Stop assuming the IV is 8 bytes long, use the real size instead.
authorRichard Levitte <levitte@openssl.org>
Wed, 20 Feb 2002 17:56:01 +0000 (17:56 +0000)
committerRichard Levitte <levitte@openssl.org>
Wed, 20 Feb 2002 17:56:01 +0000 (17:56 +0000)
This is especially important for AES that has a 16 bytes IV.

crypto/pem/pem_info.c
crypto/pem/pem_lib.c

index b6ca51a1869ad603c8936f284eaf4fc486d3cea3..4a1b93f808a0c568ab379e03ac139e13255b8314 100644 (file)
@@ -326,7 +326,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
                        /* create the right magic header stuff */
                        buf[0]='\0';
                        PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-                       PEM_dek_info(buf,objstr,8,(char *)iv);
+                       PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
 
                        /* use the normal code to write things out */
                        i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
index 94373e1d23f7f3ad3d54f25dfaf2567c2aabbd21..18b751a91a884a12a89894b01ab8d372c506c238 100644 (file)
@@ -333,7 +333,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
                        kstr=(unsigned char *)buf;
                        }
                RAND_add(data,i,0);/* put in the RSA key. */
-               if (RAND_pseudo_bytes(iv,8) < 0)        /* Generate a salt */
+               if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
                        goto err;
                /* The 'iv' is used as the iv and as a salt.  It is
                 * NOT taken from the BytesToKey function */
@@ -343,7 +343,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 
                buf[0]='\0';
                PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-               PEM_dek_info(buf,objstr,8,(char *)iv);
+               PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
                /* k=strlen(buf); */
 
                EVP_CIPHER_CTX_init(&ctx);
@@ -469,7 +469,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
                PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
                return(0);
                }
-       if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
+       if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
 
        return(1);
        }