Google Git
Sign in
go / go / fcd5fd2ad4c9283307c0e0b9f15c00b32c57483a^! / .
commitfcd5fd2ad4c9283307c0e0b9f15c00b32c57483a[log] [tgz]
authorShane Hansen <shanemhansen@gmail.com>Wed Oct 17 14:29:00 2012 -0400
committerAdam Langley <agl@golang.org>Wed Oct 17 14:29:00 2012 -0400
treeaa788235fb4234a7d6a3b4294ec1fd51c30ec207
parent561561fc2d64d088892778463a266120a6c2f716 [diff]
crypto/cipher: panic on invalid IV length

Give better user feedback when invalid IV is used
to construct a cipher.

Fixes #3411

R=golang-dev, agl
CC=golang-dev
https://golang.org/cl/6652053

diff --git a/src/pkg/crypto/cipher/cbc.go b/src/pkg/crypto/cipher/cbc.go
index a48929c..6fab9b4 100644
--- a/src/pkg/crypto/cipher/cbc.go
+++ b/src/pkg/crypto/cipher/cbc.go

@@ -33,6 +33,9 @@
 // mode, using the given Block. The length of iv must be the same as the
 // Block's block size.
 func NewCBCEncrypter(b Block, iv []byte) BlockMode {
+	if len(iv) != b.BlockSize() {
+		panic("cipher.NewCBCEncrypter: IV length must equal block size")
+	}
 	return (*cbcEncrypter)(newCBC(b, iv))
 }
 
@@ -58,6 +61,9 @@
 // mode, using the given Block. The length of iv must be the same as the
 // Block's block size and must match the iv used to encrypt the data.
 func NewCBCDecrypter(b Block, iv []byte) BlockMode {
+	if len(iv) != b.BlockSize() {
+		panic("cipher.NewCBCDecrypter: IV length must equal block size")
+	}
 	return (*cbcDecrypter)(newCBC(b, iv))
 }
 

diff --git a/src/pkg/crypto/cipher/cfb.go b/src/pkg/crypto/cipher/cfb.go
index d14165a..99006b5 100644
--- a/src/pkg/crypto/cipher/cfb.go
+++ b/src/pkg/crypto/cipher/cfb.go

@@ -17,6 +17,9 @@
 // using the given Block. The iv must be the same length as the Block's block
 // size.
 func NewCFBEncrypter(block Block, iv []byte) Stream {
+	if len(iv) != block.BlockSize() {
+		panic("cipher.NewCBFEncrypter: IV length must equal block size")
+	}
 	return newCFB(block, iv, false)
 }
 
@@ -24,6 +27,9 @@
 // using the given Block. The iv must be the same length as the Block's block
 // size.
 func NewCFBDecrypter(block Block, iv []byte) Stream {
+	if len(iv) != block.BlockSize() {
+		panic("cipher.NewCBFEncrypter: IV length must equal block size")
+	}
 	return newCFB(block, iv, true)
 }
 

diff --git a/src/pkg/crypto/cipher/ctr.go b/src/pkg/crypto/cipher/ctr.go
index 147b74f..d9ee9d8 100644
--- a/src/pkg/crypto/cipher/ctr.go
+++ b/src/pkg/crypto/cipher/ctr.go

@@ -23,7 +23,7 @@
 // counter mode. The length of iv must be the same as the Block's block size.
 func NewCTR(block Block, iv []byte) Stream {
 	if len(iv) != block.BlockSize() {
-		panic("cipher.NewCTR: iv length must equal block size")
+		panic("cipher.NewCTR: IV length must equal block size")
 	}
 
 	return &ctr{