Ensure that rc5 doesn't try to use a key longer than 2040 bits

The maximum key length for rc5 is 2040 bits so we should not attempt to use keys longer than this. Issue found by OSS-Fuzz and Guido Vranken. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8834)
author: Matt Caswell <matt@openssl.org> 2019-04-26 12:11:13 +0100
committer: Matt Caswell <matt@openssl.org> 2019-07-01 10:18:37 +0100
commit: 792cb4ee8d82e4b063f707fc9f4992271ffd65ab (patch)
tree: 156e8395a325dd9503a17a02326a07c0a4034f43 /crypto/evp/e_rc5.c
parent: 08607613d573de9e3e021227506759f4f58debc6 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c
index b0234c91eb..fdd4e9d871 100644
--- a/crypto/evp/e_rc5.c
+++ b/crypto/evp/e_rc5.c
@@ -66,6 +66,10 @@ static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv, int enc)
 {
+    if (EVP_CIPHER_CTX_key_length(ctx) > 255) {
+        EVPerr(EVP_F_R_32_12_16_INIT_KEY, EVP_R_BAD_KEY_LENGTH);
+        return 0;
+    }
     RC5_32_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
                    key, data(ctx)->rounds);
     return 1;
author	Matt Caswell <matt@openssl.org>	2019-04-26 12:11:13 +0100
committer	Matt Caswell <matt@openssl.org>	2019-07-01 10:18:37 +0100
commit	792cb4ee8d82e4b063f707fc9f4992271ffd65ab (patch)
tree	156e8395a325dd9503a17a02326a07c0a4034f43 /crypto/evp/e_rc5.c
parent	08607613d573de9e3e021227506759f4f58debc6 (diff)