Re: [PATCH] crypto: talitos: Extend max key length for SHA384/512-HMAC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/27/2017 6:46 PM, Martin Hicks wrote:
> 
> The max keysize for both of these is 128, not 96.  Before, with keysizes
> over 96, the memcpy in ahash_setkey() would overwrite memory beyond the
> key field.
> 
While here, what about aead_setkey()?
AFAICT, TALITOS_MAX_KEY_SIZE value has been incorrect since forever; it
does not cover the maximum values of encryption key + authentication key
for authenc algorithms.

So, based on algorithms currently registered, I think this should be:
#define TALITOS_MAX_KEY_SIZE		(AES_MAX_KEY_SIZE + \
					 SHA512_BLOCK_SIZE)


> Signed-off-by: Martin Hicks <mort@xxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx # 3.6+
Fixes: 357fb60502ede ("crypto: talitos - add sha224, sha384 and sha512
to existing AEAD algorithms")

> ---
>  drivers/crypto/talitos.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
> index 0bba6a1..97dc85e 100644
> --- a/drivers/crypto/talitos.c
> +++ b/drivers/crypto/talitos.c
> @@ -816,7 +816,7 @@ static void talitos_unregister_rng(struct device *dev)
>   * HMAC_SNOOP_NO_AFEA (HSNA) instead of type IPSEC_ESP
>   */
>  #define TALITOS_CRA_PRIORITY_AEAD_HSNA	(TALITOS_CRA_PRIORITY - 1)
> -#define TALITOS_MAX_KEY_SIZE		96
> +#define TALITOS_MAX_KEY_SIZE		SHA512_BLOCK_SIZE /* SHA512 has the largest keysize input */
>  #define TALITOS_MAX_IV_LENGTH		16 /* max of AES_BLOCK_SIZE, DES3_EDE_BLOCK_SIZE */
>  
>  struct talitos_ctx {
> 





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux