char* directory);
389 This function runs the self test on the specified algorithm. If the
391 self test succeeds it returns zero.
392 int mcrypt_module_is_block_algorithm_mode( char* algorithm, char*
394 directory);
395 Returns 1 if the mode is for use with block algorithms, otherwise it
397 returns 0. (eg. 0 for stream, and 1 for cbc, cfb, ofb)
398 int mcrypt_module_is_block_algorithm( char* mode, char* directory);
400 Returns 1 if the algorithm is a block algorithm or 0 if it is a stream
402 algorithm.
403 int mcrypt_module_is_block_mode( char* mode, char* directory);
405 Returns 1 if the mode outputs blocks of bytes or 0 if it outputs bytes.
407 (eg. 1 for cbc and ecb, and 0 for cfb and stream)
408 int mcrypt_module_get_algo_block_size( char* algorithm, char* direc‐
410 tory);
411 Returns the block size of the algorithm.
413 int mcrypt_module_get_algo_key_size( char* algorithm, char* directory);
415 Returns the maximum supported key size of the algorithm.
417 int* mcrypt_module_get_algo_supported_key_sizes( char* algorithm, char*
419 directory, int* sizes);
420 Returns the key sizes supported by the algorithm. If sizes is zero and
422 returns NULL then all key sizes between 1 and mcrypt_get_key_size() are
423 supported by the algorithm. If it is 1 then only the
424 mcrypt_get_key_size() size is supported and sizes[0] is equal to it. If
425 it is greater than 1 then that number specifies the number of elements
426 in sizes which are the key sizes that the algorithm supports. This
427 function differs to mcrypt_enc_get_supported_key_sizes(), because the
428 return value here is allocated (not static), thus it should be freed.
429 char** mcrypt_list_algorithms ( char* libdir, int* size);
432 Returns a pointer to a character array containing all the mcrypt algo‐
434 rithms located in the libdir, or if it is NULL, in the default direc‐
435 tory. The size is the number of the character arrays. The arrays are
436 allocated internally and should be freed by using mcrypt_free_p().
437 char** mcrypt_list_modes ( char* libdir, int *size);
439 Returns a pointer to a character array containing all the mcrypt modes
441 located in the libdir, or if it is NULL, in the default directory. The
442 size is the number of the character arrays. The arrays should be freed
443 by using mcrypt_free_p().
444 void mcrypt_free_p (char **p, int size);
446 Frees the pointer to array returned by previous functions.
448 void mcrypt_free (void *ptr);
450 Frees the memory used by the pointer.
452 void mcrypt_perror(int err);
454 This function prints a human readable description of the error 'err' in
456 the stderr. The err should be a value returned by
457 mcrypt_generic_init().
458 const char* mcrypt_strerror(int err);
460 This function returns a human readable description of the error 'err'.
462 The err should be a value returned by mcrypt_generic_init().
463 int mcrypt_mutex_register ( void (*mutex_lock)(void) , void
465 (*mutex_unlock)(void) );
466 This function is only used in multithreaded application and only if
468 compiled with dynamic module loading support. This is actually used
469 internally in libltdl. Except for the dynamic module loading libmcrypt
470 is thread safe.
471 Some example programs follow here. Compile as "cc prog.c -lmcrypt", or
474 "cc prog.c -lmcrypt -lltdl" depending on your installation. Libltdl is
475 used for opening dynamic libraries (modules).
476 /* First example: Encrypts stdin to stdout using TWOFISH with 128 bit key and CFB */
478 #include <mcrypt.h>
480 #include <stdio.h>
481 #include <stdlib.h>
482 /* #include <mhash.h> */
483 main() {
485 MCRYPT td;
487 int i;
488 char *key;
489 char password[20];
490 char block_buffer;
491 char *IV;
492 int keysize=16; /* 128 bits */
493 key=calloc(1, keysize);
495 strcpy(password, "A_large_key");
496 /* Generate the key using the password */
498 /* mhash_keygen( KEYGEN_MCRYPT, MHASH_MD5, key, keysize, NULL, 0, password, strlen(password));
499 */
500 memmove( key, password, strlen(password));
501 td = mcrypt_module_open("twofish", NULL, "cfb", NULL);
503 if (td==MCRYPT_FAILED) {
504 return 1;
505 }
506 IV = malloc(mcrypt_enc_get_iv_size(td));
507 /* Put random data in IV. Note these are not real random data,
509 * consider using /dev/random or /dev/urandom.
510 */
511 /* srand(time(0)); */
513 for (i=0; i< mcrypt_enc_get_iv_size( td); i++) {
514 IV[i]=rand();
515 }
516 i=mcrypt_generic_init( td, key, keysize, IV);
518 if (i<0) {
519 mcrypt_perror(i);
520 return 1;
521 }
522 /* Encryption in CFB is performed in bytes */
524 while ( fread (&block_buffer, 1, 1, stdin) == 1 ) {
525 mcrypt_generic (td, &block_buffer, 1);
526 /* Comment above and uncomment this to decrypt */
528 /* mdecrypt_generic (td, &block_buffer, 1); */
529 fwrite ( &block_buffer, 1, 1, stdout);
531 }
532 /* Deinit the encryption thread, and unload the module */
534 mcrypt_generic_end(td);
535 return 0;
537 }
539 /* Second Example: encrypts using CBC and SAFER+ with 192 bits key */
542 #include <mcrypt.h>
544 #include <stdio.h>
545 #include <stdlib.h>
546 main() {
548 MCRYPT td;
550 int i;
551 char *key; /* created using mcrypt_gen_key */
552 char *block_buffer;
553 char *IV;
554 int blocksize;
555 int keysize = 24; /* 192 bits == 24 bytes */
556 key = calloc(1, keysize);
559 strcpy(key, "A_large_and_random_key");
560 td = mcrypt_module_open("saferplus", NULL, "cbc", NULL);
562 blocksize = mcrypt_enc_get_block_size(td);
564 block_buffer = malloc(blocksize);
565 /* but unfortunately this does not fill all the key so the rest bytes are
566 * padded with zeros. Try to use large keys or convert them with mcrypt_gen_key().
567 */
568 IV=malloc(mcrypt_enc_get_iv_size(td));
570 /* Put random data in IV. Note these are not real random data,
572 * consider using /dev/random or /dev/urandom.
573 */
574 /* srand(time(0)); */
576 for (i=0; i < mcrypt_enc_get_iv_size(td); i++) {
577 IV[i]=rand();
578 }
579 mcrypt_generic_init( td, key, keysize, IV);
581 /* Encryption in CBC is performed in blocks */
583 while ( fread (block_buffer, 1, blocksize, stdin) == blocksize ) {
584 mcrypt_generic (td, block_buffer, blocksize);
585 /* mdecrypt_generic (td, block_buffer, blocksize); */
586 fwrite ( block_buffer, 1, blocksize, stdout);
587 }
588 /* deinitialize the encryption thread */
590 mcrypt_generic_deinit (td);
591 /* Unload the loaded module */
593 mcrypt_module_close(td);
594 return 0;
595 }
597 The library does not install any signal handler.
600 Questions about libmcrypt should be sent to:
602 mcrypt-dev@lists.hellug.gr or, if this fails, to the author
604 addresses given below. The mcrypt home page is:
605 http://mcrypt.hellug.gr
607
609 Version 2.4 Copyright (C) 1998-1999 Nikos Mavroyanopoulos (nmav@hel‐
610 lug.gr).
611 Thanks to all the people who reported problems and suggested various
613 improvements for mcrypt; who are too numerous to cite here.
614 10 March 2002 MCRYPT(3)