From: Andrei Botila <andrei.botila@oss.nxp.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [RFC] crypto: xts - add check for input length equal to zero
Date: Thu, 5 Mar 2020 12:22:55 +0200 [thread overview]
Message-ID: <20200305102255.12548-1-andrei.botila@oss.nxp.com> (raw)
From: Andrei Botila <andrei.botila@nxp.com>
Through this RFC we try to standardize the way input lengths equal to 0
are handled in all skcipher algorithms. Currently, in xts when an input
has a length smaller than XTS_BLOCK_SIZE it returns -EINVAL while the
other algorithms return 0 for input lengths equal to zero.
The algorithms that implement this check are CBC, ARC4, CFB, OFB, SALSA20,
CTR, ECB and PCBC, XTS being the outlier here. All of them call
skcipher_walk_virt() which returns 0 if skcipher_walk_skcipher() finds
that input length is equal to 0.
This case was discovered when fuzz testing was enabled since it generates
this input length.
This RFC wants to find out if the approach is ok before updating the
other xts implementations.
Signed-off-by: Andrei Botila <andrei.botila@nxp.com>
---
crypto/xts.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/crypto/xts.c b/crypto/xts.c
index 29efa15f1495..51eaf08603af 100644
--- a/crypto/xts.c
+++ b/crypto/xts.c
@@ -258,6 +258,9 @@ static int encrypt(struct skcipher_request *req)
struct skcipher_request *subreq = &rctx->subreq;
int err;
+ if (!req->cryptlen)
+ return 0;
+
err = init_crypt(req, encrypt_done) ?:
xor_tweak_pre(req, true) ?:
crypto_skcipher_encrypt(subreq) ?:
@@ -275,6 +278,9 @@ static int decrypt(struct skcipher_request *req)
struct skcipher_request *subreq = &rctx->subreq;
int err;
+ if (!req->cryptlen)
+ return 0;
+
err = init_crypt(req, decrypt_done) ?:
xor_tweak_pre(req, false) ?:
crypto_skcipher_decrypt(subreq) ?:
--
2.17.1
next reply other threads:[~2020-03-05 10:23 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-05 10:22 Andrei Botila [this message]
2020-03-05 10:33 ` [RFC] crypto: xts - add check for input length equal to zero Stephan Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200305102255.12548-1-andrei.botila@oss.nxp.com \
--to=andrei.botila@oss.nxp.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).