crypto: aead - Do not allow authsize=0 if auth. alg has digestsize>0
diff mbox series

Message ID 1565365867-8251-1-git-send-email-pvanleeuwen@verimatrix.com
State Under Review
Delegated to: Herbert Xu
Headers show
Series
  • crypto: aead - Do not allow authsize=0 if auth. alg has digestsize>0
Related show

Commit Message

Pascal van Leeuwen Aug. 9, 2019, 3:51 p.m. UTC
Return -EINVAL on an attempt to set the authsize to 0 with an auth.
algorithm with a non-zero digestsize (i.e. anything but digest_null)
as authenticating the data and then throwing away the result does not
make any sense at all.

The digestsize zero exception is for use with digest_null for testing
purposes only.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
---
 crypto/aead.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Herbert Xu Aug. 15, 2019, 12:07 p.m. UTC | #1
On Fri, Aug 09, 2019 at 05:51:07PM +0200, Pascal van Leeuwen wrote:
> Return -EINVAL on an attempt to set the authsize to 0 with an auth.
> algorithm with a non-zero digestsize (i.e. anything but digest_null)
> as authenticating the data and then throwing away the result does not
> make any sense at all.
> 
> The digestsize zero exception is for use with digest_null for testing
> purposes only.
> 
> Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
> ---
>  crypto/aead.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)

Patch applied.  Thanks.

Patch
diff mbox series

diff --git a/crypto/aead.c b/crypto/aead.c
index 4908b5e..e423107 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -75,7 +75,8 @@  int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)
 {
 	int err;
 
-	if (authsize > crypto_aead_maxauthsize(tfm))
+	if ((!authsize && crypto_aead_maxauthsize(tfm)) ||
+	    authsize > crypto_aead_maxauthsize(tfm))
 		return -EINVAL;
 
 	if (crypto_aead_alg(tfm)->setauthsize) {