Always try to set ASN.1 parameters for CMS.

Try to set the ASN.1 parameters for CMS encryption even if the IV
length is zero as the underlying cipher should still set the type.

This will correctly result in errors if an attempt is made to use
an unsupported cipher type.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 3fd60dc42288591737a35a90368d72dbd00fdef8)

Conflicts:
	crypto/cms/cms_enc.c

diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index b14b4b68b5c9508821fe5d2f9dbbf490924ea1a5..9f8e514cb49127b7841f9ed8576d424ddf87c79b 100644 (file)
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -180,17 +180,20 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
         goto err;
     }
 
-    if (piv) {
-        calg->parameter = ASN1_TYPE_new();
-        if (!calg->parameter) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-            goto err;
-        }
+    calg->parameter = ASN1_TYPE_new();
+    if (calg->parameter == NULL) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+        goto err;
+    }
+    /* If parameter type not set omit parameter */
+    if (calg->parameter->type == V_ASN1_UNDEF) {
+        ASN1_TYPE_free(calg->parameter);
+        calg->parameter = NULL;
     }
     ok = 1;