root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

krb5kdf.c.in: Check the key size before applying the key 

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28663)
This commit is contained in:
Tomas Mraz 2025-09-25 14:19:22 +02:00 committed by Neil Horman
parent c18b6968cc
commit 3addc8bb3a
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
providers/implementations/kdfs/krb5kdf.c.in
View File

@ -359,7 +359,7 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
{ {
int klen, ret; int klen, ret;
ret = EVP_EncryptInit_ex(ctx, cipher, engine, key, NULL); ret = EVP_EncryptInit_ex(ctx, cipher, engine, NULL, NULL);
if (!ret) if (!ret)
goto out; goto out;
/* set the key len for the odd variable key len cipher */ /* set the key len for the odd variable key len cipher */
@ -371,6 +371,9 @@ static int cipher_init(EVP_CIPHER_CTX *ctx,
goto out; goto out;
} }
} }
ret = EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
if (!ret)
goto out;
/* we never want padding, either the length requested is a multiple of /* we never want padding, either the length requested is a multiple of
* the cipher block size or we are passed a cipher that can cope with * the cipher block size or we are passed a cipher that can cope with
* partial blocks via techniques like cipher text stealing */ * partial blocks via techniques like cipher text stealing */