> From: owner-openssl-us...@openssl.org On Behalf Of emyr > Sent: Monday, 18 October, 2010 07:33
> Anyway, I now have another issue. > What I'm trying to do is to encrypt a password using blowfish, then > base64 it for writing as a string into a config file [and reverse] > http://www.ioncannon.net/programming/34/howto-base64-encode-wi th-cc-and-openssl/ > http://www.ioncannon.net/programming/122/howto-base64-decode-w ith-cc-and-openssl/ > Those have a lot of unnecessary headers, and are oddly asymmetric: encode chops the last char, which will always be a newline, but the decode example has the newline plus a useless null. Personally I consider it a waste of effort to go through the BIO structure unless you're streaming, or un/base64ing a whole file that is conveniently or even better accessed by BIO. When you do, b64BIO output by default generates and b64BIO input by default REQUIRES a newline at the end, and intermediate ones depending on the length of the data. This is correct for the PEM (S/)MIME and HTTP formats where base64 is most widespread, but often inconvenient for things like a 'string in a config file', so you may want/need to BIO_set_flags(b64bio,BIO_FLAGS_BASE64_NO_NL). > which are handy but I don't think this will work as it > doesn't tell you > the exact length of the decoded binary buffer - i.e it just uses the > length of the input string which will always be longer than > the actual > binary for b64. I will need this for the decrypting to work > correctly. > Is it possible to get the exact length of the base64 decoded binary > using the SSL library? > Yes, that code fails to capture the decoded length. Using b64BIO like that, the number of bytes decoded is the return from BIO_read. (In general, the return from BIO_read is the data read; for b64BIO, data read is bytes decoded from chars read from the underlying BIO; for b64BIO/memBIO-in, it's bytes decoded from chars in the buffer.) Personally for small in-memory without newlines like this, I just call EVP_{Encode|Decode}Block. (Or in cases where openssl isn't convenient, use my own code; it's only about 10 lines to encode and 20 to decode.) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
