>>>I've been fiddling with BIO_f_cipher() and have encountered a problem
when using it in
>>>conjunction with BIO_s_mem(). (This is OpenSSL 0.9.5a.)
The reason for this behavior is that with block ciphers when the cipher bio
asks the mem bio
to give it more data the mem bio does not know that it will not be given
more data to return to
those who read from it ;-)
The stack would look like BIO_read->enc_read->mem_read where mem_read
returns
-1 telling you to read again because it does not know that no more data will
appear in the
"stream" thus enc_read does not call CipherFinal() and the remainder of the
block is not
being decrypted.
If a file bio is used instead of a memory bio - file bio tells its client
that
there are no more data to be read and CipherFinal() is called.
The workaround would look like
1. Read from BIO until it returns -1 asking for more data and you
know you have no more left
2. Say the magic word "BIO_set_mem_eof_return( bmemold, 0);"
3. call BIO_read() again which will give you the rest of the block
The following comment from bss_mem.c explaining the second parameter in the
BIO_set_mem_eof_return:
/* bio->num is used to hold the value to return on 'empty', if it is
* 0, should_retry is not set
*/
I guess that solution should not mess up stream cipher BIOs either
I would appreciate someone from the development ream telling me if this
solution is not a proper one
Thanks!
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
