> When i use to encrypt data, i have not problems.. when i
> decrypt the result of this code, i have not problem...
> when i decrypt with this program, i have
> 13015:error:06065064:digital envelope routines:
> EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:461:
> The EVP_DecryptUpdate works ok, decrypt the info, but the
> rest off encypted (the remaining encrypted data) is not
> decrypted, and the tlen = 0.
That code is really, really awful. Sorry to be blunt, but it's truly horrible.
for(i=0; i < strlen(hex) ; i=i+2){
sprintf(tmp,"%c%c",*(hex+i),*(hex+i+1));
sprintf(tmp,"%c",(unsigned int)strtol(tmp,NULL,16));
strcat(*ascii,tmp);
}
I mean, c'mon.
Your biggest overall problem is that you suffer from the "everything's a
string" delusion.
For example:
hextoascii(llave1,&key1);
hextoascii(llave2,&key2);
strcpy(key,key1);
strcat(key,key2);
strcat(key,key1);
You need to come up with some rational way to pass around chunks of data that
are not C-style strings. And you need to not use functions like 'strcpy' and
'strcat' on such chunks.
The 'str*' functions, 'strcat', 'strcpy', 'strlen', and so on are usable *only*
on C-style strings. That means a chunk of data that has a terminating zero byte
and cannot contain any embedded zero bytes. What stops 'key1' from containing
an embedded zero byte?
C-style strings should be used for input and output to humans or human-readable
files, but they're almost never appropriate for internal structures. You unpack
the user-supplied key into an internal structure -- that should *not* be a
C-style string.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
