diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-22 14:23:14 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-22 14:37:46 +0200 |
commit | c2d0881f72cc483e1fc072406a2c8e5df2f17109 (patch) | |
tree | 13184debbde5886e4e48a5107838906ed46441d8 /lib/crypto-api.c | |
parent | 165b050f957c698e8594eb1e36408ff1ed732e17 (diff) | |
download | gnutls-c2d0881f72cc483e1fc072406a2c8e5df2f17109.tar.gz |
crypto-api: refuse to run gnutls_cipher_init() in full AEAD modes
That is, there are AEAD modes like CCM that can only be used through
the AEAD API. Always refuse calls to gnutls_cipher_init() in these
modes.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/crypto-api.c')
-rw-r--r-- | lib/crypto-api.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/crypto-api.c b/lib/crypto-api.c index 6b3b065f08..1a0b13b90c 100644 --- a/lib/crypto-api.c +++ b/lib/crypto-api.c @@ -62,7 +62,7 @@ gnutls_cipher_init(gnutls_cipher_hd_t * handle, const cipher_entry_st* e; e = cipher_to_entry(cipher); - if (e == NULL) + if (e == NULL || e->only_aead) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); *handle = gnutls_calloc(1, sizeof(api_cipher_hd_st)); |