Change PBE handling a bit more: now the key and iv generator does calls

EVP_CipherInit() this because the IV wont be easily available when doing PKCS#5 v2.0
author: Dr. Stephen Henson <steve@openssl.org> 1999-06-06 18:41:52 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 1999-06-06 18:41:52 +0000
commit: 2bd83ca1c95405fe03b33cdc98e6fa43e7258246 (patch)
tree: 77db8e8be62a27adf992fa4d36d7f66b7a39a207 /crypto/evp/p5_crpt.c
parent: 69cbf468119d6a85289e4720d609c38d4329de23 (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c
index 857835bc74..2d80c3416a 100644
--- a/crypto/evp/p5_crpt.c
+++ b/crypto/evp/p5_crpt.c
@@ -85,12 +85,13 @@ EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(),
 #endif
 }
 
-int PKCS5_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param,
-			 EVP_CIPHER *cipher, EVP_MD *md,
-			 unsigned char *key, unsigned char *iv)
+int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
+			 ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md,
+			 int en_de)
 {
 	EVP_MD_CTX ctx;
 	unsigned char md_tmp[EVP_MAX_MD_SIZE];
+	unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
 	int i;
 	PBEPARAM *pbe;
 	int saltlen, iter;
@@ -122,5 +123,9 @@ int PKCS5_PBE_keyivgen(const char *pass, int passlen, ASN1_TYPE *param,
 	memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher));
 	memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
 						 EVP_CIPHER_iv_length(cipher));
+	EVP_CipherInit(cctx, cipher, key, iv, en_de);
+	memset(md_tmp, 0, EVP_MAX_MD_SIZE);
+	memset(key, 0, EVP_MAX_KEY_LENGTH);
+	memset(iv, 0, EVP_MAX_IV_LENGTH);
 	return 1;
 }
author	Dr. Stephen Henson <steve@openssl.org>	1999-06-06 18:41:52 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	1999-06-06 18:41:52 +0000
commit	2bd83ca1c95405fe03b33cdc98e6fa43e7258246 (patch)
tree	77db8e8be62a27adf992fa4d36d7f66b7a39a207 /crypto/evp/p5_crpt.c
parent	69cbf468119d6a85289e4720d609c38d4329de23 (diff)