[EMAIL PROTECTED] wrote:
>
> Hi,
>
> The first 8 bytes of my decrypted ciphertext are garbage. The rest is OK.
> I encrypt 12220 bytes in one pass with des_ede3_cbc_encrypt(...)
>
> Are the any prerequisites which are necessary for encrypting/decrypting with
> DES ?
>
Use of des_ede3_cbc_encrypt() is not advisable unless you have a good
reason for doing so. You should use EVP_Encrypt*() and EVP_Decrypt*().
Anyway your problem looks like IV trouble. When you start encrypting you
should supply a random IV parameter, it contains one block (8 bytes for
3DES) of data. When you decrypt you have to supply the *same* IV. If you
don't then the first block is corrupted in CBC mode.
The IV data is not sensitive and some protocols (such as S/MIME) include
a plain text copy of the IV in the relevant encoded structure.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
