boringssl

History

David Benjamin 4a8c05ffe8 Check key sizes in AES_set__key. AES_set__key used to call directly into aes_nohw_set__key which gracefully handles some NULL parameters and invalid bit sizes. However, we now enable optimized assembly implementations, not all of which perform these checks. (vpaes does not.) This is fine for the internal assembly functions themselves. Such checks are better written in C than assembly, and the calling C code usually already knows the key size. (Indeed aes_ctr_set_key already assumes the assembly functions are infallible.) AES_set__key are public APIs, however. The NULL check is silly, but we should handle length-like checks in public APIs. Change-Id: I259ae6b9811ceaa9dc5bd7173d5754ca7079cff8 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35564 Reviewed-by: Adam Langley <agl@google.com>	2019-04-11 15:33:57 +00:00
..
openssl	Check key sizes in AES_set_*_key.	2019-04-11 15:33:57 +00:00

David Benjamin 4a8c05ffe8 Check key sizes in AES_set_*_key.

AES_set_*_key used to call directly into aes_nohw_set_*_key which
gracefully handles some NULL parameters and invalid bit sizes. However,
we now enable optimized assembly implementations, not all of which
perform these checks. (vpaes does not.)

This is fine for the internal assembly functions themselves. Such checks
are better written in C than assembly, and the calling C code usually
already knows the key size. (Indeed aes_ctr_set_key already assumes the
assembly functions are infallible.) AES_set_*_key are public APIs,
however. The NULL check is silly, but we should handle length-like
checks in public APIs.

Change-Id: I259ae6b9811ceaa9dc5bd7173d5754ca7079cff8
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35564
Reviewed-by: Adam Langley <agl@google.com>

2019-04-11 15:33:57 +00:00

openssl

Check key sizes in AES_set_*_key.

2019-04-11 15:33:57 +00:00