Check for cipher BIO errors and set key length after parameter decode.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 15 Mar 2008 13:37:32 +0000 (13:37 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 15 Mar 2008 13:37:32 +0000 (13:37 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 15 Mar 2008 13:37:32 +0000 (13:37 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 15 Mar 2008 13:37:32 +0000 (13:37 +0000)
diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c

index 54a1e431c2289d19ae7b5125a0375b06af5de0aa..fbf87b6735e2a62b974a9dd9323674a231bc14f2 100644 (file)
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -115,18 +115,6 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
         if (enc)
                 calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
  
-       /* If necessary set key length */
-
-       if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
-               {
-               if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0)
-                       {
-                       CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                               CMS_R_INVALID_KEY_LENGTH);
-                       goto err;
-                       }
-               }
-
         if (enc)
                 {
                 int ivlen;
@@ -146,6 +134,18 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
                         goto err;
                         }
  
+       /* If necessary set key length */
+
+       if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
+               {
+               if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0)
+                       {
+                       CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+                               CMS_R_INVALID_KEY_LENGTH);
+                       goto err;
+                       }
+               }
+
         if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0)
                 {
                 CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c

index da0fac0a242e4db87ec52cfc4d234bcaa2c2c862..d1a16808e9c1512a873b7530961adac97ff25110 100644 (file)
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -77,12 +77,20 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
         else
                 tmpout = out;
  
-       /* Read all content through chain to determine content digests */
+       /* Read all content through chain to process digest, decrypt etc */
         for (;;)
         {
                 i=BIO_read(in,buf,sizeof(buf));
                 if (i <= 0)
+                       {
+                       if (BIO_method_type(in) == BIO_TYPE_CIPHER)
+                               {
+                               if (!BIO_get_cipher_status(in))
+                                       goto err;
+                               }
                         break;
+                       }
+                               
                 if (tmpout)
                         BIO_write(tmpout, buf, i);
         }
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 15 Mar 2008 13:37:32 +0000 (13:37 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 15 Mar 2008 13:37:32 +0000 (13:37 +0000)
crypto/cms/cms_enc.c		patch \| blob \| history
crypto/cms/cms_smime.c		patch \| blob \| history