evp/evp_enc.c: allow EVP_CIPHER.ctx_size to be 0.

In such case it would be EVP_CIPHER.cleanup's reponsibility to wipe
EVP_CIPHEX_CTX.cipher_data.

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 7ef0dd81d908f1ab5d79c5a49bfe104bd464ba72..6523bf16cca8e21473b132435a5132fc6428d2a7 100644 (file)
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -105,10 +105,8 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
      * previous handle, re-querying for an ENGINE, and having a
      * reinitialisation, when it may all be unecessary.
      */
-    if (ctx->engine && ctx->cipher && (!cipher ||
-                                       (cipher
-                                        && (cipher->nid ==
-                                            ctx->cipher->nid))))
+    if (ctx->engine && ctx->cipher
+        && (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
         goto skip_to_init;
 #endif
     if (cipher) {
@@ -531,7 +529,7 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
         if (c->cipher->cleanup && !c->cipher->cleanup(c))
             return 0;
         /* Cleanse cipher context data */
-        if (c->cipher_data)
+        if (c->cipher_data && c->cipher->ctx_size)
             OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
     }
     OPENSSL_free(c->cipher_data);