Fix EVP_CIPHER_CTX_rand_key()
authorMatt Caswell <matt@openssl.org>
Fri, 19 Apr 2019 15:21:10 +0000 (16:21 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 23 Apr 2019 09:48:59 +0000 (10:48 +0100)
Make sure we use the the correct key length in EVP_CIPHER_CTX_rand_key().
Now that ciphers may come from providers we need to make sure we ask the
provider for the value if appropriate.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/8794)

crypto/evp/evp_enc.c

index 4426a81..c2411f4 100644 (file)
@@ -947,7 +947,7 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
 {
     if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
         return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
-    if (RAND_priv_bytes(key, ctx->key_len) <= 0)
+    if (RAND_priv_bytes(key, EVP_CIPHER_CTX_key_length(ctx)) <= 0)
         return 0;
     return 1;
 }