mirror of
https://github.com/openssl/openssl.git
synced 2025-02-05 14:10:53 +08:00
a011523706
Fixes #20084 In the 3.0 provider implementation the generic code that handles IV's only allows a 12 byte IV. Older code intentionally added the ability for the IV to be truncated. As this truncation is unsafe, the documentation has been updated to state that this in no longer allowed. The code has been updated to produce an error when the iv length is set to any value other than 12. NOTE: It appears that this additional padding may have originated from the code which uses a 12 byte IV, that is then passed to CHACHA which zero pads it to 16 bytes. Note that legacy behaviour in e_chacha20_poly1305.c has not been updated. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20151) |
||
|---|---|---|
| .. | ||
| common | ||
| fips | ||
| implementations | ||
| baseprov.c | ||
| build.info | ||
| decoders.inc | ||
| defltprov.c | ||
| encoders.inc | ||
| fips-sources.checksums | ||
| fips.checksum | ||
| fips.module.sources | ||
| legacyprov.c | ||
| nullprov.c | ||
| prov_running.c | ||
| stores.inc | ||