evp/e_aes_cbc_hmac_sha*.c: improve cache locality.

[oweals/openssl.git] / crypto / evp / evp_enc.c

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 5b3bf3bb2c209571ddc9519ea1c076c3ab766328..f705967a40ab92cdf3c2ba8dd6bc19680d6157d6 100644 (file)
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -174,7 +174,8 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
                        ctx->cipher_data = NULL;
                        }
                ctx->key_len = cipher->key_len;
-               ctx->flags = 0;
+               /* Preserve wrap enable flag, zero everything else */
+               ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
                if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT)
                        {
                        if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL))
@@ -197,6 +198,13 @@ skip_to_init:
            || ctx->cipher->block_size == 8
            || ctx->cipher->block_size == 16);
 
+       if(!(ctx->flags & EVP_CIPHER_CTX_FLAG_WRAP_ALLOW)
+               && EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_WRAP_MODE)
+               {
+               EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_WRAP_MODE_NOT_ALLOWED);
+               return 0;
+               }
+
        if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
                switch(EVP_CIPHER_CTX_mode(ctx)) {
 
@@ -230,6 +238,7 @@ skip_to_init:
                        break;
                }
        }
+               
 
        if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
                if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;