diff --git a/lib/freebl/gcm.c b/lib/freebl/gcm.c --- a/lib/freebl/gcm.c +++ b/lib/freebl/gcm.c @@ -225,17 +225,17 @@ gcm_getX(gcmHashContext *ghash, unsigned X += blocksize-len; } err = mp_to_unsigned_octets(&ghash->X, X, len); if (err < 0) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } - gcm_reverse(T, X, blocksize); + gcm_reverse(T, tmp_buf, blocksize); return SECSuccess; } static SECStatus gcm_HashMult(gcmHashContext *ghash, const unsigned char *buf, unsigned int count, unsigned int blocksize) { SECStatus rv = SECFailure; @@ -570,20 +570,20 @@ gcmHash_Reset(gcmHashContext *ghash, con gcm_zeroX(ghash); /* now kick things off by hashing the Additional Authenticated Data */ if (AADLen != 0) { rv = gcmHash_Update(ghash, AAD, AADLen, blocksize); if (rv != SECSuccess) { return SECFailure; } - rv = gcmHash_Sync(ghash, blocksize); - if (rv != SECSuccess) { - return SECFailure; - } + } + rv = gcmHash_Sync(ghash, blocksize); + if (rv != SECSuccess) { + return SECFailure; } return SECSuccess; } /************************************************************************** * Now implement the GCM using gcmHash and CTR * **************************************************************************/ diff --git a/lib/freebl/rijndael.c b/lib/freebl/rijndael.c --- a/lib/freebl/rijndael.c +++ b/lib/freebl/rijndael.c @@ -1216,17 +1216,17 @@ AES_DestroyContext(AESContext *cx, PRBoo */ SECStatus AES_Encrypt(AESContext *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { int blocksize; /* Check args */ - if (cx == NULL || output == NULL || input == NULL) { + if (cx == NULL || output == NULL || (input == NULL && inputLen != 0)) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } blocksize = 4 * cx->Nb; if (cx->isBlock && (inputLen % blocksize != 0)) { PORT_SetError(SEC_ERROR_INPUT_LEN); return SECFailure; } @@ -1247,17 +1247,17 @@ AES_Encrypt(AESContext *cx, unsigned cha */ SECStatus AES_Decrypt(AESContext *cx, unsigned char *output, unsigned int *outputLen, unsigned int maxOutputLen, const unsigned char *input, unsigned int inputLen) { int blocksize; /* Check args */ - if (cx == NULL || output == NULL || input == NULL) { + if (cx == NULL || output == NULL || (input == NULL && inputLen != 0)) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } blocksize = 4 * cx->Nb; if (cx->isBlock && (inputLen % blocksize != 0)) { PORT_SetError(SEC_ERROR_INPUT_LEN); return SECFailure; }