Re: crypto: seqiv - Ensure that IV size is at least 8 bytes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jan 16, 2015 at 12:51 AM, Herbert Xu
<herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> Since seqiv is designed for IPsec we need to be able to accomodate
> the whole IPsec sequence number in order to ensure the uniqueness
> of the IV.
>
> This patch forbids any algorithm with an IV size of less than 8
> from using it.  This should have no impact on existing users since
> they all have an IV size of 8.
>
> Reported-by: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
>
> diff --git a/crypto/seqiv.c b/crypto/seqiv.c
> index 9daa854c..b7bb9a2 100644
> --- a/crypto/seqiv.c
> +++ b/crypto/seqiv.c
> @@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb)
>         if (IS_ERR(inst))
>                 goto out;
>
> +       if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) {
> +               skcipher_geniv_free(inst);
> +               inst = ERR_PTR(-EINVAL);
> +               goto out;
> +       }
> +
>         inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first;
>
>         inst->alg.cra_init = seqiv_init;
> @@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb)
>         if (IS_ERR(inst))
>                 goto out;
>
> +       if (inst->alg.cra_aead.ivsize < sizeof(u64)) {
> +               aead_geniv_free(inst);
> +               inst = ERR_PTR(-EINVAL);
> +               goto out;
> +       }
> +
>         inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first;
>
>         inst->alg.cra_init = seqiv_aead_init;
> --
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Acked-by: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux