Page MenuHomeFreeBSD

Don't panic for empty CCM requests.
ClosedPublic

Authored by jhb on Apr 24 2019, 10:45 PM.
Tags
None
Referenced Files
F105786783: D20043.id56613.diff
Fri, Dec 20, 4:47 PM
F105771928: D20043.diff
Fri, Dec 20, 11:48 AM
Unknown Object (File)
Tue, Dec 3, 12:34 AM
Unknown Object (File)
Nov 16 2024, 6:31 PM
Unknown Object (File)
Nov 16 2024, 5:47 PM
Unknown Object (File)
Nov 16 2024, 3:34 PM
Unknown Object (File)
Oct 11 2024, 2:31 AM
Unknown Object (File)
Oct 6 2024, 8:05 AM
Subscribers

Details

Summary

A request to encrypt an empty payload without any AAD is unusual, but
it is defined behavior. Removing this assertion removes a panic and
instead returns the correct tag for an empty buffer.

Test Plan
  • 'cryptocheck -d soft -va aes-ccm 0' now gets a result matching OpenSSL instead of triggering a panic

Diff Detail

Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 23880
Build 22810: arc lint + arc unit

Event Timeline

Something made me think that it was not acceptable, but now I can't remember what it was, so it's clearly wrong.

This revision is now accepted and ready to land.Apr 24 2019, 10:46 PM

Yeah, I think we talked about this in one of sef@'s reviews. It might've been a later one, though.

This revision was automatically updated to reflect the committed changes.