Hi can you provide an example for using BIO_s_mem(to store the
ciphertext?
thanks
-----Original Message-----
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Victor Duchovni
Sent: Thursday, January 15, 2009 3:00 PM
To: openssl-users@openssl.org
Subject: Re: Help with EVP_DecryptFinal_ex:bad decrypt
On Thu, Jan 15, 2009 at 02:45:49PM -0500, Adam Bender wrote:
> > BUG: Don't pass the same buffer/offset to EncryptFinal_ex(), this
clobbers
> > the first encrypted block. Instead use "sym_out_buf + out_total" if
the
> > buffer is long enough for both the original ciphertext and the final
block.
>
> Thanks, that fixes it. I guess I was expecting the context to track
how
> many bytes it had written, or something.
That would make a poor interface for encrypting data streams, as one
would need a buffer large enough to hold an entire encrypted message,
but
in practice one wants to loop encrypting blocks of data, and to re-use
the same buffer once ciphertext is delivered to the right destination
(usually a network peer or a disk file).
If you want to buffer multiple cipherblocks, you could use a memory BIO
(see BIO_s_mem(3)) to store the ciphertext, and later read it back from
the BIO. This way you avoid any fragile use of malloc(), ... and can use
a suitable fixed size buffer for symmetric EVP_* operations regardless
of the message size (the variable size storage will be hidden in the
memory BIO). More typically, the data will not linger in memory, but
will
be written to the network or disk.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
