mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-04-06 20:20:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

When changing IV length invalidate previously set IV

Browse Source 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22590)
This commit is contained in:
Tomas Mraz 2023-11-01 14:00:22 +01:00
parent b90662b4b0
commit eddbb78f4e
3 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
providers/implementations/ciphers/cipher_aes_ocb.c
View File

@ -385,7 +385,10 @@ static int aes_ocb_set_ctx_params(void *vctx, const OSSL_PARAM params[])
/* IV len must be 1 to 15 */
if (sz < OCB_MIN_IV_LEN || sz > OCB_MAX_IV_LEN)
return 0;
ctx->base.ivlen = sz;
if (ctx->base.ivlen != sz) {
ctx->base.ivlen = sz;
ctx->iv_state = IV_STATE_UNINITIALISED;
}
}
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
if (p != NULL) {

5
providers/implementations/ciphers/ciphercommon_ccm.c
View File

@ -109,7 +109,10 @@ int ossl_ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[])
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
return 0;
}
ctx->l = ivlen;
if (ctx->l != ivlen) {
ctx->l = ivlen;
ctx->iv_set = 0;
}
}
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD);

7
providers/implementations/ciphers/ciphercommon_gcm.c
View File

@ -280,7 +280,12 @@ int ossl_gcm_set_ctx_params(void *vctx, const OSSL_PARAM params[])
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
return 0;
}
ctx->ivlen = sz;
if (ctx->ivlen != sz) {
/* If the iv was already set or autogenerated, it is invalid. */
if (ctx->iv_state != IV_STATE_UNINITIALISED)
ctx->iv_state = IV_STATE_FINISHED;
ctx->ivlen = sz;
}
break;
case PIDX_CIPHER_PARAM_AEAD_TLS1_AAD: