Re: [PATCH] crypto: aesni: add setkey for driver-gcm-aes-aesni

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Dienstag, 20. Januar 2015, 14:17:04 schrieb Herbert Xu:

Hi Herbert,

>On Sun, Jan 18, 2015 at 11:56:03PM +0100, Stephan Mueller wrote:
>> The cipher registered as __driver-gcm-aes-aesni is never intended
>> to be used directly by any caller. Instead it is a service mechanism
>> to rfc4106-gcm-aesni.
>> 
>> The kernel crypto API unconditionally calls the registered setkey
>> function. In case a caller erroneously uses __driver-gcm-aes-aesni a
>> call to crypto_aead_setkey will cause a NULL pointer dereference
>> without this patch.
>> 
>> CC: Tadeusz Struk <tadeusz.struk@xxxxxxxxx>
>> Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
>
>Rather than adding a bogus setkey function, please fix this mess
>properly by moving the top-level setkey function into the __driver
>one where it should be.  Compare with how we handle it in the
>ablk_helper which is pretty much the same thing.

That is a good suggestion. And the modification is quite limited as the 
existing rfc4106_set_key could be used for the __driver with only slight 
modifications.

In that case, however, we should apply the same to rfc4106_set_authsize.

This in turn would then turn the __driver implementation into a full GCM 
implementation. That would mean that we should rename it from __driver 
into gcm(aes) / gcm-aesni. 
>
>Thanks,


Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux