commit dd0f57f1867a11531d2fc572fe203d742470d820
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Sep 16 11:47:43 2013 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Sep 18 14:34:32 2013 +0200
tree 54c4f94fb66698530430e1de019613144b09db15
parent d331319a385e53bf739e2d9c3a7a82b0656cde32

Check key size in cipher_setkey()

library/cipher.c

diff --git a/library/cipher.c b/library/cipher.c
index ee2a1cd..c455ff9 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -638,6 +638,9 @@
     if( NULL == ctx || NULL == ctx->cipher_info )
         return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
 
+    if( (int) ctx->cipher_info->key_length != key_length )
+        return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
+
     ctx->key_length = key_length;
     ctx->operation = operation;
 

library/pkcs12.c

diff --git a/library/pkcs12.c b/library/pkcs12.c
index 335af7e..9ef557c 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -181,7 +181,7 @@
     if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 )
         goto exit;
 
-    if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 )
+    if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, mode ) ) != 0 )
         goto exit;
 
     if( ( ret = cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 )

library/pkcs5.c

diff --git a/library/pkcs5.c b/library/pkcs5.c
index 0b9830d..c2aa06d 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -184,7 +184,7 @@
     if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 )
         goto exit;
 
-    if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 )
+    if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, mode ) ) != 0 )
         goto exit;
 
     if( ( ret = cipher_set_iv( &cipher_ctx, iv, enc_scheme_params.len ) ) != 0 )