commit ae73ca573a14e77df372543b810852370d50e611
author Shawn Willden <swillden@google.com> Wed Jun 17 09:46:50 2015 -0600
committer Shawn Willden <swillden@google.com> Wed Jun 24 21:16:31 2015 -0600
tree 4dec0a2bc331c0bd190f1fe4cd25cf04ee584b8b
parent bb630cec2c184bfd43a55bf8ce0399aa6dfbd99f

Reject AES GCM nonces of other than 12 bytes in length.

Bug: 21614165
Change-Id: Ic938193babee9478ccf6779670e7f43b6e31335d

aes_operation.cpp

diff --git a/aes_operation.cpp b/aes_operation.cpp
index c71a1c3..1cc7c4d 100644
--- a/aes_operation.cpp
+++ b/aes_operation.cpp
@@ -318,6 +318,11 @@
               iv_blob.data_length);
         return KM_ERROR_INVALID_NONCE;
     }
+    if (block_mode_ == KM_MODE_GCM && iv_blob.data_length != GCM_NONCE_SIZE) {
+        LOG_E("Expected %d-byte nonce for AES-GCM operation, but got %d bytes", GCM_NONCE_SIZE,
+              iv_blob.data_length);
+        return KM_ERROR_INVALID_NONCE;
+    }
     iv_.reset(dup_array(iv_blob.data, iv_blob.data_length));
     if (!iv_.get())
         return KM_ERROR_MEMORY_ALLOCATION_FAILED;