-
-
Notifications
You must be signed in to change notification settings - Fork 10.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reduce minimal out length in CRYPTO_128_unwrap_pad #6266
Conversation
crypto/modes/wrap128.c
Outdated
memcpy(aiv, out, 8); | ||
unsigned char buff[16]; | ||
memcpy(buff, in, inlen); | ||
block(buff, buff, key); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not like you're obliged to perform block operation in place, you can simply block(in, buff, key)
and skip memcpy. And in case of allocation of intermediate buffer for protected secret value, it's only appropriate to wipe it with OPENSSL_cleanse. Even if it's on stack.
Styling nit. It's considered appropriate to add an empty line after declarations, in this case after buff declaration.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@dot-asm thanks for your review. just back from vacation and updated my change per your comments.
In `aes_wrap_cipher()`, the minimal out buff length is `(inlen - 8)`. Since it calls `CRYPTO_128_unwrap_pad()` underneath, it makes sense to reduce the minimal out length in `CRYPTO_128_unwrap_pad()` to align to its caller. Signed-off-by: Yihong Wang <yh.wang@ibm.com>
1db1bd9
to
c1cfe38
Compare
Close/open to kick the CLA bot. |
There is no 2nd approval tick. I suppose you, Rich, meant to approve, but it's shouldn't be mind-reading exercise. You have to click on "approve", just replacing label doesn't formally count. |
oops, closed window before clicking 'send review' |
In `aes_wrap_cipher()`, the minimal out buff length is `(inlen - 8)`. Since it calls `CRYPTO_128_unwrap_pad()` underneath, it makes sense to reduce the minimal out length in `CRYPTO_128_unwrap_pad()` to align to its caller. Signed-off-by: Yihong Wang <yh.wang@ibm.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from #6266)
Merged. Thanks! |
In
aes_wrap_cipher()
, the minimal out buff length is(inlen - 8)
.Since it calls
CRYPTO_128_unwrap_pad()
underneath, it makes sense toreduce the minimal out length in
CRYPTO_128_unwrap_pad()
to align toits caller.
Signed-off-by: Yihong Wang yh.wang@ibm.com
Checklist