Fix for min IV size check. Cleanup of the max IV to use new enum MAX_IV_SZ.

2018-06-07 12:45:11 -07:00 · 2018-06-07 12:45:11 -07:00 · 623f1b58ac
commit 623f1b58ac
parent 64ba151c35
2 changed files with 5 additions and 3 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -13403,7 +13403,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
                    args->ivSz = blockSz;
                    args->sz  += args->ivSz;

-                    if (args->ivSz > AES_BLOCK_SIZE)
+                    if (args->ivSz > MAX_IV_SZ)
                        ERROR_OUT(BUFFER_E, exit_buildmsg);
                }
                args->sz += 1;       /* pad byte */
@ -13455,9 +13455,9 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
            AddRecordHeader(output, args->size, (byte)type, ssl);

            /* write to output */
-            if (args->ivSz) {
+            if (args->ivSz > 0) {
                XMEMCPY(output + args->idx, args->iv,
-                                        min(args->ivSz, sizeof(args->iv)));
+                                        min(args->ivSz, MAX_IV_SZ));
                args->idx += args->ivSz;
            }
            XMEMCPY(output + args->idx, input, inSz);
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@ -1191,6 +1191,8 @@ enum Misc {
    AES_128_KEY_SIZE    = 16,
 #endif

+    MAX_IV_SZ           = AES_BLOCK_SIZE,
+
    AEAD_SEQ_OFFSET     = 4,   /* Auth Data: Sequence number */
    AEAD_TYPE_OFFSET    = 8,   /* Auth Data: Type            */
    AEAD_VMAJ_OFFSET    = 9,   /* Auth Data: Major Version   */