diff options
| author | jsing <> | 2019-03-27 15:34:01 +0000 |
|---|---|---|
| committer | jsing <> | 2019-03-27 15:34:01 +0000 |
| commit | 9f20c1e0134c17136831a210b73914ab9f532ff8 (patch) | |
| tree | e53e5e1f0ae5f1c54f82c58a25b52c48802febfc /src | |
| parent | 999328d699b94960b6746481e5f5b548232e0734 (diff) | |
| download | openbsd-9f20c1e0134c17136831a210b73914ab9f532ff8.tar.gz openbsd-9f20c1e0134c17136831a210b73914ab9f532ff8.tar.bz2 openbsd-9f20c1e0134c17136831a210b73914ab9f532ff8.zip | |
Cast nonce bytes to avoid undefined behaviour when left shifting.
Reported by oss-fuzz, really fixes issue #13805.
ok beck@ tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/evp/e_chacha20poly1305.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c index 2b9e7b1188..4fd92eb04e 100644 --- a/src/lib/libcrypto/evp/e_chacha20poly1305.c +++ b/src/lib/libcrypto/evp/e_chacha20poly1305.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_chacha20poly1305.c,v 1.20 2019/03/24 12:04:12 jsing Exp $ */ | 1 | /* $OpenBSD: e_chacha20poly1305.c,v 1.21 2019/03/27 15:34:01 jsing Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org> | 4 | * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org> |
| @@ -221,8 +221,8 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out, | |||
| 221 | return 0; | 221 | return 0; |
| 222 | } | 222 | } |
| 223 | 223 | ||
| 224 | ctr = (uint64_t)(nonce[0] | nonce[1] << 8 | | 224 | ctr = (uint64_t)((uint32_t)(nonce[0]) | (uint32_t)(nonce[1]) << 8 | |
| 225 | nonce[2] << 16 | nonce[3] << 24) << 32; | 225 | (uint32_t)(nonce[2]) << 16 | (uint32_t)(nonce[3]) << 24) << 32; |
| 226 | iv = nonce + CHACHA20_CONSTANT_LEN; | 226 | iv = nonce + CHACHA20_CONSTANT_LEN; |
| 227 | 227 | ||
| 228 | memset(poly1305_key, 0, sizeof(poly1305_key)); | 228 | memset(poly1305_key, 0, sizeof(poly1305_key)); |