[openssl] master update

shane.lontis at oracle.com shane.lontis at oracle.com
Thu Nov 26 22:00:49 UTC 2020

The branch master has been updated
       via  719bc0e826317d22c0687cf919e97749fa53d54a (commit)
      from  8dc34b1f579f71f24aa385d33112da4a91db7079 (commit)

- Log -----------------------------------------------------------------
commit 719bc0e826317d22c0687cf919e97749fa53d54a
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Wed Nov 18 19:49:19 2020 +1000

    Fix EVP_CIPHER_CTX_set_padding for legacy path
    Fixes #13057
    When using an engine, there is no cipher->prov so a call to
    EVP_CIPHER_CTX_set_padding() returns an error when
    evp_do_ciph_ctx_setparams() is called. For the legacy path it needs to
    avoid doing the call and just return 1.
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/13437)


Summary of changes:
 crypto/evp/evp_enc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index f439e8d61d..7818ab25ea 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -948,6 +948,8 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
         ctx->flags |= EVP_CIPH_NO_PADDING;
+    if (ctx->cipher != NULL && ctx->cipher->prov == NULL)
+        return 1;
     params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_PADDING, &pd);
     ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);

More information about the openssl-commits mailing list