OCBv3: ocb3_init taglen check

karel-m · sjaeckel · commit f647baa77875 · 2017-08-07T18:24:59.000+02:00
diff --git a/src/encauth/ocb3/ocb3_init.c b/src/encauth/ocb3/ocb3_init.c
@@ -114,9 +114,14 @@ int ocb3_init(ocb3_state *ocb, int cipher,
       return CRYPT_INVALID_ARG;
    }
 
-   /* Make sure taglen isn't too long */
-   if (taglen > (unsigned long)cipher_descriptor[cipher].block_length) {
-      taglen = cipher_descriptor[cipher].block_length;
+   /* The blockcipher must have a 128-bit blocksize */
+   if (cipher_descriptor[cipher].block_length != 16) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* The TAGLEN may be any value up to 128 (bits) */
+   if (taglen > 16) {
+      return CRYPT_INVALID_ARG;
    }
    ocb->tag_len = taglen;
 
diff --git a/src/encauth/ocb3/ocb3_test.c b/src/encauth/ocb3/ocb3_test.c
@@ -215,7 +215,7 @@ int ocb3_test(void)
     }
 
     for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
-        len = sizeof(outtag);
+        len = 16; /* must be the same as the required taglen */
         if ((err = ocb3_encrypt_authenticate_memory(idx,
                                                    key, sizeof(key),
                                                    nonce, sizeof(nonce),

Original file line number	Diff line number	Diff line change
`@@ -215,7 +215,7 @@ int ocb3_test(void)`
`215`	`215`	`}`
`216`	`216`
`217`	`217`	`for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {`
`218`		`- len = sizeof(outtag);`
	`218`	`+ len = 16; /* must be the same as the required taglen */`
`219`	`219`	`if ((err = ocb3_encrypt_authenticate_memory(idx,`
`220`	`220`	`key, sizeof(key),`
`221`	`221`	`nonce, sizeof(nonce),`