>From: owner-openssl-us...@openssl.org On Behalf Of Taraniteja Vishwanatha >Sent: Thursday, 25 April, 2013 16:43
>I was using the low level aes APIs and now have switched to EVP ones. >My string encryption and decryption always work fine. But when it comes >to files, I am getting malloc errors: malloc: *** error for object >: incorrect checksum for freed object - object was probably modified >after being freed. Actually your encrypt is wrong; you just didn't notice the error. >unsigned char* encryptBlockAES(unsigned char *plainText, int dataLength, >int *outLength,const unsigned char* keyData, int pageNo) >{ > unsigned char key[AES_BLOCK_SIZE*2], iv[AES_BLOCK_SIZE*2]; The fact that an AES-256 key is twice the size of an AES data block (128) -- and a -128 or -192 key is the same or half more -- is just coincidence. Use 256/8, or create your own name (#define or enum). OTOH the IV for (any) CBC is ONE data block. Allocating and setting a second block is just wasted -- and if you use values that differ only in the second block they won't actually protect against some attacks as intended. > enLength = dataLength + (AES_BLOCK_SIZE); > encryptedString = (unsigned char*)calloc(enLength, sizeof(unsigned char)); Nit: you don't need this buffer zeroed; malloc() would be fine. > EVP_CIPHER_CTX_init(&enCtx); > EVP_EncryptInit_ex(&enCtx, EVP_aes_256_cbc(), NULL, key, iv); > EVP_EncryptUpdate(&enCtx, encryptedString, &outLen, plainText, enLength); The length of plainText is dataLength not enLength. Using enLength creates a ciphertext that is longer than the buffer you allocated, usually corrupting your "heap" (malloc arena) with symptoms like the above, and is not the correct ciphertext for your data anyway. > EVP_EncryptFinal_ex(&enCtx, encryptedString + outLen, &tempLen); > *outLength = outLen + tempLen; > EVP_CIPHER_CTX_cleanup(&enCtx); > return encryptedString; ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org