crypto: aead - Do not allow authsize=0 if auth. alg has digestsize>0

Pascal van Leeuwen · herbertx · commit a62084d299d9 · 2019-08-15T21:52:14.000+10:00
Return -EINVAL on an attempt to set the authsize to 0 with an auth.
algorithm with a non-zero digestsize (i.e. anything but digest_null)
as authenticating the data and then throwing away the result does not
make any sense at all.

The digestsize zero exception is for use with digest_null for testing
purposes only.

Signed-off-by: Pascal van Leeuwen &lt;pvanleeuwen@verimatrix.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
diff --git a/crypto/aead.c b/crypto/aead.c
@@ -70,7 +70,8 @@ int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)
 {
 	int err;
 
-	if (authsize > crypto_aead_maxauthsize(tfm))
+	if ((!authsize && crypto_aead_maxauthsize(tfm)) ||
+	    authsize > crypto_aead_maxauthsize(tfm))
 		return -EINVAL;
 
 	if (crypto_aead_alg(tfm)->setauthsize) {

Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,8 @@ int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)`
`70`	`70`	`{`
`71`	`71`	`int err;`
`72`	`72`
`73`		`- if (authsize > crypto_aead_maxauthsize(tfm))`
	`73`	`+ if ((!authsize && crypto_aead_maxauthsize(tfm)) \|\|`
	`74`	`+ authsize > crypto_aead_maxauthsize(tfm))`
`74`	`75`	`return -EINVAL;`
`75`	`76`
`76`	`77`	`if (crypto_aead_alg(tfm)->setauthsize) {`