TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-03 11:06:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

ccm_finish: Updated to only accept lens set by ccm_set_lengths

Browse Source 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This commit is contained in:
Minos Galanakis
2026-03-05 09:10:47 +00:00
parent 24081fe484
commit de24220853
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
library/ccm.c
View File

@@ -488,11 +488,11 @@ int mbedtls_ccm_finish(mbedtls_ccm_context *ctx,
return MBEDTLS_ERR_CCM_BAD_INPUT;
}
/* Reject invalid tag lengths and mismatches with negotiated length (if set). */
if (tag_len != 0 && (tag_len < 4 || tag_len > 16 || (tag_len & 1) != 0)) {
if (!(ctx->state & CCM_STATE__LENGTHS_SET)) {
return MBEDTLS_ERR_CCM_BAD_INPUT;
}
if ((ctx->state & CCM_STATE__LENGTHS_SET) && tag_len != ctx->tag_len) {
if (tag_len != ctx->tag_len) {
return MBEDTLS_ERR_CCM_BAD_INPUT;
}