diff options
| author | Matt Caswell <matt@openssl.org> | 2022-04-15 10:22:59 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2022-05-03 10:54:29 +0100 |
| commit | 7d56a74a96828985db7354a55227a511615f732b (patch) | |
| tree | 5cee38d155f01c5034a632d632cac770f3c3cd76 /providers/implementations | |
| parent | 55c80c222293a972587004c185dc5653ae207a0e (diff) | |
Fix the RC4-MD5 cipher
A copy&paste error meant that the RC4-MD5 cipher (used in TLS) used the TLS
AAD data as the MAC key.
CVE-2022-1434
Fixes #18112
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'providers/implementations')
| -rw-r--r-- | providers/implementations/ciphers/cipher_rc4_hmac_md5.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c index b915122a39..fc11c80a86 100644 --- a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c +++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c @@ -183,7 +183,7 @@ static int rc4_hmac_md5_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } ctx->tls_aad_pad_sz = sz; } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); + p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY); if (p != NULL) { if (p->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); |