>From: Mohammad khodaei [mailto:m_khod...@yahoo.com]
>Sent: Tuesday, 18 September, 2012 06:52
>Thanks for the response. The encryption is also done by me.
>I have generated the cipher text as below:
> in = BIO_new_mem_buf(pchContent, iPriKeyLen);
> if (!in) { //
> p7 = PKCS7_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
> if (!p7) { //
> char* chEnc = new char[1000];
> BIO* memorybio = BIO_new(BIO_s_mem());
> BIO* base64bio = BIO_new(BIO_f_base64());
> BIO* outbio = BIO_push(base64bio, memorybio);
> long ll = i2d_PKCS7_bio(outbio, p7);
> BIO_flush(outbio);
> BIO_set_flags(memorybio, BIO_FLAGS_MEM_RDONLY);
> int iLength = BIO_get_mem_data(memorybio, &chEnc);
Asides: I'm pretty sure you don't actually need to set RDONLY
to do get_mem_data, and maybe not even flush beforehand.
And BIO_get_mem_data overwrites the pointer you give it,
so your new char[1000] is leaked.
>The encrypted value is generated like this:
> MIGkBgkqhkiG9w0BBwOggZYwgZMCAQAxfDB6AgEAMGQwVzELMAkGA1UEBhMCVUsx
> EjAQBgNVBAcTCVRlc3QgQ2l0eTEWMBQGA1UEChMNT3BlblNTTCBHcm91cDEcMBoG
> A1UEAxMTVGVzdCBTL01JTUUgUm9vdCBDQQIJAJ+rfmEoLQRhMA0GCSqGSIb3DQEB
> AQUABAAwEAYJKoZIhvcNAQcBMAMGAQA=
That is not DER, at least not plain DER; it's base64 *of* DER.
>And I feed chEnc to the decryption procedure to be decrypted.
>Is it correct? Any idea if the encoding is incorrect.
To decode (and decrypt) that, you need to decode base64 first,
*then* decode DER. If/since you have it in memory, basically do
the reverse of your creation: BIO_new_mem_buf of the base64 data,
BIO_push a base64BIO on the memBIO, and d2i from the result.
<snip previous>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
