From: Shane Lontis <shane.lontis@oracle.com>
Date: Wed, 18 Nov 2020 09:49:19 +0000 (+1000)
Subject: Fix EVP_CIPHER_CTX_set_padding for legacy path
X-Git-Tag: openssl-3.0.0-alpha10~253
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=719bc0e826317d22c0687cf919e97749fa53d54a;p=thirdparty%2Fopenssl.git

Fix EVP_CIPHER_CTX_set_padding for legacy path

Fixes #13057

When using an engine, there is no cipher->prov so a call to
EVP_CIPHER_CTX_set_padding() returns an error when
evp_do_ciph_ctx_setparams() is called. For the legacy path it needs to
avoid doing the call and just return 1.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13437)
---

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index f439e8d61d9..7818ab25ea2 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -948,6 +948,8 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
     else
         ctx->flags |= EVP_CIPH_NO_PADDING;
 
+    if (ctx->cipher != NULL && ctx->cipher->prov == NULL)
+        return 1;
     params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_PADDING, &pd);
     ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);