artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 644baa5)
Use LONG_MAX as the limit for ciphers with long based APIs.
authorjsing <jsing@openbsd.org>
Thu, 15 Sep 2022 07:04:19 +0000 (07:04 +0000)
committerjsing <jsing@openbsd.org>
Thu, 15 Sep 2022 07:04:19 +0000 (07:04 +0000)
These ciphers have long based APIs, while EVP has a size_t based API. The
intent of these loops is to handle sizes that are bigger than LONG_MAX.
Rather than using the rather crazy EVP_MAXCHUNK construct, use LONG_MAX
rounded down to a large block size, ensuring that it is a block size
multiple. Revert the recently added overflow checks now that this is
handled more appropriately.

ok tb@

lib/libcrypto/evp/e_bf.c patch | blob | history
lib/libcrypto/evp/e_cast.c patch | blob | history
lib/libcrypto/evp/e_des.c patch | blob | history
lib/libcrypto/evp/e_des3.c patch | blob | history
lib/libcrypto/evp/e_idea.c patch | blob | history
lib/libcrypto/evp/e_rc2.c patch | blob | history

diff --git a/lib/libcrypto/evp/e_bf.c b/lib/libcrypto/evp/e_bf.c
index f97f9ed..4632b52 100644 (file)
--- a/lib/libcrypto/evp/e_bf.c
+++ b/lib/libcrypto/evp/e_bf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_bf.c,v 1.13 2022/09/10 17:39:47 jsing Exp $ */
+/* $OpenBSD: e_bf.c,v 1.14 2022/09/15 07:04:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -86,14 +86,13 @@ bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 static int
 bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
-
-       while (inl >= EVP_MAXCHUNK) {
-               BF_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+       size_t chunk = LONG_MAX & ~0xff;
+
+       while (inl >= chunk) {
+               BF_cbc_encrypt(in, out, (long)chunk, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
 
        if (inl)
@@ -105,10 +104,7 @@ bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
 static int
 bf_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       size_t chunk = EVP_MAXCHUNK;
-
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
        if (inl < chunk)
                chunk = inl;
@@ -130,9 +126,6 @@ bf_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
 {
        size_t i, bl;
 
-       if (inl > LONG_MAX)
-               return 0;
-
        bl = ctx->cipher->block_size;
 
        if (inl < bl)
@@ -149,14 +142,13 @@ bf_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
 static int
 bf_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
-
-       while (inl >= EVP_MAXCHUNK) {
-               BF_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+       size_t chunk = LONG_MAX & ~0xff;
+
+       while (inl >= chunk) {
+               BF_ofb64_encrypt(in, out, (long)chunk, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
 
        if (inl)
diff --git a/lib/libcrypto/evp/e_cast.c b/lib/libcrypto/evp/e_cast.c
index f5654d9..702c26e 100644 (file)
--- a/lib/libcrypto/evp/e_cast.c
+++ b/lib/libcrypto/evp/e_cast.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_cast.c,v 1.12 2022/09/10 17:39:47 jsing Exp $ */
+/* $OpenBSD: e_cast.c,v 1.13 2022/09/15 07:04:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -86,14 +86,13 @@ cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 static int
 cast5_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
-
-       while (inl >= EVP_MAXCHUNK) {
-               CAST_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+       size_t chunk = LONG_MAX & ~0xff;
+
+       while (inl >= chunk) {
+               CAST_cbc_encrypt(in, out, (long)chunk, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
 
        if (inl)
@@ -105,10 +104,7 @@ cast5_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *i
 static int
 cast5_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       size_t chunk = EVP_MAXCHUNK;
-
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
        if (inl < chunk)
                chunk = inl;
@@ -130,9 +126,6 @@ cast5_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *i
 {
        size_t i, bl;
 
