Fix crypto_cipher_init() EVP initialization

Better not specify EVP_CIPHER again for the second init call since that
will override key length with the default value. The previous version
was likely to work since most use cases would be likely to use the
default key length. Anyway, better make this handle variable length
ciphers (mainly, RC4), too, just in case it is needed in the future.

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index e8ea89584bdd51a11b11a276a1b923c5c2272272..9e290fb087bf3e9da263dea3a3b712e807a0211c 100644 (file)
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -315,7 +315,7 @@ struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
        EVP_CIPHER_CTX_set_padding(&ctx->enc, 0);
        if (!EVP_EncryptInit_ex(&ctx->enc, cipher, NULL, NULL, NULL) ||
            !EVP_CIPHER_CTX_set_key_length(&ctx->enc, key_len) ||
-           !EVP_EncryptInit_ex(&ctx->enc, cipher, NULL, key, iv)) {
+           !EVP_EncryptInit_ex(&ctx->enc, NULL, NULL, key, iv)) {
                EVP_CIPHER_CTX_cleanup(&ctx->enc);
                os_free(ctx);
                return NULL;
@@ -325,7 +325,7 @@ struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
        EVP_CIPHER_CTX_set_padding(&ctx->dec, 0);
        if (!EVP_DecryptInit_ex(&ctx->dec, cipher, NULL, NULL, NULL) ||
            !EVP_CIPHER_CTX_set_key_length(&ctx->dec, key_len) ||
-           !EVP_DecryptInit_ex(&ctx->dec, cipher, NULL, key, iv)) {
+           !EVP_DecryptInit_ex(&ctx->dec, NULL, NULL, key, iv)) {
                EVP_CIPHER_CTX_cleanup(&ctx->enc);
                EVP_CIPHER_CTX_cleanup(&ctx->dec);
                os_free(ctx);