>From the BIO_f_cipher() man page:
BIO_flush() on an encryption BIO that is being written through is used to
signal that no more data is to be encrypted: this is used to flush and
possibly pad the final block through the BIO.
.
...
.
NOTES
When encrypting BIO_flush() must be called to flush the final block through
the BIO. If it is not then the final block will fail a subsequent decrypt
======================
Greg Stark
[EMAIL PROTECTED]
======================
----- Original Message -----
From: "Shaheed Bacchus" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, September 04, 2001 4:55 PM
Subject: Re:
> hello,
> i am trying to write a piece of code that will take an unsigned char*
> (called Data) and 3DES encode it and then store it in another
> unsigned char *. at the bottom of this message are two code
> snippets, #1 writes the encrypted data to a file BIO while #2
> writes it to a mem BIO. #1 appears to work perfectly, if i use
> the "openssl des3" command with the appropiate flags and key
> i can decrypt the file that was written. #2 does not work, the
> encrypted data produced is always shorter than the data
> produced by #1 and i cannot decrypt it. any ideas on why
> #2 will not work?
>
> code snippet #1:
> ------------------------------------------------------------------------
> const EVP_CIPHER *cipher=NULL;
> unsigned char *SaltPtr=NULL;
> unsigned char Salt[PKCS5_SALT_LEN];
> unsigned char Key[24], MD[MD5_DIGEST_LENGTH];
> BIO *OutData, *EncBio=NULL;
> BUF_MEM *OutDataBuf=NULL;
> static const char magic[]="Salted__";
> int DataLen=0;
>
> OpenSSL_add_all_algorithms();
> cipher = EVP_get_cipherbyname("des3");
> OutData = BIO_new(BIO_s_file());
> if (BIO_write_filename(OutData, "mytest.des") <= 0)
> {
> printf("Error with BIO_write\n");
> goto end;
> }
> if (RAND_pseudo_bytes(Salt, PKCS5_SALT_LEN) < 0)
> {
> printf("Error with RAND_pseudo_bytes\n");
> return (1);
> }
> if ((BIO_write(OutData, magic, sizeof(magic)-1) != sizeof(magic)-1)
> || (BIO_write(OutData, (char *) Salt, PKCS5_SALT_LEN) !=
> PKCS5_SALT_LEN))
> {
> printf("Error writing salt\n");
> goto end;
> }
> SaltPtr = Salt;
> EVP_BytesToKey(cipher, EVP_md5(), SaltPtr,
> (unsigned char *) Passwd,
> strlen(Passwd), 1, Key, MD);
> if (!(EncBio=BIO_new(BIO_f_cipher())))
> goto end;
> BIO_set_cipher(EncBio, cipher, Key, MD, 1);
> if (EncBio)
> {
> OutData = BIO_push(EncBio, OutData);
> }
> if (BIO_write(OutData, (char *)Data, strlen(Data)) != strlen(Data))
> {
> printf("Error writing Data\n");
> goto end;
> }
> ---------------------------------------------------------------------
>
> code snippet #2:
> ----------------------------------------------------------------------
> const EVP_CIPHER *cipher=NULL;
> unsigned char *SaltPtr=NULL;
> unsigned char Salt[PKCS5_SALT_LEN];
> unsigned char Key[24], MD[MD5_DIGEST_LENGTH];
> BIO *OutData, *EncBio=NULL;
> BUF_MEM *OutDataBuf=NULL;
> static const char magic[]="Salted__";
> int DataLen=0, ret=0;
>
> OpenSSL_add_all_algorithms();
> cipher = EVP_get_cipherbyname("des3");
> OutData = BIO_new(BIO_s_mem());
> if (RAND_pseudo_bytes(Salt, PKCS5_SALT_LEN) < 0)
> {
> printf("Error with RAND_pseudo_bytes \n");
> return (1);
> }
>
> if ((BIO_write(OutData, magic, sizeof(magic)-1) != sizeof(magic)-1) ||
> (BIO_write(OutData, (char *) Salt, PKCS5_SALT_LEN) !=
> PKCS5_SALT_LEN))
> {
> printf("Error writing salt\n");
> goto end;
> }
> EVP_BytesToKey(cipher, EVP_md5(), SaltPtr,
> (unsigned char *) Passwd,
> strlen(Passwd), 1, Key, MD);
> if (!(EncBio=BIO_new(BIO_f_cipher())))
> goto end;
> BIO_set_cipher(EncBio, cipher, Key, MD, 1);
> if (EncBio)
> {
> OutData = BIO_push(EncBio, OutData);
> }
> if (BIO_write(OutData, (char *)Data, strlen(Data)) != strlen(Data))
> {
> printf("Error writing Data\n");
> goto end;
> }
> BIO_get_mem_ptr(OutData, &OutDataBuf);
> DataLen = OutDataBuf->length;
> OutBuf = OutDataBuf->data;
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
