On Thu, Jan 15, 2009 at 2:29 PM, Victor Duchovni <
victor.ducho...@morganstanley.com> wrote:
> On Wed, Jan 14, 2009 at 06:17:28PM -0500, Adam Bender wrote:
>
> > if (!EVP_EncryptUpdate(&ctx, sym_out_buf, &out_total, (const unsigned
> char
> > *) data, data_len)) {
> > ERR_print_errors_fp(stdout); }
> > if (!EVP_EncryptFinal_ex(&ctx, sym_out_buf, &out_len)) {
> > ERR_print_errors_fp(stdout); }
>
> BUG: Don't pass the same buffer/offset to EncryptFinal_ex(), this clobbers
> the first encrypted block. Instead use "sym_out_buf + out_total" if the
> buffer is long enough for both the original ciphertext and the final block.
Thanks, that fixes it. I guess I was expecting the context to track how
many bytes it had written, or something.
Adam
