sl@0: /* crypto/evp/bio_ok.c */ sl@0: /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) sl@0: * All rights reserved. sl@0: * sl@0: * This package is an SSL implementation written sl@0: * by Eric Young (eay@cryptsoft.com). sl@0: * The implementation was written so as to conform with Netscapes SSL. sl@0: * sl@0: * This library is free for commercial and non-commercial use as long as sl@0: * the following conditions are aheared to. The following conditions sl@0: * apply to all code found in this distribution, be it the RC4, RSA, sl@0: * lhash, DES, etc., code; not just the SSL code. The SSL documentation sl@0: * included with this distribution is covered by the same copyright terms sl@0: * except that the holder is Tim Hudson (tjh@cryptsoft.com). sl@0: * sl@0: * Copyright remains Eric Young's, and as such any Copyright notices in sl@0: * the code are not to be removed. sl@0: * If this package is used in a product, Eric Young should be given attribution sl@0: * as the author of the parts of the library used. sl@0: * This can be in the form of a textual message at program startup or sl@0: * in documentation (online or textual) provided with the package. sl@0: * sl@0: * Redistribution and use in source and binary forms, with or without sl@0: * modification, are permitted provided that the following conditions sl@0: * are met: sl@0: * 1. Redistributions of source code must retain the copyright sl@0: * notice, this list of conditions and the following disclaimer. sl@0: * 2. Redistributions in binary form must reproduce the above copyright sl@0: * notice, this list of conditions and the following disclaimer in the sl@0: * documentation and/or other materials provided with the distribution. sl@0: * 3. All advertising materials mentioning features or use of this software sl@0: * must display the following acknowledgement: sl@0: * "This product includes cryptographic software written by sl@0: * Eric Young (eay@cryptsoft.com)" sl@0: * The word 'cryptographic' can be left out if the rouines from the library sl@0: * being used are not cryptographic related :-). sl@0: * 4. If you include any Windows specific code (or a derivative thereof) from sl@0: * the apps directory (application code) you must include an acknowledgement: sl@0: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" sl@0: * sl@0: * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND sl@0: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE sl@0: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE sl@0: * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE sl@0: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL sl@0: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS sl@0: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) sl@0: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT sl@0: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY sl@0: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF sl@0: * SUCH DAMAGE. sl@0: * sl@0: * The licence and distribution terms for any publically available version or sl@0: * derivative of this code cannot be changed. i.e. this code cannot simply be sl@0: * copied and put under another distribution licence sl@0: * [including the GNU Public Licence.] sl@0: */ sl@0: sl@0: /* sl@0: © Portions copyright (c) 2006 Nokia Corporation. All rights reserved. sl@0: */ sl@0: /* sl@0: From: Arne Ansper sl@0: sl@0: Why BIO_f_reliable? sl@0: sl@0: I wrote function which took BIO* as argument, read data from it sl@0: and processed it. Then I wanted to store the input file in sl@0: encrypted form. OK I pushed BIO_f_cipher to the BIO stack sl@0: and