summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2008-07-07 20:23:56 +0800
committerHerbert Xu <herbert@gondor.apana.org.au>2008-07-10 20:35:17 +0800
commitca786dc738f4f583b57b1bba7a335b5e8233f4b0 (patch)
treee2e6178fac1d9b3ac2b557cac76977e15f7d5d2c
parentcaee16883a235b1b042282276859e7d5901fad21 (diff)
downloadlinux-stable-ca786dc738f4f583b57b1bba7a335b5e8233f4b0.tar.gz
linux-stable-ca786dc738f4f583b57b1bba7a335b5e8233f4b0.tar.bz2
linux-stable-ca786dc738f4f583b57b1bba7a335b5e8233f4b0.zip
crypto: hash - Fixed digest size check
The digest size check on hash algorithms is incorrect. It's perfectly valid for hash algorithms to have a digest length longer than their block size. For example crc32c has a block size of 1 and a digest size of 4. Rather than having it lie about its block size, this patch fixes the checks to do what they really should which is to bound the digest size so that code placing the digest on the stack continue to work. HMAC however still needs to check this as it's only defined for such algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--crypto/ahash.c2
-rw-r--r--crypto/digest.c2
-rw-r--r--crypto/hash.c2
-rw-r--r--crypto/hmac.c16
4 files changed, 13 insertions, 9 deletions
diff --git a/crypto/ahash.c b/crypto/ahash.c
index a83e035d9a3f..8c1f918a6878 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -68,7 +68,7 @@ static int crypto_init_ahash_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
struct ahash_alg *alg = &tfm->__crt_alg->cra_ahash;
struct ahash_tfm *crt = &tfm->crt_ahash;
- if (alg->digestsize > crypto_tfm_alg_blocksize(tfm))
+ if (alg->digestsize > PAGE_SIZE / 8)
return -EINVAL;
crt->init = alg->init;
diff --git a/crypto/digest.c b/crypto/digest.c
index 025c9aea24ed..d63d5d96feec 100644
--- a/crypto/digest.c
+++ b/crypto/digest.c
@@ -141,7 +141,7 @@ int crypto_init_digest_ops(struct crypto_tfm *tfm)
struct hash_tfm *ops = &tfm->crt_hash;
struct digest_alg *dalg = &tfm->__crt_alg->cra_digest;
- if (dalg->dia_digestsize > crypto_tfm_alg_blocksize(tfm))
+ if (dalg->dia_digestsize > PAGE_SIZE / 8)
return -EINVAL;
ops->init = init;
diff --git a/crypto/hash.c b/crypto/hash.c
index f9400a014e74..0d7caa9ab748 100644
--- a/crypto/hash.c
+++ b/crypto/hash.c
@@ -152,7 +152,7 @@ static int crypto_init_hash_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
{
struct hash_alg *alg = &tfm->__crt_alg->cra_hash;
- if (alg->digestsize > crypto_tfm_alg_blocksize(tfm))
+ if (alg->digestsize > PAGE_SIZE / 8)
return -EINVAL;
if ((mask & CRYPTO_ALG_TYPE_HASH_MASK) != CRYPTO_ALG_TYPE_HASH_MASK)
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 14c6351e639d..7ff2d6a8c7d0 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -226,6 +226,7 @@ static struct crypto_instance *hmac_alloc(struct rtattr **tb)
struct crypto_instance *inst;
struct crypto_alg *alg;
int err;
+ int ds;
err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_HASH);
if (err)
@@ -236,6 +237,13 @@ static struct crypto_instance *hmac_alloc(struct rtattr **tb)
if (IS_ERR(alg))
return ERR_CAST(alg);
+ inst = ERR_PTR(-EINVAL);
+ ds = (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) ==
+ CRYPTO_ALG_TYPE_HASH ? alg->cra_hash.digestsize :
+ alg->cra_digest.dia_digestsize;
+ if (ds > alg->cra_blocksize)
+ goto out_put_alg;
+
inst = crypto_alloc_instance("hmac", alg);
if (IS_ERR(inst))
goto out_put_alg;
@@ -246,14 +254,10 @@ static struct crypto_instance *hmac_alloc(struct rtattr **tb)
inst->alg.cra_alignmask = alg->cra_alignmask;
inst->alg.cra_type = &crypto_hash_type;
- inst->alg.cra_hash.digestsize =
- (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) ==
- CRYPTO_ALG_TYPE_HASH ? alg->cra_hash.digestsize :
- alg->cra_digest.dia_digestsize;
+ inst->alg.cra_hash.digestsize = ds;
inst->alg.cra_ctxsize = sizeof(struct hmac_ctx) +
- ALIGN(inst->alg.cra_blocksize * 2 +
- inst->alg.cra_hash.digestsize,
+ ALIGN(inst->alg.cra_blocksize * 2 + ds,
sizeof(void *));
inst->alg.cra_init = hmac_init_tfm;