diff options
| author | Peiwei Hu <jlu.hpw@foxmail.com> | 2022-05-24 22:57:53 +0800 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-05-27 07:57:43 +0200 |
| commit | 8d9fec1781751d2106d899c6076eeb3da6930bfe (patch) | |
| tree | deec4da4593daac6aecf5cf605efaf1fd936a73b /crypto | |
| parent | 7e5e91176b770a68bdaf73a5c647f1fc0d7f2900 (diff) | |
Fix the incorrect checks of EVP_CIPHER_CTX_set_key_length
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18397)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/cmac/cmac.c | 4 | ||||
| -rw-r--r-- | crypto/evp/p_open.c | 2 | ||||
| -rw-r--r-- | crypto/pkcs7/pk7_doit.c | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c index 218eb94259..15968f74c4 100644 --- a/crypto/cmac/cmac.c +++ b/crypto/cmac/cmac.c @@ -137,9 +137,9 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, /* If anything fails then ensure we can't use this ctx */ ctx->nlast_block = -1; - if (!EVP_CIPHER_CTX_get0_cipher(ctx->cctx)) + if (EVP_CIPHER_CTX_get0_cipher(ctx->cctx) == NULL) return 0; - if (!EVP_CIPHER_CTX_set_key_length(ctx->cctx, keylen)) + if (EVP_CIPHER_CTX_set_key_length(ctx->cctx, keylen) <= 0) return 0; if (!EVP_EncryptInit_ex(ctx->cctx, NULL, NULL, key, zero_iv)) return 0; diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c index b08f271642..92fd20f6aa 100644 --- a/crypto/evp/p_open.c +++ b/crypto/evp/p_open.c @@ -50,7 +50,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, if (EVP_PKEY_decrypt(pctx, key, &keylen, ek, ekl) <= 0) goto err; - if (!EVP_CIPHER_CTX_set_key_length(ctx, keylen) + if (EVP_CIPHER_CTX_set_key_length(ctx, keylen) <= 0 || !EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv)) goto err; diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 441bf78bba..4a13070a0a 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -612,7 +612,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) * length. The key length is determined by the size of the * decrypted RSA key. */ - if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) { + if (EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen) <= 0) { /* Use random key as MMA defence */ OPENSSL_clear_free(ek, eklen); ek = tkey; |