mirror of
https://github.com/openssl/openssl.git
synced 2025-01-27 04:14:10 +08:00
Make sure we handle input NULL with length 0
If we call EVP_EncryptUpdate/EVP_DecryptUpdate with length 0 we should be able to handle it. Most importantly we shouldn't get different results if we do this compared to if we don't! An exception is made for CCM mode which has special handling for this in the low level cipher function. Fixes #8675 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10530)
This commit is contained in:
parent
cff64af553
commit
4b9c750be8
@ -291,6 +291,11 @@ int cipher_generic_stream_update(void *vctx, unsigned char *out, size_t *outl,
|
||||
{
|
||||
PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
||||
|
||||
if (inl == 0) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (outsize < inl) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
|
@ -210,6 +210,11 @@ int gcm_stream_update(void *vctx, unsigned char *out, size_t *outl,
|
||||
{
|
||||
PROV_GCM_CTX *ctx = (PROV_GCM_CTX *)vctx;
|
||||
|
||||
if (inl == 0) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (outsize < inl) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return -1;
|
||||
|
@ -214,6 +214,11 @@ static int aes_ocb_block_update(void *vctx, unsigned char *out, size_t *outl,
|
||||
if (!ctx->key_set || !update_iv(ctx))
|
||||
return 0;
|
||||
|
||||
if (inl == 0) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* Are we dealing with AAD or normal data here? */
|
||||
if (out == NULL) {
|
||||
buf = ctx->aad_buf;
|
||||
|
@ -76,6 +76,11 @@ static int siv_cipher(void *vctx, unsigned char *out, size_t *outl,
|
||||
{
|
||||
PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx;
|
||||
|
||||
if (inl == 0) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (outsize < inl) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
|
@ -164,6 +164,11 @@ static int aes_wrap_cipher(void *vctx,
|
||||
PROV_AES_WRAP_CTX *ctx = (PROV_AES_WRAP_CTX *)vctx;
|
||||
size_t len;
|
||||
|
||||
if (inl == 0) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (outsize < inl) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return -1;
|
||||
|
@ -262,6 +262,11 @@ static int chacha20_poly1305_cipher(void *vctx, unsigned char *out,
|
||||
PROV_CIPHER_HW_CHACHA20_POLY1305 *hw =
|
||||
(PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw;
|
||||
|
||||
if (inl == 0) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (outsize < inl) {
|
||||
ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
|
@ -145,6 +145,8 @@ static int tdes_wrap_update(void *vctx, unsigned char *out, size_t *outl,
|
||||
size_t inl)
|
||||
{
|
||||
*outl = 0;
|
||||
if (inl == 0)
|
||||
return 1;
|
||||
if (outsize < inl) {
|
||||
PROVerr(0, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
|
||||
return 0;
|
||||
|
Loading…
Reference in New Issue
Block a user