> Thks. > > But, I also meet a problem when decrypt data(the encrypted data > is a 16 bytes long ). The code is below:
When you say "the encrypted data" is 16 bytes long, do you mean the data you encrypted was 16 bytes long before you encrypted it? Or do you mean that the encryption produced 16 bytes of output? > int ret; > EVP_CIPHER_CTX ctx; > EVP_CIPHER_CTX_init(&ctx); > > ret = EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), 0, key, > iv); // ret=1 > cout<<"EVP_CIPHER_CTX_block_size: > "<<EVP_CIPHER_CTX_block_size(&ctx)<<endl; // 16 > cout<<"EVP_CIPHER_CTX_key_length: > "<<EVP_CIPHER_CTX_key_length(&ctx)<<endl; // 16 > cout<<"EVP_CIPHER_CTX_iv_length: > "<<EVP_CIPHER_CTX_iv_length(&ctx)<<endl; //16 > > int outl; > int len=0; > ret = EVP_DecryptUpdate(&ctx, buffer, &outl, (unsigned char > *)in, 16); // ret = 1, outl=0 why? The return value indicates success, but no output was ready yet. > len += outl; > ret = EVP_DecryptFinal_ex(&ctx, buffer+len, &outl); // ret = > 0 why? here len=0 Apparently the bytes you send do not work out to complete blocks, so the finalizsation failed. > len += outl; > ret = EVP_CIPHER_CTX_cleanup(&ctx); > > > But, when I call EVP_DecryptUpdate with param inl = 17 > ret = EVP_DecryptUpdate(&ctx, buffer, &outl, (unsigned char *)in, > 17); // ret = 1, outl = 16 > > I get correct decrypted data. What's wrong with me? Sounds like you encrypted 16 bytes of data and got 17 bytes of output. Are you sure the returned length of the encryption was 16 after the finalization? DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]