wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

aes.c: in CheckAesGcmIvSize(), don't disallow GCM_NONCE_MIN_SZ for FIPS 140-3, i.e. always allow it.

Browse Source
This commit is contained in:
Daniel Pouzzner
2021-09-13 21:24:03 -05:00
parent b93a18b34e
commit d39d389c6e
1 changed files with 0 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
wolfcrypt/src/aes.c
View File

@ -9458,14 +9458,9 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
#ifndef WC_NO_RNG
static WC_INLINE int CheckAesGcmIvSize(int ivSz) {
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 4)
return (ivSz == GCM_NONCE_MID_SZ ||
ivSz == GCM_NONCE_MAX_SZ);
#else
return (ivSz == GCM_NONCE_MIN_SZ ||
ivSz == GCM_NONCE_MID_SZ ||
ivSz == GCM_NONCE_MAX_SZ);
#endif
}