crypto: aead - Do not allow authsize=0 if auth. alg has digestsize>0

Return -EINVAL on an attempt to set the authsize to 0 with an auth. algorithm with a non-zero digestsize (i.e. anything but digest_null) as authenticating the data and then throwing away the result does not make any sense at all. The digestsize zero exception is for use with digest_null for testing purposes only. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto: aead - Do not allow authsize=0 if auth. alg has digestsize>0
Return -EINVAL on an attempt to set the authsize to 0 with an auth. algorithm with a non-zero digestsize (i.e. anything but digest_null) as authenticating the data and then throwing away the result does not make any sense at all. The digestsize zero exception is for use with digest_null for testing purposes only. Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
a62084d2 · Pascal van Leeuwen · Herbert Xu · 440dc9aa · a62084d2
Commit a62084d2 authored Aug 09, 2019 by Pascal van Leeuwen Committed by Herbert Xu Aug 15, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

crypto/aead.c crypto/aead.c +2 -1

No files found.
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -70,7 +70,8 @@ int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)
 {
 	int err;

-	if (authsize > crypto_aead_maxauthsize(tfm))
+	if ((!authsize && crypto_aead_maxauthsize(tfm)) ||
+	    authsize > crypto_aead_maxauthsize(tfm))
 		return -EINVAL;

 	if (crypto_aead_alg(tfm)->setauthsize) {