Before this change, the call to aes_encrypt_byteswas reusing the key as an IV for the encryption process. To fix this, the call to aes_encrypt_byteswas substituted with a call to aes_encryptwhich internally generates a pseudo-random IV based on OpenSSL RAND_bytes.
Before this change, the call to
aes_encrypt_byteswas reusing the key as an IV for the encryption process. To fix this, the call toaes_encrypt_byteswas substituted with a call toaes_encryptwhich internally generates a pseudo-random IV based on OpenSSLRAND_bytes.Also fixed a memory leak due to
xcalloc.