stupidgcm: return error on too short input instead of panicing

This is what Go GCM does as well.
This commit is contained in:
Jakob Unterwurzacher 2018-05-10 22:44:03 +02:00
parent 5ccc06d5cb
commit a276321dea
1 changed files with 4 additions and 3 deletions

View File

@ -10,6 +10,7 @@ import "C"
import (
"crypto/cipher"
"fmt"
"log"
"unsafe"
)
@ -144,12 +145,12 @@ func (g *StupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) {
if len(iv) != ivLen {
log.Panicf("Only %d-byte IVs are supported", ivLen)
}
if len(in) <= tagLen {
log.Panic("Input data too short")
}
if len(g.key) != keyLen {
log.Panicf("Wrong key length: %d. Key has been wiped?", len(g.key))
}
if len(in) <= tagLen {
return nil, fmt.Errorf("stupidgcm: input data too short (%d bytes)", len(in))
}
// If the "dst" slice is large enough we can use it as our output buffer
outLen := len(in) - tagLen