[openssl-users] Problems with man page code example at EVP_EncryptInit

Wed Sep 5 14:04:32 UTC 2018

First time poster. I hope I am writing to the right place.

Example for "General encryption and decryption function example using
FILE I/O and AES128 with a 128-bit key" has two errors. I spent a lot
of time trying to figure out what I did wrong for a while...

1. ctx is already a pointer; it does not need to be indirected to get
the pointer.

        EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
do_encrypt);

should say:

        EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, NULL, NULL, do_encrypt);

2. ciphertext length is not used to update write position:

                if(!EVP_CipherUpdate(ctx, outbuf, &outlen, inbuf, inlen))
and

        if(!EVP_CipherFinal_ex(ctx, outbuf, &outlen))

should say (what worked for me):

                if(!EVP_CipherUpdate(ctx, outbuf + outlen, &outlen,
inbuf, inlen))

and
        if(!EVP_CipherFinal_ex(ctx, outbuf + outlen, &outlen))

It would be nice if there is a complete example that compiles and has
a main() to run it.

--Sam