summaryrefslogtreecommitdiffstats
path: root/providers
diff options
context:
space:
mode:
authorShane Lontis <shane.lontis@oracle.com>2020-05-02 05:51:35 +0200
committerShane Lontis <shane.lontis@oracle.com>2020-05-05 01:38:08 +0200
commit95cf64404cabac96f32e72b5673e2702627e6b4c (patch)
tree7bcd8aaec10d7c195b520778895bd001279bc8a1 /providers
parentAllow OSSL_PARAM_get_octet_string() to pass a NULL buffer (diff)
downloadopenssl-95cf64404cabac96f32e72b5673e2702627e6b4c.tar.xz
openssl-95cf64404cabac96f32e72b5673e2702627e6b4c.zip
Fix incorrect default keysize for CAST ofb and cfb modes.
Fixes #11459 It was incorrectly using 8 bytes instead of 16 as the default. This was verified by expanding the macros used in e_cast.c. The issue occurs if EVP_CIPHER_CTX_set_key_length() is not called. evp_test.c hides this issue as it always calls EVP_CIPHER_CTX_set_key_length() before using EVP_CipherInit_ex(...., key, ..). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11707)
Diffstat (limited to 'providers')
-rw-r--r--providers/implementations/ciphers/cipher_cast5.c8
-rw-r--r--providers/implementations/include/prov/implementations.h4
-rw-r--r--providers/legacyprov.c4
3 files changed, 8 insertions, 8 deletions
diff --git a/providers/implementations/ciphers/cipher_cast5.c b/providers/implementations/ciphers/cipher_cast5.c
index a9da32e761..566583d141 100644
--- a/providers/implementations/ciphers/cipher_cast5.c
+++ b/providers/implementations/ciphers/cipher_cast5.c
@@ -49,7 +49,7 @@ static void *cast5_dupctx(void *ctx)
IMPLEMENT_var_keylen_cipher(cast5, CAST, ecb, ECB, CAST5_FLAGS, 128, 64, 0, block)
/* cast5128cbc_functions */
IMPLEMENT_var_keylen_cipher(cast5, CAST, cbc, CBC, CAST5_FLAGS, 128, 64, 64, block)
-/* cast564ofb64_functions */
-IMPLEMENT_var_keylen_cipher(cast5, CAST, ofb64, OFB, CAST5_FLAGS, 64, 8, 64, stream)
-/* cast564cfb64_functions */
-IMPLEMENT_var_keylen_cipher(cast5, CAST, cfb64, CFB, CAST5_FLAGS, 64, 8, 64, stream)
+/* cast5128ofb64_functions */
+IMPLEMENT_var_keylen_cipher(cast5, CAST, ofb64, OFB, CAST5_FLAGS, 128, 8, 64, stream)
+/* cast5128cfb64_functions */
+IMPLEMENT_var_keylen_cipher(cast5, CAST, cfb64, CFB, CAST5_FLAGS, 128, 8, 64, stream)
diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h
index 8d35fba49c..1f761e0ec4 100644
--- a/providers/implementations/include/prov/implementations.h
+++ b/providers/implementations/include/prov/implementations.h
@@ -148,8 +148,8 @@ extern const OSSL_DISPATCH idea128cfb64_functions[];
#ifndef OPENSSL_NO_CAST
extern const OSSL_DISPATCH cast5128ecb_functions[];
extern const OSSL_DISPATCH cast5128cbc_functions[];
-extern const OSSL_DISPATCH cast564ofb64_functions[];
-extern const OSSL_DISPATCH cast564cfb64_functions[];
+extern const OSSL_DISPATCH cast5128ofb64_functions[];
+extern const OSSL_DISPATCH cast5128cfb64_functions[];
#endif /* OPENSSL_NO_CAST */
#ifndef OPENSSL_NO_SEED
extern const OSSL_DISPATCH seed128ecb_functions[];
diff --git a/providers/legacyprov.c b/providers/legacyprov.c
index c8ebc9c433..ca91093893 100644
--- a/providers/legacyprov.c
+++ b/providers/legacyprov.c
@@ -79,8 +79,8 @@ static const OSSL_ALGORITHM legacy_ciphers[] = {
#ifndef OPENSSL_NO_CAST
ALG("CAST5-ECB", cast5128ecb_functions),
ALG("CAST5-CBC:CAST-CBC:CAST", cast5128cbc_functions),
- ALG("CAST5-OFB", cast564ofb64_functions),
- ALG("CAST5-CFB", cast564cfb64_functions),
+ ALG("CAST5-OFB", cast5128ofb64_functions),
+ ALG("CAST5-CFB", cast5128cfb64_functions),
#endif /* OPENSSL_NO_CAST */
#ifndef OPENSSL_NO_BF
ALG("BF-ECB", blowfish128ecb_functions),