-       if (inl > LONG_MAX)
-               return 0;
-
        bl = ctx->cipher->block_size;
 
        if (inl < bl)
@@ -149,14 +142,13 @@ cast5_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *i
 static int
 cast5_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
-
-       while (inl >= EVP_MAXCHUNK) {
-               CAST_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+       size_t chunk = LONG_MAX & ~0xff;
+
+       while (inl >= chunk) {
+               CAST_ofb64_encrypt(in, out, (long)chunk, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
 
        if (inl)
diff --git a/lib/libcrypto/evp/e_des.c b/lib/libcrypto/evp/e_des.c
index 9205128..8fcab72 100644 (file)
--- a/lib/libcrypto/evp/e_des.c
+++ b/lib/libcrypto/evp/e_des.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_des.c,v 1.18 2022/09/04 15:45:25 jsing Exp $ */
+/* $OpenBSD: e_des.c,v 1.19 2022/09/15 07:04:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -99,9 +99,6 @@ des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 {
        size_t i, bl;
 
-       if (inl > LONG_MAX)
-               return 0;
-
        bl = ctx->cipher->block_size;
 
        if (inl < bl)
@@ -120,15 +117,14 @@ static int
 des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+       while (inl >= chunk) {
+               DES_ofb64_encrypt(in, out, (long)chunk, ctx->cipher_data,
                    (DES_cblock *)ctx->iv, &ctx->num);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
        if (inl)
                DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
@@ -140,15 +136,14 @@ static int
 des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+       while (inl >= chunk) {
+               DES_ncbc_encrypt(in, out, (long)chunk, ctx->cipher_data,
                    (DES_cblock *)ctx->iv, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
        if (inl)
                DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
@@ -160,15 +155,14 @@ static int
 des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+       while (inl >= chunk) {
+               DES_cfb64_encrypt(in, out, (long)chunk, ctx->cipher_data,
                    (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
        if (inl)
                DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
@@ -182,11 +176,9 @@ static int
 des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       size_t n, chunk = EVP_MAXCHUNK/8;
        unsigned char c[1], d[1];
-
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX / 8;
+       size_t n;
 
        if (inl < chunk)
                chunk = inl;
@@ -214,15 +206,14 @@ static int
 des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
+       while (inl >= chunk) {
+               DES_cfb_encrypt(in, out, 8, (long)chunk,
                    ctx->cipher_data, (DES_cblock *)ctx->iv, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
        if (inl)
                DES_cfb_encrypt(in, out, 8, (long)inl, ctx->cipher_data,
diff --git a/lib/libcrypto/evp/e_des3.c b/lib/libcrypto/evp/e_des3.c
index 1171a53..6a5d03f 100644 (file)
--- a/lib/libcrypto/evp/e_des3.c
+++ b/lib/libcrypto/evp/e_des3.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_des3.c,v 1.24 2022/09/04 15:45:25 jsing Exp $ */
+/* $OpenBSD: e_des3.c,v 1.25 2022/09/15 07:04:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -130,9 +130,6 @@ des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 {
        size_t i, bl;
 
-       if (inl > LONG_MAX)
-               return 0;
-
        bl = ctx->cipher->block_size;
 
        if (inl < bl)
@@ -141,8 +138,9 @@ des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
        inl -= bl;
 
        for (i = 0; i <= inl; i += bl)
-       DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i),
-           &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, ctx->encrypt);
+               DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i),
+                   &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, ctx->encrypt);
+
        return 1;
 }
 
@@ -150,16 +148,15 @@ static int
 des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
+       while (inl >= chunk) {
+               DES_ede3_ofb64_encrypt(in, out, (long)chunk,
                    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
                    (DES_cblock *)ctx->iv, &ctx->num);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
        if (inl)
                DES_ede3_ofb64_encrypt(in, out, (long)inl,
@@ -173,16 +170,15 @@ static int
 des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
+       while (inl >= chunk) {
+               DES_ede3_cbc_encrypt(in, out, (long)chunk,
                    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
                    (DES_cblock *)ctx->iv, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
        if (inl)
                DES_ede3_cbc_encrypt(in, out, (long)inl,
@@ -195,16 +191,15 @@ static int
 des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
+       while (inl >= chunk) {
+               DES_ede3_cfb64_encrypt(in, out, (long)chunk,
                    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
                    (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
        if (inl)
                DES_ede3_cfb64_encrypt(in, out, (long)inl,
@@ -219,11 +214,8 @@ static int
 des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       size_t n;
        unsigned char c[1], d[1];
-
-       if (inl > LONG_MAX)
-               return 0;
+       size_t n;
 
