Remove lower limit on GCM mode ciphers

Fixes #16057 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16064)
2021-07-13 18:40:01 +10:00 · 2021-07-13 18:40:01 +10:00 · c55c7d0292
parent 2f0a53816b
commit c55c7d0292
4 changed files with 5 additions and 12 deletions
--- a/providers/implementations/ciphers/cipher_aes_gcm.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm.c
@ -20,9 +20,6 @@
 #include "prov/implementations.h"
 #include "prov/providercommon.h"

-#define AES_GCM_IV_MIN_SIZE     (64 / 8) /* size in bytes */
-/* Note: GCM_IV_MAX_SIZE is listed in ciphercommon_gcm.h */
-
 static void *aes_gcm_newctx(void *provctx, size_t keybits)
 {
    PROV_AES_GCM_CTX *ctx;
@ -33,7 +30,7 @@ static void *aes_gcm_newctx(void *provctx, size_t keybits)
    ctx = OPENSSL_zalloc(sizeof(*ctx));
    if (ctx != NULL)
        ossl_gcm_initctx(provctx, &ctx->base, keybits,
-                         ossl_prov_aes_hw_gcm(keybits), AES_GCM_IV_MIN_SIZE);
+                         ossl_prov_aes_hw_gcm(keybits));
    return ctx;
 }

--- a/providers/implementations/ciphers/cipher_aria_gcm.c
+++ b/providers/implementations/ciphers/cipher_aria_gcm.c
@ -13,8 +13,6 @@
 #include "prov/implementations.h"
 #include "prov/providercommon.h"

-#define ARIA_GCM_IV_MIN_SIZE     (32 / 8) /* size in bytes */
-
 static void *aria_gcm_newctx(void *provctx, size_t keybits)
 {
    PROV_ARIA_GCM_CTX *ctx;
@ -25,7 +23,7 @@ static void *aria_gcm_newctx(void *provctx, size_t keybits)
    ctx = OPENSSL_zalloc(sizeof(*ctx));
    if (ctx != NULL)
        ossl_gcm_initctx(provctx, &ctx->base, keybits,
-                         ossl_prov_aria_hw_gcm(keybits), ARIA_GCM_IV_MIN_SIZE);
+                         ossl_prov_aria_hw_gcm(keybits));
    return ctx;
 }

--- a/providers/implementations/ciphers/ciphercommon_gcm.c
+++ b/providers/implementations/ciphers/ciphercommon_gcm.c
@ -26,13 +26,12 @@ static int gcm_cipher_internal(PROV_GCM_CTX *ctx, unsigned char *out,
                               size_t len);

 void ossl_gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits,
-                      const PROV_GCM_HW *hw, size_t ivlen_min)
+                      const PROV_GCM_HW *hw)
 {
    ctx->pad = 1;
    ctx->mode = EVP_CIPH_GCM_MODE;
    ctx->taglen = UNINITIALISED_SIZET;
    ctx->tls_aad_len = UNINITIALISED_SIZET;
-    ctx->ivlen_min = ivlen_min;
    ctx->ivlen = (EVP_GCM_TLS_FIXED_IV_LEN + EVP_GCM_TLS_EXPLICIT_IV_LEN);
    ctx->keylen = keybits / 8;
    ctx->hw = hw;
@ -51,7 +50,7 @@ static int gcm_init(void *vctx, const unsigned char *key, size_t keylen,
    ctx->enc = enc;

    if (iv != NULL) {
-        if (ivlen < ctx->ivlen_min || ivlen > sizeof(ctx->iv)) {
+        if (ivlen == 0 || ivlen > sizeof(ctx->iv)) {
            ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
            return 0;
        }
--- a/providers/implementations/include/prov/ciphercommon_gcm.h
+++ b/providers/implementations/include/prov/ciphercommon_gcm.h
@ -48,7 +48,6 @@ typedef struct prov_gcm_ctx_st {
    unsigned int mode;          /* The mode that we are using */
    size_t keylen;
    size_t ivlen;
-    size_t ivlen_min;
    size_t taglen;
    size_t tls_aad_pad_sz;
    size_t tls_aad_len;         /* TLS AAD length */
@ -110,7 +109,7 @@ OSSL_FUNC_cipher_cipher_fn ossl_gcm_cipher;
 OSSL_FUNC_cipher_update_fn ossl_gcm_stream_update;
 OSSL_FUNC_cipher_final_fn ossl_gcm_stream_final;
 void ossl_gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits,
-                      const PROV_GCM_HW *hw, size_t ivlen_min);
+                      const PROV_GCM_HW *hw);

 int ossl_gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen);
 int ossl_gcm_aad_update(PROV_GCM_CTX *ctx, const unsigned char *aad,