On Tue, Oct 23, 2007 at 03:26:29PM -0500, Joy Latten wrote:
>
> + err = crypto_attr_u32(tb[4], &countersize);
> + if (err)
> + goto out_put_alg;
> +
> /* verify size of nonce + iv + counter */
> err = -EINVAL;
> - if ((noncesize + ivsize) >= alg->cra_blocksize)
> + if (((noncesize + ivsize) > alg->cra_blocksize) ||
> + (countersize > alg->cra_blocksize))
> goto out_put_alg;
Probably should check whether
noncesize + ivsize + countersize == blocksize
if
noncesize + ivsize < blocksize
Actually let's also require that countersize >= 4 as otherwise
wrapping will be a problem. This would also weed out stream
algorithms but we wouldn't want to apply CTR to them anyway.
Otherwise this looks pretty good to me. Thanks Joy!
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
