[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Dr. Stephen Henson steve at openssl.org
Thu May 5 22:57:57 UTC 2016 

The branch OpenSSL_1_0_1-stable has been updated
       via  852034b8b20963594d2f37f8ae8eb83d3e538624 (commit)
      from  b583c1bd069f6928c3973dc6d6864930f6c4bb3e (commit)


- Log -----------------------------------------------------------------
commit 852034b8b20963594d2f37f8ae8eb83d3e538624
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Mon Mar 21 15:48:51 2016 +0000

    Always try to set ASN.1 parameters for CMS.
    
    Try to set the ASN.1 parameters for CMS encryption even if the IV
    length is zero as the underlying cipher should still set the type.
    
    This will correctly result in errors if an attempt is made to use
    an unsupported cipher type.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (cherry picked from commit 3fd60dc42288591737a35a90368d72dbd00fdef8)
    
    Conflicts:
    	crypto/cms/cms_enc.c

-----------------------------------------------------------------------

Summary of changes:
 crypto/cms/cms_enc.c | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index b14b4b6..9f8e514 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -180,17 +180,20 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
         goto err;
     }
 
-    if (piv) {
-        calg->parameter = ASN1_TYPE_new();
-        if (!calg->parameter) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-            goto err;
-        }
+    calg->parameter = ASN1_TYPE_new();
+    if (calg->parameter == NULL) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+        goto err;
+    }
+    /* If parameter type not set omit parameter */
+    if (calg->parameter->type == V_ASN1_UNDEF) {
+        ASN1_TYPE_free(calg->parameter);
+        calg->parameter = NULL;
     }
     ok = 1;

More information about the openssl-commits mailing list