On Fri, Jan 16, 2015 at 12:51 AM, Herbert Xu
<herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> Since seqiv is designed for IPsec we need to be able to accomodate
> the whole IPsec sequence number in order to ensure the uniqueness
> of the IV.
>
> This patch forbids any algorithm with an IV size of less than 8
> from using it. This should have no impact on existing users since
> they all have an IV size of 8.
>
> Reported-by: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
>
> diff --git a/crypto/seqiv.c b/crypto/seqiv.c
> index 9daa854c..b7bb9a2 100644
> --- a/crypto/seqiv.c
> +++ b/crypto/seqiv.c
> @@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb)
> if (IS_ERR(inst))
> goto out;
>
> + if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) {
> + skcipher_geniv_free(inst);
> + inst = ERR_PTR(-EINVAL);
> + goto out;
> + }
> +
> inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first;
>
> inst->alg.cra_init = seqiv_init;
> @@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb)
> if (IS_ERR(inst))
> goto out;
>
> + if (inst->alg.cra_aead.ivsize < sizeof(u64)) {
> + aead_geniv_free(inst);
> + inst = ERR_PTR(-EINVAL);
> + goto out;
> + }
> +
> inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first;
>
> inst->alg.cra_init = seqiv_aead_init;
> --
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Acked-by: Maciej Żenczykowski <zenczykowski@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
