Reported by: Solar Designer of Openwall
Make sure tkeylen is initialised properly when encrypting CMS messages.
This commit is contained in:
Dr. Stephen Henson
parent
94fbee800b
commit
1e4406a854
2 changed files with 5 additions and 3 deletions
4
CHANGES
4
CHANGES
|
|
@ -4,7 +4,9 @@
|
|||
|
||||
Changes between 1.0.0i and 1.0.0j [xx XXX xxxx]
|
||||
|
||||
*)
|
||||
*) Initialise tkeylen properly when encrypting CMS messages.
|
||||
Thanks to Solar Designer of Openwall for reporting this issue.
|
||||
[Steve Henson]
|
||||
|
||||
Changes between 1.0.0h and 1.0.0i [19 Apr 2012]
|
||||
|
||||
|
|
|
|||
|
|
@ -139,10 +139,10 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
|
||||
goto err;
|
||||
}
|
||||
tkeylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
/* Generate random session key */
|
||||
if (!enc || !ec->key)
|
||||
{
|
||||
tkeylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
tkey = OPENSSL_malloc(tkeylen);
|
||||
if (!tkey)
|
||||
{
|
||||
|
|
@ -174,7 +174,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
|
|||
/* Only reveal failure if debugging so we don't
|
||||
* leak information which may be useful in MMA.
|
||||
*/
|
||||
if (ec->debug)
|
||||
if (enc || ec->debug)
|
||||
{
|
||||
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
|
||||
CMS_R_INVALID_KEY_LENGTH);
|
||||
|
|
|
|||
Loading…
Reference in a new issue