diff options
| -rw-r--r-- | crypto/authencesn.c | 44 |
1 files changed, 12 insertions, 32 deletions
diff --git a/crypto/authencesn.c b/crypto/authencesn.c index a3da6770bc9e..b8efe36ce114 100644 --- a/crypto/authencesn.c +++ b/crypto/authencesn.c | |||
| @@ -393,8 +393,6 @@ static int crypto_authenc_esn_genicv(struct aead_request *req, u8 *iv, | |||
| 393 | struct scatterlist *cipher = areq_ctx->cipher; | 393 | struct scatterlist *cipher = areq_ctx->cipher; |
| 394 | struct scatterlist *hsg = areq_ctx->hsg; | 394 | struct scatterlist *hsg = areq_ctx->hsg; |
| 395 | struct scatterlist *tsg = areq_ctx->tsg; | 395 | struct scatterlist *tsg = areq_ctx->tsg; |
| 396 | struct scatterlist *assoc1; | ||
| 397 | struct scatterlist *assoc2; | ||
| 398 | unsigned int ivsize = crypto_aead_ivsize(authenc_esn); | 396 | unsigned int ivsize = crypto_aead_ivsize(authenc_esn); |
| 399 | unsigned int cryptlen = req->cryptlen; | 397 | unsigned int cryptlen = req->cryptlen; |
| 400 | struct page *dstp; | 398 | struct page *dstp; |
| @@ -412,27 +410,19 @@ static int crypto_authenc_esn_genicv(struct aead_request *req, u8 *iv, | |||
| 412 | cryptlen += ivsize; | 410 | cryptlen += ivsize; |
| 413 | } | 411 | } |
| 414 | 412 | ||
| 415 | if (sg_is_last(assoc)) | 413 | if (assoc->length < 12) |
| 416 | return -EINVAL; | ||
| 417 | |||
| 418 | assoc1 = assoc + 1; | ||
| 419 | if (sg_is_last(assoc1)) | ||
| 420 | return -EINVAL; | ||
| 421 | |||
| 422 | assoc2 = assoc + 2; | ||
| 423 | if (!sg_is_last(assoc2)) | ||
| 424 | return -EINVAL; | 414 | return -EINVAL; |
| 425 | 415 | ||
| 426 | sg_init_table(hsg, 2); | 416 | sg_init_table(hsg, 2); |
| 427 | sg_set_page(hsg, sg_page(assoc), assoc->length, assoc->offset); | 417 | sg_set_page(hsg, sg_page(assoc), 4, assoc->offset); |
| 428 | sg_set_page(hsg + 1, sg_page(assoc2), assoc2->length, assoc2->offset); | 418 | sg_set_page(hsg + 1, sg_page(assoc), 4, assoc->offset + 8); |
| 429 | 419 | ||
| 430 | sg_init_table(tsg, 1); | 420 | sg_init_table(tsg, 1); |
| 431 | sg_set_page(tsg, sg_page(assoc1), assoc1->length, assoc1->offset); | 421 | sg_set_page(tsg, sg_page(assoc), 4, assoc->offset + 4); |
| 432 | 422 | ||
| 433 | areq_ctx->cryptlen = cryptlen; | 423 | areq_ctx->cryptlen = cryptlen; |
| 434 | areq_ctx->headlen = assoc->length + assoc2->length; | 424 | areq_ctx->headlen = 8; |
| 435 | areq_ctx->trailen = assoc1->length; | 425 | areq_ctx->trailen = 4; |
| 436 | areq_ctx->sg = dst; | 426 | areq_ctx->sg = dst; |
| 437 | 427 | ||
| 438 | areq_ctx->complete = authenc_esn_geniv_ahash_done; | 428 | areq_ctx->complete = authenc_esn_geniv_ahash_done; |
| @@ -563,8 +553,6 @@ static int crypto_authenc_esn_iverify(struct aead_request *req, u8 *iv, | |||
| 563 | struct scatterlist *cipher = areq_ctx->cipher; | 553 | struct scatterlist *cipher = areq_ctx->cipher; |
| 564 | struct scatterlist *hsg = areq_ctx->hsg; | 554 | struct scatterlist *hsg = areq_ctx->hsg; |
| 565 | struct scatterlist *tsg = areq_ctx->tsg; | 555 | struct scatterlist *tsg = areq_ctx->tsg; |
| 566 | struct scatterlist *assoc1; | ||
| 567 | struct scatterlist *assoc2; | ||
| 568 | unsigned int ivsize = crypto_aead_ivsize(authenc_esn); | 556 | unsigned int ivsize = crypto_aead_ivsize(authenc_esn); |
| 569 | struct page *srcp; | 557 | struct page *srcp; |
| 570 | u8 *vsrc; | 558 | u8 *vsrc; |
| @@ -580,27 +568,19 @@ static int crypto_authenc_esn_iverify(struct aead_request *req, u8 *iv, | |||
| 580 | cryptlen += ivsize; | 568 | cryptlen += ivsize; |
| 581 | } | 569 | } |
| 582 | 570 | ||
| 583 | if (sg_is_last(assoc)) | 571 | if (assoc->length < 12) |
| 584 | return -EINVAL; | ||
| 585 | |||
| 586 | assoc1 = assoc + 1; | ||
| 587 | if (sg_is_last(assoc1)) | ||
| 588 | return -EINVAL; | ||
| 589 | |||
| 590 | assoc2 = assoc + 2; | ||
| 591 | if (!sg_is_last(assoc2)) | ||
| 592 | return -EINVAL; | 572 | return -EINVAL; |
| 593 | 573 | ||
| 594 | sg_init_table(hsg, 2); | 574 | sg_init_table(hsg, 2); |
| 595 | sg_set_page(hsg, sg_page(assoc), assoc->length, assoc->offset); | 575 | sg_set_page(hsg, sg_page(assoc), 4, assoc->offset); |
| 596 | sg_set_page(hsg + 1, sg_page(assoc2), assoc2->length, assoc2->offset); | 576 | sg_set_page(hsg + 1, sg_page(assoc), 4, assoc->offset + 8); |
| 597 | 577 | ||
| 598 | sg_init_table(tsg, 1); | 578 | sg_init_table(tsg, 1); |
| 599 | sg_set_page(tsg, sg_page(assoc1), assoc1->length, assoc1->offset); | 579 | sg_set_page(tsg, sg_page(assoc), 4, assoc->offset + 4); |
| 600 | 580 | ||
| 601 | areq_ctx->cryptlen = cryptlen; | 581 | areq_ctx->cryptlen = cryptlen; |
| 602 | areq_ctx->headlen = assoc->length + assoc2->length; | 582 | areq_ctx->headlen = 8; |
| 603 | areq_ctx->trailen = assoc1->length; | 583 | areq_ctx->trailen = 4; |
| 604 | areq_ctx->sg = src; | 584 | areq_ctx->sg = src; |
| 605 | 585 | ||
| 606 | areq_ctx->complete = authenc_esn_verify_ahash_done; | 586 | areq_ctx->complete = authenc_esn_verify_ahash_done; |