Commit 1e4406a8 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Reported by: Solar Designer of Openwall 

Make sure tkeylen is initialised properly when encrypting CMS messages.
parent 94fbee80

CHANGES

+3 −1
Original line number Diff line number Diff line
@@ -4,7 +4,9 @@ 


 Changes between 1.0.0i and 1.0.0j [xx XXX xxxx]



  *)

  *) Initialise tkeylen properly when encrypting CMS messages.

     Thanks to Solar Designer of Openwall for reporting this issue.

     [Steve Henson]



 Changes between 1.0.0h and 1.0.0i [19 Apr 2012]

crypto/cms/cms_enc.c

+2 −2
Original line number Diff line number Diff line
@@ -139,10 +139,10 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) 
				CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);

		goto err;

		}

	tkeylen = EVP_CIPHER_CTX_key_length(ctx);

	/* Generate random session key */

	if (!enc || !ec->key)

		{

		tkeylen = EVP_CIPHER_CTX_key_length(ctx);

		tkey = OPENSSL_malloc(tkeylen);

		if (!tkey)

			{
@@ -174,7 +174,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) 
			/* Only reveal failure if debugging so we don't

			 * leak information which may be useful in MMA.

			 */

			if (ec->debug)

			if (enc || ec->debug)

				{

				CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,

						CMS_R_INVALID_KEY_LENGTH);