Pedro Miller Rabinovitch wrote:
>
> Greetings, everyone.
>
> First of all, kudos go to everyone involved in OpenSSL development.
> It works great, even though the docs need a little polishing up. ;)
>
> Regarding that, my first post here:
>
> The documentation (perldoc + web page) for EVP_SealInit state that:
>
> EVP_SealInit() initializes a cipher context <ctx> for encryption with
> cipher <type> using a random secret key and IV supplied in the <iv>
> parameter.
>
> That is not true, however, as we can see in p_seal.c (82-83):
>
> if (EVP_CIPHER_CTX_iv_length(ctx))
> RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
>
> iv actually works as a return parameter, which should be supplied to EVP_Open.
>
> Should this be the case? Is this a bug or a feature? It spares the
> programmer from having to generate an iv, but it also forces him/her
> to pass the iv together with the encoded message... Shouldn't the
> p_seal code match the manual?
>
Documentation bug I'd say. EVP_SealInit() has been around a lot longer
than the pod documentation and things may rely on that behaviour so the
docs really need fixing.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
