evp/evp_enc.c: allow EVP_CIPHER.ctx_size to be 0.

In such case it would be EVP_CIPHER.cleanup's reponsibility to wipe EVP_CIPHEX_CTX.cipher_data. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Andy Polyakov <appro@openssl.org> 2015-12-09 21:18:00 +0100
committer: Andy Polyakov <appro@openssl.org> 2015-12-10 12:00:05 +0100
commit: f6b9427923dd275ea4149a73f841dbcee079ace3 (patch)
tree: ec8fbae0576dd8912978081cd73b67c270e6979c
parent: 72bb2f64fc67dc644f302a07953900becced011f (diff)
1 files changed, 3 insertions, 5 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 7ef0dd81d9..6523bf16cc 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -105,10 +105,8 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
      * previous handle, re-querying for an ENGINE, and having a
      * reinitialisation, when it may all be unecessary.
      */
-    if (ctx->engine && ctx->cipher && (!cipher ||
-                                       (cipher
-                                        && (cipher->nid ==
-                                            ctx->cipher->nid))))
+    if (ctx->engine && ctx->cipher
+        && (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
         goto skip_to_init;
 #endif
     if (cipher) {
@@ -531,7 +529,7 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
         if (c->cipher->cleanup && !c->cipher->cleanup(c))
             return 0;
         /* Cleanse cipher context data */
-        if (c->cipher_data)
+        if (c->cipher_data && c->cipher->ctx_size)
             OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
     }
     OPENSSL_free(c->cipher_data);
author	Andy Polyakov <appro@openssl.org>	2015-12-09 21:18:00 +0100
committer	Andy Polyakov <appro@openssl.org>	2015-12-10 12:00:05 +0100
commit	f6b9427923dd275ea4149a73f841dbcee079ace3 (patch)
tree	ec8fbae0576dd8912978081cd73b67c270e6979c
parent	72bb2f64fc67dc644f302a07953900becced011f (diff)