| Message ID | 20150116085120.GA9863@gondor.apana.org.au (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Herbert Xu |
| Headers | show |
On Fri, Jan 16, 2015 at 12:51 AM, Herbert Xu <herbert@gondor.apana.org.au> wrote: > Since seqiv is designed for IPsec we need to be able to accomodate > the whole IPsec sequence number in order to ensure the uniqueness > of the IV. > > This patch forbids any algorithm with an IV size of less than 8 > from using it. This should have no impact on existing users since > they all have an IV size of 8. > > Reported-by: Maciej ?enczykowski <zenczykowski@gmail.com> > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> > > diff --git a/crypto/seqiv.c b/crypto/seqiv.c > index 9daa854c..b7bb9a2 100644 > --- a/crypto/seqiv.c > +++ b/crypto/seqiv.c > @@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb) > if (IS_ERR(inst)) > goto out; > > + if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) { > + skcipher_geniv_free(inst); > + inst = ERR_PTR(-EINVAL); > + goto out; > + } > + > inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first; > > inst->alg.cra_init = seqiv_init; > @@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb) > if (IS_ERR(inst)) > goto out; > > + if (inst->alg.cra_aead.ivsize < sizeof(u64)) { > + aead_geniv_free(inst); > + inst = ERR_PTR(-EINVAL); > + goto out; > + } > + > inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first; > > inst->alg.cra_init = seqiv_aead_init; > -- > Email: Herbert Xu <herbert@gondor.apana.org.au> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt Acked-by: Maciej ?enczykowski <zenczykowski@gmail.com> -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/crypto/seqiv.c b/crypto/seqiv.c index 9daa854c..b7bb9a2 100644 --- a/crypto/seqiv.c +++ b/crypto/seqiv.c @@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb) if (IS_ERR(inst)) goto out; + if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) { + skcipher_geniv_free(inst); + inst = ERR_PTR(-EINVAL); + goto out; + } + inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first; inst->alg.cra_init = seqiv_init; @@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb) if (IS_ERR(inst)) goto out; + if (inst->alg.cra_aead.ivsize < sizeof(u64)) { + aead_geniv_free(inst); + inst = ERR_PTR(-EINVAL); + goto out; + } + inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first; inst->alg.cra_init = seqiv_aead_init;
Since seqiv is designed for IPsec we need to be able to accomodate the whole IPsec sequence number in order to ensure the uniqueness of the IV. This patch forbids any algorithm with an IV size of less than 8 from using it. This should have no impact on existing users since they all have an IV size of 8. Reported-by: Maciej ?enczykowski <zenczykowski@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>