diff options
| author | Andy Polyakov <appro@openssl.org> | 2012-04-15 16:14:22 +0200 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2012-04-15 16:14:22 +0200 |
| commit | fc90e42c8623af13308d8ef7e7ada84af0a36509 (patch) | |
| tree | 4a1e5965220812bd88b366e661908d91305caa8e /crypto/evp/e_aes_cbc_hmac_sha1.c | |
| parent | ghash-s390x.pl: fix typo [that can induce SEGV in 31-bit build]. (diff) | |
| download | openssl-fc90e42c8623af13308d8ef7e7ada84af0a36509.tar.xz openssl-fc90e42c8623af13308d8ef7e7ada84af0a36509.zip | |
e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag
countermeasure.
PR: 2778
Diffstat (limited to 'crypto/evp/e_aes_cbc_hmac_sha1.c')
| -rw-r--r-- | crypto/evp/e_aes_cbc_hmac_sha1.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c index 43fc26d0d1..a5034d72c0 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c @@ -82,6 +82,8 @@ typedef struct } aux; } EVP_AES_HMAC_SHA1; +#define NO_PAYLOAD_LENGTH ((size_t)-1) + #if defined(AES_ASM) && ( \ defined(__x86_64) || defined(__x86_64__) || \ defined(_M_AMD64) || defined(_M_X64) || \ @@ -123,7 +125,7 @@ static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, key->tail = key->head; key->md = key->head; - key->payload_length = 0; + key->payload_length = NO_PAYLOAD_LENGTH; return ret<0?0:1; } @@ -184,7 +186,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (len%AES_BLOCK_SIZE) return 0; if (ctx->encrypt) { - if (plen==0) + if (plen==NO_PAYLOAD_LENGTH) plen = len; else if (len!=((plen+SHA_DIGEST_LENGTH+AES_BLOCK_SIZE)&-AES_BLOCK_SIZE)) return 0; @@ -270,7 +272,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } } - key->payload_length = 0; + key->payload_length = NO_PAYLOAD_LENGTH; return 1; } |