On Friday, 20 January 2017 at 11:58:39 UTC, Rene Zwanenburg wrote:
On Friday, 20 January 2017 at 08:19:57 UTC, Chris M. wrote:
[...]
My guess:
The encrypted output will be a bit longer than your input.
You're not getting an out of bounds exception during encryption
since OpenSSL only has the pointer to write to, not a buffer
length it can check. The memory behind your buffer is
apparently committed, and will be written to by OpenSSL. This
is why using the same buffer to decrypt works: it continues to
read after the end of the buffer. (In case it's not clear,
writing and reading past the end of the buffer is really bad)
I expect OpenSSL to have a helper function to calculate the
required buffer size for a given input length. Use that to
allocate the buffer.
Turns out that was the issue, I needed to reserve more space for
the encrypted string with this
cipherLen = (clearLen/16 + 1) * 16;
The fun of working with C libraries
Anyway, thanks for the help