everything was OK. BUT if user types wrong password sl@0: BIO_f_cipher outputs only garbage and my function crashes. Yes sl@0: I can and I should fix my function, but BIO_f_cipher is sl@0: easy way to add encryption support to many existing applications sl@0: and it's hard to debug and fix them all. sl@0: sl@0: So I wanted another BIO which would catch the incorrect passwords and sl@0: file damages which cause garbage on BIO_f_cipher's output. sl@0: sl@0: The easy way is to push the BIO_f_md and save the checksum at sl@0: the end of the file. However there are several problems with this sl@0: approach: sl@0: sl@0: 1) you must somehow separate checksum from actual data. sl@0: 2) you need lot's of memory when reading the file, because you sl@0: must read to the end of the file and verify the checksum before sl@0: letting the application to read the data. sl@0: sl@0: BIO_f_reliable tries to solve both problems, so that you can sl@0: read and write arbitrary long streams using only fixed amount sl@0: of memory. sl@0: sl@0: BIO_f_reliable splits data stream into blocks. Each block is prefixed sl@0: with it's length and suffixed with it's digest. So you need only sl@0: several Kbytes of memory to buffer single block before verifying sl@0: it's digest. sl@0: sl@0: BIO_f_reliable goes further and adds several important capabilities: sl@0: sl@0: 1) the digest of the block is computed over the whole stream sl@0: -- so nobody can rearrange the blocks or remove or replace them. sl@0: sl@0: 2) to detect invalid passwords right at the start BIO_f_reliable sl@0: adds special prefix to the stream. In order to avoid known plain-text sl@0: attacks this prefix is generated as follows: sl@0: sl@0: *) digest is initialized with random seed instead of sl@0: standardized one. sl@0: *) same seed is written to output sl@0: *) well-known text is then hashed and the output sl@0: of the digest is also written to output. sl@0: sl@0: reader can now read the seed from stream, hash the same string sl@0: and then compare the digest output. sl@0: sl@0: Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I sl@0: initially wrote and tested this code on x86 machine and wrote the sl@0: digests out in machine-dependent order :( There are people using sl@0: this code and I cannot change this easily without making existing sl@0: data files unreadable. sl@0: sl@0: */ sl@0: sl@0: #include sl@0: #include sl@0: #include sl@0: #include "cryptlib.h" sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #if (defined(SYMBIAN) && (defined(__WINSCW__) || defined(__WINS__))) sl@0: #include "libcrypto_wsd_macros.h" sl@0: #include "libcrypto_wsd.h" sl@0: #endif sl@0: sl@0: sl@0: static int ok_write(BIO *h, const char *buf, int num); sl@0: static int ok_read(BIO *h, char *buf, int size); sl@0: static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2); sl@0: static int ok_new(BIO *h); sl@0: static int ok_free(BIO *data); sl@0: static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); sl@0: sl@0: static void sig_out(BIO* b); sl@0: static void sig_in(BIO* b); sl@0: static void block_out(BIO* b); sl@0: static void block_in(BIO* b); sl@0: #define OK_BLOCK_SIZE (1024*4) sl@0: #define OK_BLOCK_BLOCK 4 sl@0: #define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE) sl@0: #define WELLKNOWN "The quick brown fox jumped over the lazy dog's back." sl@0: sl@0: typedef struct ok_struct sl@0: { sl@0: size_t buf_len; sl@0: size_t buf_off; sl@0: size_t buf_len_save; sl@0: size_t buf_off_save; sl@0: int cont; /* <= 0 when finished */ sl@0: int finished; sl@0: EVP_MD_CTX md; sl@0: int blockout; /* output block is ready */ sl@0: int sigio; /* must process signature */ sl@0: unsigned char buf[IOBS]; sl@0: } BIO_OK_CTX; sl@0: sl@0: #ifndef EMULATOR sl@0: static BIO_METHOD methods_ok= sl@0: { sl@0: BIO_TYPE_CIPHER,"reliable", sl@0: ok_write, sl@0: ok_read, sl@0: NULL, /* ok_puts, */ sl@0: NULL, /* ok_gets, */ sl@0: ok_ctrl, sl@0: ok_new, sl@0: ok_free, sl@0: ok_callback_ctrl, sl@0: }; sl@0: #else sl@0: GET_STATIC_VAR_FROM_TLS(methods_ok,bio_ok,BIO_METHOD) sl@0: #define methods_ok (*GET_WSD_VAR_NAME(methods_ok,bio_ok, s)()) sl@0: const BIO_METHOD temp_s_methods_ok= sl@0: { sl@0: BIO_TYPE_CIPHER,"reliable", sl@0: ok_write, sl@0: ok_read, sl@0: NULL, /* ok_puts, */ sl@0: NULL, /* ok_gets, */ sl@0: ok_ctrl, sl@0: ok_new, sl@0: ok_free, sl@0: ok_callback_ctrl, sl@0: }; sl@0: sl@0: #endif sl@0: sl@0: EXPORT_C BIO_METHOD *BIO_f_reliable(void) sl@0: { sl@0: return(&methods_ok); sl@0: } sl@0: sl@0: static int ok_new(BIO *bi) sl@0: { sl@0: BIO_OK_CTX *ctx; sl@0: sl@0: ctx=(BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX)); sl@0: if (ctx == NULL) return(0); sl@0: sl@0: ctx->buf_len=0; sl@0: ctx->buf_off=0; sl@0: ctx->buf_len_save=0; sl@0: ctx->buf_off_save=0; sl@0: ctx->cont=1; sl@0: ctx->finished=0; sl@0: ctx->blockout= 0; sl@0: ctx->sigio=1; sl@0: sl@0: EVP_MD_CTX_init(&ctx->md); sl@0: sl@0: bi->init=0; sl@0: bi->ptr=(char *)ctx; sl@0: bi->flags=0; sl@0: return(1); sl@0: } sl@0: sl@0: static int ok_free(BIO *a) sl@0: { sl@0: if (a == NULL) return(0); sl@0: EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); sl@0: OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX)); sl@0: OPENSSL_free(a->ptr); sl@0: a->ptr=NULL; sl@0: a->init=0; sl@0: a->flags=0; sl@0: return(1); sl@0: } sl@0: sl@0: static int ok_read(BIO *b, char *out, int outl) sl@0: { sl@0: int ret=0,i,n; sl@0: BIO_OK_CTX *ctx; sl@0: sl@0: if (out == NULL) return(0); sl@0: ctx=(BIO_OK_CTX *)b->ptr; sl@0: sl@0: if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0); sl@0: sl@0: while(outl > 0) sl@0: { sl@0: sl@0: /* copy clean bytes to output buffer */ sl@0: if (ctx->blockout) sl@0: { sl@0: i=ctx->buf_len-ctx->buf_off; sl@0: if (i > outl) i=outl; sl@0: memcpy(out,&(ctx->buf[ctx->buf_off]),i); sl@0: ret+=i; sl@0: out+=i; sl@0: outl-=i; sl@0: ctx->buf_off+=i; sl@0: sl@0: /* all clean bytes are out */ sl@0: if (ctx->buf_len == ctx->buf_off) sl@0: { sl@0: ctx->buf_off=0; sl@0: sl@0: /* copy start of the next block into proper place */ sl@0: if(ctx->buf_len_save- ctx->buf_off_save > 0) sl@0: { sl@0: ctx->buf_len= ctx->buf_len_save- ctx->buf_off_save; sl@0: memmove(ctx->buf, &(ctx->buf[ctx->buf_off_save]), sl@0: ctx->buf_len); sl@0: } sl@0: else sl@0: { sl@0: ctx->buf_len=0; sl@0: } sl@0: ctx->blockout= 0; sl@0: } sl@0: } sl@0: sl@0: /* output buffer full -- cancel */ sl@0: if (outl == 0) break; sl@0: sl@0: /* no clean bytes in buffer -- fill it */ sl@0: n=IOBS- ctx->buf_len; sl@0: i=BIO_read(b->next_bio,&(ctx->buf[ctx->buf_len]),n); sl@0: sl@0: if (i <= 0) break; /* nothing new */ sl@0: sl@0: ctx->buf_len+= i; sl@0: sl@0: /* no signature yet -- check if we got one */ sl@0: if (ctx->sigio == 1) sig_in(b); sl@0: sl@0: /* signature ok -- check if we got block */ sl@0: if (ctx->sigio == 0) block_in(b); sl@0: sl@0: /* invalid block -- cancel */ sl@0: if (ctx->cont <= 0) break; sl@0: sl@0: } sl@0: sl@0: BIO_clear_retry_flags(b); sl@0: BIO_copy_next_retry(b); sl@0: return(ret); sl@0: } sl@0: sl@0: static int ok_write(BIO *b, const char *in, int inl) sl@0: { sl@0: int ret=0,n,i; sl@0: BIO_OK_CTX *ctx; sl@0: sl@0: if (inl <= 0) return inl; sl@0: sl@0: ctx=(BIO_OK_CTX *)b->ptr; sl@0: ret=inl; sl@0: sl@0: