Message ID | 1565365867-8251-1-git-send-email-pvanleeuwen@verimatrix.com (mailing list archive) |
---|---|
State | Accepted |
Delegated to: | Herbert Xu |
Headers | show |
Series | crypto: aead - Do not allow authsize=0 if auth. alg has digestsize>0 | expand |
On Fri, Aug 09, 2019 at 05:51:07PM +0200, Pascal van Leeuwen wrote: > Return -EINVAL on an attempt to set the authsize to 0 with an auth. > algorithm with a non-zero digestsize (i.e. anything but digest_null) > as authenticating the data and then throwing away the result does not > make any sense at all. > > The digestsize zero exception is for use with digest_null for testing > purposes only. > > Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> > --- > crypto/aead.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) Patch applied. Thanks.
diff --git a/crypto/aead.c b/crypto/aead.c index 4908b5e..e423107 100644 --- a/crypto/aead.c +++ b/crypto/aead.c @@ -75,7 +75,8 @@ int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize) { int err; - if (authsize > crypto_aead_maxauthsize(tfm)) + if ((!authsize && crypto_aead_maxauthsize(tfm)) || + authsize > crypto_aead_maxauthsize(tfm)) return -EINVAL; if (crypto_aead_alg(tfm)->setauthsize) {
Return -EINVAL on an attempt to set the authsize to 0 with an auth. algorithm with a non-zero digestsize (i.e. anything but digest_null) as authenticating the data and then throwing away the result does not make any sense at all. The digestsize zero exception is for use with digest_null for testing purposes only. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> --- crypto/aead.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)