Re: Help with EVP_DecryptFinal_ex:bad decrypt

Victor Duchovni Thu, 15 Jan 2009 11:30:11 -0800

On Wed, Jan 14, 2009 at 06:17:28PM -0500, Adam Bender wrote:

>   if (!EVP_EncryptUpdate(&ctx, sym_out_buf, &out_total, (const unsigned char
> *) data, data_len)) {
>     ERR_print_errors_fp(stdout); }
>   if (!EVP_EncryptFinal_ex(&ctx, sym_out_buf, &out_len)) {
> ERR_print_errors_fp(stdout); }


BUG: Don't pass the same buffer/offset to EncryptFinal_ex(), this clobbers
the first encrypted block. Instead use "sym_out_buf + out_total" if the
buffer is long enough for both the original ciphertext and the final block.

>   if (!EVP_DecryptUpdate(&ctx, sym_out_buf, &out_total, (const unsigned char
> *) ctext, len)) {
>     ERR_print_errors_fp(stdout); }
>   if (!EVP_DecryptFinal_ex(&ctx, sym_out_buf, &out_len)) {
> ERR_print_errors_fp(stdout); }

Ditto.

-- 
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Re: Help with EVP_DecryptFinal_ex:bad decrypt

Reply via email to