diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2020-04-30 18:43:12 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2020-04-30 18:43:12 +0000 |
| commit | 4ab7118bc733901ffaa29cb9104444937963d440 (patch) | |
| tree | 6a62e5a00bee5f23ae9707688df5a4db8092af7b /lib | |
| parent | 89df98f9c709c884e8e1a9d3b9afe2fe78569402 (diff) | |
Disallow setting the AES-GCM IV length to 0
It is possible to do this by abusing the EVP_CTRL_INIT API.
Pointed out by jsing.
ok inoguchi jsing (as part of a larger diff)
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/evp/e_aes.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/libcrypto/evp/e_aes.c b/lib/libcrypto/evp/e_aes.c index e1b53c2ce79..80eba802445 100644 --- a/lib/libcrypto/evp/e_aes.c +++ b/lib/libcrypto/evp/e_aes.c @@ -1,4 +1,4 @@ -/* $OpenBSD: e_aes.c,v 1.40 2020/04/27 19:31:02 tb Exp $ */ +/* $OpenBSD: e_aes.c,v 1.41 2020/04/30 18:43:11 tb Exp $ */ /* ==================================================================== * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. * @@ -721,6 +721,10 @@ aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) case EVP_CTRL_INIT: gctx->key_set = 0; gctx->iv_set = 0; + if (c->cipher->iv_len == 0) { + EVPerror(EVP_R_INVALID_IV_LENGTH); + return 0; + } gctx->ivlen = c->cipher->iv_len; gctx->iv = c->iv; gctx->taglen = -1; |