Google Git
Sign in
boringssl / boringssl / 4ab14ea2756c320f35c3218fc7c8f35a20ef7e8a^! / .
commit4ab14ea2756c320f35c3218fc7c8f35a20ef7e8a[log] [tgz]
authorAdam Langley <alangley@gmail.com>Thu Dec 17 14:03:23 2020 -0800
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Fri Dec 18 00:48:55 2020 +0000
tree041755a6c7bb454d3d99883f97203690d7c97d09
parent86854828e01aee1319bca371454c71d06c1322eb [diff]
acvp: fix silly errors.

A couple of processing errors crept in over time. Caught by the tests
in the next change.

Change-Id: I0caa478d3321cb8a1da1e61ddde16ba8db91eb35
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44745
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/util/fipstools/acvp/modulewrapper/modulewrapper.cc b/util/fipstools/acvp/modulewrapper/modulewrapper.cc
index 2c9fd36..3bc5bda 100644
--- a/util/fipstools/acvp/modulewrapper/modulewrapper.cc
+++ b/util/fipstools/acvp/modulewrapper/modulewrapper.cc

@@ -882,6 +882,13 @@
 }
 
 static bool AES_CTR(const Span<const uint8_t> args[]) {
+  static const uint32_t kOneIteration = 1;
+  if (args[3].size() != sizeof(kOneIteration) ||
+      memcmp(args[3].data(), &kOneIteration, sizeof(kOneIteration))) {
+    fprintf(stderr, "Only a single iteration supported with AES-CTR\n");
+    return false;
+  }
+
   AES_KEY key;
   if (AES_set_encrypt_key(args[0].data(), args[0].size() * 8, &key) != 0) {
     return false;
@@ -1766,15 +1773,15 @@
     {"SHA-1", 1, Hash<SHA1, SHA_DIGEST_LENGTH>},
     {"SHA2-224", 1, Hash<SHA224, SHA224_DIGEST_LENGTH>},
     {"SHA2-256", 1, Hash<SHA256, SHA256_DIGEST_LENGTH>},
-    {"SHA2-384", 1, Hash<SHA384, SHA256_DIGEST_LENGTH>},
+    {"SHA2-384", 1, Hash<SHA384, SHA384_DIGEST_LENGTH>},
     {"SHA2-512", 1, Hash<SHA512, SHA512_DIGEST_LENGTH>},
     {"SHA2-512/256", 1, Hash<SHA512_256, SHA512_256_DIGEST_LENGTH>},
     {"AES/encrypt", 3, AES<AES_set_encrypt_key, AES_encrypt>},
     {"AES/decrypt", 3, AES<AES_set_decrypt_key, AES_decrypt>},
     {"AES-CBC/encrypt", 4, AES_CBC<AES_set_encrypt_key, AES_ENCRYPT>},
     {"AES-CBC/decrypt", 4, AES_CBC<AES_set_decrypt_key, AES_DECRYPT>},
-    {"AES-CTR/encrypt", 3, AES_CTR},
-    {"AES-CTR/decrypt", 3, AES_CTR},
+    {"AES-CTR/encrypt", 4, AES_CTR},
+    {"AES-CTR/decrypt", 4, AES_CTR},
     {"AES-GCM/seal", 5, AEADSeal<AESGCMSetup>},
     {"AES-GCM/open", 5, AEADOpen<AESGCMSetup>},
     {"AES-KW/seal", 5, AESKeyWrapSeal},