accelerated: check keysize in SSSE3 cipher setkey
File da59d34eacdf50a0019a457fb7c4916be48c99a5 causes crashes on i586 machines. The file contains a PKCS#8 encoded key of size 1.
The SSSE3 AES codepath accepts the key without any sanity checks. _gnutls_pkcs_raw_decrypt_data then allocates 1 byte buffer for the key.
Later when the optimized AES computation begins, it loads 16 bytes from the memory address consisting of just 1 malloc()ed byte to the xmm registers.
_vpaes_schedule_core () at elf/aes-ssse3-x86.s:249 249 movdqu (%esi),%xmm0
Two invalid writes happen later, when the routine writes the result of the computation back to the memory.
Checking for proper AES keysize (16/24/32 bytes) mitigates the issue.
Reviewer's checklist:
-
Any issues marked for closing are addressed -
There is a test suite reasonably covering new functionality or modifications -
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
-
This feature/change has adequate documentation added -
No obvious mistakes in the code