diff options
| author | Herbert Xu <herbert@gondor.apana.org.au> | 2005-09-06 17:49:44 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2005-09-06 17:49:44 -0400 |
| commit | fe2d5295a11e2ab2d6f4e7ea074816000b32eba3 (patch) | |
| tree | 6887fb3b2f406d5ed1247e7c77ef34f20a345e6d /crypto/cipher.c | |
| parent | b69aee04fbfc027fc4ddaddc809ea8711cef9511 (diff) | |
[CRYPTO] Fix boundary check in standard multi-block cipher processors
The boundary check in the standard multi-block cipher processors are
broken when nbytes is not a multiple of bsize. In those cases it will
always process an extra block.
This patch corrects the check so that it processes at most nbytes of
data.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'crypto/cipher.c')
| -rw-r--r-- | crypto/cipher.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/cipher.c b/crypto/cipher.c index 3df47f93c9db..dfd4bcfc5975 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c | |||
| @@ -191,6 +191,8 @@ static unsigned int cbc_process_encrypt(const struct cipher_desc *desc, | |||
| 191 | u8 *iv = desc->info; | 191 | u8 *iv = desc->info; |
| 192 | unsigned int done = 0; | 192 | unsigned int done = 0; |
| 193 | 193 | ||
| 194 | nbytes -= bsize; | ||
| 195 | |||
| 194 | do { | 196 | do { |
| 195 | xor(iv, src); | 197 | xor(iv, src); |
| 196 | fn(crypto_tfm_ctx(tfm), dst, iv); | 198 | fn(crypto_tfm_ctx(tfm), dst, iv); |
| @@ -198,7 +200,7 @@ static unsigned int cbc_process_encrypt(const struct cipher_desc *desc, | |||
| 198 | 200 | ||
| 199 | src += bsize; | 201 | src += bsize; |
| 200 | dst += bsize; | 202 | dst += bsize; |
| 201 | } while ((done += bsize) < nbytes); | 203 | } while ((done += bsize) <= nbytes); |
| 202 | 204 | ||
| 203 | return done; | 205 | return done; |
| 204 | } | 206 | } |
| @@ -219,6 +221,8 @@ static unsigned int cbc_process_decrypt(const struct cipher_desc *desc, | |||
| 219 | u8 *iv = desc->info; | 221 | u8 *iv = desc->info; |
| 220 | unsigned int done = 0; | 222 | unsigned int done = 0; |
| 221 | 223 | ||
| 224 | nbytes -= bsize; | ||
| 225 | |||
| 222 | do { | 226 | do { |
| 223 | u8 *tmp_dst = *dst_p; | 227 | u8 *tmp_dst = *dst_p; |
| 224 | 228 | ||
| @@ -230,7 +234,7 @@ static unsigned int cbc_process_decrypt(const struct cipher_desc *desc, | |||
| 230 | 234 | ||
| 231 | src += bsize; | 235 | src += bsize; |
| 232 | dst += bsize; | 236 | dst += bsize; |
| 233 | } while ((done += bsize) < nbytes); | 237 | } while ((done += bsize) <= nbytes); |
| 234 | 238 | ||
| 235 | return done; | 239 | return done; |
| 236 | } | 240 | } |
| @@ -243,12 +247,14 @@ static unsigned int ecb_process(const struct cipher_desc *desc, u8 *dst, | |||
| 243 | void (*fn)(void *, u8 *, const u8 *) = desc->crfn; | 247 | void (*fn)(void *, u8 *, const u8 *) = desc->crfn; |
| 244 | unsigned int done = 0; | 248 | unsigned int done = 0; |
| 245 | 249 | ||
| 250 | nbytes -= bsize; | ||
| 251 | |||
| 246 | do { | 252 | do { |
| 247 | fn(crypto_tfm_ctx(tfm), dst, src); | 253 | fn(crypto_tfm_ctx(tfm), dst, src); |
| 248 | 254 | ||
| 249 | src += bsize; | 255 | src += bsize; |
| 250 | dst += bsize; | 256 | dst += bsize; |
| 251 | } while ((done += bsize) < nbytes); | 257 | } while ((done += bsize) <= nbytes); |
| 252 | 258 | ||
| 253 | return done; | 259 | return done; |
| 254 | } | 260 | } |