Use the maximum block length for the extra size in the encrypt

author Dr. Stephen Henson <steve@openssl.org>

Wed, 3 Oct 2001 12:47:03 +0000 (12:47 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Wed, 3 Oct 2001 12:47:03 +0000 (12:47 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Wed, 3 Oct 2001 12:47:03 +0000 (12:47 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Wed, 3 Oct 2001 12:47:03 +0000 (12:47 +0000)
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c

index f8336f261087f0b1867262aacf2df514fc2b180c..d9278fb507c76dc52babd7410bc455a846aa6aed 100644 (file)
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -71,7 +71,7 @@ static int enc_new(BIO *h);
  static int enc_free(BIO *data);
  static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
  #define ENC_BLOCK_SIZE (1024*4)
-#define BUF_OFFSET     8 /* XXX: why? */
+#define BUF_OFFSET     EVP_MAX_BLOCK_LENGTH
  
  typedef struct enc_struct
         {
@@ -81,7 +81,10 @@ typedef struct enc_struct
         int finished;
         int ok;                 /* bad decrypt */
         EVP_CIPHER_CTX cipher;
-       char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2/*why?*/];
+       /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
+        * can return up to a block more data than is presented to it
+        */
+       char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2];
         } BIO_ENC_CTX;
  
  static BIO_METHOD methods_enc=
@@ -171,7 +174,7 @@ static int enc_read(BIO *b, char *out, int outl)
                 {
                 if (ctx->cont <= 0) break;
  
-               /* read in at offset 8, read the EVP_Cipher
+               /* read in at IV offset, read the EVP_Cipher
                  * documentation about why */
                 i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 3 Oct 2001 12:47:03 +0000 (12:47 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 3 Oct 2001 12:47:03 +0000 (12:47 +0000)