Stop assuming the IV is 8 bytes long, use the real size instead.

This is especially important for AES that has a 16 bytes IV.

2 files changed, 4 insertions, 4 deletions

diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index b6ca51a186..4a1b93f808 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -326,7 +326,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
 			/* create the right magic header stuff */
 			buf[0]='\0';
 			PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-			PEM_dek_info(buf,objstr,8,(char *)iv);
+			PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
 
 			/* use the normal code to write things out */
 			i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 94373e1d23..18b751a91a 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -333,7 +333,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 			kstr=(unsigned char *)buf;
 			}
 		RAND_add(data,i,0);/* put in the RSA key. */
-		if (RAND_pseudo_bytes(iv,8) < 0)	/* Generate a salt */
+		if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */
 			goto err;
 		/* The 'iv' is used as the iv and as a salt.  It is
 		 * NOT taken from the BytesToKey function */
@@ -343,7 +343,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 
 		buf[0]='\0';
 		PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
-		PEM_dek_info(buf,objstr,8,(char *)iv);
+		PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
 		/* k=strlen(buf); */
 
 		EVP_CIPHER_CTX_init(&ctx);
@@ -469,7 +469,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
 		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
 		return(0);
 		}
-	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
+	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
 
 	return(1);
 	}