提交 f0446ca8 编写于 作者: B Ben Laurie

Move CIPHER_CTX cleanups to _Final routines instead of _Init, which avoids

problems with leaks and uninitialised structures.
上级 6bc847e4
...@@ -78,8 +78,6 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ...@@ -78,8 +78,6 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
if(enc && (enc != -1)) enc = 1; if(enc && (enc != -1)) enc = 1;
if (cipher) if (cipher)
{ {
if(ctx->cipher)
EVP_CIPHER_CTX_cleanup(ctx);
ctx->cipher=cipher; ctx->cipher=cipher;
ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
ctx->key_len = cipher->key_len; ctx->key_len = cipher->key_len;
...@@ -219,7 +217,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, ...@@ -219,7 +217,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{ {
int i,n,b,bl; int i,n,b,bl,ret;
b=ctx->cipher->block_size; b=ctx->cipher->block_size;
if (b == 1) if (b == 1)
...@@ -230,6 +228,7 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) ...@@ -230,6 +228,7 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
bl=ctx->buf_len; bl=ctx->buf_len;
if (ctx->flags & EVP_CIPH_NO_PADDING) if (ctx->flags & EVP_CIPH_NO_PADDING)
{ {
EVP_CIPHER_CTX_cleanup(ctx);
if(bl) if(bl)
{ {
EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); EVPerr(EVP_F_EVP_ENCRYPTFINAL,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
...@@ -238,12 +237,18 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) ...@@ -238,12 +237,18 @@ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
*outl = 0; *outl = 0;
return 1; return 1;
} }
n=b-bl; n=b-bl;
for (i=bl; i<b; i++) for (i=bl; i<b; i++)
ctx->buf[i]=n; ctx->buf[i]=n;
if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,b)) return 0; ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
EVP_CIPHER_CTX_cleanup(ctx);
if(ret)
*outl=b; *outl=b;
return 1;
return ret;
} }
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册