LinuxLists.cc - crypto: seqiv - Ensure that IV size is at least 8 bytes

2015-01-16 08:51:23

Subject: crypto: seqiv - Ensure that IV size is at least 8 bytes

Since seqiv is designed for IPsec we need to be able to accomodate
the whole IPsec sequence number in order to ensure the uniqueness
of the IV.

This patch forbids any algorithm with an IV size of less than 8
from using it. This should have no impact on existing users since
they all have an IV size of 8.

Reported-by: Maciej Żenczykowski <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>

diff --git a/crypto/seqiv.c b/crypto/seqiv.c
index 9daa854c..b7bb9a2 100644
--- a/crypto/seqiv.c
+++ b/crypto/seqiv.c
@@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb)
if (IS_ERR(inst))
goto out;

+ if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) {
+ skcipher_geniv_free(inst);
+ inst = ERR_PTR(-EINVAL);
+ goto out;
+ }
+
inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first;

inst->alg.cra_init = seqiv_init;
@@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb)
if (IS_ERR(inst))
goto out;

+ if (inst->alg.cra_aead.ivsize < sizeof(u64)) {
+ aead_geniv_free(inst);
+ inst = ERR_PTR(-EINVAL);
+ goto out;
+ }
+
inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first;

inst->alg.cra_init = seqiv_aead_init;
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-01-16 16:53:05

by Maciej Żenczykowski

[permalink] [raw]

Subject: Re: crypto: seqiv - Ensure that IV size is at least 8 bytes

On Fri, Jan 16, 2015 at 12:51 AM, Herbert Xu
<[email protected]> wrote:
> Since seqiv is designed for IPsec we need to be able to accomodate
> the whole IPsec sequence number in order to ensure the uniqueness
> of the IV.
>
> This patch forbids any algorithm with an IV size of less than 8
> from using it. This should have no impact on existing users since
> they all have an IV size of 8.
>
> Reported-by: Maciej Żenczykowski <[email protected]>
> Signed-off-by: Herbert Xu <[email protected]>
>
> diff --git a/crypto/seqiv.c b/crypto/seqiv.c
> index 9daa854c..b7bb9a2 100644
> --- a/crypto/seqiv.c
> +++ b/crypto/seqiv.c
> @@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb)
> if (IS_ERR(inst))
> goto out;
>
> + if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) {
> + skcipher_geniv_free(inst);
> + inst = ERR_PTR(-EINVAL);
> + goto out;
> + }
> +
> inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first;
>
> inst->alg.cra_init = seqiv_init;
> @@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb)
> if (IS_ERR(inst))
> goto out;
>
> + if (inst->alg.cra_aead.ivsize < sizeof(u64)) {
> + aead_geniv_free(inst);
> + inst = ERR_PTR(-EINVAL);
> + goto out;
> + }
> +
> inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first;
>
> inst->alg.cra_init = seqiv_aead_init;
> --
> Email: Herbert Xu <[email protected]>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Acked-by: Maciej Żenczykowski <[email protected]>