BIO_pending/BIO_eof not reliable for cipher BIO?
I'm traced a problem in an application to what seems to be a bug in the
implementation of BIO_pending and/or BIO_eof for the cipher BIO
(bio_enc.c) in decryption mode.
If I understand this code correctly (and I'm not absolutely certain that
I do), the cipher BIO can reach a state where it has exhausted the "next
BIO" from which it is reading and produced the final full decrypted
block from its internal buffer (leaving it empty), but a partial block
remains to be decrypted in the cipher context. This is the state where
the next call to BIO_read will result in EVP_CipherFinal_ex being
In this state BIO_pending returns 0 and BIO_eof returns 1. It seems to
me that at least one of these results, if not both, are incorrect,
because at this point a call to BIO_read will in fact succeed and
produce the last decrypted bytes.
I guess the traditional thing to do is ignore the eof and pending APIs
and just see if BIO_read can read anything. But my application relies on
being able to detect EOF without needing to attempt a read. Is there
OpenSSL Project [url]http://www.openssl.org[/url]
Development Mailing List [email]email@example.com[/email]
Automated List Manager [email]firstname.lastname@example.org[/email]