diff options
Diffstat (limited to 'src/openssl/ciphers.c')
-rw-r--r-- | src/openssl/ciphers.c | 409 |
1 files changed, 233 insertions, 176 deletions
diff --git a/src/openssl/ciphers.c b/src/openssl/ciphers.c index 1b600625..c93f06b9 100644 --- a/src/openssl/ciphers.c +++ b/src/openssl/ciphers.c @@ -4,7 +4,7 @@ * This is free software; see Copyright file in the source * distribution for preciese wording. * - * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> + * Copyright (C) 2002-2016 Aleksey Sanin <aleksey@aleksey.com>. All Rights Reserved. */ #include "globals.h" @@ -21,10 +21,11 @@ #include <xmlsec/openssl/crypto.h> #include <xmlsec/openssl/evp.h> -/* this is not defined in OpenSSL 0.9.6 */ -#ifndef EVP_MAX_BLOCK_LENGTH -#define EVP_MAX_BLOCK_LENGTH 32 -#endif /* EVP_MAX_BLOCK_LENGTH */ +/* new API from OpenSSL 1.1.0 */ +#if !defined(XMLSEC_OPENSSL_110) +#define EVP_CIPHER_CTX_encrypting(x) ((x)->encrypt) +#endif /* !defined(XMLSEC_OPENSSL_110) */ + /************************************************************************** * @@ -36,25 +37,33 @@ typedef struct _xmlSecOpenSSLEvpBlockCipherCtx xmlSecOpenSSLEvpBlockCip struct _xmlSecOpenSSLEvpBlockCipherCtx { const EVP_CIPHER* cipher; xmlSecKeyDataId keyId; - EVP_CIPHER_CTX cipherCtx; + EVP_CIPHER_CTX* cipherCtx; int keyInitialized; int ctxInitialized; xmlSecByte key[EVP_MAX_KEY_LENGTH]; xmlSecByte iv[EVP_MAX_IV_LENGTH]; - xmlSecByte pad[EVP_MAX_BLOCK_LENGTH]; + xmlSecByte pad[2*EVP_MAX_BLOCK_LENGTH]; }; + static int xmlSecOpenSSLEvpBlockCipherCtxInit (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, xmlSecBufferPtr in, xmlSecBufferPtr out, int encrypt, const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx); +static int xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, + const xmlSecByte * in, + int inSize, + xmlSecBufferPtr out, + const xmlChar* cipherName, + int final); static int xmlSecOpenSSLEvpBlockCipherCtxUpdate (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, xmlSecBufferPtr in, xmlSecBufferPtr out, const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx); static int xmlSecOpenSSLEvpBlockCipherCtxFinal (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, + xmlSecBufferPtr in, xmlSecBufferPtr out, const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx); @@ -69,6 +78,7 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, xmlSecAssert2(ctx != NULL, -1); xmlSecAssert2(ctx->cipher != NULL, -1); + xmlSecAssert2(ctx->cipherCtx != NULL, -1); xmlSecAssert2(ctx->keyInitialized != 0, -1); xmlSecAssert2(ctx->ctxInitialized == 0, -1); xmlSecAssert2(in != NULL, -1); @@ -126,7 +136,7 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, } /* set iv */ - ret = EVP_CipherInit(&(ctx->cipherCtx), ctx->cipher, ctx->key, ctx->iv, encrypt); + ret = EVP_CipherInit(ctx->cipherCtx, ctx->cipher, ctx->key, ctx->iv, encrypt); if(ret != 1) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(cipherName), @@ -140,84 +150,59 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, /* * The padding used in XML Enc does not follow RFC 1423 - * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7 - * it is possible to disable padding and do it by yourself - * For OpenSSL 0.9.6 you have interop problems + * and is not supported by OpenSSL. However, it is possible + * to disable padding and do it by yourself + * + * https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Alg-Block */ -#ifndef XMLSEC_OPENSSL_096 - EVP_CIPHER_CTX_set_padding(&(ctx->cipherCtx), 0); -#endif /* XMLSEC_OPENSSL_096 */ + EVP_CIPHER_CTX_set_padding(ctx->cipherCtx, 0); + return(0); } static int -xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, - xmlSecBufferPtr in, xmlSecBufferPtr out, - const xmlChar* cipherName, - xmlSecTransformCtxPtr transformCtx) { - int blockLen, fixLength = 0, outLen = 0; - xmlSecSize