crypto: aead - add check for presence of auth tag

The AEAD decryption operation requires the authentication tag to be present as part of the cipher text buffer. The added check verifies that the caller provides a cipher text with at least the authentication tag. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto: aead - add check for presence of auth tag
The AEAD decryption operation requires the authentication tag to be present as part of the cipher text buffer. The added check verifies that the caller provides a cipher text with at least the authentication tag. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
15acabfd · Stephan Mueller · Herbert Xu · 42d2e780 · 15acabfd
Commit 15acabfd authored Jan 05, 2015 by Stephan Mueller Committed by Herbert Xu Jan 08, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 0 deletions

include/linux/crypto.h include/linux/crypto.h +3 -0

No files found.
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -1412,6 +1412,9 @@ static inline int crypto_aead_encrypt(struct aead_request *req)
 */
 static inline int crypto_aead_decrypt(struct aead_request *req)
 {
+	if (req->cryptlen < crypto_aead_authsize(crypto_aead_reqtfm(req)))
+		return -EINVAL;
+
 	return crypto_aead_crt(crypto_aead_reqtfm(req))->decrypt(req);
 }