ofz#4929 ensure min input len for openssl ciphers

openssl is not the default backend Change-Id: Id7bd77c1a12a15c0ebb4e7d758362c7778bfc2fd Reviewed-on: https://gerrit.libreoffice.org/47349Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>

ofz#4929 ensure min input len for openssl ciphers
openssl is not the default backend Change-Id: Id7bd77c1a12a15c0ebb4e7d758362c7778bfc2fd Reviewed-on: https://gerrit.libreoffice.org/47349Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
e11ff5a4 · Caolán McNamara · 3071ba2a · e11ff5a4
Kaydet (Commit) e11ff5a4 authored Ock 03, 2018 tarafından Caolán McNamara
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 0 deletions

CryptTools.cxx oox/source/crypto/CryptTools.cxx +10 -0

No files found.
--- a/oox/source/crypto/CryptTools.cxx
+++ b/oox/source/crypto/CryptTools.cxx
@@ -128,10 +128,20 @@ Decrypt::Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto

    const EVP_CIPHER* cipher = getCipher(type);

+    const size_t nMinKeySize = EVP_CIPHER_key_length(cipher);
+    if (key.size() < nMinKeySize)
+        key.resize(nMinKeySize, 0);
+
    if (iv.empty())
        EVP_DecryptInit_ex(&mContext, cipher, nullptr, key.data(), 0);
    else
+    {
+        const size_t nMinIVSize = EVP_CIPHER_iv_length(cipher);
+        if (iv.size() < nMinIVSize)
+            iv.resize(nMinIVSize, 0);
+
        EVP_DecryptInit_ex(&mContext, cipher, nullptr, key.data(), iv.data());
+    }
    EVP_CIPHER_CTX_set_padding(&mContext, 0);
 #endif