From 6699b5e59aaa5f4b214c1135d3504243bd1c67aa Mon Sep 17 00:00:00 2001
From: Love Hornquist Astrand <lha@h5l.org>
Date: Thu, 30 Sep 2010 00:20:52 -0700
Subject: [PATCH] get padding size right

---
 lib/hx509/crypto.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/lib/hx509/crypto.c b/lib/hx509/crypto.c
index f15a2d985..09a93f0ae 100644
--- a/lib/hx509/crypto.c
+++ b/lib/hx509/crypto.c
@@ -2488,7 +2488,7 @@ hx509_crypto_encrypt(hx509_crypto crypto,
 		     heim_octet_string **ciphertext)
 {
     EVP_CIPHER_CTX evp;
-    size_t padsize;
+    size_t padsize, bsize;
     int ret;
 
     *ciphertext = NULL;
@@ -2516,14 +2516,16 @@ hx509_crypto_encrypt(hx509_crypto crypto,
     }
 
     assert(crypto->flags & PADDING_FLAGS);
+
+    bsize = EVP_CIPHER_block_size(crypto->c);
+    padsize = 0;
+
     if (crypto->flags & PADDING_NONE) {
-	padsize = 0;
+	if (bsize != 1 && (length % bsize) != 0)
+	    return HX509_CMS_PADDING_ERROR;
     } else if (crypto->flags & PADDING_PKCS7) {
-	if (EVP_CIPHER_block_size(crypto->c) == 1) {
-	} else {
-	    int bsize = EVP_CIPHER_block_size(crypto->c);
+	if (bsize != 1)
 	    padsize = bsize - (length % bsize);
-	}
     }
 
     (*ciphertext)->length = length + padsize;