(found by Andy Brown <logic@warthog.com>).
*) applies to 0.9.6a (/0.9.6b) and 0.9.7
+) applies to 0.9.7 only
+ *) When only the key is given to "enc", the IV is undefined. Print out
+ an error message in this case.
+ [Lutz Jaenicke]
+
+) Added the OS2-EMX target.
["Brian Havard" <brianh@kheldar.apana.org.au> and Richard Levitte]
BIO_printf(bio_err,"invalid hex iv value\n");
goto end;
}
+ if ((hiv == NULL) && (str == NULL))
+ {
+ /* No IV was explicitly set and no IV was generated
+ * during EVP_BytesToKey. Hence the IV is undefined,
+ * making correct decryption impossible. */
+ BIO_printf(bio_err, "iv undefined\n");
+ goto end;
+ }
if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
{
BIO_printf(bio_err,"invalid hex key value\n");
=item B<-K key>
the actual key to use: this must be represented as a string comprised only
-of hex digits.
+of hex digits. If only the key is specified, the IV must additionally specified
+using the B<-iv> option. When both a key and a password are specified, the
+key given with the B<-K> option will be used and the IV generated from the
+password will be taken. It probably does not make much sense to specify
+both key and password.
=item B<-iv IV>
the actual IV to use: this must be represented as a string comprised only
-of hex digits.
+of hex digits. When only the key is specified using the B<-K> option, the
+IV must explicitly be defined. When a password is being specified using
+one of the other options, the IV is generated from this password.
=item B<-p>
projects / oweals / openssl.git / commitdiff