diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-09-15 07:23:21 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-09-15 07:23:21 -0700 |
commit | 3630056d961593bdf41aaf268c7620d36e635119 (patch) | |
tree | 9c88b19638fce36a6c51b14d69e058dd4b096235 | |
parent | 9e82bf014195d6f0054982c463575cdce24292be (diff) | |
parent | 78f543a93473f67a1035949a293b79288e259b6e (diff) | |
download | linux-3630056d961593bdf41aaf268c7620d36e635119.tar.gz linux-3630056d961593bdf41aaf268c7620d36e635119.tar.bz2 linux-3630056d961593bdf41aaf268c7620d36e635119.zip |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
"This fixes the newly added drbg generator so that it actually works on
32-bit machines. Previously the code was only tested on 64-bit and on
32-bit it overflowed and simply doesn't work"
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: drbg - remove check for uninitialized DRBG handle
crypto: drbg - backport "fix maximum value checks on 32 bit systems"
-rw-r--r-- | crypto/drbg.c | 3 | ||||
-rw-r--r-- | include/crypto/drbg.h | 13 |
2 files changed, 13 insertions, 3 deletions
diff --git a/crypto/drbg.c b/crypto/drbg.c index 7894db9ca90b..a53ee099e281 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -1922,9 +1922,6 @@ static inline int __init drbg_healthcheck_sanity(void) /* overflow max addtllen with personalization string */ ret = drbg_instantiate(drbg, &addtl, coreref, pr); BUG_ON(0 == ret); - /* test uninstantated DRBG */ - len = drbg_generate(drbg, buf, (max_request_bytes + 1), NULL); - BUG_ON(0 < len); /* all tests passed */ rc = 0; diff --git a/include/crypto/drbg.h b/include/crypto/drbg.h index 831d786976c5..882675e7c055 100644 --- a/include/crypto/drbg.h +++ b/include/crypto/drbg.h @@ -162,12 +162,25 @@ static inline size_t drbg_max_request_bytes(struct drbg_state *drbg) static inline size_t drbg_max_addtl(struct drbg_state *drbg) { +#if (__BITS_PER_LONG == 32) + /* + * SP800-90A allows smaller maximum numbers to be returned -- we + * return SIZE_MAX - 1 to allow the verification of the enforcement + * of this value in drbg_healthcheck_sanity. + */ + return (SIZE_MAX - 1); +#else return (1UL<<(drbg->core->max_addtllen)); +#endif } static inline size_t drbg_max_requests(struct drbg_state *drbg) { +#if (__BITS_PER_LONG == 32) + return SIZE_MAX; +#else return (1UL<<(drbg->core->max_req)); +#endif } /* |