diff options
author | Richard Levitte <levitte@openssl.org> | 2015-05-04 17:34:40 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2015-05-04 21:18:43 +0200 |
commit | 4b771121f2b657f50e8c7a27e9fab0bb043f91bc (patch) | |
tree | 62c01da3b207e26281a8128ef9972d59504f7449 | |
parent | ee827adf0483e8e66e3c447c42308bf8bc96c43f (diff) |
RT2943: Check sizes if -iv and -K arguments
RT2943 only complains about the incorrect check of -K argument size,
we might as well do the same thing with the -iv argument.
Before this, we only checked that the given argument wouldn't give a
bitstring larger than EVP_MAX_KEY_LENGTH. we can be more precise and
check against the size of the actual cipher used.
(cherry picked from commit 8920a7cd04f43b1a090d0b0a8c9e16b94c6898d4)
Reviewed-by: Rich Salz <rsalz@openssl.org>
-rw-r--r-- | apps/enc.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/apps/enc.c b/apps/enc.c index 5c2cf7a4ac..7b7c70b132 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -548,9 +548,14 @@ int MAIN(int argc, char **argv) else OPENSSL_cleanse(str, strlen(str)); } - if ((hiv != NULL) && !set_hex(hiv, iv, sizeof iv)) { - BIO_printf(bio_err, "invalid hex iv value\n"); - goto end; + if (hiv != NULL) { + int siz = EVP_CIPHER_iv_length(cipher); + if (siz == 0) { + BIO_printf(bio_err, "warning: iv not use by this cipher\n"); + } else if (!set_hex(hiv, iv, sizeof iv)) { + BIO_printf(bio_err, "invalid hex iv value\n"); + goto end; + } } if ((hiv == NULL) && (str == NULL) && EVP_CIPHER_iv_length(cipher) != 0) { @@ -562,7 +567,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "iv undefined\n"); goto end; } - if ((hkey != NULL) && !set_hex(hkey, key, sizeof key)) { + if ((hkey != NULL) && !set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) { BIO_printf(bio_err, "invalid hex key value\n"); goto end; } |