| Hey, EVP_DecryptFinal returns 0 for me, but no data is returned to
| supplied output buffer, and returned data length is set to 0. What could
| be the issue? bdec receives some correct data tho.
| u32 szbdec = 0;
| u8* bdec = new u8[resp.rSize + halfKey]; // half rSize = half
| if(!EVP_DecryptFinal(&ctx, bdec, (int*)&szbdec))
szbdec is an IO parameter.
You have to initialize it to resp.rSize + halfKey
before passing it to EVP_DecryptFinal()
DMCA: The greed of the few outweighs the freedom of the many
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email]
Minor: treating szbdec which is actually u32 as int is not portable.
Assuming u32 is 32bits (it's not official, but that's the only sensible
thing to use that name for), there are platforms where int isn't 32bits.
Better to have an actual int variable and use that.
Minor: assuming the data you are passing (rBuff+halfkey for rSize-halfkey)
is correct, your output buffer is larger than needed. The plaintext is
never longer than the ciphertext; without padding it is the same size
(which for block modes must be a multiple of the blocksize); with padding
it may be up to a block shorter (and need not be a multiple). Unless
you intend to (later) combine some other data into the same buffer.
If you looked at that errorcode it probably was 0x0606508A which means
digital envelope routines:EVP_DecryptFinal_ex:data not multiple of block
(Aside: u32 is OK here. Even on a platform where the unsigned long _type_
is more than 32bits, the OpenSSL error _values_ still fit in 32bits.)
Even if this worked (with padding, or a stream mode like OFB),
it would overwrite the first plaintext block(s) (assuming there
are any, i.e. the Update call was at least one full block,
or with padding one full block plus some lag) and lose their length.
You want to step through the buffer by the amount gotten on previous
Update call(s), here one but in general may be more than one.