If I simply replace "EVP_des_ede3_cbc" with "EVP_des_cbc" ... then it works
okay
Some serious bug?
On Fri, Aug 16, 2013 at 10:17 AM, Ztatik Light <ztatik.li...@gmail.com>wrote:
> same result - did you actually try it?
>
> BIO_read is producing this error:
>
> "error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt"
>
>
> On Fri, Aug 16, 2013 at 3:28 AM, Ben Laurie <b...@links.org> wrote:
>
>> Try
>>
>> write_data( file_, data, strlen(data) + 1, "mykey");
>>
>>
>>
>> On 16 August 2013 03:34, Ztatik Light <ztatik.li...@gmail.com> wrote:
>>
>>> ps, yes, line 29 is a mistake and should read: char new_filename[strlen(
>>> filename ) + 5];
>>>
>>> But even with that fix i get the same results
>>>
>>>
>>> On Fri, Aug 16, 2013 at 2:27 AM, Ztatik Light <ztatik.li...@gmail.com>wrote:
>>>
>>>> maybe not - still confused
>>>>
>>>>
>>>> On Fri, Aug 16, 2013 at 2:21 AM, Ztatik Light
>>>> <ztatik.li...@gmail.com>wrote:
>>>>
>>>>> strange i think it has something to do with me using "rb" and "wb"
>>>>> instead of "r" and "w"...
>>>>>
>>>>>
>>>>> On Fri, Aug 16, 2013 at 2:14 AM, Ztatik Light
>>>>> <ztatik.li...@gmail.com>wrote:
>>>>>
>>>>>> So, I'm having a really weird issue... i'm trying simple file
>>>>>> encryption/decryption with BIO_*, but if the encrypted file is in a
>>>>>> subdirectory.. i get garbage data,
>>>>>>
>>>>>> I'll post the code i'm using, with a brief elaboration on how i'm
>>>>>> using it and what behaviour i'm getting:
>>>>>>
>>>>>> ///////////////////////////////
>>>>>>
>>>>>> /*
>>>>>>>
>>>>>>> Example of ssl read and write to a file
>>>>>>>
>>>>>>>
>>>>>>>> gcc ssl_write_read.c -lssl
>>>>>>>
>>>>>>> ./a.out
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> */
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> #include <openssl/bio.h>
>>>>>>>
>>>>>>> #include <openssl/err.h>
>>>>>>>
>>>>>>> #include <openssl/rand.h>
>>>>>>>
>>>>>>> #include <openssl/ssl.h>
>>>>>>>
>>>>>>> #include <openssl/x509v3.h>
>>>>>>>
>>>>>>>
>>>>>>>> int read_whole_file( char* filename, char** data ){
>>>>>>>
>>>>>>> FILE* file = fopen( filename, "rb" );
>>>>>>>
>>>>>>> fseek( file, 0, SEEK_END );
>>>>>>>
>>>>>>> long fileSize = ftell( file );
>>>>>>>
>>>>>>> rewind( file );
>>>>>>>
>>>>>>> *data = malloc( fileSize );
>>>>>>>
>>>>>>> fread( *data, fileSize, 1, file );
>>>>>>>
>>>>>>> fclose( file );
>>>>>>>
>>>>>>> return fileSize;
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>> void encrypt_file( char* filename ){
>>>>>>>
>>>>>>> char new_filename[strlen( filename + 4 )];
>>>>>>>
>>>>>>> strcpy( new_filename, filename );
>>>>>>>
>>>>>>> strcat( new_filename, ".enc" );
>>>>>>>
>>>>>>> char* data;
>>>>>>>
>>>>>>> int fileSize = read_whole_file( filename, &data );
>>>>>>>
>>>>>>> write_data( new_filename, data, fileSize, (unsigned char*)"mykey"
>>>>>>>> );
>>>>>>>
>>>>>>> free( data );
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>>> int write_data(const char *filename, char *out, int len, unsigned
>>>>>>>> char *key)
>>>>>>>
>>>>>>> {
>>>>>>>
>>>>>>> int total, written;
>>>>>>>
>>>>>>> BIO *cipher, *buffer, *file;
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Create a buffered file BIO for writing */
>>>>>>>
>>>>>>> file = BIO_new_file(filename, "wb");
>>>>>>>
>>>>>>> if (!file)
>>>>>>>
>>>>>>> return 0;
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Create a buffering filter BIO to buffer writes to the file */
>>>>>>>
>>>>>>> buffer = BIO_new(BIO_f_buffer( ));
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Create a base64 encoding filter BIO */
>>>>>>>
>>>>>>> // b64 = BIO_new(BIO_f_base64( ));
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Create the cipher filter BIO and set the key. The last
>>>>>>>> parameter of
>>>>>>>
>>>>>>> BIO_set_cipher is 1 for encryption and 0 for decryption */
>>>>>>>
>>>>>>> cipher = BIO_new(BIO_f_cipher( ));
>>>>>>>
>>>>>>> BIO_set_cipher(cipher, EVP_des_ede3_cbc( ), key, NULL, 1);
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Assemble the BIO chain to be in the order
>>>>>>>> cipher-b64-buffer-file */
>>>>>>>
>>>>>>> // BIO_push(cipher, b64);
>>>>>>>
>>>>>>> // BIO_push(b64, buffer);
>>>>>>>
>>>>>>> BIO_push(cipher,buffer);
>>>>>>>
>>>>>>> BIO_push(buffer, file);
>>>>>>>
>>>>>>>
>>>>>>>> /* This loop writes the data to the file. It checks for errors
>>>>>>>> as if the
>>>>>>>
>>>>>>> underlying file were non-blocking */
>>>>>>>
