>From: Mohammad khodaei [mailto:m_khod...@yahoo.com] >Sent: Tuesday, 18 September, 2012 06:52
>Thanks for the response. The encryption is also done by me. >I have generated the cipher text as below: > in = BIO_new_mem_buf(pchContent, iPriKeyLen); > if (!in) { // > p7 = PKCS7_encrypt(recips, in, EVP_des_ede3_cbc(), flags); > if (!p7) { // > char* chEnc = new char[1000]; > BIO* memorybio = BIO_new(BIO_s_mem()); > BIO* base64bio = BIO_new(BIO_f_base64()); > BIO* outbio = BIO_push(base64bio, memorybio); > long ll = i2d_PKCS7_bio(outbio, p7); > BIO_flush(outbio); > BIO_set_flags(memorybio, BIO_FLAGS_MEM_RDONLY); > int iLength = BIO_get_mem_data(memorybio, &chEnc); Asides: I'm pretty sure you don't actually need to set RDONLY to do get_mem_data, and maybe not even flush beforehand. And BIO_get_mem_data overwrites the pointer you give it, so your new char[1000] is leaked. >The encrypted value is generated like this: > MIGkBgkqhkiG9w0BBwOggZYwgZMCAQAxfDB6AgEAMGQwVzELMAkGA1UEBhMCVUsx > EjAQBgNVBAcTCVRlc3QgQ2l0eTEWMBQGA1UEChMNT3BlblNTTCBHcm91cDEcMBoG > A1UEAxMTVGVzdCBTL01JTUUgUm9vdCBDQQIJAJ+rfmEoLQRhMA0GCSqGSIb3DQEB > AQUABAAwEAYJKoZIhvcNAQcBMAMGAQA= That is not DER, at least not plain DER; it's base64 *of* DER. >And I feed chEnc to the decryption procedure to be decrypted. >Is it correct? Any idea if the encoding is incorrect. To decode (and decrypt) that, you need to decode base64 first, *then* decode DER. If/since you have it in memory, basically do the reverse of your creation: BIO_new_mem_buf of the base64 data, BIO_push a base64BIO on the memBIO, and d2i from the result. <snip previous> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org