AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #5213 from tom-cosgrove-arm/pr_4950

Browse Source 
Fix GCM calculation with very long IV
This commit is contained in:
Gilles Peskine 2021-11-22 22:22:37 +01:00 committed by GitHub
commit 0c9f058504
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog.d/bugfix-for-gcm-long-iv-size.txt Normal file
View File

@ -0,0 +1,4 @@
Bugfix
* Fix a bug in mbedtls_gcm_starts() when bits of iv are longer than 2^32.
* Fix #4884.

4
library/gcm.c
View File

@ -254,6 +254,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
size_t i; size_t i;
const unsigned char *p; const unsigned char *p;
size_t use_len, olen = 0; size_t use_len, olen = 0;
uint64_t iv_bits;
GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( ctx != NULL );
GCM_VALIDATE_RET( iv != NULL ); GCM_VALIDATE_RET( iv != NULL );
@ -278,7 +279,8 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
else else
{ {
memset( work_buf, 0x00, 16 ); memset( work_buf, 0x00, 16 );
MBEDTLS_PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); iv_bits = (uint64_t)iv_len * 8;
MBEDTLS_PUT_UINT64_BE( iv_bits, work_buf, 8 );
p = iv; p = iv;
while( iv_len > 0 ) while( iv_len > 0 )