diff options
| -rw-r--r-- | src/openssl.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/openssl.c b/src/openssl.c index e91e270..01bf2c8 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
| @@ -6450,13 +6450,19 @@ static const EVP_CIPHER *cipher_checktype(lua_State *L, int index) { | |||
| 6450 | static int cipher_new(lua_State *L) { | 6450 | static int cipher_new(lua_State *L) { |
| 6451 | const EVP_CIPHER *type; | 6451 | const EVP_CIPHER *type; |
| 6452 | EVP_CIPHER_CTX *ctx; | 6452 | EVP_CIPHER_CTX *ctx; |
| 6453 | unsigned char key[EVP_MAX_KEY_LENGTH] = { 0 }; | ||
| 6453 | 6454 | ||
| 6454 | type = cipher_checktype(L, 1); | 6455 | type = cipher_checktype(L, 1); |
| 6455 | 6456 | ||
| 6456 | ctx = prepudata(L, sizeof *ctx, CIPHER_CLASS, NULL); | 6457 | ctx = prepudata(L, sizeof *ctx, CIPHER_CLASS, NULL); |
| 6457 | EVP_CIPHER_CTX_init(ctx); | 6458 | EVP_CIPHER_CTX_init(ctx); |
| 6458 | 6459 | ||
| 6459 | if (!EVP_CipherInit_ex(ctx, type, NULL, NULL, NULL, -1)) | 6460 | /* |
| 6461 | * NOTE: For some ciphers like AES calling :update or :final without | ||
| 6462 | * setting a key causes a SEGV. Set a dummy key here. Same solution | ||
| 6463 | * as used by Ruby OSSL. | ||
| 6464 | */ | ||
| 6465 | if (!EVP_CipherInit_ex(ctx, type, NULL, key, NULL, -1)) | ||
| 6460 | return auxL_error(L, auxL_EOPENSSL, "cipher.new"); | 6466 | return auxL_error(L, auxL_EOPENSSL, "cipher.new"); |
| 6461 | 6467 | ||
| 6462 | return 1; | 6468 | return 1; |