Hi,
I've been fiddling with BIO_f_cipher() and have encountered a problem
when using it in conjunction with BIO_s_mem(). (This is OpenSSL 0.9.5a.)
Here's the code: (Python written like C; the (Python) functions are
named exactly like the ones in OpenSSL, just all lower-cased.)
bio = bio_new(bio_s_mem())
ciph = bf_cbc()
filter = bio_new(bio_f_cipher())
bio_set_cipher(bio, ciph, 'key', 'iv', 1)
bio_push(filter, bio)
bio_write(filter, '1234567890')
bio_flush(filter) # Not necessary for bio_s_mem().
bio_pop(filter)
bio_free(filter)
We wrote 10 bytes, using bf_cbc(). The BIO "bio" now contains 16 bytes
of ciphertext.
Now decrypt:
ciph = bf_cbc()
filter = bio_new(bio_f_cipher())
bio_set_cipher(bio, ciph, 'key', 'iv', 0)
bio_push(filter, bio)
print bio_read(filter, 1024)
The output of the above print statement is '12345678', 8 bytes.
If we write '1234567890123456', the ciphertext becomes 24 bytes, and
we get the 16 bytes back when we decrypt.
If we replace
bio = bio_new(bio_s_mem())
with
bio = bio_new_file('xxx', 'wb')
while encrypting, and use
bio = bio_new_file('xxx', 'rb')
before decrypting, it works, i.e., write '1234567890', get
the same back.
If we use a stream cipher, e.g., bf_cfb(), it works, of course,
with both bio_s_mem() and bio_new_file().
Is this a bug in the BIO routines, or have I missed something?
Cheers.
--
Ng Pheng Siong <[EMAIL PROTECTED]> * http://www.post1.com/home/ngps
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
