diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-08-10 14:51:21 +0200 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2021-08-11 17:11:47 +0200 |
commit | 0f70d6013435308ada5d0eb662b31f370b07ebd7 (patch) | |
tree | 638978b62dd0b6d16cbf89f747077f7cabc53430 | |
parent | 12e055991e9d755c8a395f60abf97783795be626 (diff) | |
download | openssl-new-0f70d6013435308ada5d0eb662b31f370b07ebd7.tar.gz |
EVP_CIPHER_CTX_set_key_length: Raise error when key length is not settable
If key length is different from the existing key length and it is not
a settable parameter, raise an error.
Fixes #16277
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16279)
-rw-r--r-- | crypto/evp/evp_enc.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index e0f411aa06..519cab3f2b 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -986,8 +986,10 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) /* Check the cipher actually understands this parameter */ if (OSSL_PARAM_locate_const(EVP_CIPHER_settable_ctx_params(c->cipher), - OSSL_CIPHER_PARAM_KEYLEN) == NULL) + OSSL_CIPHER_PARAM_KEYLEN) == NULL) { + ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH); return 0; + } params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len); ok = evp_do_ciph_ctx_setparams(c->cipher, c->algctx, params); |