As the code is, EVP_EncryptFinal and EVP_DecryptFinal, do not reset
ctx->buf_len to 0 once done (there is an internal buffer to
EVP_CIPHER_CTX, that is used to hold on to trailing bytes that do not
complete a block).
This means that encrypting two sets of data with the same CTX will require
EVP_(Encrypt|Decrypt)Init to be called in between. This is wasteful, so I
have modified EVP_EncryptFinal and EVP_DecryptFinal to reset the value of
ctx->buf_len to zero.
Nagendra
diff -urN openssl-0.9.5a/crypto/evp/evp_enc.c openssl-0.9.5a-work/crypto/evp/evp_enc.c
--- openssl-0.9.5a/crypto/evp/evp_enc.c Fri Apr 23 15:10:20 1999
+++ openssl-0.9.5a-work/crypto/evp/evp_enc.c Thu Jul 20 09:41:05 2000
@@ -173,6 +173,7 @@
ctx->buf[i]=n;
ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
*outl=b;
+ ctx->buf_len=0;
}
void EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
@@ -255,6 +256,7 @@
for (i=0; i<n; i++)
out[i]=ctx->buf[i];
*outl=n;
+ ctx->buf_len=0;
}
else
*outl=0;
