> From: owner-openssl-us...@openssl.org On Behalf Of NaGaGo
> Sent: Thursday, 19 November, 2009 02:02
> #include <sys/types.h>
> #include <unistd.h>
> #include <stdlib.h>
> #include <string.h>
> #include <stdio.h>
> #include <openssl/aes.h>
> #define AES_BLOCK_SIZE 16
This is already in aes.h, you don't need to define it yourself.
>
> int main()
> {
>
> unsigned long size;
> FILE * inFile;
> FILE * outFile;
> char * pInBuff;
> char * pOutBuff;
I would make these pointer to unsigned char, since
that's how you want to use them; see below.
> size_t n,m;
> AES_KEY *key = malloc (sizeof(AES_KEY));
>
> if (key == NULL)
> {
> printf ("Error in AES_KEY.\n");
> return -1;
> }
Okay, key points to suitable memory for a key object.
<snip file opens and allocs>
> if(!AES_set_decrypt_key(uKey, 256, &key))
> {
> printf ("Error in set decrypt key.\n");
> return -1;
> }
>
key is a pointer, so pass its value, not &key.
&key here causes OpenSSL to clobber your stack frame.
key causes it to use the memory you correctly allocated.
As I said, the other approach is to declare an actual object
AES_KEY /*not pointer!*/ key;
and pass &key in both places. Experienced C programmers
(IMO) consider it better style to use this form for small
fixed-size objects (as opposed to things like your data
buffers, which apparently depend on the file you are given).
It's not illegal or unsafe to use malloc for such things,
just more work and clutter, less efficient and less common.
In general, whenever you get an error return from an OpenSSL
routine, you should look at OpenSSL's error info. Either
call ERR_get_error() to get the number, preferably decode it
with ERR_error_string assuming you have loaded error strings,
display, and repeat until you get 0; or if you have a suitable
outfile, which stderr usually is, just call ERR_print_errors.
But in this particular case, of an *invalid* pointer,
it appears to me OpenSSL won't detect it and thus can't
give you good error information here.
<snip read>
> AES_cbc_encrypt((const unsigned char *)pInBuff,
> (unsigned char *)pOutBuff,
> size,
> &key,
> iv,
> AES_DECRYPT);
>
Again key not &key, unless key is an actual object.
And if the pointers are to unsigned char, no casts.
<snip write>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
