From c7c1c64007fe902cfece50992a17362d8b3e76b4 Mon Sep 17 00:00:00 2001 From: Andreas Karlsson Date: Mon, 5 May 2025 13:08:06 +0200 Subject: [PATCH] Assert that we intiialized ciphers before we use them --- contrib/pg_tde/src/encryption/enc_aes.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/contrib/pg_tde/src/encryption/enc_aes.c b/contrib/pg_tde/src/encryption/enc_aes.c index 5f87220c50a..f555c65ec22 100644 --- a/contrib/pg_tde/src/encryption/enc_aes.c +++ b/contrib/pg_tde/src/encryption/enc_aes.c @@ -41,9 +41,9 @@ * 16 byte blocks. */ -static const EVP_CIPHER *cipher_cbc; -static const EVP_CIPHER *cipher_gcm; -static const EVP_CIPHER *cipher_ctr_ecb; +static const EVP_CIPHER *cipher_cbc = NULL; +static const EVP_CIPHER *cipher_gcm = NULL; +static const EVP_CIPHER *cipher_ctr_ecb = NULL; void AesInit(void) @@ -69,6 +69,8 @@ AesRunCtr(EVP_CIPHER_CTX **ctxPtr, int enc, const unsigned char *key, const unsi if (*ctxPtr == NULL) { + Assert(cipher_ctr_ecb != NULL); + *ctxPtr = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX_init(*ctxPtr); @@ -93,6 +95,7 @@ AesRunCbc(int enc, const unsigned char *key, const unsigned char *iv, const unsi int out_len_final; EVP_CIPHER_CTX *ctx = NULL; + Assert(cipher_cbc != NULL); Assert(in_len % EVP_CIPHER_block_size(cipher_cbc) == 0); ctx = EVP_CIPHER_CTX_new(); @@ -142,6 +145,7 @@ AesGcmEncrypt(const unsigned char *key, const unsigned char *iv, const unsigned int out_len_final; EVP_CIPHER_CTX *ctx; + Assert(cipher_gcm != NULL); Assert(in_len % EVP_CIPHER_block_size(cipher_gcm) == 0); ctx = EVP_CIPHER_CTX_new();