From e50858c559b6eaa6088ddab47e05b516b92b73d0 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 17 Dec 2009 15:27:57 +0000 Subject: [PATCH] PR: 2127 Submitted by: Tomas Mraz Check for lookup failures in EVP_PBE_CipherInit(). --- crypto/evp/evp.h | 2 ++ crypto/evp/evp_err.c | 2 ++ crypto/evp/evp_pbe.c | 14 ++++++++++++++ 3 files changed, 18 insertions(+) diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index b8aa8b3ce..f17730b5e 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -1291,6 +1291,8 @@ void ERR_load_EVP_strings(void); #define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 #define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 #define EVP_R_PUBLIC_KEY_NOT_RSA 106 +#define EVP_R_UNKNOWN_CIPHER 160 +#define EVP_R_UNKNOWN_DIGEST 161 #define EVP_R_UNKNOWN_PBE_ALGORITHM 121 #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 #define EVP_R_UNSUPPORTED_ALGORITHM 156 diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index b8b255795..f20037867 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -187,6 +187,8 @@ static ERR_STRING_DATA EVP_str_reasons[]= {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR),"private key decode error"}, {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR),"private key encode error"}, {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"}, +{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"}, +{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"}, {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"}, {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"}, {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"}, diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index 92bd7ca06..f8c32d825 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -179,12 +179,26 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, if (cipher_nid == -1) cipher = NULL; else + { cipher = EVP_get_cipherbynid(cipher_nid); + if (!cipher) + { + EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_CIPHER); + return 0; + } + } if (md_nid == -1) md = NULL; else + { md = EVP_get_digestbynid(md_nid); + if (!md) + { + EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_DIGEST); + return 0; + } + } if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {