From: Dr. Stephen Henson Date: Thu, 17 Jul 2014 01:50:48 +0000 (+0100) Subject: Sanity check lengths for AES wrap algorithm. X-Git-Tag: master-post-reformat~576 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d12eef15016e49fc09d6c96653c61624e032d1a3;p=oweals%2Fopenssl.git Sanity check lengths for AES wrap algorithm. Reviewed-by: Tim Hudson --- diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 504c75f8d1..ce300440a8 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -2098,7 +2098,11 @@ static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, EVP_AES_WRAP_CTX *wctx = ctx->cipher_data; size_t rv; if (inlen % 8) - return 0; + return -1; + if (ctx->encrypt && inlen < 8) + return -1; + if (!ctx->encrypt && inlen < 16) + return -1; if (!out) { if (ctx->encrypt) diff --git a/crypto/modes/wrap128.c b/crypto/modes/wrap128.c index 18785320f2..c6c14cdaaa 100644 --- a/crypto/modes/wrap128.c +++ b/crypto/modes/wrap128.c @@ -106,7 +106,7 @@ size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv, unsigned char *A, B[16], *R; size_t i, j, t; inlen -= 8; - if ((inlen & 0x7) || (inlen < 8) || (inlen > CRYPTO128_WRAP_MAX)) + if ((inlen & 0x7) || (inlen < 16) || (inlen > CRYPTO128_WRAP_MAX)) return 0; A = B; t = 6 * (inlen >> 3);