Commit b877ad1a authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Herbert Xu

crypto: omap-aes-gcm - check length of assocdata in RFC4106 mode

RFC4106 requires the associated data to be a certain size, so reject
inputs that are wrong. This also prevents crashes or other problems due
to assoclen becoming negative after subtracting 8 bytes.
Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
Reviewed-by: default avatarTero Kristo <t-kristo@ti.com>
Tested-by: default avatarTero Kristo <t-kristo@ti.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 12adf9d6
...@@ -365,7 +365,8 @@ int omap_aes_4106gcm_encrypt(struct aead_request *req) ...@@ -365,7 +365,8 @@ int omap_aes_4106gcm_encrypt(struct aead_request *req)
memcpy(rctx->iv, ctx->nonce, 4); memcpy(rctx->iv, ctx->nonce, 4);
memcpy(rctx->iv + 4, req->iv, 8); memcpy(rctx->iv + 4, req->iv, 8);
return omap_aes_gcm_crypt(req, FLAGS_ENCRYPT | FLAGS_GCM | return crypto_ipsec_check_assoclen(req->assoclen) ?:
omap_aes_gcm_crypt(req, FLAGS_ENCRYPT | FLAGS_GCM |
FLAGS_RFC4106_GCM); FLAGS_RFC4106_GCM);
} }
...@@ -376,7 +377,8 @@ int omap_aes_4106gcm_decrypt(struct aead_request *req) ...@@ -376,7 +377,8 @@ int omap_aes_4106gcm_decrypt(struct aead_request *req)
memcpy(rctx->iv, ctx->nonce, 4); memcpy(rctx->iv, ctx->nonce, 4);
memcpy(rctx->iv + 4, req->iv, 8); memcpy(rctx->iv + 4, req->iv, 8);
return omap_aes_gcm_crypt(req, FLAGS_GCM | FLAGS_RFC4106_GCM); return crypto_ipsec_check_assoclen(req->assoclen) ?:
omap_aes_gcm_crypt(req, FLAGS_GCM | FLAGS_RFC4106_GCM);
} }
int omap_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key, int omap_aes_gcm_setkey(struct crypto_aead *tfm, const u8 *key,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment