[openssl-commits] [openssl] master update

Dr. Stephen Henson steve at openssl.org
Thu May 5 21:30:41 UTC 2016 

The branch master has been updated
       via  3fd60dc42288591737a35a90368d72dbd00fdef8 (commit)
      from  50b4a9ba1382de7a1990fb4716585754b9c7f50d (commit)


- Log -----------------------------------------------------------------
commit 3fd60dc42288591737a35a90368d72dbd00fdef8
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Mon Mar 21 15:48:51 2016 +0000

    Always try to set ASN.1 parameters for CMS.
    
    Try to set the ASN.1 parameters for CMS encryption even if the IV
    length is zero as the underlying cipher should still set the type.
    
    This will correctly result in errors if an attempt is made to use
    an unsupported cipher type.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/cms/cms_enc.c | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index 23adc2f..7d75f4b 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -176,17 +176,20 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
         goto err;
     }
 
-    if (piv) {
-        calg->parameter = ASN1_TYPE_new();
-        if (calg->parameter == NULL) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-            goto err;
-        }
+    calg->parameter = ASN1_TYPE_new();
+    if (calg->parameter == NULL) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+        goto err;
+    }
+    /* If paremeter type not set omit parameter */
+    if (calg->parameter->type == V_ASN1_UNDEF) {
+        ASN1_TYPE_free(calg->parameter);
+        calg->parameter = NULL;
     }
     ok = 1;

More information about the openssl-commits mailing list