diff options
| -rw-r--r-- | src/lib/libcrypto/cmac/cmac.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/lib/libcrypto/cmac/cmac.c b/src/lib/libcrypto/cmac/cmac.c index f653219b8f..0df40277bc 100644 --- a/src/lib/libcrypto/cmac/cmac.c +++ b/src/lib/libcrypto/cmac/cmac.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cmac.c,v 1.16 2023/11/29 21:35:57 tb Exp $ */ | 1 | /* $OpenBSD: cmac.c,v 1.17 2023/12/15 13:45:05 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -191,6 +191,13 @@ CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, | |||
| 191 | 191 | ||
| 192 | /* Initialise context. */ | 192 | /* Initialise context. */ |
| 193 | if (cipher != NULL) { | 193 | if (cipher != NULL) { |
| 194 | /* | ||
| 195 | * Disallow ciphers for which EVP_Cipher() behaves differently. | ||
| 196 | * These are AEAD ciphers (or AES keywrap) for which the CMAC | ||
| 197 | * construction makes little sense. | ||
| 198 | */ | ||
| 199 | if ((cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0) | ||
| 200 | return 0; | ||
| 194 | if (!EVP_EncryptInit_ex(&ctx->cctx, cipher, NULL, NULL, NULL)) | 201 | if (!EVP_EncryptInit_ex(&ctx->cctx, cipher, NULL, NULL, NULL)) |
| 195 | return 0; | 202 | return 0; |
| 196 | } | 203 | } |