lib:crypto: Change error return to SMB_ASSERT()

Getting an HMAC too long to fit our array is a programming error. It
should always be 64 bytes exactly.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c b/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
index e0877a03f5299c672748bb520c96a027fe28515e..2e37dcd23aae0feed76c86c556da483ff42dc10f 100644 (file)
--- a/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
+++ b/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
@@ -113,6 +113,12 @@ samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt(TALLOC_CTX *mem_ctx,
        NTSTATUS status;
        int rc;
 
+       /*
+        * We don't want to overflow 'pauth_tag', which is 64 bytes in
+        * size.
+        */
+       SMB_ASSERT(hmac_size == 64);
+
        if (plaintext->length == 0 || cek->length == 0 ||
            key_salt->length == 0 || mac_salt->length == 0 || iv->length == 0) {
                return NT_STATUS_INVALID_PARAMETER;
@@ -124,14 +130,6 @@ samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt(TALLOC_CTX *mem_ctx,
         * TODO: Use gnutls_cipher_encrypt3()
         */
 
-       if (hmac_size > 64) {
-               /*
-                * We don't want to overflow 'pauth_tag', which is 64 bytes in
-                * size.
-                */
-               return NT_STATUS_INVALID_BUFFER_SIZE;
-       }
-
        if (plaintext->length + aes_block_size < plaintext->length) {
                return NT_STATUS_INVALID_BUFFER_SIZE;
        }