Add a comment noting the padding oracle.

Reviewed-by: N Andy Polyakov <appro@openssl.org>

Add a comment noting the padding oracle.
Reviewed-by: N Andy Polyakov <appro@openssl.org>
03af8430 · Emilia Kasper · 4ad2d3ac · 03af8430
隐藏空白更改
内联并排

Showing with 5 addition and 0 deletion

crypto/evp/evp_enc.c crypto/evp/evp_enc.c +5 -0

未找到文件。
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -524,6 +524,11 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 			return(0);
 			}
 		OPENSSL_assert(b <= sizeof ctx->final);
+
+		/*
+		 * The following assumes that the ciphertext has been authenticated.
+		 * Otherwise it provides a padding oracle.
+		 */
 		n=ctx->final[b-1];
 		if (n == 0 || n > (int)b)
 			{