[openssl/openssl] 5485c5: Fix usage of custom EVP_CIPHER objects

Matt Caswell noreply at github.com
Mon Oct 3 14:18:33 UTC 2022


  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b
      https://github.com/openssl/openssl/commit/5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-10-03 (Mon, 03 Oct 2022)

  Changed paths:
    M crypto/evp/digest.c
    M crypto/evp/evp_enc.c

  Log Message:
  -----------
  Fix usage of custom EVP_CIPHER objects

If a custom EVP_CIPHER object has been passed to EVP_CipherInit() then it
should be used in preference to a fetched cipher.

We also fix a possible NULL pointer deref in the same code for digests.

If the custom cipher passed to EVP_CipherInit() happens to use NID_undef
(which should be a discouraged practice), then in the previous
implementation this could result in the NULL cipher being fetched and
hence NULL encryption being unexpectedly used.

CVE-2022-3358

Fixes #18970

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19300)

(cherry picked from commit 25d47cccf203c3b71171e78865e48ea061a039a8)


  Commit: a2893b62333d97c8dfaaf655eaea919d30fb9a7b
      https://github.com/openssl/openssl/commit/a2893b62333d97c8dfaaf655eaea919d30fb9a7b
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-10-03 (Mon, 03 Oct 2022)

  Changed paths:
    M crypto/evp/evp_enc.c

  Log Message:
  -----------
  Ensure we call the cleanup() function when cleaning an EVP_CIPHER_CTX

In some circumstances we were not calling the cleanup() function to
remove cipher specific data from an EVP_CIPHER_CTX.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19300)

(cherry picked from commit f817a7439eaa705429cf699dd0485e665b0ffc49)


  Commit: b2f68ebeb5eef96249a22591199d43f960789c41
      https://github.com/openssl/openssl/commit/b2f68ebeb5eef96249a22591199d43f960789c41
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-10-03 (Mon, 03 Oct 2022)

  Changed paths:
    M test/evp_extra_test.c

  Log Message:
  -----------
  Test usage of a custom EVP_CIPHER

Test that a custom EVP_CIPHER gets used in EVP_CipherInit_ex() calls.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19300)

(cherry picked from commit 8c7d847e2e6ac6bfded210c19fd8461254bb2be3)


Compare: https://github.com/openssl/openssl/compare/9f0867da4cbf...b2f68ebeb5ee


More information about the openssl-commits mailing list