The documentation (perldoc + web page) for EVP_SealInit state that:
EVP_SealInit() initializes a cipher context <ctx> for encryption with
cipher <type> using a random secret key and IV supplied in the <iv>
parameter.
That is not true, however, as we can see in p_seal.c (82-83):
if (EVP_CIPHER_CTX_iv_length(ctx))
RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx));
iv actually works as a return parameter, which should be supplied to EVP_Open.
Should this be the case? Is this a bug or a feature? It spares the
programmer from having to generate an iv, but it also forces him/her
to pass the iv together with the encoded message... Shouldn't the
p_seal code match the manual?
Regards,
Pedro.
--
Pedro Miller Rabinovitch
Gerente Geral de Tecnologia
Cipher Technology
www.cipher.com.br
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