>>>>>>> for (total = 0; total < len; total += written)
>>>>>>>
>>>>>>> {
>>>>>>>
>>>>>>> if ((written = BIO_write(cipher, out + total, len - total)) <=
>>>>>>>> 0)
>>>>>>>
>>>>>>> {
>>>>>>>
>>>>>>> if (BIO_should_retry(cipher))
>>>>>>>
>>>>>>> {
>>>>>>>
>>>>>>> written = 0;
>>>>>>>
>>>>>>> continue;
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>> break;
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Ensure all of our data is pushed all the way to the file */
>>>>>>>
>>>>>>> BIO_flush(cipher);
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> BIO_free_all(cipher);
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>>> BIO* decrypt_open( const char *filename, unsigned char *key ){
>>>>>>>
>>>>>>> int total, written;
>>>>>>>
>>>>>>> BIO *cipher, *buffer, *file;
>>>>>>>
>>>>>>> //char *b = malloc(len);
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Create a buffered file BIO for reading */
>>>>>>>
>>>>>>> file = BIO_new_file(filename, "rb");
>>>>>>>
>>>>>>> if (!file)
>>>>>>>
>>>>>>> return 0;
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Create a buffering filter BIO to buffer writes to the file */
>>>>>>>
>>>>>>> buffer = BIO_new(BIO_f_buffer( ));
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Create a base64 encoding filter BIO */
>>>>>>>
>>>>>>> // b64 = BIO_new(BIO_f_base64( ));
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Create the cipher filter BIO and set the key. The last
>>>>>>>> parameter of
>>>>>>>
>>>>>>> BIO_set_cipher is 1 for encryption and 0 for decryption */
>>>>>>>
>>>>>>> cipher = BIO_new(BIO_f_cipher( ));
>>>>>>>
>>>>>>> BIO_set_cipher(cipher, EVP_des_ede3_cbc( ), key, NULL, 0);
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> /* Assemble the BIO chain to be in the order
>>>>>>>> cipher-b64-buffer-file */
>>>>>>>
>>>>>>> // BIO_push(cipher, b64);
>>>>>>>
>>>>>>> // BIO_push(b64, buffer);
>>>>>>>
>>>>>>> BIO_push(cipher,buffer);
>>>>>>>
>>>>>>> BIO_push(buffer, file);
>>>>>>>
>>>>>>> return cipher;
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>> char* decrypt_read( BIO* cipher, int len, char* b ){
>>>>>>>
>>>>>>> int total, written;
>>>>>>>
>>>>>>>
>>>>>>>> // char b[len + 1];
>>>>>>>
>>>>>>> for (total = 0; total < len; total += written)
>>>>>>>
>>>>>>> {
>>>>>>>
>>>>>>> if ((written = BIO_read(cipher, b, len - total)) <= 0)
>>>>>>>
>>>>>>> {
>>>>>>>
>>>>>>> if (BIO_should_retry(cipher))
>>>>>>>
>>>>>>> {
>>>>>>>
>>>>>>> written = 0;
>>>>>>>
>>>>>>> continue;
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>> break;
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> b[total] = '\0';
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> return b;
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>>> int main(void)
>>>>>>>
>>>>>>> {
>>>>>>>
>>>>>>> //chdir("subdirectory");
>>>>>>>
>>>>>>> char *file_="test.txt";
>>>>>>>
>>>>>>> char* data = "howdy\n";
>>>>>>>
>>>>>>> write_data( file_, data, strlen(data), "mykey");
>>>>>>>
>>>>>>>
>>>>>>>> BIO* cipher = decrypt_open( file_, (unsigned char*)"mykey" );
>>>>>>>
>>>>>>> char b[999999];
>>>>>>>
>>>>>>> decrypt_read( cipher, 999999, b );
>>>>>>>
>>>>>>> BIO_flush( cipher );
>>>>>>>
>>>>>>> BIO_free_all( cipher );
>>>>>>>
>>>>>>> printf(">%s\n",b);
>>>>>>>
>>>>>>>
>>>>>>>> //char* test="plain.txt";
>>>>>>>
>>>>>>> //encrypt_file(test);
>>>>>>>
>>>>>>>
>>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>> ///////////////////////////////////////////////////////////
>>>>>>
>>>>>> 1. So, first run creates and writes encrypted file "test.txt" and
>>>>>> then decrypts and prints out the contents, "howdy",
>>>>>>
>>>>>> 2. Now, comment out line 141 // write_data( ... re-run to verify
>>>>>> "howdy", works fine
>>>>>>
>>>>>> 3. make directory "temp", move "test.txt" into "temp" and change line
>>>>>> 139 to reflect that: char *file_="temp/test.txt";.. re-run - I get no
>>>>>> results ??
>>>>>>
>>>>>> 4. Even more weird: change line 139 back to just "test.txt", and
>>>>>> replace file_ on line 143 with "temp/test.txt" ... so it reads: BIO*
>>>>>> cipher
>>>>>> = decrypt_open( "temp/test.txt", (unsigned char*)"mykey" ); // re-run...
>>>>>> now it works again all of a sudden. BUT - if you comment out line 139
>>>>>> // char *file_="test.txt";.... then it doesn't work again? Even though
>>>>>> *file_ isn't being used???
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>
