Skip to content

Commit a745dda

Browse files
herbertxgregkh
herbertx
authored and
gregkh
committed
crypto: bcm - Verify GCM/CCM key length in setkey
commit 10a2f0b upstream. The setkey function for GCM/CCM algorithms didn't verify the key length before copying the key and subtracting the salt length. This patch delays the copying of the key til after the verification has been done. It also adds checks on the key length to ensure that it's at least as long as the salt. Fixes: 9d12ba8 ("crypto: brcm - Add Broadcom SPU driver") Cc: <stable@vger.kernel.org> Reported-by: kiyin(尹亮) <kiyin@tencent.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 parent ffdf9f8 commit a745dda

1 file changed

Lines changed: 14 additions & 1 deletion

File tree

drivers/crypto/bcm/cipher.c

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2930,7 +2930,6 @@ static int aead_gcm_ccm_setkey(struct crypto_aead *cipher,
29302930

29312931
ctx->enckeylen = keylen;
29322932
ctx->authkeylen = 0;
2933-
memcpy(ctx->enckey, key, ctx->enckeylen);
29342933

29352934
switch (ctx->enckeylen) {
29362935
case AES_KEYSIZE_128:
@@ -2946,6 +2945,8 @@ static int aead_gcm_ccm_setkey(struct crypto_aead *cipher,
29462945
goto badkey;
29472946
}
29482947

2948+
memcpy(ctx->enckey, key, ctx->enckeylen);
2949+
29492950
flow_log(" enckeylen:%u authkeylen:%u\n", ctx->enckeylen,
29502951
ctx->authkeylen);
29512952
flow_dump(" enc: ", ctx->enckey, ctx->enckeylen);
@@ -3000,6 +3001,10 @@ static int aead_gcm_esp_setkey(struct crypto_aead *cipher,
30003001
struct iproc_ctx_s *ctx = crypto_aead_ctx(cipher);
30013002

30023003
flow_log("%s\n", __func__);
3004+
3005+
if (keylen < GCM_ESP_SALT_SIZE)
3006+
return -EINVAL;
3007+
30033008
ctx->salt_len = GCM_ESP_SALT_SIZE;
30043009
ctx->salt_offset = GCM_ESP_SALT_OFFSET;
30053010
memcpy(ctx->salt, key + keylen - GCM_ESP_SALT_SIZE, GCM_ESP_SALT_SIZE);
@@ -3028,6 +3033,10 @@ static int rfc4543_gcm_esp_setkey(struct crypto_aead *cipher,
30283033
struct iproc_ctx_s *ctx = crypto_aead_ctx(cipher);
30293034

30303035
flow_log("%s\n", __func__);
3036+
3037+
if (keylen < GCM_ESP_SALT_SIZE)
3038+
return -EINVAL;
3039+
30313040
ctx->salt_len = GCM_ESP_SALT_SIZE;
30323041
ctx->salt_offset = GCM_ESP_SALT_OFFSET;
30333042
memcpy(ctx->salt, key + keylen - GCM_ESP_SALT_SIZE, GCM_ESP_SALT_SIZE);
@@ -3057,6 +3066,10 @@ static int aead_ccm_esp_setkey(struct crypto_aead *cipher,
30573066
struct iproc_ctx_s *ctx = crypto_aead_ctx(cipher);
30583067

30593068
flow_log("%s\n", __func__);
3069+
3070+
if (keylen < CCM_ESP_SALT_SIZE)
3071+
return -EINVAL;
3072+
30603073
ctx->salt_len = CCM_ESP_SALT_SIZE;
30613074
ctx->salt_offset = CCM_ESP_SALT_OFFSET;
30623075
memcpy(ctx->salt, key + keylen - CCM_ESP_SALT_SIZE, CCM_ESP_SALT_SIZE);

0 commit comments

Comments
 (0)