From: Vitaly Chikunov Date: Tue, 12 May 2020 09:26:01 +0000 (+0300) Subject: gost_crypt: Add some sanity checking to GOST_init_cipher X-Git-Tag: v3.0.0~103 X-Git-Url: http://wagner.pp.ru/gitweb/?a=commitdiff_plain;h=c6b44c8eaf68bf045805163a8825e5440632653e;p=openssl-gost%2Fengine.git gost_crypt: Add some sanity checking to GOST_init_cipher - Stream cipher should have block_size 1, other should not. - Stream cipher should not have padding. - If IV is specified Custom IV flag should be set. --- diff --git a/gost_crypt.c b/gost_crypt.c index 8a2b960..8277fa2 100644 --- a/gost_crypt.c +++ b/gost_crypt.c @@ -86,10 +86,30 @@ EVP_CIPHER *GOST_init_cipher(GOST_cipher *c) if (c->cipher) return c->cipher; + /* Some sanity checking. */ + int flags = c->flags | TPL_VAL(c, flags); + int block_size = TPL(c, block_size); + switch (flags & EVP_CIPH_MODE) { + case EVP_CIPH_CTR_MODE: + case EVP_CIPH_CFB_MODE: + case EVP_CIPH_OFB_MODE: + OPENSSL_assert(block_size == 1); + OPENSSL_assert(flags & EVP_CIPH_NO_PADDING); + break; + default: + OPENSSL_assert(block_size != 1); + OPENSSL_assert(!(flags & EVP_CIPH_NO_PADDING)); + } + + if (TPL(c, iv_len)) + OPENSSL_assert(flags & EVP_CIPH_CUSTOM_IV); + else + OPENSSL_assert(!(flags & EVP_CIPH_CUSTOM_IV)); + EVP_CIPHER *cipher; - if (!(cipher = EVP_CIPHER_meth_new(c->nid, TPL(c, block_size), TPL(c, key_len))) + if (!(cipher = EVP_CIPHER_meth_new(c->nid, block_size, TPL(c, key_len))) || !EVP_CIPHER_meth_set_iv_length(cipher, TPL(c, iv_len)) - || !EVP_CIPHER_meth_set_flags(cipher, c->flags | TPL_VAL(c, flags)) + || !EVP_CIPHER_meth_set_flags(cipher, flags) || !EVP_CIPHER_meth_set_init(cipher, TPL(c, init)) || !EVP_CIPHER_meth_set_do_cipher(cipher, TPL(c, do_cipher)) || !EVP_CIPHER_meth_set_cleanup(cipher, TPL(c, cleanup))