diff options
author | Pauli <pauli@openssl.org> | 2021-06-07 09:28:49 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-06-08 19:32:17 +1000 |
commit | 042f8f70cb8fb21445ed20d07e2624d5a2bba4e4 (patch) | |
tree | 71fec2fcb66df66cabee06ed2b28f6c8f5a38530 /crypto | |
parent | b0a0ab07b4313cc893b17880b4399bdb804837c5 (diff) |
evp: fix improper use of negative value issues
Coverity issues 1485662, 1485663 & 1485664.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15635)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/evp/e_aes.c | 7 | ||||
-rw-r--r-- | crypto/evp/e_aria.c | 7 | ||||
-rw-r--r-- | crypto/evp/e_sm4.c | 7 |
3 files changed, 18 insertions, 3 deletions
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 2c2a4ba90c..e43076752f 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -2516,9 +2516,14 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - unsigned int num = EVP_CIPHER_CTX_get_num(ctx); + int n = EVP_CIPHER_CTX_get_num(ctx); + unsigned int num; EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx); + if (n < 0) + return 0; + num = (unsigned int)n; + if (dat->stream.ctr) CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks, ctx->iv, diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index f53528ea5c..7e1fda33e1 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -175,9 +175,14 @@ const EVP_CIPHER *EVP_aria_##keylen##_##mode(void) \ static int aria_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - unsigned int num = EVP_CIPHER_CTX_get_num(ctx); + int n = EVP_CIPHER_CTX_get_num(ctx); + unsigned int num; EVP_ARIA_KEY *dat = EVP_C_DATA(EVP_ARIA_KEY, ctx); + if (n < 0) + return 0; + num = (unsigned int)n; + CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, ctx->iv, EVP_CIPHER_CTX_buf_noconst(ctx), &num, (block128_f) ossl_aria_encrypt); diff --git a/crypto/evp/e_sm4.c b/crypto/evp/e_sm4.c index 39bec569f7..abd603015c 100644 --- a/crypto/evp/e_sm4.c +++ b/crypto/evp/e_sm4.c @@ -74,9 +74,14 @@ IMPLEMENT_BLOCK_CIPHER(sm4, ks, sm4, EVP_SM4_KEY, NID_sm4, static int sm4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t len) { - unsigned int num = EVP_CIPHER_CTX_get_num(ctx); + int n = EVP_CIPHER_CTX_get_num(ctx); + unsigned int num; EVP_SM4_KEY *dat = EVP_C_DATA(EVP_SM4_KEY, ctx); + if (n < 0) + return 0; + num = (unsigned int)n; + CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, ctx->iv, EVP_CIPHER_CTX_buf_noconst(ctx), &num, (block128_f)ossl_sm4_encrypt); |