if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0); sl@0: sl@0: if(ctx->sigio) sig_out(b); sl@0: sl@0: do{ sl@0: BIO_clear_retry_flags(b); sl@0: n=ctx->buf_len-ctx->buf_off; sl@0: while (ctx->blockout && n > 0) sl@0: { sl@0: i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); sl@0: if (i <= 0) sl@0: { sl@0: BIO_copy_next_retry(b); sl@0: if(!BIO_should_retry(b)) sl@0: ctx->cont= 0; sl@0: return(i); sl@0: } sl@0: ctx->buf_off+=i; sl@0: n-=i; sl@0: } sl@0: sl@0: /* at this point all pending data has been written */ sl@0: ctx->blockout= 0; sl@0: if (ctx->buf_len == ctx->buf_off) sl@0: { sl@0: ctx->buf_len=OK_BLOCK_BLOCK; sl@0: ctx->buf_off=0; sl@0: } sl@0: sl@0: if ((in == NULL) || (inl <= 0)) return(0); sl@0: sl@0: n= (inl+ ctx->buf_len > OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) ? sl@0: (int)(OK_BLOCK_SIZE+OK_BLOCK_BLOCK-ctx->buf_len) : inl; sl@0: sl@0: memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),(unsigned char *)in,n); sl@0: ctx->buf_len+= n; sl@0: inl-=n; sl@0: in+=n; sl@0: sl@0: if(ctx->buf_len >= OK_BLOCK_SIZE+ OK_BLOCK_BLOCK) sl@0: { sl@0: block_out(b); sl@0: } sl@0: }while(inl > 0); sl@0: sl@0: BIO_clear_retry_flags(b); sl@0: BIO_copy_next_retry(b); sl@0: return(ret); sl@0: } sl@0: sl@0: static long ok_ctrl(BIO *b, int cmd, long num, void *ptr) sl@0: { sl@0: BIO_OK_CTX *ctx; sl@0: EVP_MD *md; sl@0: const EVP_MD **ppmd; sl@0: long ret=1; sl@0: int i; sl@0: sl@0: ctx=b->ptr; sl@0: sl@0: switch (cmd) sl@0: { sl@0: case BIO_CTRL_RESET: sl@0: ctx->buf_len=0; sl@0: ctx->buf_off=0; sl@0: ctx->buf_len_save=0; sl@0: ctx->buf_off_save=0; sl@0: ctx->cont=1; sl@0: ctx->finished=0; sl@0: ctx->blockout= 0; sl@0: ctx->sigio=1; sl@0: ret=BIO_ctrl(b->next_bio,cmd,num,ptr); sl@0: break; sl@0: case BIO_CTRL_EOF: /* More to read */ sl@0: if (ctx->cont <= 0) sl@0: ret=1; sl@0: else sl@0: ret=BIO_ctrl(b->next_bio,cmd,num,ptr); sl@0: break; sl@0: case BIO_CTRL_PENDING: /* More to read in buffer */ sl@0: case BIO_CTRL_WPENDING: /* More to read in buffer */ sl@0: ret=ctx->blockout ? ctx->buf_len-ctx->buf_off : 0; sl@0: if (ret <= 0) sl@0: ret=BIO_ctrl(b->next_bio,cmd,num,ptr); sl@0: break; sl@0: case BIO_CTRL_FLUSH: sl@0: /* do a final write */ sl@0: if(ctx->blockout == 0) sl@0: block_out(b); sl@0: sl@0: while (ctx->blockout) sl@0: { sl@0: i=ok_write(b,NULL,0); sl@0: if (i < 0) sl@0: { sl@0: ret=i; sl@0: break; sl@0: } sl@0: } sl@0: sl@0: ctx->finished=1; sl@0: ctx->buf_off=ctx->buf_len=0; sl@0: ctx->cont=(int)ret; sl@0: sl@0: /* Finally flush the underlying BIO */ sl@0: ret=BIO_ctrl(b->next_bio,cmd,num,ptr); sl@0: break; sl@0: case BIO_C_DO_STATE_MACHINE: sl@0: BIO_clear_retry_flags(b); sl@0: ret=BIO_ctrl(b->next_bio,cmd,num,ptr); sl@0: BIO_copy_next_retry(b); sl@0: break; sl@0: case BIO_CTRL_INFO: sl@0: ret=(long)ctx->cont; sl@0: break; sl@0: case BIO_C_SET_MD: sl@0: md=ptr; sl@0: EVP_DigestInit_ex(&ctx->md, md, NULL); sl@0: b->init=1; sl@0: break; sl@0: case BIO_C_GET_MD: sl@0: if (b->init) sl@0: { sl@0: ppmd=ptr; sl@0: *ppmd=ctx->md.digest; sl@0: } sl@0: else sl@0: ret=0; sl@0: break; sl@0: default: sl@0: ret=BIO_ctrl(b->next_bio,cmd,num,ptr); sl@0: break; sl@0: } sl@0: return(ret); sl@0: } sl@0: sl@0: static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) sl@0: { sl@0: long ret=1; sl@0: sl@0: if (b->next_bio == NULL) return(0); sl@0: switch (cmd) sl@0: { sl@0: default: sl@0: ret=BIO_callback_ctrl(b->next_bio,cmd,fp); sl@0: break; sl@0: } sl@0: return(ret); sl@0: } sl@0: sl@0: static void longswap(void *_ptr, size_t len) sl@0: { const union { long one; char little; } is_endian = {1}; sl@0: sl@0: if (is_endian.little) { sl@0: