diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-08-01 15:38:11 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-08-12 13:54:56 +0100 |
commit | 2acdef5e97977958e9bb3b4a139039599ef1aefe (patch) | |
tree | 4fef3f727bd3c671cd077f8fcd4df1b7b34a29ba /crypto | |
parent | 891eac4604b5f05413e59602fae1f11136f4719a (diff) |
Return error for unsupported modes.
PR#3974
PR#3975
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/evp/evp_lib.c | 35 |
1 files changed, 30 insertions, 5 deletions
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index 1fdde9ae4d..5ee3dcb700 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -68,11 +68,22 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->set_asn1_parameters != NULL) ret = c->cipher->set_asn1_parameters(c, type); else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) { - if (EVP_CIPHER_CTX_mode(c) == EVP_CIPH_WRAP_MODE) { + switch (EVP_CIPHER_CTX_mode(c)) { + case EVP_CIPH_WRAP_MODE: ASN1_TYPE_set(type, V_ASN1_NULL, NULL); ret = 1; - } else + break; + + case EVP_CIPH_GCM_MODE: + case EVP_CIPH_CCM_MODE: + case EVP_CIPH_XTS_MODE: + case EVP_CIPH_OCB_MODE: + ret = -1; + break; + + default: ret = EVP_CIPHER_set_asn1_iv(c, type); + } } else ret = -1; return (ret); @@ -85,9 +96,23 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) if (c->cipher->get_asn1_parameters != NULL) ret = c->cipher->get_asn1_parameters(c, type); else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) { - if (EVP_CIPHER_CTX_mode(c) == EVP_CIPH_WRAP_MODE) - return 1; - ret = EVP_CIPHER_get_asn1_iv(c, type); + switch (EVP_CIPHER_CTX_mode(c)) { + + case EVP_CIPH_WRAP_MODE: + ret = 1; + break; + + case EVP_CIPH_GCM_MODE: + case EVP_CIPH_CCM_MODE: + case EVP_CIPH_XTS_MODE: + case EVP_CIPH_OCB_MODE: + ret = -1; + break; + + default: + ret = EVP_CIPHER_get_asn1_iv(c, type); + break; + } } else ret = -1; return (ret); |