Prune low-level ASN.1 parse errors from error queue in decoder_process()

[openssl.git] / providers / implementations / ciphers / cipher_aes_gcm.c

diff --git a/providers/implementations/ciphers/cipher_aes_gcm.c b/providers/implementations/ciphers/cipher_aes_gcm.c
index 440fc00e670e1ae3a158f1270114244d5497ac7f..409dfa7b3300dcee28feffdcc8f394194465be24 100644 (file)
--- a/providers/implementations/ciphers/cipher_aes_gcm.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm.c
@@ -18,17 +18,26 @@
 
 #include "cipher_aes_gcm.h"
 #include "prov/implementations.h"
+#include "prov/providercommon.h"
+
+#define AES_GCM_IV_MIN_SIZE     (64 / 8) /* size in bytes */
+/* Note: GCM_IV_MAX_SIZE is listed in ciphercommon_gcm.h */
 
 static void *aes_gcm_newctx(void *provctx, size_t keybits)
 {
-    PROV_AES_GCM_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+    PROV_AES_GCM_CTX *ctx;
+
+    if (!ossl_prov_is_running())
+        return NULL;
 
+    ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (ctx != NULL)
-        gcm_initctx(provctx, &ctx->base, keybits, PROV_AES_HW_gcm(keybits), 8);
+        gcm_initctx(provctx, &ctx->base, keybits, PROV_AES_HW_gcm(keybits),
+                    AES_GCM_IV_MIN_SIZE);
     return ctx;
 }
 
-static OSSL_OP_cipher_freectx_fn aes_gcm_freectx;
+static OSSL_FUNC_cipher_freectx_fn aes_gcm_freectx;
 static void aes_gcm_freectx(void *vctx)
 {
     PROV_AES_GCM_CTX *ctx = (PROV_AES_GCM_CTX *)vctx;