如何用c语言翻译openssl命令pbkdf2

Hy guys，关于openssl的另一个问题：

我有这个命令：

openssl enc -aes-192-cbc -pbkdf2 -e -in <infile> -out <outfile> -pass pass:password 

现在我只有这个命令的密文，我知道密码，然后我也知道salt，它是字符串"Salted__"之后密文的前8个字节。我还知道openssl作为默认参数使用1000次迭代计数，sha256作为摘要。我的问题是：如何回到c语言的派生键和派生iv？

我的代码是这样的，但它没有返回正确的值：

void decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *plaintext, const char *password, unsigned char* salt){
EVP_CIPHER_CTX *ctx;
int len;
int plaintext_len;
//unsigned char* key = "EF04020D6979FC09CC1859A2BFB832FFFCF57C64BA61F682"; right value
//unsigned char* iv = "722EDDC813763C9AAB96A0A6885CE1DB"; right value
unsigned char key[24], iv[16];
int i;  
PKCS5_PBKDF2_HMAC(password, strlen(password), (unsigned char*)salt, strlen(salt), 1000, EVP_sha256(), 16, key);
EVP_BytesToKey(EVP_aes_192_cbc(), EVP_sha256(), (unsigned char*)salt, (unsigned char*)password, strlen(password), 1000, key+16, iv);
printf("Key: "); for(i=0; i < 24; ++i){ printf("%02x", key[i]); } printf("n");
printf("IV: "); for(i=0; i < 16; ++i){ printf("%02x", iv[i]); } printf("nn");
//Create and initialise the context 
if(!(ctx = EVP_CIPHER_CTX_new()))
handleErrors();

//Initialise the decryption operation. IMPORTANT - ensure you use a key
//and IV size appropriate for your cipher
if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_192_cbc(), NULL, key, iv))
handleErrors();
//Provide the message to be decrypted, and obtain the plaintext output.
//EVP_DecryptUpdate can be called multiple times if necessary.
if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
handleErrors();
plaintext_len = len;
//Finalise the decryption. Further plaintext bytes may be written at
//this stage.
if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len))
handleErrors();
plaintext_len += len;
//Clean up 
EVP_CIPHER_CTX_free(ctx);
}

对正确的值进行了注释，我从终端中获取。。。。但是我的c代码不返回这些值。我认为这取决于我没有很好地翻译-pbkdf2派生密钥。。。请帮帮我