projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 320d96a) | patch
Allow oversized buffers for provider cipher IV fetch
authorBenjamin Kaduk <bkaduk@akamai.com>
Mon, 1 Jun 2020 19:31:55 +0000 (12:31 -0700)
committerBenjamin Kaduk <kaduk@mit.edu>
Sat, 20 Jun 2020 16:46:41 +0000 (09:46 -0700)
commit7cc5e0d283800c757e46d1476273d271120aa38d
tree85a647dca5e7125f20bc3dff00efe621aba70490tree | snapshot
parent320d96a32c16de1adbf11f76819fe738f24665b1commit | diff
Allow oversized buffers for provider cipher IV fetch

When we're fetching an IV, there's no need to enforce that the
provided buffer is exactly the same size as the IV we want to
write into it.  This might happen, for example, when
EVP_CIPHER_CTX_iv_noconst() passes sizeof(ctx->iv) (that is,
EVP_MAX_IV_LENGTH) for an AES-GCM cipher that uses a shorter IV.
AES-OCB and CCM were also affected.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12039)
providers/implementations/ciphers/cipher_aes_ocb.c diff | blob | history
providers/implementations/ciphers/ciphercommon_ccm.c diff | blob | history
providers/implementations/ciphers/ciphercommon_gcm.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.