The cts algorithm as currently implemented assumes the underlying
is a CBC-mode algorithm. So this patch adds a check for that to
eliminate bogus combinations of cts with non-CBC modes.
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
diff --git a/crypto/cts.c b/crypto/cts.c
index 6a8089c..e467ec0 100644
--- a/crypto/cts.c
+++ b/crypto/cts.c
@@ -290,6 +290,9 @@ static struct crypto_instance *crypto_cts_alloc(struct rtattr **tb)
if (!is_power_of_2(alg->cra_blocksize))
goto out_put_alg;
+ if (strncmp(alg->cra_name, "cbc(", 4))
+ goto out_put_alg;
+
inst = crypto_alloc_instance("cts", alg);
if (IS_ERR(inst))
goto out_put_alg;
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
