From 1a095560f79c002ca5bcbac531e12f7e770d8d37 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 3 Oct 2001 12:47:03 +0000 Subject: [PATCH] Use the maximum block length for the extra size in the encrypt BIO buffer instead of hard coding it as 8. --- crypto/evp/bio_enc.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index f8336f2610..d9278fb507 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -71,7 +71,7 @@ static int enc_new(BIO *h); static int enc_free(BIO *data); static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps); #define ENC_BLOCK_SIZE (1024*4) -#define BUF_OFFSET 8 /* XXX: why? */ +#define BUF_OFFSET EVP_MAX_BLOCK_LENGTH typedef struct enc_struct { @@ -81,7 +81,10 @@ typedef struct enc_struct int finished; int ok; /* bad decrypt */ EVP_CIPHER_CTX cipher; - char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2/*why?*/]; + /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate + * can return up to a block more data than is presented to it + */ + char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2]; } BIO_ENC_CTX; static BIO_METHOD methods_enc= @@ -171,7 +174,7 @@ static int enc_read(BIO *b, char *out, int outl) { if (ctx->cont <= 0) break; - /* read in at offset 8, read the EVP_Cipher + /* read in at IV offset, read the EVP_Cipher * documentation about why */ i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE); -- 2.34.1