crypto: seqiv - Ensure that IV size is at least 8 bytes

crypto: seqiv - Ensure that IV size is at least 8 bytes

[Herbert Xu]

Since seqiv is designed for IPsec we need to be able to accomodate
the whole IPsec sequence number in order to ensure the uniqueness
of the IV.

This patch forbids any algorithm with an IV size of less than 8
from using it.  This should have no impact on existing users since
they all have an IV size of 8.

Reported-by: Maciej Żenczykowski <zenczykowski@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/seqiv.c b/crypto/seqiv.c
index 9daa854c..b7bb9a2 100644
--- a/crypto/seqiv.c
+++ b/crypto/seqiv.c
@@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb)
 	if (IS_ERR(inst))
 		goto out;
 
+	if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) {
+		skcipher_geniv_free(inst);
+		inst = ERR_PTR(-EINVAL);
+		goto out;
+	}
+
 	inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first;
 
 	inst->alg.cra_init = seqiv_init;
@@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb)
 	if (IS_ERR(inst))
 		goto out;
 
+	if (inst->alg.cra_aead.ivsize < sizeof(u64)) {
+		aead_geniv_free(inst);
+		inst = ERR_PTR(-EINVAL);
+		goto out;
+	}
+
 	inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first;
 
 	inst->alg.cra_init = seqiv_aead_init;
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: crypto: seqiv - Ensure that IV size is at least 8 bytes

[Maciej Żenczykowski]

On Fri, Jan 16, 2015 at 12:51 AM, Herbert Xu
<herbert@gondor.apana.org.au> wrote:
> Since seqiv is designed for IPsec we need to be able to accomodate
> the whole IPsec sequence number in order to ensure the uniqueness
> of the IV.
>
> This patch forbids any algorithm with an IV size of less than 8
> from using it.  This should have no impact on existing users since
> they all have an IV size of 8.
>
> Reported-by: Maciej Żenczykowski <zenczykowski@gmail.com>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
>
> diff --git a/crypto/seqiv.c b/crypto/seqiv.c
> index 9daa854c..b7bb9a2 100644
> --- a/crypto/seqiv.c
> +++ b/crypto/seqiv.c
> @@ -267,6 +267,12 @@ static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb)
>         if (IS_ERR(inst))
>                 goto out;
>
> +       if (inst->alg.cra_ablkcipher.ivsize < sizeof(u64)) {
> +               skcipher_geniv_free(inst);
> +               inst = ERR_PTR(-EINVAL);
> +               goto out;
> +       }
> +
>         inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first;
>
>         inst->alg.cra_init = seqiv_init;
> @@ -287,6 +293,12 @@ static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb)
>         if (IS_ERR(inst))
>                 goto out;
>
> +       if (inst->alg.cra_aead.ivsize < sizeof(u64)) {
> +               aead_geniv_free(inst);
> +               inst = ERR_PTR(-EINVAL);
> +               goto out;
> +       }
> +
>         inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first;
>
>         inst->alg.cra_init = seqiv_aead_init;
> --
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Acked-by: Maciej Żenczykowski <zenczykowski@gmail.com>