Only use explicit IV if cipher is in CBC mode.

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index a1fec62df805e96e7946fa2f816088b413649581..521a4da78fd886cc43426d625ca1672131f9e7d8 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -741,7 +741,8 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
        plen=p; 
        p+=2;
        /* Explicit IV length, block ciphers and TLS version 1.1 or later */
-       if (s->enc_write_ctx && s->version >= TLS1_1_VERSION)
+       if (s->enc_write_ctx && s->version >= TLS1_1_VERSION
+               && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE)
                {
                eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
                if (eivlen <= 1)

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 3614b8a30ec78f856c60fb6d6358be1e1fdaab4d..34b300161d5fcc97495456cae98de8b393f5a9c5 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -661,7 +661,8 @@ int tls1_enc(SSL *s, int send)
                        int ivlen;
                        enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
                        /* For TLSv1.1 and later explicit IV */
-                       if (s->version >= TLS1_1_VERSION)
+                       if (s->version >= TLS1_1_VERSION
+                               && EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
                                ivlen = EVP_CIPHER_iv_length(enc);
                        else
                                ivlen = 0;
@@ -807,7 +808,8 @@ int tls1_enc(SSL *s, int send)
                                        }
                                }
                        rec->length -=i;
-                       if (s->version >= TLS1_1_VERSION)
+                       if (s->version >= TLS1_1_VERSION
+                               && EVP_CIPHER_CTX_mode(ds) == EVP_CIPH_CBC_MODE)
                                {
                                rec->data += bs;    /* skip the explicit IV */
                                rec->input += bs;