Allow GCM IV to be NULL if zero-length
The operation will still return an error, but the assert-based
validation checks will pass. This allows GCM to work with buffer
copies / local inputs, which may be NULL when they are zero-length.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
diff --git a/library/gcm.c b/library/gcm.c
index 86d5fa2..d3e7732 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -241,7 +241,7 @@
uint64_t iv_bits;
GCM_VALIDATE_RET(ctx != NULL);
- GCM_VALIDATE_RET(iv != NULL);
+ GCM_VALIDATE_RET(iv_len == 0 || iv != NULL);
GCM_VALIDATE_RET(add_len == 0 || add != NULL);
/* IV and AD are limited to 2^64 bits, so 2^61 bytes */
@@ -433,7 +433,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
GCM_VALIDATE_RET(ctx != NULL);
- GCM_VALIDATE_RET(iv != NULL);
+ GCM_VALIDATE_RET(iv_len == 0 || iv != NULL);
GCM_VALIDATE_RET(add_len == 0 || add != NULL);
GCM_VALIDATE_RET(length == 0 || input != NULL);
GCM_VALIDATE_RET(length == 0 || output != NULL);
@@ -470,7 +470,7 @@
int diff;
GCM_VALIDATE_RET(ctx != NULL);
- GCM_VALIDATE_RET(iv != NULL);
+ GCM_VALIDATE_RET(iv_len == 0 || iv != NULL);
GCM_VALIDATE_RET(add_len == 0 || add != NULL);
GCM_VALIDATE_RET(tag != NULL);
GCM_VALIDATE_RET(length == 0 || input != NULL);