Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12379)
X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
unsigned char *tkey = NULL;
+ int len;
size_t tkeylen = 0;
int ok = 0;
CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
goto err;
}
- tkeylen = EVP_CIPHER_CTX_key_length(ctx);
+ len = EVP_CIPHER_CTX_key_length(ctx);
+ if (len <= 0)
+ goto err;
+ tkeylen = (size_t)len;
+
/* Generate random session key */
if (!enc || !ec->key) {
tkey = OPENSSL_malloc(tkeylen);