Re: [PATCH] crypto: CTR DRBG - in-place cipher operation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Freitag, 27. Juli 2018, 12:53:35 CEST schrieb Herbert Xu:

Hi Herbert,

> On Fri, Jul 20, 2018 at 07:42:01PM +0200, Stephan Müller wrote:
> > @@ -1747,10 +1733,18 @@ static int drbg_kcapi_sym_ctr(struct drbg_state
> > *drbg,> 
> >  			      u8 *outbuf, u32 outlen)
> >  
> >  {
> >  
> >  	struct scatterlist *sg_in = &drbg->sg_in, *sg_out = &drbg->sg_out;
> > 
> > +	u32 scratchpad_use = min_t(u32, outlen, DRBG_OUTSCRATCHLEN);
> > 
> >  	int ret;
> > 
> > -	sg_set_buf(sg_in, inbuf, inlen);
> > -	sg_set_buf(sg_out, drbg->outscratchpad, DRBG_OUTSCRATCHLEN);
> > +	if (inbuf) {
> > +		/* Use caller-provided input buffer */
> > +		sg_set_buf(sg_in, inbuf, inlen);
> > +	} else {
> > +		/* Use scratchpad for in-place operation */
> > +		inlen = scratchpad_use;
> > +		memset(drbg->outscratchpad, 0, scratchpad_use);
> > +		sg_set_buf(sg_in, drbg->outscratchpad, scratchpad_use);
> > +	}
> 
> What guarantees that inbuf isn't on the stack?

This is guaranteed by the invokers of drbg_kcapi_sym_ctr as there are two 
only:

- the one in drbg_ctr_update uses the scratchpad for inbuf

- the one in drbg_ctr_generate uses NULL which implies that the outscratchpad 
is used.

Ciao
Stephan






[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux