[Cryptech-Commits] [sw/libhal] 02/04: Make sure hal_aes_keyunwrap() frees the core in all error cases.
git at cryptech.is
git at cryptech.is
Mon Apr 17 20:37:51 UTC 2017
This is an automated email from the git hooks/post-receive script.
paul at psgd.org pushed a commit to branch ksng
in repository sw/libhal.
commit f79826a8472a2c133c773048306ae3403390e723
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Mon Apr 17 14:38:59 2017 -0400
Make sure hal_aes_keyunwrap() frees the core in all error cases.
---
aes_keywrap.c | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/aes_keywrap.c b/aes_keywrap.c
index 08cc05f..d7701f0 100644
--- a/aes_keywrap.c
+++ b/aes_keywrap.c
@@ -4,7 +4,7 @@
* Implementation of RFC 5649 over Cryptech AES core.
*
* Authors: Rob Austein
- * Copyright (c) 2015, NORDUnet A/S
+ * Copyright (c) 2015-2017, NORDUnet A/S
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -272,18 +272,24 @@ hal_error_t hal_aes_keyunwrap(hal_core_t * core,
}
}
- if (Q[0] != 0xA6 || Q[1] != 0x59 || Q[2] != 0x59 || Q[3] != 0xA6)
- return HAL_ERROR_KEYWRAP_BAD_MAGIC;
+ if (Q[0] != 0xA6 || Q[1] != 0x59 || Q[2] != 0x59 || Q[3] != 0xA6) {
+ err = HAL_ERROR_KEYWRAP_BAD_MAGIC;
+ goto out;
+ }
m = (((((Q[4] << 8) + Q[5]) << 8) + Q[6]) << 8) + Q[7];
- if (m <= 8 * (n - 1) || m > 8 * n)
- return HAL_ERROR_KEYWRAP_BAD_LENGTH;
+ if (m <= 8 * (n - 1) || m > 8 * n) {
+ err = HAL_ERROR_KEYWRAP_BAD_LENGTH;
+ goto out;
+ }
if (m % 8 != 0)
for (i = m + 8; i < 8 * (n + 1); i++)
- if (Q[i] != 0x00)
- return HAL_ERROR_KEYWRAP_BAD_PADDING;
+ if (Q[i] != 0x00) {
+ err = HAL_ERROR_KEYWRAP_BAD_PADDING;
+ goto out;
+ }
*Q_len = m;
More information about the Commits
mailing list