inSize, outSize; +xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, + const xmlSecByte * in, + int inSize, + xmlSecBufferPtr out, + const xmlChar* cipherName, + int final) { xmlSecByte* outBuf; + xmlSecSize outSize; + int blockLen, outLen = 0; int ret; xmlSecAssert2(ctx != NULL, -1); + xmlSecAssert2(ctx->cipher != NULL, -1); + xmlSecAssert2(ctx->cipherCtx != NULL, -1); xmlSecAssert2(ctx->keyInitialized != 0, -1); xmlSecAssert2(ctx->ctxInitialized != 0, -1); xmlSecAssert2(in != NULL, -1); + xmlSecAssert2(inSize > 0, -1); xmlSecAssert2(out != NULL, -1); - xmlSecAssert2(transformCtx != NULL, -1); + /* OpenSSL docs: If the pad parameter is zero then no padding is performed, the total amount of + * data encrypted or decrypted must then be a multiple of the block size or an error will occur. + */ blockLen = EVP_CIPHER_block_size(ctx->cipher); xmlSecAssert2(blockLen > 0, -1); + xmlSecAssert2((inSize % blockLen) == 0, -1); - inSize = xmlSecBufferGetSize(in); + /* prepare: ensure we have enough space (+blockLen for final) */ outSize = xmlSecBufferGetSize(out); - - if(inSize == 0) { - /* wait for more data */ - return(0); - } - - /* OpenSSL docs: The amount of data written depends on the block - * alignment of the encrypted data: as a result the amount of data - * written may be anything from zero bytes to (inl + cipher_block_size - 1). - */ ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(cipherName), "xmlSecBufferSetMaxSize", XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", outSize + inSize + blockLen); + "size=%d", (int)(outSize + inSize + blockLen)); return(-1); } - outBuf = xmlSecBufferGetData(out) + outSize; - - /* - * The padding used in XML Enc does not follow RFC 1423 - * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7 - * it is possible to disable padding and do it by yourself - * For OpenSSL 0.9.6 you have interop problems. - * - * The logic below is copied from EVP_DecryptUpdate() function. - * This is a hack but it's the only way I can provide binary - * compatibility with previous versions of xmlsec. - * This needs to be fixed in the next XMLSEC API refresh. - */ -#ifndef XMLSEC_OPENSSL_096 - if(!ctx->cipherCtx.encrypt) { - if(ctx->cipherCtx.final_used) { - memcpy(outBuf, ctx->cipherCtx.final, blockLen); - outBuf += blockLen; - fixLength = 1; - } else { - fixLength = 0; - } - } -#endif /* XMLSEC_OPENSSL_096 */ + outBuf = xmlSecBufferGetData(out) + outSize; /* encrypt/decrypt */ - ret = EVP_CipherUpdate(&(ctx->cipherCtx), outBuf, &outLen, xmlSecBufferGetData(in), inSize); + ret = EVP_CipherUpdate(ctx->cipherCtx, outBuf, &outLen, in, inSize); if(ret != 1) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(cipherName), @@ -226,27 +211,24 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, XMLSEC_ERRORS_NO_MESSAGE); return(-1); } + xmlSecAssert2(outLen == inSize, -1); -#ifndef XMLSEC_OPENSSL_096 - if(!ctx->cipherCtx.encrypt) { - /* - * The logic below is copied from EVP_DecryptUpdate() function. - * This is a hack but it's the only way I can provide binary - * compatibility with previous versions of xmlsec. - * This needs to be fixed in the next XMLSEC API refresh. - */ - if (blockLen > 1 && !ctx->cipherCtx.buf_len) { - outLen -= blockLen; - ctx->cipherCtx.final_used = 1; - memcpy(ctx->cipherCtx.final, &outBuf[outLen], blockLen); - } else { - ctx->cipherCtx.final_used = 0; - } - if (fixLength) { - outLen += blockLen; + /* finalize transform if needed */ + if(final != 0) { + int outLen2 = 0; + + ret = EVP_CipherFinal(ctx->cipherCtx, outBuf + outLen, &outLen2); + if(ret != 1) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(cipherName), + "EVP_CipherFinal", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); } + + outLen += outLen2; } -#endif /* XMLSEC_OPENSSL_096 */ /* set correct output buffer size */ ret = xmlSecBufferSetSize(out, outSize + outLen); @@ -255,166 +237,226 