On Fri, Jan 16, 2015 at 12:51 AM, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > Since seqiv is designed for IPsec we need to be able to accomodate > the whole IPsec sequence number in order to ensure the uniqueness > of the IV. > > This patch forbids any algorithm with an IV size of less than 8 > from using it. This should have no impact on existing users since > they all have an IV size of 8. > > Reported-by: Maciej Żenczykowski <zenczykowski@xxxxxxxxx> > Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > > diff --git a/crypto/seqiv.c b/crypto/seqiv.c > index 9daa854c..b7bb9a2 100644 > --- a/crypto/seqiv.c > +++ b/crypto/seqiv.c > @@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb) > if (IS_ERR(inst)) > goto out; > > + if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) { > + skcipher_geniv_free(inst); > + inst = ERR_PTR(-EINVAL); > + goto out; > + } > + > inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first; > > inst->alg.cra_init = seqiv_init; > @@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb) > if (IS_ERR(inst)) > goto out; > > + if (inst->alg.cra_aead.ivsize < sizeof(u64)) { > + aead_geniv_free(inst); > + inst = ERR_PTR(-EINVAL); > + goto out; > + } > + > inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first; > > inst->alg.cra_init = seqiv_aead_init; > -- > Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt Acked-by: Maciej Żenczykowski <zenczykowski@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html