Prune low-level ASN.1 parse errors from error queue in decoder_process()

[openssl.git] / providers / implementations / ciphers / cipher_aes_gcm.c

diff --git a/providers/implementations/ciphers/cipher_aes_gcm.c b/providers/implementations/ciphers/cipher_aes_gcm.c
index 2f22c320671eb63fff4fc1cb013b82f441491c05..409dfa7b3300dcee28feffdcc8f394194465be24 100644 (file)
--- a/providers/implementations/ciphers/cipher_aes_gcm.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm.c
@@ -20,6 +20,9 @@
 #include "prov/implementations.h"
 #include "prov/providercommon.h"
 
+#define AES_GCM_IV_MIN_SIZE     (64 / 8) /* size in bytes */
+/* Note: GCM_IV_MAX_SIZE is listed in ciphercommon_gcm.h */
+
 static void *aes_gcm_newctx(void *provctx, size_t keybits)
 {
     PROV_AES_GCM_CTX *ctx;
@@ -29,7 +32,8 @@ static void *aes_gcm_newctx(void *provctx, size_t keybits)
 
     ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (ctx != NULL)
-        gcm_initctx(provctx, &ctx->base, keybits, PROV_AES_HW_gcm(keybits), 8);
+        gcm_initctx(provctx, &ctx->base, keybits, PROV_AES_HW_gcm(keybits),
+                    AES_GCM_IV_MIN_SIZE);
     return ctx;
 }