From 16b15f4fa4a15b71c7c926fe8125fcd0b253aa22 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 10 May 2019 18:41:17 +0000
Subject: Revert part of r1.36: in the case of GCM, gcm.key is assigned from
 aesni_gcm_init_key() via CRYPTO_gcm128_init(), so it needs to be copied
 over...

Fixes cryptofuzz issue #14352 and likely also #14374.

ok beck jsing
---
 src/lib/libcrypto/evp/e_aes.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index 25e69f9ae7..a1e94c8ff6 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.37 2019/04/14 17:27:42 jsing Exp $ */
+/* $OpenBSD: e_aes.c,v 1.38 2019/05/10 18:41:17 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -829,6 +829,12 @@ aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 		EVP_CIPHER_CTX *out = ptr;
 		EVP_AES_GCM_CTX *gctx_out = out->cipher_data;
 
+		if (gctx->gcm.key) {
+			if (gctx->gcm.key != &gctx->ks)
+				return 0;
+			gctx_out->gcm.key = &gctx_out->ks;
+		}
+
 		if (gctx->iv == c->iv) {
 			gctx_out->iv = out->iv;
 		} else {
-- 
cgit v1.2.3-55-g6feb