Mounir IDRASSI wrote:
>
> Hi,
>
> There are two main mistakes in your code:
> - The output of the MD5 is 16 bytes long but you are allocating 8
> bytes only. This will cause memory corruption.
> - AES-256 expects the key to be 32-bytes long but you want to use an
> MD5 digest as a key which is only 16-bytes. You should use SHA-256
> instead for this purpose.
>
1. I tried to allocate more, but got some extra-symbols returned with the
hash
char *chash = (char*)malloc(16);
MD5_Hash(pass, chash);
printf("%s \n", chash);
returned:
"Р♥>3dd0cd797a7399b56c470612887108eb"
2. Just for the test I doubled my MD5 digest and send it to Decryption
function and got the same sad result:
---------- CODE ----------
// double the key
char hash[65] = {0};
int i;
for (i = 0; i <= 64; i++)
{
if (i >= 32) hash[i] = chash[i-32];
else hash[i] = chash[i];
}
hash[65] = '\0';
printf("%s \n", hash);
---------- CODE ----------
Result:
[*] decryption result
ae e3 27 62 c8 8a 9a 76 0b 67 73 1e 17 f8 dc ca
оу'b╚КЪv♂gs▲↨°▄╩tСTUT*ыьЫuУ{╧$Qо
3. I also changed a little my Decryption code:
---------- CODE ----------
int templen;
EVP_DecryptFinal(&ctx, outbuf + outlen, &templen);
outlen = outlen + templen;
---------- CODE ----------
SO
---------- CODE ----------
for(i = 0; i < outlen; i++) printf("%02x ", outbuf[i]);
---------- CODE ----------
Now works fine
--
View this message in context:
http://www.nabble.com/aes_256_cbc-decryption-tp26074101p26076478.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
