[openssl] master update
beldmit at gmail.com
beldmit at gmail.com
Wed Aug 11 15:12:44 UTC 2021
The branch master has been updated
via 0f70d6013435308ada5d0eb662b31f370b07ebd7 (commit)
from 12e055991e9d755c8a395f60abf97783795be626 (commit)
- Log -----------------------------------------------------------------
commit 0f70d6013435308ada5d0eb662b31f370b07ebd7
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Aug 10 14:51:21 2021 +0200
EVP_CIPHER_CTX_set_key_length: Raise error when key length is not settable
If key length is different from the existing key length and it is not
a settable parameter, raise an error.
Fixes #16277
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16279)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/evp_enc.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index e0f411aa06..519cab3f2b 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -986,8 +986,10 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
/* Check the cipher actually understands this parameter */
if (OSSL_PARAM_locate_const(EVP_CIPHER_settable_ctx_params(c->cipher),
- OSSL_CIPHER_PARAM_KEYLEN) == NULL)
+ OSSL_CIPHER_PARAM_KEYLEN) == NULL) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
return 0;
+ }
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len);
ok = evp_do_ciph_ctx_setparams(c->cipher, c->algctx, params);
More information about the openssl-commits
mailing list