How to use C API to decode the aes-256-cbc file generated by openssl command line?

Question

I have read a link, and I can encode/decode data by C API correctly.

However, I have a file that is generated by openssl command line:

openssl aes-256-cbc -in plain.txt -out encrypted.txt
> enter password from stdin

Want to decode the output by using C API. The code is below:

unsigned char key[] = "password";
unsigned char iv[] = "";  // I don't know what is the default iv.
EVP_CipherInit(&ctx, EVP_aes_256_cbc(), key, iv, 0);

The output is wrong. Is there anyone know how to fix it? Maybe I called the wrong function? eg: EVP_PBE_CipherInit? I'm totally lost in the document and source code of openssl.

Any advice is welcome. Thank you in advance.

score 0 · Accepted Answer · edited Apr 15 '17 at 13:20

0

The openssl manpage says the key and iv values are generated from the password if not supplied. Also it gives a -P option to print the salt, key and iv value. (This is the key that needs to be passed to the function, not the password).

The salt value can be obtained from the file header. Then the key and iv has to regenerated using the same.

This stackexchange page gives a very detailed answer.

edited Apr 15 '17 at 13:20

daisy

22,498
29
129
265

answered Oct 30 '14 at 13:49

Sreekumar R

194
1
10

Thank you very much! The reference gives me deep insight about openssl. – ShenLei Oct 31 '14 at 04:27

How to use C API to decode the aes-256-cbc file generated by openssl command line?

1 Answers1