}
}
+ /*
+ * TODO(3.0) Temporary solution to address fuzz test crash, which will be
+ * reworked once the discussion in PR #9510 is resolved. i.e- We need a
+ * general solution for handling missing parameters inside set_params and
+ * get_params methods.
+ */
+ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
+ if (p != NULL) {
+ int keylen;
+
+ if (!OSSL_PARAM_get_int(p, &keylen)) {
+ PROVerr(0, PROV_R_FAILED_TO_GET_PARAMETER);
+ return 0;
+ }
+ /* The key length can not be modified for gcm mode */
+ if (keylen != (int)ctx->keylen)
+ return 0;
+ }
+
return 1;
}
&& do_decrypt(gcm_iv, ct, ctlen, tag, taglen);
}
+static int badkeylen_test(void)
+{
+ int ret;
+ EVP_CIPHER_CTX *ctx = NULL;
+ const EVP_CIPHER *cipher;
+
+ ret = TEST_ptr(cipher = EVP_aes_192_gcm())
+ && TEST_ptr(ctx = EVP_CIPHER_CTX_new())
+ && TEST_true(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL))
+ && TEST_false(EVP_CIPHER_CTX_set_key_length(ctx, 2));
+ EVP_CIPHER_CTX_free(ctx);
+ return ret;
+}
+
#ifdef FIPS_MODE
static int ivgen_test(void)
{
int setup_tests(void)
{
ADD_TEST(kat_test);
+ ADD_TEST(badkeylen_test);
#ifdef FIPS_MODE
ADD_TEST(ivgen_test);
#endif /* FIPS_MODE */
projects / oweals / openssl.git / commitdiff