Return -EINVAL on an attempt to set the authsize to 0 with an auth.
algorithm with a non-zero digestsize (i.e. anything but digest_null)
as authenticating the data and then throwing away the result does not
make any sense at all.
The digestsize zero exception is for use with digest_null for testing
purposes only.
Signed-off-by: Pascal van Leeuwen <pvanleeuwen@xxxxxxxxxxxxxx>
---
crypto/aead.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/aead.c b/crypto/aead.c
index 4908b5e..e423107 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -75,7 +75,8 @@ int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)
{
int err;
- if (authsize > crypto_aead_maxauthsize(tfm))
+ if ((!authsize && crypto_aead_maxauthsize(tfm)) ||
+ authsize > crypto_aead_maxauthsize(tfm))
return -EINVAL;
if (crypto_aead_alg(tfm)->setauthsize) {
--
1.8.3.1
