From 8f88399ffc04e675212d44c1ed813724fafdb50c Mon Sep 17 00:00:00 2001 From: Linus Yang Date: Sat, 15 Mar 2014 15:29:41 +0800 Subject: [PATCH] darwin: applecc: fix iv not randomized issue --- src/encrypt.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/src/encrypt.c b/src/encrypt.c index fbdd8519..7b6b10a0 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -517,6 +517,14 @@ void cipher_context_init(cipher_ctx_t *ctx, int method, int enc) void cipher_context_set_iv(cipher_ctx_t *ctx, uint8_t *iv, size_t iv_len, int enc) { + if (iv == NULL) { + LOGE("cipher_context_set_iv(): IV is null"); + return; + } + if (enc) { + rand_bytes(iv, iv_len); + } + #ifdef USE_CRYPTO_APPLECC cipher_cc_t *cc = &ctx->cc; if (cc->valid == kCCContextValid) { @@ -551,13 +559,10 @@ void cipher_context_set_iv(cipher_ctx_t *ctx, uint8_t *iv, size_t iv_len, int en #endif cipher_evp_t *evp = &ctx->evp; - if (evp == NULL || iv == NULL) { - LOGE("cipher_context_set_keyiv(): Cipher context or IV is null"); + if (evp == NULL) { + LOGE("cipher_context_set_iv(): Cipher context is null"); return; } - if (enc) { - rand_bytes(iv, iv_len); - } #if defined(USE_CRYPTO_OPENSSL) if (!EVP_CipherInit_ex(evp, NULL, NULL, enc_key, iv, enc)) { EVP_CIPHER_CTX_cleanup(evp); @@ -612,7 +617,6 @@ void cipher_context_release(cipher_ctx_t *ctx) { static int cipher_context_update(cipher_ctx_t *ctx, uint8_t *output, int *olen, const uint8_t *input, int ilen) { - cipher_evp_t *evp = &ctx->evp; #ifdef USE_CRYPTO_APPLECC cipher_cc_t *cc = &ctx->cc; if (cc->valid == kCCContextValid) { @@ -621,6 +625,7 @@ static int cipher_context_update(cipher_ctx_t *ctx, uint8_t *output, int *olen, return (ret == kCCSuccess) ? 1 : 0; } #endif + cipher_evp_t *evp = &ctx->evp; #if defined(USE_CRYPTO_OPENSSL) return EVP_CipherUpdate(evp, (uint8_t *) output, olen, (const uint8_t *) input, (size_t) ilen);