Hello,
> Im trying to encrypt/decrypt a string using openssl.
> The program works fine for encryption but fails(not always) for
> decryption. This happens in EVP_CipherFinal_ex() call.
> I'm a bit confused with this random behavior. I've attached the code.
> Can anybody point me out what I'm doing wrong here?
> unsigned char key[] = "0123456789";
> unsigned char iv[] = "12345671";
>
> EVP_CIPHER_CTX_init(&ctx);
> /*EVP_CipherInit_ex(&ctx, EVP_rc2(), NULL, NULL, NULL,
do_encrypt);*/
> /*EVP_CipherInit_ex(&ctx, EVP_rc2_cbc(), NULL, NULL, NULL,
do_encrypt);*/
> /*EVP_CipherInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, NULL, NULL,
do_encrypt);*/
> EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
do_encrypt);
> EVP_CIPHER_CTX_set_key_length(&ctx, 10);
> EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
Key and initialization vector for block ciphers (AES,DES in CBC mode)
should be fixed size:
aes128: key: 16, iv: 16
3des: key: 24, iv: 8
If you provide small buffers, some data from the end of buffer
will be used and depending on this random data you may have
decryption success or error.
For EVP_CIPHER_CTX_set_key_length() to work, cipher must have ability
to set variable key length. Check error code when using this function.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
