generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Reject inappropriate private key encryption ciphers.

Browse Source 
The traditional private key encryption algorithm doesn't function
properly if the IV length of the cipher is zero. These ciphers
(e.g. ECB mode) are not suitable for private key encryption
anyway.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit d78df5dfd650e6de159a19a033513481064644f5)
This commit is contained in:
Dr. Stephen Henson 2016-04-23 13:33:05 +01:00
parent a04d08fc18
commit 6dfa55ab2f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/pem/pem_lib.c
View File

@ -344,7 +344,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
if (enc != NULL) {
objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
if (objstr == NULL) {
if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) {
PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
goto err;
}