Re: [PATCH v3] crypto: ccm - fix incompatibility between "ccm" and "ccm_base"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Apr 18, 2019 at 02:44:27PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@xxxxxxxxxx>
> 
> CCM instances can be created by either the "ccm" template, which only
> allows choosing the block cipher, e.g. "ccm(aes)"; or by "ccm_base",
> which allows choosing the ctr and cbcmac implementations, e.g.
> "ccm_base(ctr(aes-generic),cbcmac(aes-generic))".
> 
> However, a "ccm_base" instance prevents a "ccm" instance from being
> registered using the same implementations.  Nor will the instance be
> found by lookups of "ccm".  This can be used as a denial of service.
> Moreover, "ccm_base" instances are never tested by the crypto
> self-tests, even if there are compatible "ccm" tests.
> 
> The root cause of these problems is that instances of the two templates
> use different cra_names.  Therefore, fix these problems by making
> "ccm_base" instances set the same cra_name as "ccm" instances, e.g.
> "ccm(aes)" instead of "ccm_base(ctr(aes-generic),cbcmac(aes-generic))".
> 
> This requires extracting the block cipher name from the name of the ctr
> and cbcmac algorithms.  It also requires starting to verify that the
> algorithms are really ctr and cbcmac using the same block cipher, not
> something else entirely.  But it would be bizarre if anyone were
> actually using non-ccm-compatible algorithms with ccm_base, so this
> shouldn't break anyone in practice.
> 
> Fixes: 4a49b499dfa0 ("[CRYPTO] ccm: Added CCM mode")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
> ---
> 
> Changed since v2:
> 	- Leave check for ctr cra_blocksize == 1.
> 
> Changed since v1:
> 	- Verify that cbcmac is really cbcmac (based on name).
> 	- Improved commit message.
> 
>  crypto/ccm.c | 44 ++++++++++++++++++--------------------------
>  1 file changed, 18 insertions(+), 26 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux