moving from EVP to BIO_f_cipher

Thu, 30 Aug 2012 00:53:09 -0700 

Hi all

since OpenSSL allows to do the encryption using the BIO API and since I
need the BIO API anyways for the sockets I thought I rewrite my code to
use the BIOs instead of EVPs. However I see some strange behavior. I
create a cipher BIO on the server as follows:

encbio = BIO_new(BIO_f_cipher());
BIO_set_cipher(encbio,EVP_bf_cbc(),key,NULL,1); /* 1 = encryption */

Then I set it on top of the socket bio:

BIO_push(encbio,cbio);

Now I send some data:

        data_len = strlen(testmessage);
        printf("---> %d\n",data_len);
        while (written <= 0)
          {
            written = BIO_write(encbio,&data_len,sizeof(int));
            if (written <= 0)
              if (BIO_should_retry(encbio))
                BIO_write(encbio,&data_len,sizeof(int));
          }
        written=0;
        while (written <= 0)
          {
            printf("---> %s\n",testmessage);
            written = BIO_write(encbio,testmessage,data_len);
            if (written <= 0)
              if (BIO_should_retry(encbio))
                BIO_write(encbio,testmessage,data_len);
          }
        BIO_flush(encbio);

I create a decryption cipher bio in the same way on the client and as long
as I leave it as it is, it just works fine. The server sends data_len and
testmessage and the client receives it (and is able to decrypt it). Now I
want the client to send something back. So I set up an encryption cipher
bio on the client (like shown above) and a decryption cipher bio on the
server. So my source code looks like this:

server.c:

<encryption bio code> -> send 2 messages like above
<decryption bio code> -> receive 2 messages like above

client.c

<decryption bio code> -> receive 2 messages like above
<encryption bio code> -> send 2 messages like above

Now if I execute client and server, the client does only receive the first
message (the int data_len). It will not even receive testmessage from the
server as long as the server runs. However when I kill the server
(ctrl+c), the message arrives. That is weird since not even BIO_flush
helps. Whats going wrong here?

best regards
Carolin

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to