EVP_EncryptFinal and EVP_DecryptFinal must be used only one time after the last update.
2011/11/28 Jussi Peltonen <pelt...@gmail.com>: > I think I'm loadaing the correct DLL versions. > > From the Visual Studio IDE I can see that the libaye32.dll is loaded > from the debug folder where I copied it. > > libeay32.dll D:\work\openssl\ssl_test\debug\libeay32.dll N/A N/A > Symbols > loaded. D:\work\openssl\ssl_test\debug\libeay32.pdb 5 1.00.0.5 > 25.11.2011 > 11:34 10000000-10113000 [7580] ssl_test.exe: Native > > libeay32.dll is of version 1.0.0.5. I have built it from the source code. > > Having the libeay32.pdb file in the same folder I'm able to step into > EVP_DecryptUpdate(): > > evp_enc.c, lines 426-427: > > if (fix_len) > *outl += b; > > The "fix_len" flag"is not set during the first decrypt block but is > set during the rest of the blocks as the output of my test program > shows. Because of that increment the output buffer in my program > becomes larger that the original data before it is encrypted. > > outp += (olen + tlen); // olen too big here > > > 2011/11/28 Michael S. Zick <open...@morethan.org>: >> On Mon November 28 2011, Jussi Peltonen wrote: >>> Mike, >>> Did you read the original post? Why does not the blowfish sample work >>> on Windows XP? >>> >> >> Yup, >> My guess is a similar problem - >> not loading the *.dll version that you expected/intended to load >> or not linking against the *.dll version that you expected/intended. >> >> M$ and *nix systems use different library locating/loading >> algorithms - I can't help you with sorting out your M$ problem. >> >> Mike >> >>> Jussi >>> >>> 2011/11/28 Michael S. Zick <open...@morethan.org>: >>> > On Mon November 28 2011, Jussi Peltonen wrote: >>> >> No, it doesn't work on Linux either, if I link my test program using >>> >> OpenSSL 1.0.0e. >>> >> >>> >> The test program works on Linux if I link it differently. >>> >> >>> >> $ ldd blowfish >>> >> libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x40022000) >>> >> libc.so.6 => /lib/i686/libc.so.6 (0x400de000) >>> >> libdl.so.2 => /lib/libdl.so.2 (0x4020e000) >>> >> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) >>> >> >>> >> >>> >> /usr/lib/libcrypto.so -> libcrypto.so.0.9.6 >>> >> >>> >> Is this a bug? >>> >> >>> > >>> > Only of your installation's /etc/ld.so.conf contents. ;-) >>> > or the included files/directories. >>> > >>> > Fix as required and then run ldconfig, see: "man ldconfig" >>> > >>> > Mike >>> >> Jussi >>> >> >>> >> 2011/11/24 Jussi Peltonen <pelt...@gmail.com>: >>> >> > Hello, >>> >> > >>> >> > newbie question regarding the Blowfish algorithm: why do my >>> >> > encrypt/decypt functions fail on Windows XP SP3 with OpenSSL 1.0.0e? >>> >> > The same functions work on my Linux workstation. >>> >> > >>> >> > Windows output: >>> >> > ============ >>> >> > Encrypt: >>> >> > encrypting 7680 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 512 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > encrypted 7744 bytes >>> >> > >>> >> > Decrypt: >>> >> > decrypting 7744 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1032 bytes <= why 1032 instead of 1024? >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1032 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1032 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1032 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1032 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1032 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 520 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > decrypted 7736 bytes >>> >> > >>> >> > Linux output: >>> >> > ========== >>> >> > encrypting 7680 