From 858bc65d7485b8af9c49e96d0cf0bf803606a120 Mon Sep 17 00:00:00 2001 From: Chien Wong Date: Mon, 22 Jan 2024 20:47:26 +0800 Subject: [PATCH] Add comment on impossible overflows Signed-off-by: Chien Wong --- library/gcm.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/gcm.c b/library/gcm.c index b31003f83..337145b71 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -542,6 +542,9 @@ int mbedtls_gcm_finish(mbedtls_gcm_context *ctx, (void) output_size; *output_length = 0; + /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes + * and AD length is restricted to 2^64 bits, ie 2^61 bytes so neither of + * the two multiplications would overflow. */ orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8;