1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
From b1a4775310a4e30d8fd5c1cc91e60971f922e64a Mon Sep 17 00:00:00 2001
From: Zbigniew Halas <zhalas@gmail.com>
Date: Wed, 27 Feb 2013 23:44:02 +0000
Subject: [PATCH] epass2003: properly disable padding
EVP_CIPHER_CTX_set_padding needs to be called after EVP_EncryptInit_ex
and EVP_DecryptInit_ex, otherwise padding is re-enabled, which in turn
causes buffer overruns
---
src/libopensc/card-epass2003.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/libopensc/card-epass2003.c b/src/libopensc/card-epass2003.c
index 80088b9..6f04573 100644
--- a/src/libopensc/card-epass2003.c
+++ b/src/libopensc/card-epass2003.c
@@ -117,8 +117,8 @@
memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH);
EVP_CIPHER_CTX_init(&ctx);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
EVP_EncryptInit_ex(&ctx, cipher, NULL, key, iv_tmp);
+ EVP_CIPHER_CTX_set_padding(&ctx, 0);
if (!EVP_EncryptUpdate(&ctx, output, &outl, input, length))
goto out;
@@ -146,8 +146,8 @@
memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH);
EVP_CIPHER_CTX_init(&ctx);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
EVP_DecryptInit_ex(&ctx, cipher, NULL, key, iv_tmp);
+ EVP_CIPHER_CTX_set_padding(&ctx, 0);
if (!EVP_DecryptUpdate(&ctx, output, &outl, input, length))
goto out;
--
1.8.4
|
