Check for cipher BIO errors and set key length after parameter decode.
authorDr. Stephen Henson <steve@openssl.org>
Sat, 15 Mar 2008 13:37:32 +0000 (13:37 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 15 Mar 2008 13:37:32 +0000 (13:37 +0000)
crypto/cms/cms_enc.c
crypto/cms/cms_smime.c

index 54a1e43..fbf87b6 100644 (file)
@@ -115,18 +115,6 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
        if (enc)
                calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
 
-       /* If necessary set key length */
-
-       if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
-               {
-               if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0)
-                       {
-                       CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                               CMS_R_INVALID_KEY_LENGTH);
-                       goto err;
-                       }
-               }
-
        if (enc)
                {
                int ivlen;
@@ -146,6 +134,18 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
                        goto err;
                        }
 
+       /* If necessary set key length */
+
+       if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
+               {
+               if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0)
+                       {
+                       CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+                               CMS_R_INVALID_KEY_LENGTH);
+                       goto err;
+                       }
+               }
+
        if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0)
                {
                CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
index da0fac0..d1a1680 100644 (file)
@@ -77,12 +77,20 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
        else
                tmpout = out;
 
-       /* Read all content through chain to determine content digests */
+       /* Read all content through chain to process digest, decrypt etc */
        for (;;)
        {
                i=BIO_read(in,buf,sizeof(buf));
                if (i <= 0)
+                       {
+                       if (BIO_method_type(in) == BIO_TYPE_CIPHER)
+                               {
+                               if (!BIO_get_cipher_status(in))
+                                       goto err;
+                               }
                        break;
+                       }
+                               
                if (tmpout)
                        BIO_write(tmpout, buf, i);
        }