generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Reported by: Solar Designer of Openwall

Browse Source 
Make sure tkeylen is initialised properly when encrypting CMS messages.
This commit is contained in:
Dr. Stephen Henson 2012-05-10 13:28:28 +00:00
parent 94fbee800b
commit 1e4406a854
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -4,7 +4,9 @@
Changes between 1.0.0i and 1.0.0j [xx XXX xxxx] Changes between 1.0.0i and 1.0.0j [xx XXX xxxx]
*) *) Initialise tkeylen properly when encrypting CMS messages.
Thanks to Solar Designer of Openwall for reporting this issue.
[Steve Henson]
Changes between 1.0.0h and 1.0.0i [19 Apr 2012] Changes between 1.0.0h and 1.0.0i [19 Apr 2012]

4
crypto/cms/cms_enc.c
View File

@ -139,10 +139,10 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err; goto err;
} }
tkeylen = EVP_CIPHER_CTX_key_length(ctx);
/* Generate random session key */ /* Generate random session key */
if (!enc || !ec->key) if (!enc || !ec->key)
{ {
tkeylen = EVP_CIPHER_CTX_key_length(ctx);
tkey = OPENSSL_malloc(tkeylen); tkey = OPENSSL_malloc(tkeylen);
if (!tkey) if (!tkey)
{ {
@ -174,7 +174,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
/* Only reveal failure if debugging so we don't /* Only reveal failure if debugging so we don't
* leak information which may be useful in MMA. * leak information which may be useful in MMA.
*/ */
if (ec->debug) if (enc || ec->debug)
{ {
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
CMS_R_INVALID_KEY_LENGTH); CMS_R_INVALID_KEY_LENGTH);