1 files changed, 16 insertions, 3 deletions

diff --git a/src/crypto/cipher/e_rc4.c b/src/crypto/cipher/e_rc4.c
index 04ddcb6..80dea36 100644
--- a/src/crypto/cipher/e_rc4.c
+++ b/src/crypto/cipher/e_rc4.c
@@ -299,7 +299,9 @@ static int aead_rc4_md5_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out,
     return 0;
   }
 
-  if (max_out_len < plaintext_len) {
+  if (max_out_len < in_len) {
+    /* This requires that the caller provide space for the MAC, even though it
+     * will always be removed on return. */
     OPENSSL_PUT_ERROR(CIPHER, aead_rc4_md5_tls_open, CIPHER_R_BUFFER_TOO_SMALL);
     return 0;
   }
@@ -372,13 +374,24 @@ static int aead_rc4_md5_tls_open(const EVP_AEAD_CTX *ctx, uint8_t *out,
   return 1;
 }
 
+static int aead_rc4_md5_tls_get_rc4_state(const EVP_AEAD_CTX *ctx,
+                                          const RC4_KEY **out_key) {
+  struct aead_rc4_md5_tls_ctx *rc4_ctx = ctx->aead_state;
+  *out_key = &rc4_ctx->rc4;
+  return 1;
+}
+
 static const EVP_AEAD aead_rc4_md5_tls = {
     16 + MD5_DIGEST_LENGTH, /* key len (RC4 + MD5) */
     0,                      /* nonce len */
     MD5_DIGEST_LENGTH,      /* overhead */
     MD5_DIGEST_LENGTH,      /* max tag length */
-    aead_rc4_md5_tls_init,  aead_rc4_md5_tls_cleanup,
-    aead_rc4_md5_tls_seal,  aead_rc4_md5_tls_open,
+    aead_rc4_md5_tls_init,
+    NULL, /* init_with_direction */
+    aead_rc4_md5_tls_cleanup,
+    aead_rc4_md5_tls_seal,
+    aead_rc4_md5_tls_open,
+    aead_rc4_md5_tls_get_rc4_state,
 };
 
 const EVP_AEAD *EVP_aead_rc4_md5_tls(void) { return &aead_rc4_md5_tls; }