diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-07-22 15:34:51 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-07-22 15:34:51 +0200 |
commit | 198db9095d6b2ce676f103cfbbe9446c452fa29b (patch) | |
tree | 1d0100cc48ab5d959175d0e989a3a89ba2693631 | |
parent | d97f6df513058cb785748e79c5376d62866399a0 (diff) | |
download | gnutls-198db9095d6b2ce676f103cfbbe9446c452fa29b.tar.gz |
Added sanity check on padlock AES IV set.
-rw-r--r-- | lib/accelerated/x86/aes-gcm-x86-pclmul.c | 2 | ||||
-rw-r--r-- | lib/accelerated/x86/aes-padlock.c | 3 |
2 files changed, 4 insertions, 1 deletions
diff --git a/lib/accelerated/x86/aes-gcm-x86-pclmul.c b/lib/accelerated/x86/aes-gcm-x86-pclmul.c index 1e52a70b18..47a6bfe197 100644 --- a/lib/accelerated/x86/aes-gcm-x86-pclmul.c +++ b/lib/accelerated/x86/aes-gcm-x86-pclmul.c @@ -117,7 +117,7 @@ static int aes_gcm_setiv(void *_ctx, const void *iv, size_t iv_size) struct aes_gcm_ctx *ctx = _ctx; if (iv_size != GCM_BLOCK_SIZE - 4) - return GNUTLS_E_INVALID_REQUEST; + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); memset(ctx->gcm.Xi.c, 0, sizeof(ctx->gcm.Xi.c)); memset(ctx->gcm.len.c, 0, sizeof(ctx->gcm.len.c)); diff --git a/lib/accelerated/x86/aes-padlock.c b/lib/accelerated/x86/aes-padlock.c index 98cdfc274b..bccbd10d92 100644 --- a/lib/accelerated/x86/aes-padlock.c +++ b/lib/accelerated/x86/aes-padlock.c @@ -115,6 +115,9 @@ static int aes_setiv(void *_ctx, const void *iv, size_t iv_size) pce = ALIGN16(&ctx->expanded_key); + if (iv_size < 16) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + memcpy(pce->iv, iv, 16); return 0; |