From: Shane Hansen <shanemhansen@gmail.com>
Date: Wed, 17 Oct 2012 18:29:00 +0000 (-0400)
Subject: crypto/cipher: panic on invalid IV length
X-Git-Tag: go1.1rc2~2111
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=fcd5fd2ad4c9283307c0e0b9f15c00b32c57483a;p=gostls13.git

crypto/cipher: panic on invalid IV length

Give better user feedback when invalid IV is used
to construct a cipher.

Fixes #3411

R=golang-dev, agl
CC=golang-dev
https://golang.org/cl/6652053
---

diff --git a/src/pkg/crypto/cipher/cbc.go b/src/pkg/crypto/cipher/cbc.go
index a48929cf5d..6fab9b4213 100644
--- a/src/pkg/crypto/cipher/cbc.go
+++ b/src/pkg/crypto/cipher/cbc.go
@@ -33,6 +33,9 @@ type cbcEncrypter cbc
 // mode, using the given Block. The length of iv must be the same as the
 // Block's block size.
 func NewCBCEncrypter(b Block, iv []byte) BlockMode {
+	if len(iv) != b.BlockSize() {
+		panic("cipher.NewCBCEncrypter: IV length must equal block size")
+	}
 	return (*cbcEncrypter)(newCBC(b, iv))
 }
 
@@ -58,6 +61,9 @@ type cbcDecrypter cbc
 // mode, using the given Block. The length of iv must be the same as the
 // Block's block size and must match the iv used to encrypt the data.
 func NewCBCDecrypter(b Block, iv []byte) BlockMode {
+	if len(iv) != b.BlockSize() {
+		panic("cipher.NewCBCDecrypter: IV length must equal block size")
+	}
 	return (*cbcDecrypter)(newCBC(b, iv))
 }
 
diff --git a/src/pkg/crypto/cipher/cfb.go b/src/pkg/crypto/cipher/cfb.go
index d14165a865..99006b546d 100644
--- a/src/pkg/crypto/cipher/cfb.go
+++ b/src/pkg/crypto/cipher/cfb.go
@@ -17,6 +17,9 @@ type cfb struct {
 // using the given Block. The iv must be the same length as the Block's block
 // size.
 func NewCFBEncrypter(block Block, iv []byte) Stream {
+	if len(iv) != block.BlockSize() {
+		panic("cipher.NewCBFEncrypter: IV length must equal block size")
+	}
 	return newCFB(block, iv, false)
 }
 
@@ -24,6 +27,9 @@ func NewCFBEncrypter(block Block, iv []byte) Stream {
 // using the given Block. The iv must be the same length as the Block's block
 // size.
 func NewCFBDecrypter(block Block, iv []byte) Stream {
+	if len(iv) != block.BlockSize() {
+		panic("cipher.NewCBFEncrypter: IV length must equal block size")
+	}
 	return newCFB(block, iv, true)
 }
 
diff --git a/src/pkg/crypto/cipher/ctr.go b/src/pkg/crypto/cipher/ctr.go
index 147b74fc2f..d9ee9d8272 100644
--- a/src/pkg/crypto/cipher/ctr.go
+++ b/src/pkg/crypto/cipher/ctr.go
@@ -23,7 +23,7 @@ type ctr struct {
 // counter mode. The length of iv must be the same as the Block's block size.
 func NewCTR(block Block, iv []byte) Stream {
 	if len(iv) != block.BlockSize() {
-		panic("cipher.NewCTR: iv length must equal block size")
+		panic("cipher.NewCTR: IV length must equal block size")
 	}
 
 	return &ctr{