diff options
| author | Andy Polyakov <appro@openssl.org> | 2014-03-07 10:30:37 +0100 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2014-03-07 10:48:51 +0100 |
| commit | cc6dc9b2294f7dd59899452470b4bbeaed1eb57d (patch) | |
| tree | 90a2ce5db027c86ecfa4900c3ee73560d02f455a /crypto/perlasm | |
| parent | fe69e6be6e551c04d9d6a186c7fee1e635313ca6 (diff) | |
SPARC T4 assembly pack: treat zero input length in CBC.
The problem is that OpenSSH calls EVP_Cipher, which is not as
protective as EVP_CipherUpdate. Formally speaking we ought to
do more checks in *_cipher methods, including rejecting
lengths not divisible by block size (unless ciphertext stealing
is in place). But for now I implement check for zero length in
low-level based on precedent.
PR: 3087, 2775
(cherry picked from commit 5e44c144e649a53bae2724b34d908f6cb26b01ed)
Diffstat (limited to 'crypto/perlasm')
| -rw-r--r-- | crypto/perlasm/sparcv9_modes.pl | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/perlasm/sparcv9_modes.pl b/crypto/perlasm/sparcv9_modes.pl index 6b47bb1af4..dc55b34e41 100644 --- a/crypto/perlasm/sparcv9_modes.pl +++ b/crypto/perlasm/sparcv9_modes.pl @@ -35,6 +35,8 @@ $::code.=<<___; .align 32 ${alg}${bits}_t4_cbc_encrypt: save %sp, -$::frame, %sp + cmp $len, 0 + be,pn $::size_t_cc, .L${bits}_cbc_enc_abort sub $inp, $out, $blk_init ! $inp!=$out ___ $::code.=<<___ if (!$::evp); @@ -123,6 +125,7 @@ $::code.=<<___ if (!$::evp); std %f2, [$ivec + 8] ___ $::code.=<<___; +.L${bits}_cbc_enc_abort: ret restore @@ -249,6 +252,8 @@ $::code.=<<___; .align 32 ${alg}${bits}_t4_cbc_decrypt: save %sp, -$::frame, %sp + cmp $len, 0 + be,pn $::size_t_cc, .L${bits}_cbc_dec_abort sub $inp, $out, $blk_init ! $inp!=$out ___ $::code.=<<___ if (!$::evp); @@ -341,6 +346,7 @@ $::code.=<<___ if (!$::evp); std %f14, [$ivec + 8] ___ $::code.=<<___; +.L${bits}_cbc_dec_abort: ret restore |