size_t i; sl@0: unsigned char *p=_ptr,c; sl@0: sl@0: for(i= 0;i < len;i+= 4) { sl@0: c=p[0],p[0]=p[3],p[3]=c; sl@0: c=p[1],p[1]=p[2],p[2]=c; sl@0: } sl@0: } sl@0: } sl@0: sl@0: static void sig_out(BIO* b) sl@0: { sl@0: BIO_OK_CTX *ctx; sl@0: EVP_MD_CTX *md; sl@0: sl@0: ctx=b->ptr; sl@0: md=&ctx->md; sl@0: sl@0: if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return; sl@0: sl@0: EVP_DigestInit_ex(md, md->digest, NULL); sl@0: /* FIXME: there's absolutely no guarantee this makes any sense at all, sl@0: * particularly now EVP_MD_CTX has been restructured. sl@0: */ sl@0: RAND_pseudo_bytes(md->md_data, md->digest->md_size); sl@0: memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size); sl@0: longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size); sl@0: ctx->buf_len+= md->digest->md_size; sl@0: sl@0: EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); sl@0: EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); sl@0: ctx->buf_len+= md->digest->md_size; sl@0: ctx->blockout= 1; sl@0: ctx->sigio= 0; sl@0: } sl@0: sl@0: static void sig_in(BIO* b) sl@0: { sl@0: BIO_OK_CTX *ctx; sl@0: EVP_MD_CTX *md; sl@0: unsigned char tmp[EVP_MAX_MD_SIZE]; sl@0: int ret= 0; sl@0: sl@0: ctx=b->ptr; sl@0: md=&ctx->md; sl@0: sl@0: if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return; sl@0: sl@0: EVP_DigestInit_ex(md, md->digest, NULL); sl@0: memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size); sl@0: longswap(md->md_data, md->digest->md_size); sl@0: ctx->buf_off+= md->digest->md_size; sl@0: sl@0: EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)); sl@0: EVP_DigestFinal_ex(md, tmp, NULL); sl@0: ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0; sl@0: ctx->buf_off+= md->digest->md_size; sl@0: if(ret == 1) sl@0: { sl@0: ctx->sigio= 0; sl@0: if(ctx->buf_len != ctx->buf_off) sl@0: { sl@0: memmove(ctx->buf, &(ctx->buf[ctx->buf_off]), ctx->buf_len- ctx->buf_off); sl@0: } sl@0: ctx->buf_len-= ctx->buf_off; sl@0: ctx->buf_off= 0; sl@0: } sl@0: else sl@0: { sl@0: ctx->cont= 0; sl@0: } sl@0: } sl@0: sl@0: static void block_out(BIO* b) sl@0: { sl@0: BIO_OK_CTX *ctx; sl@0: EVP_MD_CTX *md; sl@0: unsigned long tl; sl@0: sl@0: ctx=b->ptr; sl@0: md=&ctx->md; sl@0: sl@0: tl= ctx->buf_len- OK_BLOCK_BLOCK; sl@0: ctx->buf[0]=(unsigned char)(tl>>24); sl@0: ctx->buf[1]=(unsigned char)(tl>>16); sl@0: ctx->buf[2]=(unsigned char)(tl>>8); sl@0: ctx->buf[3]=(unsigned char)(tl); sl@0: EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); sl@0: EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL); sl@0: ctx->buf_len+= md->digest->md_size; sl@0: ctx->blockout= 1; sl@0: } sl@0: sl@0: static void block_in(BIO* b) sl@0: { sl@0: BIO_OK_CTX *ctx; sl@0: EVP_MD_CTX *md; sl@0: unsigned long tl= 0; sl@0: unsigned char tmp[EVP_MAX_MD_SIZE]; sl@0: sl@0: ctx=b->ptr; sl@0: md=&ctx->md; sl@0: sl@0: assert(sizeof(tl)>=OK_BLOCK_BLOCK); /* always true */ sl@0: tl =ctx->buf[0]; tl<<=8; sl@0: tl|=ctx->buf[1]; tl<<=8; sl@0: tl|=ctx->buf[2]; tl<<=8; sl@0: tl|=ctx->buf[3]; sl@0: sl@0: if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return; sl@0: sl@0: EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl); sl@0: EVP_DigestFinal_ex(md, tmp, NULL); sl@0: if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0) sl@0: { sl@0: /* there might be parts from next block lurking around ! */ sl@0: ctx->buf_off_save= tl+ OK_BLOCK_BLOCK+ md->digest->md_size; sl@0: ctx->buf_len_save= ctx->buf_len; sl@0: ctx->buf_off= OK_BLOCK_BLOCK; sl@0: ctx->buf_len= tl+ OK_BLOCK_BLOCK; sl@0: ctx->blockout= 1; sl@0: } sl@0: else sl@0: { sl@0: ctx->cont= 0; sl@0: } sl@0: } sl@0: