ocb3: check the length of the nonce

This commit is contained in:
Steffen Jaeckel 2017-08-02 14:41:46 +02:00
parent b2448c593a
commit 1aaa5abb33

View File

@ -56,6 +56,12 @@ int ocb3_init(ocb3_state *ocb, int cipher,
}
ocb->cipher = cipher;
/* Valid Nonce?
* As of RFC7253: "string of no more than 120 bits" */
if (noncelen > (120/8)) {
return CRYPT_INVALID_ARG;
}
/* determine which polys to use */
ocb->block_len = cipher_descriptor[cipher].block_length;
x = (int)(sizeof(polys)/sizeof(polys[0]));