Do no try to pretend we're at the end of anything unless we're at the end

[openssl.git] / crypto / evp / bio_enc.c

diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
index 05f42494583b22aba99ae0d14a25b57047613ba1..f6ac94c6e1bba4464a6f6c7239cd42bde6fb9dfc 100644 (file)
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -71,7 +71,7 @@ static int enc_new(BIO *h);
 static int enc_free(BIO *data);
 static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
 #define ENC_BLOCK_SIZE (1024*4)
-#define BUF_OFFSET     EVP_MAX_BLOCK_LENGTH
+#define BUF_OFFSET     (EVP_MAX_BLOCK_LENGTH*2)
 
 typedef struct enc_struct
        {
@@ -110,8 +110,8 @@ static int enc_new(BIO *bi)
        BIO_ENC_CTX *ctx;
 
        ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
-       EVP_CIPHER_CTX_init(&ctx->cipher);
        if (ctx == NULL) return(0);
+       EVP_CIPHER_CTX_init(&ctx->cipher);
 
        ctx->buf_len=0;
        ctx->buf_off=0;
@@ -132,7 +132,7 @@ static int enc_free(BIO *a)
        if (a == NULL) return(0);
        b=(BIO_ENC_CTX *)a->ptr;
        EVP_CIPHER_CTX_cleanup(&(b->cipher));
-       memset(a->ptr,0,sizeof(BIO_ENC_CTX));
+       OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX));
        OPENSSL_free(a->ptr);
        a->ptr=NULL;
        a->init=0;
@@ -271,7 +271,7 @@ static int enc_write(BIO *b, const char *in, int inl)
                        if (i <= 0)
                                {
                                BIO_copy_next_retry(b);
-                               return(i);
+                               return (ret == inl) ? i : ret - inl;
                                }
                        n-=i;
                        ctx->buf_off+=i;
@@ -325,10 +325,7 @@ again:
                        {
                        i=enc_write(b,NULL,0);
                        if (i < 0)
-                               {
-                               ret=i;
-                               break;
-                               }
+                               return i;
                        }
 
                if (!ctx->finished)
@@ -408,8 +405,8 @@ EVP_CIPHER_ctx *c;
        }
 */
 
-void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k,
-            unsigned char *i, int e)
+void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
+            const unsigned char *i, int e)
        {
        BIO_ENC_CTX *ctx;