Question

[seschu]

What is the purpose of ctx->ongoing ? It is used here

if (ctx->ongoing) {
    ERR_raise(ERR_HANDLE(ctx), VIGENERE_ONGOING_OPERATION);
    return 0;
}

Why would some one call set_ctx_params while using the algorithm? Is this to make it thread safe?

[levitte]

set_ctx_params is accessible to anyone through EVP_CIPHER_CTX_set_params(), so an application might very well call that at the wrong moment. So this is to prevent screwing up the encryption because some application author made a silly mistake.