WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #7650 from kaleb-himes/SRTP-KDF-CODEREVIEWr2 

Add sanity for case id'd in optesting review
pull/7677/head
Sean Parkinson 2024-06-24 17:04:13 +10:00 committed by GitHub
parent 75475ae624 23f796c0b4
commit 0900e00ee7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 22 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
configure.ac
View File

@ -4103,18 +4103,6 @@ AC_ARG_ENABLE([ed448-stream],
[ ENABLED_ED448_STREAM=no ]
)
if test "$ENABLED_ED448_STREAM" != "no"
then
if test "$ENABLED_ED448" = "no"
then
AC_MSG_ERROR([ED448 verify streaming enabled but ED448 is disabled])
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ED448_STREAMING_VERIFY"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ED448_STREAMING_VERIFY"
fi
fi
# FP ECC, Fixed Point cache ECC
AC_ARG_ENABLE([fpecc],
[AS_HELP_STRING([--enable-fpecc],[Enable Fixed Point cache ECC (default: disabled)])],
@ -5614,6 +5602,18 @@ then
ENABLED_CERTS=yes
fi
if test "$ENABLED_ED448_STREAM" != "no"
then
if test "$ENABLED_ED448" = "no"
then
AC_MSG_ERROR([ED448 verify streaming enabled but ED448 is disabled])
else
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ED448_STREAMING_VERIFY"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ED448_STREAMING_VERIFY"
fi
fi
# SRTP-KDF
if test "$ENABLED_SRTP" = "yes"
then

10
wolfcrypt/src/aes.c
View File

@ -10761,6 +10761,11 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
authTagSz > AES_BLOCK_SIZE)
return BAD_FUNC_ARG;
/* Sanity check on authIn to prevent segfault in xorbuf() where
* variable 'in' is dereferenced as the mask 'm' in misc.c */
if (authIn == NULL && authInSz > 0)
return BAD_FUNC_ARG;
/* sanity check on tag size */
if (wc_AesCcmCheckTagSize((int)authTagSz) != 0) {
return BAD_FUNC_ARG;
@ -10903,6 +10908,11 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
authTagSz > AES_BLOCK_SIZE)
return BAD_FUNC_ARG;
/* Sanity check on authIn to prevent segfault in xorbuf() where
* variable 'in' is dereferenced as the mask 'm' in misc.c */
if (authIn == NULL && authInSz > 0)
return BAD_FUNC_ARG;
/* sanity check on tag size */
if (wc_AesCcmCheckTagSize((int)authTagSz) != 0) {
return BAD_FUNC_ARG;