        if (!(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS))
                inl *= 8;
@@ -244,16 +236,15 @@ static int
 des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
+       while (inl >= chunk) {
+               DES_ede3_cfb_encrypt(in, out, 8, (long)chunk,
                    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
                    (DES_cblock *)ctx->iv, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
        if (inl)
                DES_ede3_cfb_encrypt(in, out, 8, (long)inl,
diff --git a/lib/libcrypto/evp/e_idea.c b/lib/libcrypto/evp/e_idea.c
index 8696fb2..b45ffd5 100644 (file)
--- a/lib/libcrypto/evp/e_idea.c
+++ b/lib/libcrypto/evp/e_idea.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_idea.c,v 1.16 2022/09/10 17:39:47 jsing Exp $ */
+/* $OpenBSD: e_idea.c,v 1.17 2022/09/15 07:04:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -103,9 +103,6 @@ idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 {
        size_t i, bl;
 
-       if (inl > LONG_MAX)
-               return 0;
-
        bl = ctx->cipher->block_size;
 
        if (inl < bl)
@@ -114,7 +111,8 @@ idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
        inl -= bl;
 
        for (i = 0; i <= inl; i += bl)
-       idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
+               idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
+
        return 1;
 }
 
@@ -125,14 +123,13 @@ typedef struct {
 static int
 idea_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
-
-       while (inl >= EVP_MAXCHUNK) {
-               idea_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+       size_t chunk = LONG_MAX & ~0xff;
+
+       while (inl >= chunk) {
+               idea_cbc_encrypt(in, out, (long)chunk, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
 
        if (inl)
@@ -144,14 +141,13 @@ idea_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in
 static int
 idea_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
-
-       while (inl >= EVP_MAXCHUNK) {
-               idea_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+       size_t chunk = LONG_MAX & ~0xff;
+
+       while (inl >= chunk) {
+               idea_ofb64_encrypt(in, out, (long)chunk, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
 
        if (inl)
@@ -163,10 +159,7 @@ idea_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in
 static int
 idea_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       size_t chunk = EVP_MAXCHUNK;
-
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
        if (inl < chunk)
                chunk = inl;
diff --git a/lib/libcrypto/evp/e_rc2.c b/lib/libcrypto/evp/e_rc2.c
index 4f92365..1af17a7 100644 (file)
--- a/lib/libcrypto/evp/e_rc2.c
+++ b/lib/libcrypto/evp/e_rc2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_rc2.c,v 1.18 2022/09/10 17:39:47 jsing Exp $ */
+/* $OpenBSD: e_rc2.c,v 1.19 2022/09/15 07:04:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -88,14 +88,13 @@ typedef struct {
 static int
 rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               RC2_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+       while (inl >= chunk) {
+               RC2_cbc_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
 
        if (inl)
@@ -107,10 +106,7 @@ rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
 static int
 rc2_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       size_t chunk = EVP_MAXCHUNK;
-
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
        if (inl < chunk)
                chunk = inl;
@@ -132,9 +128,6 @@ rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
 {
        size_t i, bl;
 
-       if (inl > LONG_MAX)
-               return 0;
-
        bl = ctx->cipher->block_size;
 
        if (inl < bl)
@@ -151,14 +144,13 @@ rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
 static int
 rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
 {
-       if (inl > LONG_MAX)
-               return 0;
+       size_t chunk = LONG_MAX & ~0xff;
 
-       while (inl >= EVP_MAXCHUNK) {
-               RC2_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
-               inl -= EVP_MAXCHUNK;
-               in += EVP_MAXCHUNK;
-               out += EVP_MAXCHUNK;
+       while (inl >= chunk) {
+               RC2_ofb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
+               inl -= chunk;
+               in += chunk;
+               out += chunk;
        }
 
        if (inl)
OpenBSD src
by Ahmet Artu Yildirim