Return an error for IV lengths other than 12 with ChaCha20 The implementation was silently overwriting the IV length to 12 even though the caller passed a different value. Change the behavior to signal that a different length is not supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

commit: 33ca6af8a3bd770cb454793b9f6fc52e5d43bb21 [log] [tgz]
author: Andrzej Kurek <Andrzej.Kurek@arm.com> Wed Dec 01 21:58:05 2021 +0100
committer: Andrzej Kurek <Andrzej.Kurek@arm.com> Fri Jan 14 16:31:54 2022 +0100
tree: 78c2db88b888b4ada5ffaa06aa963137bc4890fe
parent: ce8a6173f754d7df0945cf867f480cba629aa545 [diff] [blame]
diff --git a/library/cipher.c b/library/cipher.c
index 03e84c6..39c105c 100644
--- a/library/cipher.c
+++ b/library/cipher.c

@@ -386,6 +386,12 @@
 #if defined(MBEDTLS_CHACHA20_C)
     if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
     {
+        /* Even though the actual_iv_size is overwritten with a correct value
+         * of 12 from the cipher info, return an error to indicate that
+         * the input iv_len is wrong. */
+        if( iv_len != 12 )
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
         if ( 0 != mbedtls_chacha20_starts( (mbedtls_chacha20_context*)ctx->cipher_ctx,
                                            iv,
                                            0U ) ) /* Initial counter value */
commit	33ca6af8a3bd770cb454793b9f6fc52e5d43bb21	[log] [tgz]
author	Andrzej Kurek <Andrzej.Kurek@arm.com>	Wed Dec 01 21:58:05 2021 +0100
committer	Andrzej Kurek <Andrzej.Kurek@arm.com>	Fri Jan 14 16:31:54 2022 +0100
tree	78c2db88b888b4ada5ffaa06aa963137bc4890fe
parent	ce8a6173f754d7df0945cf867f480cba629aa545 [diff] [blame]