projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Sanity check lengths for AES wrap algorithm.
[openssl.git]
/
crypto
/
evp
/
e_aes.c
diff --git
a/crypto/evp/e_aes.c
b/crypto/evp/e_aes.c
index 504c75f8d12c518d55113a14b2acfe81718efa05..ce300440a89cda699b47d263bb9952946542ae92 100644
(file)
--- a/
crypto/evp/e_aes.c
+++ b/
crypto/evp/e_aes.c
@@
-2098,7
+2098,11
@@
static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
EVP_AES_WRAP_CTX *wctx = ctx->cipher_data;
size_t rv;
if (inlen % 8)
- return 0;
+ return -1;
+ if (ctx->encrypt && inlen < 8)
+ return -1;
+ if (!ctx->encrypt && inlen < 16)
+ return -1;
if (!out)
{
if (ctx->encrypt)