diff options
| author | Daniel P. Berrange <berrange@redhat.com> | 2015-10-16 16:35:06 +0100 |
|---|---|---|
| committer | Daniel P. Berrange <berrange@redhat.com> | 2015-10-22 19:03:08 +0100 |
| commit | 3a661f1eabf7e8db66e28489884d9b54aacb94ea (patch) | |
| tree | 4a0b45548a6eb797c9c254797f065b2b5cd9b33e /crypto/cipher-builtin.c | |
| parent | eb2a770b178b9040c3fc04ee31dc38d1775db09a (diff) | |
| download | qemu-3a661f1eabf7e8db66e28489884d9b54aacb94ea.tar.gz | |
crypto: add sanity checking of plaintext/ciphertext length
When encrypting/decrypting data, the plaintext/ciphertext
buffers are required to be a multiple of the cipher block
size. If this is not done, nettle will abort and gcrypt
will report an error. To get consistent behaviour add
explicit checks upfront for the buffer sizes.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'crypto/cipher-builtin.c')
| -rw-r--r-- | crypto/cipher-builtin.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c index 37e1a19ac5..39e31a7f42 100644 --- a/crypto/cipher-builtin.c +++ b/crypto/cipher-builtin.c @@ -39,6 +39,7 @@ struct QCryptoCipherBuiltin { QCryptoCipherBuiltinAES aes; QCryptoCipherBuiltinDESRFB desrfb; } state; + size_t blocksize; void (*free)(QCryptoCipher *cipher); int (*setiv)(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, @@ -181,6 +182,7 @@ static int qcrypto_cipher_init_aes(QCryptoCipher *cipher, goto error; } + ctxt->blocksize = AES_BLOCK_SIZE; ctxt->free = qcrypto_cipher_free_aes; ctxt->setiv = qcrypto_cipher_setiv_aes; ctxt->encrypt = qcrypto_cipher_encrypt_aes; @@ -282,6 +284,7 @@ static int qcrypto_cipher_init_des_rfb(QCryptoCipher *cipher, memcpy(ctxt->state.desrfb.key, key, nkey); ctxt->state.desrfb.nkey = nkey; + ctxt->blocksize = 8; ctxt->free = qcrypto_cipher_free_des_rfb; ctxt->setiv = qcrypto_cipher_setiv_des_rfb; ctxt->encrypt = qcrypto_cipher_encrypt_des_rfb; @@ -370,6 +373,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher, { QCryptoCipherBuiltin *ctxt = cipher->opaque; + if (len % ctxt->blocksize) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctxt->blocksize); + return -1; + } + return ctxt->encrypt(cipher, in, out, len, errp); } @@ -382,6 +391,12 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher, { QCryptoCipherBuiltin *ctxt = cipher->opaque; + if (len % ctxt->blocksize) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctxt->blocksize); + return -1; + } + return ctxt->decrypt(cipher, in, out, len, errp); } |