On Sun, Apr 29, 2007, Michal wrote:
> EVP_DecryptInit (& ctx, EVP_bf_cbc (), key, (unsigned char*)iv);
> In the main() I have key:
> unsigned char key[]={'a','b','c','\0'};
> If I use this key and compile with -O2 option EVP_DecryptFianal fails.
> But if I define key as:
> static unsigned char key[]={'a','b','c','\0'};
> it works. It also works in if I don't specify -O2 option.
> What's happening ?
>
The supplied key has to be of the correct length. In the case of blowfish 128
bits by default, i.e. 16 bytes.
If the key is smaller it will use whatever garbage happens to follow the
buffer with unpredictable results.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
