Dear All, I'm brand new to programming against OpenSSL (EVP) so if i make any stupid mistake I'm sorry in advance.
I use the blowfish algorithm from the OpenSSL page to encrypt a string in C. to code is from: http://www.openssl.org/docs/crypto/EVP_EncryptInit.html I have created a decrypt function and it fails (how wonderful) The problem lies in the EVP_DecryptFinal_ex. I have made use of the ERR_print_errors_fp(stderr); option to see what is wrong but it is quite a cryptic message: 2621:error:0606506D:lib(6):func(101):reason(109):evp_enc.c:323: What i can find on the internet is that it is a wrong lenght block or i need extra padding. But neither options have worked for me. C code ---------------------------------------- #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <net/if.h> #include <linux/if_tun.h> #include <sys/types.h> #include <sys/socket.h> #include <sys/ioctl.h> #include <sys/stat.h> #include <fcntl.h> #include <arpa/inet.h> #include <sys/select.h> #include <sys/time.h> #include <errno.h> #include <stdarg.h> /* needed for bf EVP routine */ #include <openssl/blowfish.h> #include <openssl/evp.h> int do_crypt(char *outfile) { printf("begin_in_encrypt\n"); /*DSW:don't forget to adjust buffer size for output size of buffer */ unsigned char outbuf[1024]; int outlen, tmplen; /* Bogus key and IV: we'd normally set these from * another source. */ /* 128 bit key */ unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15}; /* 64 bit iv */ unsigned char iv[] = {1,2,3,4,5,6,7,8}; char intext[] = "damir"; EVP_CIPHER_CTX ctx; FILE *out; EVP_CIPHER_CTX_init(&ctx); EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv); if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext))) { printf("error_in_encrypt_update\n"); ERR_print_errors_fp(stderr); return 0; } /* Buffer passed to EVP_EncryptFinal() must be after data just * encrypted to avoid overwriting it. */ if(!EVP_EncryptFinal_ex(&ctx, outbuf + outlen, &tmplen)) { printf("error_in_encrypt_final\n"); ERR_print_errors_fp(stderr); return 0; } outlen += tmplen; EVP_CIPHER_CTX_cleanup(&ctx); /* Need binary mode for fopen because encrypted data is * binary data. Also cannot use strlen() on it because * it wont be null terminated and may contain embedded * nulls. */ printf("done_in_encrypt\n"); printf("%s\n", outbuf); return 0; /* out = fopen(outfile, "wb"); fwrite(outbuf, 1, outlen, out); fclose(out); return 1; */ } int do_decrypt(char *outfile) { printf("begin_in_decrypt\n"); unsigned char outbuf[2000]; int outlen, tmplen; /* Bogus key and IV: we'd normally set these from * another source. */ /* 128 bit key */ unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15}; /* 64 bit iv */ unsigned char iv[] = {1,2,3,4,5,6,7,8}; char intext[] = ""; EVP_CIPHER_CTX ctx; FILE *out; EVP_CIPHER_CTX_init(&ctx); //EVP_CIPHER_CTX_set_padding(&ctx, 0); EVP_DecryptInit_ex(&ctx, EVP_bf_cbc (),NULL, key, iv); if(!EVP_DecryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext))) { printf("error_in_decrypt_update\n"); //ERR_print_errors_fp(stderr); return 0; } if(!EVP_DecryptFinal_ex(&ctx, outbuf + outlen, &tmplen)) { printf("error_in_decrypt_final\n"); ERR_print_errors_fp(stderr); return 0; } outlen += tmplen; EVP_CIPHER_CTX_cleanup(&ctx); /* Need binary mode for fopen because encrypted data is * binary data. Also cannot use strlen() on it because * it wont be null terminated and may contain embedded * nulls. */ printf("done_in_decrypt\n"); printf("%s\n", outbuf); return 0; /* out = fopen(outfile, "wb"); fwrite(outbuf, 1, outlen, out); fclose(out); return 1; */ } int main(){ do_crypt("test.txt"); do_decrypt("test1.txt"); printf("done_in_main\n"); return 0; } ---------------------------------------- Does anybody have an idea and could help me to get the decrypt function working? Thanks in advance! Daan ------------------------------------------ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
