From: Zhiqi Song <songzhiqi1@huawei.com> EVP_CipherInit_ex() may not directly transfer the iv parameter, so we should try to get iv from cipher 'ctx' and copy it to 'priv'. Test with: openssl genpkey -algorithm RSA -out private_key.pem -aes256 \ -pass pass:1234 openssl pkey -in private_key.pem -out decrypted_private_key.pem \ -passin pass:1234 -engine uadk_engine Signed-off-by: Zhiqi Song <songzhiqi1@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_cipher.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c index 59753da..95af193 100644 --- a/src/uadk_cipher.c +++ b/src/uadk_cipher.c @@ -506,6 +506,8 @@ static int uadk_e_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, if (iv) memcpy(priv->iv, iv, EVP_CIPHER_CTX_iv_length(ctx)); + else + memcpy(priv->iv, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_iv_length(ctx)); for (i = 0; i < cipher_counts; i++) { if (nid == cipher_info_table[i].nid) { -- 2.33.0