Comment should be added to officeal documentation

Werner Koch wk at
Thu Jul 31 11:11:39 CEST 2008

On Wed, 30 Jul 2008 22:52, agl at said:

> Well... that's true of any handle which keeps state, right? What about
> CTR mode block ciphers, or CBC, or ... Or the K(block) style stream
> ciphers like Salsa20.. or probably anything that isn't ECB. It's been
> a while since I used the gcrypt API, but I believe that's true.

You are right.  A context/handle is there to convey state - if we would
not need state there would be no need for a context.

The problem at hand is an improper use of the API.  If you want to start
a operation you alocate a context, set the key and the IV and start.  Do
the same if you are going to decrypt.  Actually you don't need to get a
allocate new context but call gcry_cipher_reset to put it back into a
vanilla state.

I also advice against the use of arcfour becuase there are so many
things you can get wrong in using this particular stream cipher.  It is
pretty easy to use arcfour in an unsafe way and have the community fun
decrypting it.  Use AES and never use ECB mode with any cipher.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gcrypt-devel mailing list