From eb2a770b178b9040c3fc04ee31dc38d1775db09a Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Fri, 16 Oct 2015 13:23:13 +0100 Subject: crypto: don't let builtin aes crash if no IV is provided If no IV is provided, then use a default IV of all-zeros instead of crashing. This gives parity with gcrypt and nettle backends. Signed-off-by: Daniel P. Berrange --- crypto/cipher-builtin.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) (limited to 'crypto') diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c index 30f4853c86..37e1a19ac5 100644 --- a/crypto/cipher-builtin.c +++ b/crypto/cipher-builtin.c @@ -25,8 +25,7 @@ typedef struct QCryptoCipherBuiltinAES QCryptoCipherBuiltinAES; struct QCryptoCipherBuiltinAES { AES_KEY encrypt_key; AES_KEY decrypt_key; - uint8_t *iv; - size_t niv; + uint8_t iv[AES_BLOCK_SIZE]; }; typedef struct QCryptoCipherBuiltinDESRFB QCryptoCipherBuiltinDESRFB; struct QCryptoCipherBuiltinDESRFB { @@ -61,7 +60,6 @@ static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) { QCryptoCipherBuiltin *ctxt = cipher->opaque; - g_free(ctxt->state.aes.iv); g_free(ctxt); cipher->opaque = NULL; } @@ -145,15 +143,13 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher, Error **errp) { QCryptoCipherBuiltin *ctxt = cipher->opaque; - if (niv != 16) { - error_setg(errp, "IV must be 16 bytes not %zu", niv); + if (niv != AES_BLOCK_SIZE) { + error_setg(errp, "IV must be %d bytes not %zu", + AES_BLOCK_SIZE, niv); return -1; } - g_free(ctxt->state.aes.iv); - ctxt->state.aes.iv = g_new0(uint8_t, niv); - memcpy(ctxt->state.aes.iv, iv, niv); - ctxt->state.aes.niv = niv; + memcpy(ctxt->state.aes.iv, iv, AES_BLOCK_SIZE); return 0; } -- cgit v1.2.1