diff options
author | Matt Caswell <matt@openssl.org> | 2019-04-26 12:11:13 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-07-01 10:18:37 +0100 |
commit | 792cb4ee8d82e4b063f707fc9f4992271ffd65ab (patch) | |
tree | 156e8395a325dd9503a17a02326a07c0a4034f43 /crypto/evp/e_rc5.c | |
parent | 08607613d573de9e3e021227506759f4f58debc6 (diff) |
Ensure that rc5 doesn't try to use a key longer than 2040 bits
The maximum key length for rc5 is 2040 bits so we should not attempt to
use keys longer than this.
Issue found by OSS-Fuzz and Guido Vranken.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8834)
Diffstat (limited to 'crypto/evp/e_rc5.c')
-rw-r--r-- | crypto/evp/e_rc5.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c index b0234c91eb..fdd4e9d871 100644 --- a/crypto/evp/e_rc5.c +++ b/crypto/evp/e_rc5.c @@ -66,6 +66,10 @@ static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { + if (EVP_CIPHER_CTX_key_length(ctx) > 255) { + EVPerr(EVP_F_R_32_12_16_INIT_KEY, EVP_R_BAD_KEY_LENGTH); + return 0; + } RC5_32_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key, data(ctx)->rounds); return 1; |