Sanity check EVP_CTRL_AEAD_TLS_AAD

[openssl.git] / ssl / record / ssl3_record.c

diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index be5bb22ae056a1eb77df97661c6ca411dafd5606..33d0b302f0cdd7cd618ac049e138f41fa469b95d 100644 (file)
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -112,6 +112,7 @@
 #include "../ssl_locl.h"
 #include "../../crypto/constant_time_locl.h"
 #include <openssl/rand.h>
+#include "record_locl.h"
 
 static const unsigned char ssl3_pad_1[48] = {
     0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
@@ -155,7 +156,7 @@ int SSL3_RECORD_setup(SSL3_RECORD *r)
 
 void SSL3_RECORD_set_seq_num(SSL3_RECORD *r, const unsigned char *seq_num)
 {
-    memcpy(r->seq_num, seq_num, 8);
+    memcpy(r->seq_num, seq_num, SEQ_NUM_SIZE);
 }
 
 /*
@@ -657,7 +658,7 @@ int tls1_enc(SSL *s, int send)
         bs = EVP_CIPHER_block_size(ds->cipher);
 
         if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
-            unsigned char buf[13], *seq;
+            unsigned char buf[EVP_AEAD_TLS1_AAD_LEN], *seq;
 
             seq = send ? RECORD_LAYER_get_write_sequence(&s->rlayer)
                 : RECORD_LAYER_get_read_sequence(&s->rlayer);
@@ -683,7 +684,10 @@ int tls1_enc(SSL *s, int send)
             buf[10] = (unsigned char)(s->version);
             buf[11] = rec->length >> 8;
             buf[12] = rec->length & 0xff;
-            pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD, 13, buf);
+            pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD,
+                                      EVP_AEAD_TLS1_AAD_LEN, buf);
+            if (pad <= 0)
+                return -1;
             if (send) {
                 l += pad;
                 rec->length += pad;