Re: [PATCH v2 6/7] crypto: ccm - fix incompatibility between "ccm" and "ccm_base"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
>
> @@ -486,7 +485,8 @@ static int crypto_ccm_create_common(struct crypto_template *tmpl,
> 
>        mac = __crypto_hash_alg_common(mac_alg);
>        err = -EINVAL;
> -       if (mac->digestsize != 16)
> +       if (strncmp(mac->base.cra_name, "cbcmac(", 7) != 0 ||
> +           mac->digestsize != 16)
>                goto out_put_mac;

Keeping the digestsize check is good because names don't mean
much when self-tests are disabled.

> @@ -509,23 +509,26 @@ static int crypto_ccm_create_common(struct crypto_template *tmpl,
> 
>        ctr = crypto_spawn_skcipher_alg(&ictx->ctr);
> 
> -       /* Not a stream cipher? */
> +       /* The skcipher algorithm must be CTR mode, using 16-byte blocks. */
>        err = -EINVAL;
> -       if (ctr->base.cra_blocksize != 1)
> +       if (strncmp(ctr->base.cra_name, "ctr(", 4) != 0 ||
> +           crypto_skcipher_alg_ivsize(ctr) != 16)
>                goto err_drop_ctr;

So we should keep the cra_blocksize test here as well.

Cheers,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux