Stop assuming the IV is 8 bytes long, use the real size instead.
authorRichard Levitte <levitte@openssl.org>
Wed, 20 Feb 2002 17:55:08 +0000 (17:55 +0000)
committerRichard Levitte <levitte@openssl.org>
Wed, 20 Feb 2002 17:55:08 +0000 (17:55 +0000)
This is especially important for AES that has a 16 bytes IV.

crypto/pem/pem_info.c
crypto/pem/pem_lib.c

index 8bcd9f770dc50762fa76ad8ba7b6968c3147970b..7fc5e5c4c0c83e9c24d7006a9410218688a741cd 100644 (file)
@@ -350,7 +350,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
                        /* create the right magic header stuff */
                        buf[0]='\0';
                        PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-                       PEM_dek_info(buf,objstr,8,(char *)iv);
+                       PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
 
                        /* use the normal code to write things out */
                        i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
index 52a36dc00dd1355a994a67610b26a0e6a21077c2..94ecae7f3f4430eed11019c788d8f1f3ac4e4f95 100644 (file)
@@ -335,7 +335,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
                        kstr=(unsigned char *)buf;
                        }
                RAND_add(data,i,0);/* put in the RSA key. */
-               if (RAND_pseudo_bytes(iv,8) < 0)        /* Generate a salt */
+               if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
                        goto err;
                /* The 'iv' is used as the iv and as a salt.  It is
                 * NOT taken from the BytesToKey function */
@@ -345,7 +345,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 
                buf[0]='\0';
                PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-               PEM_dek_info(buf,objstr,8,(char *)iv);
+               PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
                /* k=strlen(buf); */
 
                EVP_CIPHER_CTX_init(&ctx);
@@ -471,7 +471,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
                PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
                return(0);
                }
-       if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
+       if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
 
        return(1);
        }