On Tue, Oct 23, 2007 at 03:26:29PM -0500, Joy Latten wrote: > > + err = crypto_attr_u32(tb[4], &countersize); > + if (err) > + goto out_put_alg; > + > /* verify size of nonce + iv + counter */ > err = -EINVAL; > - if ((noncesize + ivsize) >= alg->cra_blocksize) > + if (((noncesize + ivsize) > alg->cra_blocksize) || > + (countersize > alg->cra_blocksize)) > goto out_put_alg; Probably should check whether noncesize + ivsize + countersize == blocksize if noncesize + ivsize < blocksize Actually let's also require that countersize >= 4 as otherwise wrapping will be a problem. This would also weed out stream algorithms but we wouldn't want to apply CTR to them anyway. Otherwise this looks pretty good to me. Thanks Joy! -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
