engines/dasync: add explaining comments about AES-128-CBC-HMAC-SHA1
authorDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Fri, 22 Feb 2019 12:08:54 +0000 (13:08 +0100)
committerDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Fri, 22 Feb 2019 17:11:16 +0000 (18:11 +0100)
commit4a81b8b6e8b908ff70d675c7173ad4923f3dc659
tree526c9a548e3d0989e688684ef51fd11767245a50
parentd600f3d34cf85003d11bea2b8296834874cdebcf
engines/dasync: add explaining comments about AES-128-CBC-HMAC-SHA1

Fixes #7950

It was reported that there might be a null pointer dereference in the
implementation of the dasync_aes_128_cbc_hmac_sha1() cipher, because
EVP_aes_128_cbc_hmac_sha1() can return a null pointer if AES-NI is
not available. It took some analysis to find out that this is not
an issue in practice, and these comments explain the reason to comfort
further NPD hunters.

Detected by GitHub user @wurongxin1987 using the Sourcebrella Pinpoint
static analyzer.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8305)

(cherry picked from commit a4a0a1eb43cfccd128d085932a567e0482fbfe47)
engines/e_dasync.c