Ensure EVP_CipherInit() uses the correct encode/decode parameter if

enc == -1

[Reported by Markus Friedl <markus@openbsd.org>]

Fix typo in dh_lib.c (use of DSAerr instead of DHerr).

diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index 7adf48e6a2e810155f552d9be4d3f948d9a3381b..ba5fd410579f1233b05abc2b0b0b2db54eac9530 100644 (file)
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -116,7 +116,7 @@ DH *DH_new_method(ENGINE *engine)
                {
                if (!ENGINE_init(engine))
                        {
-                       DSAerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
+                       DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
                        OPENSSL_free(ret);
                        return NULL;
                        }

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 22a7b745c174ac3d68bd36698da6d8cf57fa82f5..d28a7d266e57993adefac7247e870b68d9f3b2a1 100644 (file)
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -85,7 +85,14 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
 int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
             const unsigned char *key, const unsigned char *iv, int enc)
        {
-       if(enc && (enc != -1)) enc = 1;
+       if (enc == -1)
+               enc = ctx->encrypt;
+       else
+               {
+               if (enc)
+                       enc = 1;
+               ctx->encrypt = enc;
+               }
        /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
         * so this context may already have an ENGINE! Try to avoid releasing
         * the previous handle, re-querying for an ENGINE, and having a
@@ -184,7 +191,6 @@ skip_to_init:
        if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
                if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
        }
-       if(enc != -1) ctx->encrypt=enc;
        ctx->buf_len=0;
        ctx->final_used=0;
        ctx->block_mask=ctx->cipher->block_size-1;