diff options
author | Richard Levitte <levitte@openssl.org> | 2015-05-04 17:34:40 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2015-05-04 20:21:21 +0200 |
commit | 3cf40601b7d164ab48addbb0456d7aa59fa38c88 (patch) | |
tree | 7af4a2a1b97e4e20874b9c6f9d3b4fcbf9b5e4cb /apps/enc.c | |
parent | 82e586a90b18fa91fb2756af4c36cc70ff097f6d (diff) |
RT2943: Check sizes if -iv and -K arguments
RT2943 only complains about the incorrect check of -K argument size,
we might as well do the same thing with the -iv argument.
Before this, we only checked that the given argument wouldn't give a
bitstring larger than EVP_MAX_KEY_LENGTH. we can be more precise and
check against the size of the actual cipher used.
(cherry picked from commit 8920a7cd04f43b1a090d0b0a8c9e16b94c6898d4)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'apps/enc.c')
-rw-r--r-- | apps/enc.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/apps/enc.c b/apps/enc.c index 5c2cf7a4ac..7b7c70b132 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -548,9 +548,14 @@ int MAIN(int argc, char **argv) else OPENSSL_cleanse(str, strlen(str)); } - if ((hiv != NULL) && !set_hex(hiv, iv, sizeof iv)) { - BIO_printf(bio_err, "invalid hex iv value\n"); - goto end; + if (hiv != NULL) { + int siz = EVP_CIPHER_iv_length(cipher); + if (siz == 0) { + BIO_printf(bio_err, "warning: iv not use by this cipher\n"); + } else if (!set_hex(hiv, iv, sizeof iv)) { + BIO_printf(bio_err, "invalid hex iv value\n"); + goto end; + } } if ((hiv == NULL) && (str == NULL) && EVP_CIPHER_iv_length(cipher) != 0) { @@ -562,7 +567,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "iv undefined\n"); goto end; } - if ((hkey != NULL) && !set_hex(hkey, key, sizeof key)) { + if ((hkey != NULL) && !set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) { BIO_printf(bio_err, "invalid hex key value\n"); goto end; } |