diff options
author | Daiki Ueno <ueno@gnu.org> | 2021-04-14 16:50:28 +0200 |
---|---|---|
committer | Hedgehog5040 <krenzelok.frantisek@gmail.com> | 2021-04-20 15:38:16 +0200 |
commit | 733bba1c47c545e5a2a40436ac839961e929e364 (patch) | |
tree | bf9b2bfd026c2f26065a8ee1301e5c093d9542ad | |
parent | 1c9f7c873e31f173f94e43233a4f14b04a9ffe72 (diff) | |
download | gnutls-733bba1c47c545e5a2a40436ac839961e929e364.tar.gz |
_gnutls_cipher_init: fallback if setiv is not implemented for AEAD
The _gnutls_cipher_init function currently assumes that all the cipher
implementations have .setiv method. This is not the case for
AEAD-only implementations such as afalg.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
-rw-r--r-- | lib/cipher_int.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/cipher_int.c b/lib/cipher_int.c index 058fe7a6f8..e01157cde1 100644 --- a/lib/cipher_int.c +++ b/lib/cipher_int.c @@ -110,8 +110,15 @@ _gnutls_cipher_init(cipher_hd_st *handle, const cipher_entry_st *e, SR_FB(cc->setkey(handle->handle, key->data, key->size), cc_cleanup); if (iv) { - if (unlikely(cc->setiv == NULL)) /* the API doesn't accept IV */ + /* the API doesn't accept IV */ + if (unlikely(cc->setiv == NULL)) { + if (cc->aead_encrypt) { + if (handle->handle) + handle->deinit(handle->handle); + goto fallback; + } return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + } SR(cc->setiv(handle->handle, iv->data, iv->size), cc_cleanup); } |