When only the key is given to "enc", the IV is undefined

[openssl.git] / apps / enc.c

diff --git a/apps/enc.c b/apps/enc.c
index fd25a2122277599b93eb80cd47a947f33e030835..3c72d05c6ca43a77bc1dc8d42292e9ee96e72c05 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -66,9 +66,6 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/rand.h>
-#ifndef OPENSSL_NO_MD5
-#include <openssl/md5.h>
-#endif
 #include <openssl/pem.h>
 #include <openssl/engine.h>
 #include <ctype.h>
@@ -491,6 +488,14 @@ bad:
                        BIO_printf(bio_err,"invalid hex iv value\n");
                        goto end;
                        }
+               if ((hiv == NULL) && (str == NULL))
+                       {
+                       /* No IV was explicitly set and no IV was generated
+                        * during EVP_BytesToKey. Hence the IV is undefined,
+                        * making correct decryption impossible. */
+                       BIO_printf(bio_err, "iv undefined\n");
+                       goto end;
+                       }
                if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
                        {
                        BIO_printf(bio_err,"invalid hex key value\n");
@@ -578,6 +583,7 @@ end:
        if (benc != NULL) BIO_free(benc);
        if (b64 != NULL) BIO_free(b64);
        if(pass) OPENSSL_free(pass);
+       apps_shutdown();
        EXIT(ret);
        }