[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Dr. Stephen Henson steve at openssl.org
Thu May 5 22:57:57 UTC 2016 

The branch OpenSSL_1_0_2-stable has been updated
       via  493d732ab1f0311d925e6b9d56f0003012f93353 (commit)
      from  b9284c75acc2db7bd117b7759a640b90a8e37ae6 (commit)


- Log -----------------------------------------------------------------
commit 493d732ab1f0311d925e6b9d56f0003012f93353
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Mon Mar 21 15:48:51 2016 +0000

    Always try to set ASN.1 parameters for CMS.
    
    Try to set the ASN.1 parameters for CMS encryption even if the IV
    length is zero as the underlying cipher should still set the type.
    
    This will correctly result in errors if an attempt is made to use
    an unsupported cipher type.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (cherry picked from commit 3fd60dc42288591737a35a90368d72dbd00fdef8)
    
    Conflicts:
    	crypto/cms/cms_enc.c

-----------------------------------------------------------------------

Summary of changes:
 crypto/cms/cms_enc.c | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index b14b4b6..9f8e514 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -180,17 +180,20 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
         goto err;
     }
 
-    if (piv) {
-        calg->parameter = ASN1_TYPE_new();
-        if (!calg->parameter) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-            goto err;
-        }
+    calg->parameter = ASN1_TYPE_new();
+    if (calg->parameter == NULL) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+        goto err;
+    }
+    /* If parameter type not set omit parameter */
+    if (calg->parameter->type == V_ASN1_UNDEF) {
+        ASN1_TYPE_free(calg->parameter);
+        calg->parameter = NULL;
     }
     ok = 1;

More information about the openssl-commits mailing list