"Dr. Stephen Henson" <[email protected]> wrote:
>
>Well whatever you do here is likely to be a a hack which could well break in
>future etc etc etc...
Understood.
>With that disclaimer out of the way you *might* be able to make use of the
>EVP_CIPHER structures here. Take a look at crypto/evp/e_rc4.c and you'll see
>the ctx_size field is set to sizeof(EVP_RC4_KEY).
>
>So one possibility is to compare this value to the expected value. You can do
>similar things with DES.
Excellent, thank you very much! I guess I should have spent some more
time contemplating that recommendation in the rc4(3) man page.:-) With
this method, not only does the check work 100% with current code, it is
also much clearer what it is doing - and I even get the feeling that
it's pretty future-proof. Basically
EVP_EncryptInit(&rc4, EVP_rc4(), dummy_rc4_key, NULL);
if (rc4.cipher->ctx_size != sizeof(RC4_KEY)) {
error("RC4_CHAR");
}
EVP_EncryptInit(&des, EVP_des_cbc(), dummy_des_key, dummy_des_iv);
if (des.cipher->ctx_size != sizeof(DES_key_schedule)) {
error("DES_INT");
}
Thanks again!
--Per
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
