--- a/libidav/crypto.c Tue Mar 18 13:59:02 2014 +0100 +++ b/libidav/crypto.c Thu Jun 05 15:11:29 2014 +0200 @@ -196,40 +196,49 @@ char* aes_encrypt(char *in, DavKey *key) { - char *iv = malloc(16); + unsigned char iv[16]; if(!RAND_bytes(iv, 16)) { - free(iv); return NULL; } EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); if(key->type == DAV_KEY_AES128) { - EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->data, iv); + EVP_EncryptInit_ex( + &ctx, + EVP_aes_128_cbc(), + NULL, + (unsigned char*)key->data, + iv); } else if(key->type == DAV_KEY_AES256) { - EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key->data, iv); + EVP_EncryptInit_ex( + &ctx, + EVP_aes_256_cbc(), + NULL, + (unsigned char*)key->data, + iv); } else { return NULL; } int len = strlen(in); int buflen = len + 64; - char *buf = calloc(1, buflen); + unsigned char *buf = calloc(1, buflen); memcpy(buf, iv, 16); int l = buflen - 16; - EVP_EncryptUpdate(&ctx, buf + 16, &l, in, len); + EVP_EncryptUpdate(&ctx, buf + 16, &l, (unsigned char*)in, len); int f = 0; EVP_EncryptFinal_ex(&ctx, buf + 16 + l, &f); - char *out = util_base64encode(buf, 16 + l + f); + char *out = util_base64encode((char*)buf, 16 + l + f); free(buf); return out; } char* aes_decrypt(char *in, DavKey *key) { int len; - char *buf = util_base64decode_len(in, &len); + unsigned char *buf = (unsigned char*)util_base64decode_len(in, &len); EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); @@ -251,17 +260,15 @@ return NULL; } - char *out = malloc(len + 1); + unsigned char *out = malloc(len + 1); int outlen = len; - char *in_buf = buf + 16; + unsigned char *in_buf = buf + 16; int inlen = len - 16; - int f = 0; - - + int f = 0; EVP_DecryptUpdate(&ctx, out, &outlen, in_buf, inlen); EVP_DecryptFinal_ex(&ctx, out + outlen, &f); out[outlen + f] = '\0'; free(buf); - return out; + return (char*)out; }