mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Make sure we handle input NULL with length 0

Browse Source 
If we call EVP_EncryptUpdate/EVP_DecryptUpdate with length 0 we should
be able to handle it. Most importantly we shouldn't get different
results if we do this compared to if we don't!

An exception is made for CCM mode which has special handling for this in
the low level cipher function.

Fixes #8675

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10530)
This commit is contained in:
Matt Caswell 2019-11-27 16:06:34 +00:00
parent cff64af553
commit 4b9c750be8
7 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
providers/common/ciphers/cipher_common.c
View File

@ -291,6 +291,11 @@ int cipher_generic_stream_update(void *vctx, unsigned char *out, size_t *outl,
{
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
if (inl == 0) {
*outl = 0;
return 1;
}
if (outsize < inl) {
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;

5
providers/common/ciphers/cipher_gcm.c
View File

@ -210,6 +210,11 @@ int gcm_stream_update(void *vctx, unsigned char *out, size_t *outl,
{
PROV_GCM_CTX *ctx = (PROV_GCM_CTX *)vctx;
if (inl == 0) {
*outl = 0;
return 1;
}
if (outsize < inl) {
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return -1;

5
providers/implementations/ciphers/cipher_aes_ocb.c
View File

@ -214,6 +214,11 @@ static int aes_ocb_block_update(void *vctx, unsigned char *out, size_t *outl,
if (!ctx->key_set || !update_iv(ctx))
return 0;
if (inl == 0) {
*outl = 0;
return 1;
}
/* Are we dealing with AAD or normal data here? */
if (out == NULL) {
buf = ctx->aad_buf;

5
providers/implementations/ciphers/cipher_aes_siv.c
View File

@ -76,6 +76,11 @@ static int siv_cipher(void *vctx, unsigned char *out, size_t *outl,
{
PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx;
if (inl == 0) {
*outl = 0;
return 1;
}
if (outsize < inl) {
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;

5
providers/implementations/ciphers/cipher_aes_wrp.c
View File

@ -164,6 +164,11 @@ static int aes_wrap_cipher(void *vctx,
PROV_AES_WRAP_CTX *ctx = (PROV_AES_WRAP_CTX *)vctx;
size_t len;
if (inl == 0) {
*outl = 0;
return 1;
}
if (outsize < inl) {
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return -1;

5
providers/implementations/ciphers/cipher_chacha20_poly1305.c
View File

@ -262,6 +262,11 @@ static int chacha20_poly1305_cipher(void *vctx, unsigned char *out,
PROV_CIPHER_HW_CHACHA20_POLY1305 *hw =
(PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw;
if (inl == 0) {
*outl = 0;
return 1;
}
if (outsize < inl) {
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;

2
providers/implementations/ciphers/cipher_tdes_wrap.c
View File

@ -145,6 +145,8 @@ static int tdes_wrap_update(void *vctx, unsigned char *out, size_t *outl,
size_t inl)
{
*outl = 0;
if (inl == 0)
return 1;
if (outsize < inl) {
PROVerr(0, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;