Make Rijndael work! Those long flights have some good points.

apps/enc.c

@@ -92,7 +92,7 @@ int MAIN(int argc, char **argv)
 	unsigned char *buff=NULL,*bufsize=NULL;
 	int bsize=BSIZE,verbose=0;
 	int ret=1,inl;
-	unsigned char key[24],iv[MD5_DIGEST_LENGTH];
+	unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
 	unsigned char salt[PKCS5_SALT_LEN];
 	char *str=NULL, *passarg = NULL, *pass = NULL;
 	char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
@@ -542,12 +542,12 @@ bad:
 			else
 				memset(str,0,strlen(str));
 			}
-		if ((hiv != NULL) && !set_hex(hiv,iv,8))
+		if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
 			{
 			BIO_printf(bio_err,"invalid hex iv value\n");
 			goto end;
 			}
-		if ((hkey != NULL) && !set_hex(hkey,key,24))
+		if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
 			{
 			BIO_printf(bio_err,"invalid hex key value\n");
 			goto end;

crypto/bn/bn_mont.c

@@ -72,7 +72,7 @@
 int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
 			  BN_MONT_CTX *mont, BN_CTX *ctx)
 	{
-	BIGNUM *tmp,*tmp2;
+	BIGNUM *tmp;
 	int ret=0;
 
 	BN_CTX_start(ctx);

crypto/evp/bio_enc.c

@@ -71,6 +71,7 @@ static int enc_new(BIO *h);
 static int enc_free(BIO *data);
 static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
 #define ENC_BLOCK_SIZE	(1024*4)
+#define BUF_OFFSET	8 /* XXX: why? */
 
 typedef struct enc_struct
 	{
@@ -80,7 +81,7 @@ typedef struct enc_struct
 	int finished;
 	int ok;			/* bad decrypt */
 	EVP_CIPHER_CTX cipher;
-	char buf[ENC_BLOCK_SIZE+10];
+	char buf[ENC_BLOCK_SIZE+BUF_OFFSET+2/*why?*/];
 	} BIO_ENC_CTX;
 
 static BIO_METHOD methods_enc=
@@ -172,7 +173,7 @@ static int enc_read(BIO *b, char *out, int outl)
 
 		/* read in at offset 8, read the EVP_Cipher
 		 * documentation about why */
-		i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
+		i=BIO_read(b->next_bio,&(ctx->buf[BUF_OFFSET]),ENC_BLOCK_SIZE);
 
 		if (i <= 0)
 			{
@@ -196,7 +197,7 @@ static int enc_read(BIO *b, char *out, int outl)
 			{
 			EVP_CipherUpdate(&(ctx->cipher),
 				(unsigned char *)ctx->buf,&ctx->buf_len,
-				(unsigned char *)&(ctx->buf[8]),i);
+				(unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
 			ctx->cont=1;
 			/* Note: it is possible for EVP_CipherUpdate to
 			 * decrypt zero bytes because this is or looks like

crypto/evp/evp.h

@@ -121,6 +121,7 @@
 #define EVP_MAX_MD_SIZE			(16+20) /* The SSLv3 md5+sha1 type */
 #define EVP_MAX_KEY_LENGTH		32
 #define EVP_MAX_IV_LENGTH		16
+#define EVP_MAX_BLOCK_LENGTH		32
 
 #define PKCS5_SALT_LEN			8
 /* Default PKCS#5 iteration count */
@@ -396,7 +397,7 @@ struct evp_cipher_ctx_st
 
 	unsigned char  oiv[EVP_MAX_IV_LENGTH];	/* original iv */
 	unsigned char  iv[EVP_MAX_IV_LENGTH];	/* working iv */
-	unsigned char buf[EVP_MAX_IV_LENGTH];	/* saved partial block */
+	unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
 	int num;				/* used by cfb/ofb mode */
 
 	void *app_data;		/* application stuff */