Make sure tkeylen is initialised properly when encrypting CMS messages.
Changes between 1.0.0i and 1.0.0j [xx XXX xxxx]
- *)
+ *) Initialise tkeylen properly when encrypting CMS messages.
+ Thanks to Solar Designer of Openwall for reporting this issue.
+ [Steve Henson]
Changes between 1.0.0h and 1.0.0i [19 Apr 2012]
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err;
}
+ tkeylen = EVP_CIPHER_CTX_key_length(ctx);
/* Generate random session key */
if (!enc || !ec->key)
{
- tkeylen = EVP_CIPHER_CTX_key_length(ctx);
tkey = OPENSSL_malloc(tkeylen);
if (!tkey)
{
/* Only reveal failure if debugging so we don't
* leak information which may be useful in MMA.
*/
- if (ec->debug)
+ if (enc || ec->debug)
{
CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
CMS_R_INVALID_KEY_LENGTH);
projects / oweals / openssl.git / commitdiff