diff --git a/a.txt b/a.txt new file mode 100644 index 000000000..e69de29bb diff --git a/src/aead/aes_gcm.rs b/src/aead/aes_gcm.rs index 2548817d9..c76f3651e 100644 --- a/src/aead/aes_gcm.rs +++ b/src/aead/aes_gcm.rs @@ -166,6 +166,8 @@ pub(super) fn seal( aes_key .ctr32_encrypt_within(Overlapping::in_place(slice::flatten_mut(whole)), &mut ctr); auth.update_blocks(whole); + let remainder = OverlappingPartialBlock::new(Overlapping::in_place(remainder)) + .unwrap_or_else(|InputTooLongError { .. }| unreachable!()); seal_finish(aes_key, auth, remainder, ctr, tag_iv) } @@ -204,6 +206,8 @@ pub(super) fn seal( ) } } + let remainder = OverlappingPartialBlock::new(Overlapping::in_place(remainder)) + .unwrap_or_else(|InputTooLongError { .. }| unreachable!()); seal_finish(aes_key, auth, remainder, ctr, tag_iv) } @@ -248,23 +252,26 @@ fn seal_strided( aes_key: &A, mut auth: gcm::Context, - remainder: &mut [u8], + remainder: OverlappingPartialBlock<'_>, ctr: Counter, tag_iv: aes::Iv, ) -> Result { - if !remainder.is_empty() { + let remainder_len = remainder.len(); + if remainder_len > 0 { let mut input = ZERO_BLOCK; - overwrite_at_start(&mut input, remainder); + overwrite_at_start(&mut input, remainder.input()); let mut output = aes_key.encrypt_iv_xor_block(ctr.into(), input); - output[remainder.len()..].fill(0); + output[remainder_len..].fill(0); auth.update_block(output); - overwrite_at_start(remainder, &output); + remainder.overwrite_at_start(output); } Ok(finish(aes_key, auth, tag_iv))