From: Dr. Stephen Henson Date: Sat, 15 Mar 2008 13:37:32 +0000 (+0000) Subject: Check for cipher BIO errors and set key length after parameter decode. X-Git-Tag: OpenSSL_0_9_8k^2~527 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=e540d1cd77d4cf0edea74212a5e598d073ce2e67 Check for cipher BIO errors and set key length after parameter decode. --- diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c index 54a1e431c2..fbf87b6735 100644 --- a/crypto/cms/cms_enc.c +++ b/crypto/cms/cms_enc.c @@ -115,18 +115,6 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) if (enc) calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx)); - /* If necessary set key length */ - - if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx)) - { - if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) - { - CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, - CMS_R_INVALID_KEY_LENGTH); - goto err; - } - } - if (enc) { int ivlen; @@ -146,6 +134,18 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) goto err; } + /* If necessary set key length */ + + if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx)) + { + if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) + { + CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, + CMS_R_INVALID_KEY_LENGTH); + goto err; + } + } + if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) { CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index da0fac0a24..d1a16808e9 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -77,12 +77,20 @@ static int cms_copy_content(BIO *out, BIO *in, unsigned int flags) else tmpout = out; - /* Read all content through chain to determine content digests */ + /* Read all content through chain to process digest, decrypt etc */ for (;;) { i=BIO_read(in,buf,sizeof(buf)); if (i <= 0) + { + if (BIO_method_type(in) == BIO_TYPE_CIPHER) + { + if (!BIO_get_cipher_status(in)) + goto err; + } break; + } + if (tmpout) BIO_write(tmpout, buf, i); }