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > EVP_DecryptUpdate 512 bytes >>> >> > EVP_DecryptFinal 8 bytes >>> >> > encrypted 7744 bytes >>> >> > >>> >> > decrypting 7744 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 1024 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > EVP_DecryptUpdate 512 bytes >>> >> > EVP_DecryptFinal 0 bytes >>> >> > decrypted 7680 bytes >>> >> > >>> >> > >>> >> > Source code: >>> >> > >>> >> > static int >>> >> > decrypt (unsigned char *inbuf, int size, unsigned char *outbuf, >>> >> > int *outsz) >>> >> > { >>> >> > int olen, tlen, n, left; >>> >> > unsigned char *inp = inbuf; >>> >> > unsigned char *outp = outbuf; >>> >> > EVP_CIPHER_CTX ctx; >>> >> > >>> >> > printf("decrypting %d bytes\n", size); >>> >> > >>> >> > EVP_CIPHER_CTX_init (&ctx); >>> >> > EVP_DecryptInit (&ctx, EVP_bf_cbc (), key, iv); >>> >> > >>> >> > left = size; >>> >> > *outsz = 0; >>> >> > >>> >> > while (left > 0) >>> >> > { >>> >> > n = (left > OP_SIZE ? OP_SIZE : left); >>> >> > olen = 0; >>> >> > memset((void *)outp, 0, IP_SIZE); >>> >> > if (EVP_DecryptUpdate (&ctx, outp, &olen, inp, n) != 1) >>> >> > { >>> >> > return -1; >>> >> > } >>> >> > printf("EVP_DecryptUpdate %d bytes\n", olen); >>> >> > >>> >> > if (EVP_DecryptFinal (&ctx, outp + olen, &tlen) != 1) >>> >> > { >>> >> > return -1; >>> >> > } >>> >> > printf("EVP_DecryptFinal %d bytes\n", tlen); >>> >> > >>> >> > *outsz = ((*outsz) + olen + tlen); >>> >> > inp += n; >>> >> > left -= n; >>> >> > outp += (olen + tlen); >>> >> > } >>> >> > >>> >> > printf("decrypted %d bytes\n", *outsz); >>> >> > >>> >> > EVP_CIPHER_CTX_cleanup (&ctx); >>> >> > return 0; >>> >> > } >>> >> > >>> >> > static int >>> >> > encrypt (unsigned char *inbuf, int size, unsigned char *outbuf, int >>> >> > *outsz) >>> >> > { >>> >> > int olen, tlen, n, left; >>> >> > unsigned char *inp = inbuf; >>> >> > unsigned char *outp = outbuf; >>> >> > EVP_CIPHER_CTX ctx; >>> >> > >>> >> > printf("encrypting %d bytes\n", size); >>> >> > >>> >> > EVP_CIPHER_CTX_init (&ctx); >>> >> > EVP_EncryptInit (&ctx, EVP_bf_cbc (), key, iv); >>> >> > >>> >> > >>> >> > left = size; >>> >> > *outsz = 0; >>> >> > >>> >> > while (left > 0) >>> >> > { >>> >> > n = (left > IP_SIZE ? IP_SIZE : left); >>> >> > olen = 0; >>> >> > if (EVP_EncryptUpdate (&ctx, outp, &olen, inp, n) != 1) >>> >> > { >>> >> > return -1; >>> >> > } >>> >> > printf("EVP_DecryptUpdate %d bytes\n", olen); >>> >> > >>> >> > if (EVP_EncryptFinal (&ctx, outp + olen, &tlen) != 1) >>> >> > { >>> >> > return -1; >>> >> > } >>> >> > printf("EVP_DecryptFinal %d bytes\n", tlen); >>> >> > >>> >> > *outsz = ((*outsz) + olen + tlen); >>> >> > inp += n; >>> >> > left -= n; >>> >> > outp += (olen + tlen); >>> >> > } >>> >> > >>> >> > printf("encrypted %d bytes\n", *outsz); >>> >> > >>> >> > EVP_CIPHER_CTX_cleanup (&ctx); >>> >> > return 0; >>> >> > } >>> >> > >>> >> > Cheers, >>> >> > Jussi >>> >> > >>> >> ______________________________________________________________________ >>> >> OpenSSL Project http://www.openssl.org >>> >> User Support Mailing List openssl-users@openssl.org >>> >> Automated List Manager majord...@openssl.org >>> >> >>> >> >>> > >>> > >>> > ______________________________________________________________________ >>> > OpenSSL Project http://www.openssl.org >>> > User Support Mailing List openssl-users@openssl.org >>> > Automated List Manager majord...@openssl.org >>> > >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-users@openssl.org >>> Automated List Manager majord...@openssl.org >>> >>> >> >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org >> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org