diff options
| -rw-r--r-- | crypto/ansi_cprng.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c index ffa0245e2abc..6ddd99e6114b 100644 --- a/crypto/ansi_cprng.c +++ b/crypto/ansi_cprng.c | |||
| @@ -414,10 +414,18 @@ static int fips_cprng_get_random(struct crypto_rng *tfm, u8 *rdata, | |||
| 414 | static int fips_cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen) | 414 | static int fips_cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen) |
| 415 | { | 415 | { |
| 416 | u8 rdata[DEFAULT_BLK_SZ]; | 416 | u8 rdata[DEFAULT_BLK_SZ]; |
| 417 | u8 *key = seed + DEFAULT_BLK_SZ; | ||
| 417 | int rc; | 418 | int rc; |
| 418 | 419 | ||
| 419 | struct prng_context *prng = crypto_rng_ctx(tfm); | 420 | struct prng_context *prng = crypto_rng_ctx(tfm); |
| 420 | 421 | ||
| 422 | if (slen < DEFAULT_PRNG_KSZ + DEFAULT_BLK_SZ) | ||
| 423 | return -EINVAL; | ||
| 424 | |||
| 425 | /* fips strictly requires seed != key */ | ||
| 426 | if (!memcmp(seed, key, DEFAULT_PRNG_KSZ)) | ||
| 427 | return -EINVAL; | ||
| 428 | |||
| 421 | rc = cprng_reset(tfm, seed, slen); | 429 | rc = cprng_reset(tfm, seed, slen); |
| 422 | 430 | ||
| 423 | if (!rc) | 431 | if (!rc) |