commit 26c4e3cb0bb6547de0d94de4c41c838b09ee08bb
author Paul Bakker <p.j.bakker@polarssl.org> Wed Jul 04 17:08:33 2012 +0000
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Jul 04 17:08:33 2012 +0000
tree b52a5930105ed5713dfa4f4714c04c2c71a6016b
parent 83f00bba9cf7e8bcc2db441f450d3de113e7d7dc

 - Made crypt_and_cipher more robust with other ciphers / hashes

programs/aes/crypt_and_hash.c

diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c
index 9fa0fb1..47b17d5 100644
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@@ -300,9 +300,17 @@
 
         memset( key, 0, sizeof( key ) );
 
-        cipher_setkey( &cipher_ctx, digest, cipher_info->key_length,
-            POLARSSL_ENCRYPT );
-        cipher_reset( &cipher_ctx, IV);
+        if( cipher_setkey( &cipher_ctx, digest, cipher_info->key_length,
+                           POLARSSL_ENCRYPT ) != 0 )
+        {
+            fprintf( stderr, "cipher_setkey() returned error\n");
+            goto exit;
+        }
+        if( cipher_reset( &cipher_ctx, IV ) != 0 )
+        {
+            fprintf( stderr, "cipher_reset() returned error\n");
+            goto exit;
+        }
 
         md_hmac_starts( &md_ctx, digest, 32 );
 
@@ -330,7 +338,11 @@
             }
         }
 
-        cipher_finish( &cipher_ctx, output, &olen );
+        if( cipher_finish( &cipher_ctx, output, &olen ) != 0 )
+        {
+            fprintf( stderr, "cipher_finish() returned error\n" );
+            goto exit;
+        }
         md_hmac_update( &md_ctx, output, olen );
 
         if( fwrite( output, 1, olen, fout ) != olen )
@@ -338,14 +350,15 @@
             fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
             goto exit;
         }
+
         /*
          * Finally write the HMAC.
          */
         md_hmac_finish( &md_ctx, digest );
 
-        if( fwrite( digest, 1, md_get_size( md_info), fout ) != md_get_size( md_info) )
+        if( fwrite( digest, 1, md_get_size( md_info ), fout ) != md_get_size( md_info ) )
         {
-            fprintf( stderr, "fwrite(%d bytes) failed\n", md_get_size( md_info) );
+            fprintf( stderr, "fwrite(%d bytes) failed\n", md_get_size( md_info ) );
             goto exit;
         }
     }
@@ -361,15 +374,17 @@
          *      N*16 .. (N+1)*16 - 1    AES Encrypted Block #N
          *  (N+1)*16 .. (N+1)*16 + 32   HMAC-SHA-256(ciphertext)
          */
-        if( filesize < 16 + md_get_size( md_info) )
+        if( filesize < 16 + md_get_size( md_info ) )
         {
             fprintf( stderr, "File too short to be encrypted.\n" );
             goto exit;
         }
 
-        if( ( filesize & 0x0F ) != 0 )
+        if( ( ( filesize - md_get_size( md_info ) ) % 
+                cipher_get_block_size( &cipher_ctx ) ) != 0 )
         {
-            fprintf( stderr, "File size not a multiple of 16.\n" );
+            fprintf( stderr, "File content not a multiple of the block size (%d).\n",
+                     cipher_get_block_size( &cipher_ctx ));
             goto exit;
         }