wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix dasync engine

Browse source 
The aes128_cbc_hmac_sha1 cipher in the dasync engine is broken. Probably
by commit e38c2e8535 which removed use of the "enc" variable...but not
completely.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8291)
This commit is contained in:
Matt Caswell 2019-02-20 11:11:04 +00:00
parent 4ac5e43da6
commit 695dd3a332
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
engines/e_dasync.c
View file

@ -138,7 +138,6 @@ struct dasync_pipeline_ctx {
unsigned char **inbufs;
unsigned char **outbufs;
size_t *lens;
int enc;
unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN];
unsigned int aadctr;
};
@ -617,7 +616,7 @@ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg,
len = p[arg - 2] << 8 | p[arg - 1];
if (pipe_ctx->enc) {
if (EVP_CIPHER_CTX_encrypting(ctx)) {
if ((p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
if (len < AES_BLOCK_SIZE)
return 0;