diff options
author | Matt Caswell <matt@openssl.org> | 2019-04-10 13:23:58 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-04-19 09:31:54 +0100 |
commit | 344cfa34e5b07f8b8b7f1e70f47f5d265c9c1185 (patch) | |
tree | 1c5ba1144f14efc8f91f91771c0af92e5c1db297 /providers | |
parent | 819a7ae9fc7721f675757c0925821f91b20dfc8f (diff) | |
download | openssl-344cfa34e5b07f8b8b7f1e70f47f5d265c9c1185.tar.gz |
Add iv length and key length params to the cipher init calls
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8700)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/common/ciphers/aes.c | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/providers/common/ciphers/aes.c b/providers/common/ciphers/aes.c index 285fea6ea9..21ecc2b14a 100644 --- a/providers/common/ciphers/aes.c +++ b/providers/common/ciphers/aes.c @@ -17,35 +17,49 @@ #include "internal/provider_algs.h" #include "ciphers_locl.h" -static void PROV_AES_KEY_generic_init(PROV_AES_KEY *ctx, +static int PROV_AES_KEY_generic_init(PROV_AES_KEY *ctx, const unsigned char *iv, + size_t ivlen, int enc) { - if (iv != NULL) + if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) { + if (ivlen != AES_BLOCK_SIZE) + return 0; memcpy(ctx->iv, iv, AES_BLOCK_SIZE); + } ctx->enc = enc; + + return 1; } -static int aes_einit(void *vctx, const unsigned char *key, - const unsigned char *iv) +static int aes_einit(void *vctx, const unsigned char *key, size_t keylen, + const unsigned char *iv, size_t ivlen) { PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx; - PROV_AES_KEY_generic_init(ctx, iv, 1); - if (key != NULL) + if (!PROV_AES_KEY_generic_init(ctx, iv, ivlen, 1)) + return 0; + if (key != NULL) { + if (keylen != ctx->keylen) + return 0; return ctx->ciph->init(ctx, key, ctx->keylen); + } return 1; } -static int aes_dinit(void *vctx, const unsigned char *key, - const unsigned char *iv) +static int aes_dinit(void *vctx, const unsigned char *key, size_t keylen, + const unsigned char *iv, size_t ivlen) { PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx; - PROV_AES_KEY_generic_init(ctx, iv, 0); - if (key != NULL) + if (!PROV_AES_KEY_generic_init(ctx, iv, ivlen, 0)) + return 0; + if (key != NULL) { + if (keylen != ctx->keylen) + return 0; return ctx->ciph->init(ctx, key, ctx->keylen); + } return 1; } |