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, xmlSecErrorsSafeString(cipherName), "xmlSecBufferSetSize", XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", outSize + outLen); + "size=%d", (int)(outSize + outLen)); + return(-1); + } + + /* done */ + return (0); +} + +static int +xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, + xmlSecBufferPtr in, xmlSecBufferPtr out, + const xmlChar* cipherName, + xmlSecTransformCtxPtr transformCtx) { + xmlSecSize inSize, blockLen, inBlocksLen; + xmlSecByte* inBuf; + int ret; + + xmlSecAssert2(ctx != NULL, -1); + xmlSecAssert2(ctx->cipherCtx != NULL, -1); + xmlSecAssert2(ctx->keyInitialized != 0, -1); + xmlSecAssert2(ctx->ctxInitialized != 0, -1); + xmlSecAssert2(in != NULL, -1); + xmlSecAssert2(out != NULL, -1); + xmlSecAssert2(transformCtx != NULL, -1); + + blockLen = EVP_CIPHER_block_size(ctx->cipher); + xmlSecAssert2(blockLen > 0, -1); + + inSize = xmlSecBufferGetSize(in); + if(inSize <= blockLen) { + /* wait for more data: we want to make sure we keep the last chunk in tmp buffer for + * padding check/removal on decryption + */ + return(0); + } + + /* OpenSSL docs: If the pad parameter is zero then no padding is performed, the total amount of + * data encrypted or decrypted must then be a multiple of the block size or an error will occur. + * + * We process all complete blocks from the input + */ + inBlocksLen = blockLen * (inSize / blockLen); + if(inBlocksLen == inSize) { + inBlocksLen -= blockLen; /* ensure we keep the last block around for Final() call to add/check/remove padding */ + } + xmlSecAssert2(inBlocksLen > 0, -1); + + inBuf = xmlSecBufferGetData(in); + ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, inBlocksLen, out, cipherName, 0); /* not final */ + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(cipherName), + "xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + NULL); return(-1); } /* remove the processed block from input */ - ret = xmlSecBufferRemoveHead(in, inSize); + ret = xmlSecBufferRemoveHead(in, inBlocksLen); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(cipherName), "xmlSecBufferRemoveHead", XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", inSize); + "size=%d", (int)inSize); return(-1); } + + /* just a double check */ + inSize = xmlSecBufferGetSize(in); + xmlSecAssert2(inSize > 0, -1); + xmlSecAssert2(inSize <= blockLen, -1); + + /* done */ return(0); } static int xmlSecOpenSSLEvpBlockCipherCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx, + xmlSecBufferPtr in, xmlSecBufferPtr out, const xmlChar* cipherName, xmlSecTransformCtxPtr transformCtx) { - int blockLen, outLen = 0, outLen2 = 0; - xmlSecSize outSize; + xmlSecSize inSize, outSize, blockLen; + xmlSecByte* inBuf; xmlSecByte* outBuf; int ret; xmlSecAssert2(ctx != NULL, -1); + xmlSecAssert2(ctx->cipher != NULL, -1); + xmlSecAssert2(ctx->cipherCtx != NULL, -1); xmlSecAssert2(ctx->keyInitialized != 0, -1); xmlSecAssert2(ctx->ctxInitialized != 0, -1); + xmlSecAssert2(in != NULL, -1); xmlSecAssert2(out != NULL, -1); xmlSecAssert2(transformCtx != NULL, -1); blockLen = EVP_CIPHER_block_size(ctx->cipher); xmlSecAssert2(blockLen > 0, -1); + xmlSecAssert2(blockLen <= EVP_MAX_BLOCK_LENGTH, -1); - outSize = xmlSecBufferGetSize(out); - - /* OpenSSL docs: The encrypted final data is written to out which should - * have sufficient space for one cipher block. We might have to write - * one more block with padding - */ - ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen); - if(ret < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(cipherName), - "xmlSecBufferSetMaxSize", - XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", outSize + 2 * blockLen); - return(-1); - } - outBuf = xmlSecBufferGetData(out) + outSize; + /* not more than one block left */ + inSize = xmlSecBufferGetSize(in); + inBuf = xmlSecBufferGetData(in); + xmlSecAssert2(inSize <= blockLen, -1); /* * The padding used in XML Enc does not follow RFC 1423 - * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7 - * it is possible to disable padding and do it by yourself - * For OpenSSL 0.9.6 you have interop problems. + * and is not supported by OpenSSL. However, it is possible + * to disable padding and do it by yourself * - * The logic below is copied from EVP_DecryptFinal() function. - * This is a hack but it's the only way I can provide binary - * compatibility with previous versions of xmlsec. - * This needs to be fixed in the next XMLSEC API refresh. + * https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html#sec-Alg-Block */ -#ifndef XMLSEC_OPENSSL_096 - if(ctx->cipherCtx.encrypt) { - int padLen; - - xmlSecAssert2(blockLen <= EVP_MAX_BLOCK_LENGTH, -1); + if(EVP_CIPHER_CTX_encrypting(ctx->cipherCtx)) { + xmlSecSize padLen; - padLen = blockLen - ctx->cipherCtx.buf_len; + /* figure out pad length, if it is 0 (i.e. inSize == blockLen) then set it to blockLen */ + padLen = blockLen - inSize; + if(padLen == 0) { + padLen = blockLen; + } xmlSecAssert2(padLen > 0, -1); + xmlSecAssert2(inSize + padLen <= sizeof(ctx->pad), -1); + + /* we can have inSize == 0 if there were no data at all, otherwise -- copy the data */ + if(inSize > 0) { + memcpy(ctx->pad, inBuf, inSize); + } /* generate random padding */ if(padLen > 1) { - ret = RAND_bytes(ctx->pad, padLen - 1); + ret = RAND_bytes(ctx->pad + inSize, padLen - 1); if(ret != 1) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(cipherName), "RAND_bytes", XMLSEC_ERRORS_R_CRYPTO_FAILED, - "size=%d", padLen - 1); + "size=%d", (int)(padLen - 1)); return(-1); } } - ctx->pad[padLen - 1] = padLen; - /* write padding */ - ret = EVP_CipherUpdate(&(ctx->cipherCtx), outBuf, &outLen, ctx->pad, padLen); - if(ret != 1) { + /* set the last byte to the pad length */ + ctx->pad[inSize + padLen - 1] = padLen; + + /* update the last 1 or 2 blocks with padding */ + ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, ctx->pad, inSize + padLen, out, cipherName, 1); /* final */ + if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(cipherName), - "EVP_CipherUpdate", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); + "xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + NULL); return(-1); } - outBuf += outLen; - } -#endif /* XMLSEC_OPENSSL_096 */ + } else { + xmlSecSize padLen; - /* finalize transform */ - ret = EVP_CipherFinal(&(ctx->cipherCtx), outBuf, &outLen2); - if(ret != 1) { - xmlSecError(XMLSEC_ERRORS_HERE, + /* update the last one block with padding */ + ret = xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock(ctx, inBuf, inSize, out, cipherName, 1); /* final */ + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(cipherName), + "xmlSecOpenSSLEvpBlockCipherCtxUpdateBlock", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + NULL); + return(-1); + } + + /* we expect at least one block in the output -- the one we just decrypted */ + outBuf = xmlSecBufferGetData(out); + outSize = xmlSecBufferGetSize(out); + if(outSize < blockLen) { + xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(cipherName), - "EVP_CipherFinal", - XMLSEC_ERRORS_R_CRYPTO_FAILED, - XMLSEC_ERRORS_NO_MESSAGE); - return(-1); - } + NULL, + XMLSEC_ERRORS_R_INVALID_DATA, + "outSize=%d;blockLen=%d", + (int)outSize, (int)blockLen); + return(-1); + } - /* - * The padding used in XML Enc does not follow RFC 1423 - * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7 - * it is possible to disable padding and do it by yourself - * For OpenSSL 0.9.6 you have interop problems. - * - * The logic below is copied from EVP_DecryptFinal() function. - * This is a hack but it's the only way I can provide binary - * compatibility with previous versions of xmlsec. - * This needs to be fixed in the next XMLSEC API