Added sanity check on padlock AES IV set.

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 22 Jul 2014 13:34:51 +0000 (15:34 +0200)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 22 Jul 2014 13:34:51 +0000 (15:34 +0200)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 22 Jul 2014 13:34:51 +0000 (15:34 +0200)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 22 Jul 2014 13:34:51 +0000 (15:34 +0200)
diff --git a/lib/accelerated/x86/aes-gcm-x86-pclmul.c b/lib/accelerated/x86/aes-gcm-x86-pclmul.c

index 1e52a70b18ab836013ad25bfd00fe4646ce961bb..47a6bfe19705ae8a7cf1e02cc5ba25f829925933 100644 (file)
--- a/lib/accelerated/x86/aes-gcm-x86-pclmul.c
+++ b/lib/accelerated/x86/aes-gcm-x86-pclmul.c
@@ -117,7 +117,7 @@ static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size)
         struct aes_gcm_ctx *ctx = _ctx;
  
         if (iv_size != GCM_BLOCK_SIZE - 4)
-               return GNUTLS_E_INVALID_REQUEST;
+               return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
  
         memset(ctx->gcm.Xi.c, 0, sizeof(ctx->gcm.Xi.c));
         memset(ctx->gcm.len.c, 0, sizeof(ctx->gcm.len.c));
diff --git a/lib/accelerated/x86/aes-padlock.c b/lib/accelerated/x86/aes-padlock.c

index 98cdfc274b0767d2a26971b67c85348ee2fba4a2..bccbd10d924dc5ad2f40bb527218648ec02d160f 100644 (file)
--- a/lib/accelerated/x86/aes-padlock.c
+++ b/lib/accelerated/x86/aes-padlock.c
@@ -115,6 +115,9 @@ static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
  
         pce = ALIGN16(&ctx->expanded_key);
  
+       if (iv_size < 16)
+               return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
         memcpy(pce->iv, iv, 16);
  
         return 0;
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 22 Jul 2014 13:34:51 +0000 (15:34 +0200)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 22 Jul 2014 13:34:51 +0000 (15:34 +0200)
lib/accelerated/x86/aes-gcm-x86-pclmul.c		patch \| blob \| blame \| history
lib/accelerated/x86/aes-padlock.c		patch \| blob \| blame \| history