Contrary to the documentation EVP_DecryptInit requires the ctx to be
initialized in OpenSSL 0.9.7 (RedHat openssl 0.9.7-3 i686)
To repeat:
EVP_CIPHER_CTX ctx;
unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
unsigned char iv[] = {1,2,3,4,5,6,7,8};
memset(&ctx, 42, sizeof(ctx)); /* fill with garbage */
EVP_DecryptInit(&ctx, EVP_bf_cbc(), key, iv);
[segfaults]
#0 0x400a74a0 in EVP_CipherInit_ex () from /lib/libcrypto.so.4
#1 0x400a7a14 in EVP_DecryptInit () from /lib/libcrypto.so.4
#2 0x080485f4 in main (argc=1, argv=0xbffff994) at testevp.c:13
Should be noted that the above works fine in 0.9.6 (RedHat openssl
0.9.6-13 i386)
If the ctx is initialized by EVP_CIPHER_CTX_init(&ctx); before calling
EVP_DecryptInit then everyting works.
It should also be noted that EVP_EncryptInit works just fine with an
uninitialized ctx as documented. It is only EVP_DecryptInit that fails.
--
Henrik Nordstrom <[EMAIL PROTECTED]>
MARA Systems AB
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
