TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix GCM counter reuse

Browse Source 
GCM should error out after processing (2^32)-1 blocks / (2^39)-256 bits
This commit is contained in:
Steffen Jaeckel 2016-09-28 20:17:53 +02:00
parent 6ad5225268
commit 7d418b34b3
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/encauth/gcm/gcm_process.c
View File

@ -49,6 +49,11 @@ int gcm_process(gcm_state *gcm,
return err;
}
/* 0xFFFFFFFE0 = ((2^39)-256)/8 */
if (gcm->pttotlen / 8 + (ulong64)gcm->buflen + (ulong64)ptlen >= CONST64(0xFFFFFFFE0)) {
return CRYPT_INVALID_ARG;
}
/* in AAD mode? */
if (gcm->mode == LTC_GCM_MODE_AAD) {
/* let's process the AAD */