Ok, I looked at the openssl documentation stating that
blowfish accepts a variable key length. But it also says
to use the EVP method of encryption for Applications because
it provides a more generic way to use multiple algorithms, etc...
Anyhow, I can't set a different key length for blowfish
using the EVP routines, this is what I'm doing:
char iv[]={ 1, 2, 3, 4, 5, 6, 7, 8 };
int do_crypt(char *source, long src_len, char *target, char *key)
{
int outlen, tmplen;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit(&ctx, EVP_bf_cbc(), key, iv);
/* let's try to extend the key length used!!!! */
EVP_CIPHER_CTX_set_key_length(&ctx, 32);
if (!EVP_EncryptUpdate(&ctx, target, &outlen, source, src_len+1))
return(0);
if (!EVP_EncryptFinal(&ctx, target + outlen, &tmplen))
return(0);
outlen += tmplen;
EVP_CIPHER_CTX_cleanup(&ctx);
return(outlen);
}
But when I comment out the key length line, and truncate the key
so it's only 16 bytes instead of 32, it returns the same ciphertext.
Is it not possible with EVP to change the key size??
I've checked the return code of EVP_CIPHER_CTX_set_key_length, and
everything looks like it should be working ...
I'm using OpenSSL 0.9.6b
thanks!
-Brad
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
