summaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2015-01-16 19:51:20 +1100
committerHerbert Xu <herbert@gondor.apana.org.au>2015-01-20 14:44:16 +1100
commitc0ecf8916d28e99fd072514f19fd36ee42a6ad7e (patch)
tree01ed2ac2425a2072055fd6af1a87f2146ec331e3 /crypto
parent988dc0174411ad4b98c173f3d7d25aca9e56cd85 (diff)
downloadlwn-c0ecf8916d28e99fd072514f19fd36ee42a6ad7e.tar.gz
lwn-c0ecf8916d28e99fd072514f19fd36ee42a6ad7e.zip
crypto: seqiv - Ensure that IV size is at least 8 bytes
Since seqiv is designed for IPsec we need to be able to accomodate the whole IPsec sequence number in order to ensure the uniqueness of the IV. This patch forbids any algorithm with an IV size of less than 8 from using it. This should have no impact on existing users since they all have an IV size of 8. Reported-by: Maciej ?enczykowski <zenczykowski@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Maciej ?enczykowski <zenczykowski@gmail.com>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/seqiv.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/crypto/seqiv.c b/crypto/seqiv.c
index 9daa854cc485..b7bb9a2f4a31 100644
--- a/crypto/seqiv.c
+++ b/crypto/seqiv.c
@@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb)
if (IS_ERR(inst))
goto out;
+ if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) {
+ skcipher_geniv_free(inst);
+ inst = ERR_PTR(-EINVAL);
+ goto out;
+ }
+
inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first;
inst->alg.cra_init = seqiv_init;
@@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb)
if (IS_ERR(inst))
goto out;
+ if (inst->alg.cra_aead.ivsize < sizeof(u64)) {
+ aead_geniv_free(inst);
+ inst = ERR_PTR(-EINVAL);
+ goto out;
+ }
+
inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first;
inst->alg.cra_init = seqiv_aead_init;