lib:crypto: Change error return to SMB_ASSERT()

Getting an HMAC too long to fit our array is a programming error. It
should always be 64 bytes exactly.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

1 files changed, 6 insertions, 8 deletions

diff --git a/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c b/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
index e0877a03f52..2e37dcd23aa 100644
--- a/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
+++ b/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
@@ -113,6 +113,12 @@ samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt(TALLOC_CTX *mem_ctx,
 	NTSTATUS status;
 	int rc;
 
+	/*
+	 * We don't want to overflow 'pauth_tag', which is 64 bytes in
+	 * size.
+	 */
+	SMB_ASSERT(hmac_size == 64);
+
 	if (plaintext->length == 0 || cek->length == 0 ||
 	    key_salt->length == 0 || mac_salt->length == 0 || iv->length == 0) {
 		return NT_STATUS_INVALID_PARAMETER;
@@ -124,14 +130,6 @@ samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt(TALLOC_CTX *mem_ctx,
 	 * TODO: Use gnutls_cipher_encrypt3()
 	 */
 
-	if (hmac_size > 64) {
-		/*
-		 * We don't want to overflow 'pauth_tag', which is 64 bytes in
-		 * size.
-		 */
-		return NT_STATUS_INVALID_BUFFER_SIZE;
-	}
-
 	if (plaintext->length + aes_block_size < plaintext->length) {
 		return NT_STATUS_INVALID_BUFFER_SIZE;
 	}