> -----Original Message----- > From: Richard Levitte [mailto:[EMAIL PROTECTED] > Sent: Wednesday, March 12, 2008 7:21 PM > To: openssl-users@openssl.org; Xu, Qiang (FXSGSC) > Subject: Re: crypto library in openssl > > You're doing three mistakes: > > 1. you're assuming the EVP routines treat your data as character > strings. That's incorrect, it treats them as binary blobs. Any of > the bytes in that blob can be zero, and apparently, you're getting > a result that starts with a zero byte. > 2. you're not using the resulting length from the EVP routines. Doing > so will give you correct answer, strlen() is not guaranteed to do > that (it will only give you the correct answer if you have no zero > byte anywhere in the result). > 3. you're also not checking the returned result from the EVP routines.
It turns out that the pass phrase used in encryption and decryption process makes a difference. Originally, it is "benspassword", after I changed it to "MBPDBHRBW123456", it works perfectly. Although I am happy that the problem is solved, I am still a bit confused here: Should there be some requirement on the pass phrase? In my understanding, any pass phrase should be OK, in the condition that the same one is used both in encryption and in decryption. Any clarification on this, Richard? Thanks you, Xu Qiang ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
