Dr S N Henson wrote:
>
> Ben Laurie wrote:
> >
> > [EMAIL PROTECTED] wrote:
> > > /* read in at offset 8, read the EVP_Cipher
> > > * documentation about why */
> > > - i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
> > > + i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
> >
> > BTW, AFAICS, this is not documented at all - anyone know what its about?
> >
>
> I think this is so it can encrypt the buffer in place rather than have
> separate plain text and encrypted buffers. The way EVP works you can't
> have the same input and output buffers but because it handles a block at
> a time its legal to write the encrypted date one block behind the plain
> text. And presumably vice versa for decryption.
I wondered about that, but since a block can be up to 32 bytes (now, but
it used to be 16 or even 24 [what was that?], I believe), the offset is
wrong, right?
Also, it seems to work fine despite being wrong!
Should I change it to EVP_MAX_BLOCK_SIZE?
Also, why are there an extra two bytes in the buffer? Is this just
caution (I hate that kind of caution, I'd rather find out I was wrong
about the buffer size than allow some extra "for luck")?
Cheers,
Ben.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]