Make Rijndael work! Those long flights have some good points.

diff --git a/apps/enc.c b/apps/enc.c
index 84179f57a0fcb6b5caa04164f58c5d8093bdc423..c319f546d8c9ab04d92f8dfb558dca1cf68dd284 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -92,7 +92,7 @@ int MAIN(int argc, char **argv)
        unsigned char *buff=NULL,*bufsize=NULL;
        int bsize=BSIZE,verbose=0;
        int ret=1,inl;
-       unsigned char key[24],iv[MD5_DIGEST_LENGTH];
+       unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
        unsigned char salt[PKCS5_SALT_LEN];
        char *str=NULL, *passarg = NULL, *pass = NULL;
        char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
@@ -542,12 +542,12 @@ bad:
                        else
                                memset(str,0,strlen(str));
                        }
-               if ((hiv != NULL) && !set_hex(hiv,iv,8))
+               if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
                        {
                        BIO_printf(bio_err,"invalid hex iv value\n");
                        goto end;
                        }
-               if ((hkey != NULL) && !set_hex(hkey,key,24))
+               if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
                        {
                        BIO_printf(bio_err,"invalid hex key value\n");
                        goto end;

diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 99e7c623e252c19ca070c333de1bb0cc6d0dd959..d9e4c01c906d2f2278c1c7522288775d4292e08f 100644 (file)
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -72,7 +72,7 @@
 int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
                          BN_MONT_CTX *mont, BN_CTX *ctx)
        {
-       BIGNUM *tmp,*tmp2;
+       BIGNUM *tmp;
        int ret=0;
 
        BN_CTX_start(ctx);

diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
index 831c71a2b5988f598aad4efdd8ae20729404a07f..f8336f261087f0b1867262aacf2df514fc2b180c 100644 (file)
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -71,6 +71,7 @@ static int enc_new(BIO *h);
 static int enc_free(BIO *data);
 static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
 #define ENC_BLOCK_SIZE (1024*4)
+#define BUF_OFFSET     8 /* XXX: why? */
 
 typedef struct enc_struct
        {
@@ -80,7 +81,7 @@ typedef struct enc_struct
        int finished;
        int ok;                 /* bad decrypt */
        EVP_CIPHER_CTX cipher;
-       char buf[ENC_BLOCK_SIZE+10];
+       char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2/*why?*/];
        } BIO_ENC_CTX;
 
 static BIO_METHOD methods_enc=
@@ -172,7 +173,7 @@ static int enc_read(BIO *b, char *out, int outl)
 
                /* read in at offset 8, read the EVP_Cipher
                 * documentation about why */
-               i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
+               i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
 
                if (i <= 0)
                        {
@@ -196,7 +197,7 @@ static int enc_read(BIO *b, char *out, int outl)
                        {
                        EVP_CipherUpdate(&(ctx->cipher),
                                (unsigned char *)ctx->buf,&ctx->buf_len,
-                               (unsigned char *)&(ctx->buf[8]),i);
+                               (unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
                        ctx->cont=1;
                        /* Note: it is possible for EVP_CipherUpdate to
                         * decrypt zero bytes because this is or looks like

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index e8621973ec0b1eeae8e40ada53cc368ca01a7ae6..17a0f306eb9b2857f0c1b2aa5e1a752a1a03709f 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -121,6 +121,7 @@
 #define EVP_MAX_MD_SIZE                        (16+20) /* The SSLv3 md5+sha1 type */
 #define EVP_MAX_KEY_LENGTH             32
 #define EVP_MAX_IV_LENGTH              16
+#define EVP_MAX_BLOCK_LENGTH           32
 
 #define PKCS5_SALT_LEN                 8
 /* Default PKCS#5 iteration count */
@@ -396,7 +397,7 @@ struct evp_cipher_ctx_st
 
        unsigned char  oiv[EVP_MAX_IV_LENGTH];  /* original iv */
        unsigned char  iv[EVP_MAX_IV_LENGTH];   /* working iv */
-       unsigned char buf[EVP_MAX_IV_LENGTH];   /* saved partial block */
+       unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
        int num;                                /* used by cfb/ofb mode */
 
        void *app_data;         /* application stuff */