refresh. - */ -#ifndef XMLSEC_OPENSSL_096 - if(!ctx->cipherCtx.encrypt) { - /* we instructed openssl to do not use padding so there - * should be no final block - */ - xmlSecAssert2(outLen2 == 0, -1); - xmlSecAssert2(ctx->cipherCtx.buf_len == 0, -1); - xmlSecAssert2(ctx->cipherCtx.final_used, -1); - - if(blockLen > 1) { - outLen2 = blockLen - ctx->cipherCtx.final[blockLen - 1]; - if(outLen2 > 0) { - memcpy(outBuf, ctx->cipherCtx.final, outLen2); - } else if(outLen2 < 0) { - xmlSecError(XMLSEC_ERRORS_HERE, - xmlSecErrorsSafeString(cipherName), - NULL, - XMLSEC_ERRORS_R_INVALID_DATA, - "padding=%d;buffer=%d", - ctx->cipherCtx.final[blockLen - 1], blockLen); - return(-1); - } + /* get the pad length from the last byte */ + padLen = (xmlSecSize)(outBuf[outSize - 1]); + if(padLen > blockLen) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(cipherName), + NULL, + XMLSEC_ERRORS_R_INVALID_DATA, + "padLen=%d;blockLen=%d", + (int)padLen, (int)blockLen); + return(-1); + } + xmlSecAssert2(padLen <= outSize, -1); + + /* remove the padding */ + ret = xmlSecBufferRemoveTail(out, padLen); + if(ret < 0) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(cipherName), + "xmlSecBufferRemoveTail", + XMLSEC_ERRORS_R_XMLSEC_FAILED, + "size=%d", (int)padLen); + return(-1); } } -#endif /* XMLSEC_OPENSSL_096 */ - /* set correct output buffer size */ - ret = xmlSecBufferSetSize(out, outSize + outLen + outLen2); + /* remove the processed block from input */ + ret = xmlSecBufferRemoveHead(in, inSize); if(ret < 0) { xmlSecError(XMLSEC_ERRORS_HERE, xmlSecErrorsSafeString(cipherName), - "xmlSecBufferSetSize", + "xmlSecBufferRemoveHead", XMLSEC_ERRORS_R_XMLSEC_FAILED, - "size=%d", outSize + outLen + outLen2); + "size=%d", (int)inSize); return(-1); } + /* done */ return(0); } @@ -505,7 +547,18 @@ xmlSecOpenSSLEvpBlockCipherInitialize(xmlSecTransformPtr transform) { return(-1); } - EVP_CIPHER_CTX_init(&(ctx->cipherCtx)); + /* create cipher ctx */ + ctx->cipherCtx = EVP_CIPHER_CTX_new(); + if(ctx->cipherCtx == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), + "EVP_CIPHER_CTX_new", + XMLSEC_ERRORS_R_CRYPTO_FAILED, + XMLSEC_ERRORS_NO_MESSAGE); + return(-1); + } + + /* done */ return(0); } @@ -519,7 +572,10 @@ xmlSecOpenSSLEvpBlockCipherFinalize(xmlSecTransformPtr transform) { ctx = xmlSecOpenSSLEvpBlockCipherGetCtx(transform); xmlSecAssert(ctx != NULL); - EVP_CIPHER_CTX_cleanup(&(ctx->cipherCtx)); + if(ctx->cipherCtx != NULL) { + EVP_CIPHER_CTX_free(ctx->cipherCtx); + } + memset(ctx, 0, sizeof(xmlSecOpenSSLEvpBlockCipherCtx)); } @@ -584,7 +640,7 @@ xmlSecOpenSSLEvpBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key NULL, XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, "keySize=%d;expected=%d", - xmlSecBufferGetSize(buffer), cipherKeyLen); + (int)xmlSecBufferGetSize(buffer), (int)cipherKeyLen); return(-1); } @@ -654,9 +710,7 @@ xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSe } if(last != 0) { - /* by now there should be no input */ - xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1); - ret = xmlSecOpenSSLEvpBlockCipherCtxFinal(ctx, out, + ret = xmlSecOpenSSLEvpBlockCipherCtxFinal(ctx, in, out, xmlSecTransformGetName(transform), transformCtx); if(ret < 0) { @@ -668,6 +722,9 @@ xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSe return(-1); } transform->status = xmlSecTransformStatusFinished; + + /* by now there should be no input */ + xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1); } } else if(transform->status == xmlSecTransformStatusFinished) { /* the only way we can get here is if there is no input */ @@ -680,7 +737,7 @@ xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSe xmlSecErrorsSafeString(xmlSecTransformGetName(transform)), NULL, XMLSEC_ERRORS_R_INVALID_STATUS, - "status=%d", transform->status); + "status=%d", (int)(transform->status)); return(-1); } |