From 90b94ff85f73381a7ec819387d19de6eb037c264 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Thu, 1 Feb 2024 19:32:46 +0000 Subject: [PATCH] Allow GCM IV to be NULL if zero-length The operation will still return an error, but the assert-based validation checks will pass. This allows GCM to work with buffer copies / local inputs, which may be NULL when they are zero-length. Signed-off-by: David Horstmann --- library/gcm.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/gcm.c b/library/gcm.c index 86d5fa2b5f..d3e773278f 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -241,7 +241,7 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, uint64_t iv_bits; GCM_VALIDATE_RET(ctx != NULL); - GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(iv_len == 0 || iv != NULL); GCM_VALIDATE_RET(add_len == 0 || add != NULL); /* IV and AD are limited to 2^64 bits, so 2^61 bytes */ @@ -433,7 +433,7 @@ int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; GCM_VALIDATE_RET(ctx != NULL); - GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(iv_len == 0 || iv != NULL); GCM_VALIDATE_RET(add_len == 0 || add != NULL); GCM_VALIDATE_RET(length == 0 || input != NULL); GCM_VALIDATE_RET(length == 0 || output != NULL); @@ -470,7 +470,7 @@ int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx, int diff; GCM_VALIDATE_RET(ctx != NULL); - GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(iv_len == 0 || iv != NULL); GCM_VALIDATE_RET(add_len == 0 || add != NULL); GCM_VALIDATE_RET(tag != NULL); GCM_VALIDATE_RET(length == 0 || input != NULL);