The manual page on EVP_EncryptInit contains the incorrect usage case for EVP_CipherUpdate.
If EVP_CipherUpdate() fails, the caller is still supposed to invoke a EVP_CIPHER_CTX_cleanup() function. In this example taken from the manual page, the function just returns with 0 error code right when the EVP_CipherUpdate fails without doing so.
=== cut ===
EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);for(;;)
{
inlen = fread(inbuf, 1, 1024, in);
if(inlen <= 0) break;
if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen)
)
{
/* Error */
return 0;
}
fwrite(outbuf, 1, outlen, out);
}
if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen))
{
/* Error */
return 0;
}
fwrite(outbuf, 1, outlen, out);
EVP_CIPHER_CTX_cleanup(&ctx);
return 1;
}
=== cut ===-- Lev Walkin [EMAIL PROTECTED]
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
