Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-21 21:36:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

aes: xts: Enforce NIST SP 800-38E data unit size

Browse source 
NIST SP 800-38E requites the data unit size be limited to at most 2^20 AES
blocks in size. Enforce this restriction.
This commit is contained in:
Jaeden Amero 2018-05-30 15:36:06 +01:00
parent 5162b932a2
commit 0a8b02087a
2 changed files with 12 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
library/aes.c
View file

@ -1158,6 +1158,9 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
if( length < 16 )
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
/* NIST SP 80-38E disallows data units larger than 2**20 blocks. */
if( length > ( 1 << 20 ) * 16 )
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT, iv, t_buf.u8 );