From: Dr. Stephen Henson <steve@openssl.org>
Date: Mon, 21 Mar 2016 15:48:51 +0000 (+0000)
Subject: Always try to set ASN.1 parameters for CMS.
X-Git-Tag: OpenSSL_1_1_0-pre6~918
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3fd60dc42288591737a35a90368d72dbd00fdef8;p=thirdparty%2Fopenssl.git

Always try to set ASN.1 parameters for CMS.

Try to set the ASN.1 parameters for CMS encryption even if the IV
length is zero as the underlying cipher should still set the type.

This will correctly result in errors if an attempt is made to use
an unsupported cipher type.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index 23adc2ffdab..7d75f4b80de 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -176,17 +176,20 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
         goto err;
     }
 
-    if (piv) {
-        calg->parameter = ASN1_TYPE_new();
-        if (calg->parameter == NULL) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-            goto err;
-        }
+    calg->parameter = ASN1_TYPE_new();
+    if (calg->parameter == NULL) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+        goto err;
+    }
+    /* If paremeter type not set omit parameter */
+    if (calg->parameter->type == V_ASN1_UNDEF) {
+        ASN1_TYPE_free(calg->parameter);
+        calg->parameter = NULL;
     }
     ok = 1;