From 2aa5dac48ff779b8dab1b68a3617731816649af8 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Wed, 20 Feb 2002 17:55:34 +0000
Subject: [PATCH] Stop assuming the IV is 8 bytes long, use the real size
 instead. This is especially important for AES that has a 16 bytes IV.

---
 crypto/pem/pem_info.c | 2 +-
 crypto/pem/pem_lib.c  | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index f1694f1125..98a8510e15 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -326,7 +326,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
 			/* create the right magic header stuff */
 			buf[0]='\0';
 			PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-			PEM_dek_info(buf,objstr,8,(char *)iv);
+			PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
 
 			/* use the normal code to write things out */
 			i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index a17c3ed57f..e00af7c018 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -373,7 +373,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 			kstr=(unsigned char *)buf;
 			}
 		RAND_add(data,i,0);/* put in the RSA key. */
-		if (RAND_pseudo_bytes(iv,8) < 0)	/* Generate a salt */
+		if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
 			goto err;
 		/* The 'iv' is used as the iv and as a salt.  It is
 		 * NOT taken from the BytesToKey function */
@@ -383,7 +383,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 
 		buf[0]='\0';
 		PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-		PEM_dek_info(buf,objstr,8,(char *)iv);
+		PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
 		/* k=strlen(buf); */
 	
 		EVP_EncryptInit(&ctx,enc,key,iv);
@@ -506,7 +506,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
 		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
 		return(0);
 		}
-	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
+	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
 
 	return(1);
 	}
-- 
2.25.1