From a62084d299d950f2ad0649caf9a9b9a431346996 Mon Sep 17 00:00:00 2001 From: Pascal van Leeuwen Date: Fri, 9 Aug 2019 17:51:07 +0200 Subject: crypto: aead - Do not allow authsize=0 if auth. alg has digestsize>0 Return -EINVAL on an attempt to set the authsize to 0 with an auth. algorithm with a non-zero digestsize (i.e. anything but digest_null) as authenticating the data and then throwing away the result does not make any sense at all. The digestsize zero exception is for use with digest_null for testing purposes only. Signed-off-by: Pascal van Leeuwen Signed-off-by: Herbert Xu --- crypto/aead.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'crypto/aead.c') diff --git a/crypto/aead.c b/crypto/aead.c index fbf0ec93bc8e..ce035589cf57 100644 --- a/crypto/aead.c +++ b/crypto/aead.c @@ -70,7 +70,8 @@ int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize) { int err; - if (authsize > crypto_aead_maxauthsize(tfm)) + if ((!authsize && crypto_aead_maxauthsize(tfm)) || + authsize > crypto_aead_maxauthsize(tfm)) return -EINVAL; if (crypto_aead_alg(tfm)->setauthsize) { -- cgit v1.2.3