Hi,
I am writing PKCS #5 v.2 PBE (password based encryption) program, and cannot make it work. The problem is that EVP_get_cipherbynid() always returns nil (see program below). I wonder if there is another way to get an appropriate EVP_CIPHER object that I can use to call PKCS12_pbe_crypt(). Any help would be appreciated. Thanks,
Zhenqiang Fan
My test program: Notice that PKCS5_pbe2_set() and PKCS12_pbe_crypt() are existing function in OpenSSL source.
#include <openssl/blowfish.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <stdio.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/rand.h>
#include <openssl/pkcs12.h>
#include "cryptlib.h"
int
main (int argc, char *argv[])
{
int iter = 1000;
FILE *in, *out;
EVP_CIPHER *cipher;
unsigned char salt[] = {
0x17, 0x7D, 0x65, 0xB6, 0x70, 0xF9, 0xE2, 0xEE
};
int saltlen = 8;
const EVP_CIPHER *pbe_cipher = NULL;
X509_ALGOR *pbe_algor = NULL;
char *pass = NULL;
int passlen;
unsigned char encryptedData[1024];
unsigned char dataToEncrypt[] = "Encrypt this sentence.";
int dataToEncryptLen, encryptedDataLen, decryptedDataLen;
unsigned char *decryptedData = NULL;
in = fopen(argv[1], "rb");
encryptedDataLen = fread(encryptedData, 1, 1024, in);
PKCS12_PBE_add();
/*
>>>>>>>>** My problem is that EVP_get_cipherbynid() always returns null.
*/
cipher = EVP_get_cipherbynid(NID_pbe_WithSHA1And3_Key_TripleDES_CBC);
pbe_algor = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
pass = "pineapple";
passlen = strlen(pass);
decryptedData = PKCS12_pbe_crypt(pbe_algor, pass, passlen,
encryptedData, encryptedDataLen,
&decryptedData, &decryptedDataLen, 0);
if (decryptedDataLen != 0)
printf ("Decrypted Data : %s\n", decryptedData);
out = fopen(argv[2], "wb");
decryptedDataLen = fwrite(decryptedData, 1, decryptedDataLen, out);
return 0;
}
