Re: [PATCH 0/4] crypto: vmac - various fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jun 18, 2018 at 10:22:36AM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@xxxxxxxxxx>
> 
> Hi, this series fixes various bugs in the VMAC template (crypto/vmac.c).
> First, the per-request context was being stored in the transform
> context, which made VMAC not thread-safe, and the kernel could be
> crashed by using the same VMAC transform in multiple threads using
> AF_ALG (found by syzkaller).  Also the keys were incorrectly being wiped
> after each message.  Patch 2 fixes these bugs, Cc'ed to stable.
> 
> But there are also bugs that require breaking changes: the nonce is
> hardcoded to 0, and the endianness of the final digest is wrong.  So
> patch 3 introduces a fixed version of the VMAC template that takes the
> nonce as the first 16 bytes of data, and fixes the digest endianness.
> 
> Patch 4 then removes the current version of the VMAC template.  I'm not
> 100% sure whether we can really do that or not as it may have users
> (there are no explicit users in the kernel, though), but given that the
> old version was insecure unless a unique key was set for each message, I
> think we should try and see if anyone complains.
> 
> Eric Biggers (4):
>   crypto: vmac - require a block cipher with 128-bit block size
>   crypto: vmac - separate tfm and request context
>   crypto: vmac - add nonced version with big endian digest
>   crypto: vmac - remove insecure version with hardcoded nonce
> 
>  crypto/tcrypt.c       |   2 +-
>  crypto/testmgr.c      |   4 +-
>  crypto/testmgr.h      | 217 +++++++++++++--------
>  crypto/vmac.c         | 444 ++++++++++++++++++++----------------------
>  include/crypto/vmac.h |  63 ------
>  5 files changed, 351 insertions(+), 379 deletions(-)
>  delete mode 100644 include/crypto/vmac.h

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux