On 4/27/2017 6:46 PM, Martin Hicks wrote:
>
> The max keysize for both of these is 128, not 96. Before, with keysizes
> over 96, the memcpy in ahash_setkey() would overwrite memory beyond the
> key field.
>
While here, what about aead_setkey()?
AFAICT, TALITOS_MAX_KEY_SIZE value has been incorrect since forever; it
does not cover the maximum values of encryption key + authentication key
for authenc algorithms.
So, based on algorithms currently registered, I think this should be:
#define TALITOS_MAX_KEY_SIZE (AES_MAX_KEY_SIZE + \
SHA512_BLOCK_SIZE)
> Signed-off-by: Martin Hicks <m...@bork.org>
Cc: sta...@vger.kernel.org # 3.6+
Fixes: 357fb60502ede ("crypto: talitos - add sha224, sha384 and sha512
to existing AEAD algorithms")
> ---
> drivers/crypto/talitos.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
> index 0bba6a1..97dc85e 100644
> --- a/drivers/crypto/talitos.c
> +++ b/drivers/crypto/talitos.c
> @@ -816,7 +816,7 @@ static void talitos_unregister_rng(struct device *dev)
> * HMAC_SNOOP_NO_AFEA (HSNA) instead of type IPSEC_ESP
> */
> #define TALITOS_CRA_PRIORITY_AEAD_HSNA (TALITOS_CRA_PRIORITY - 1)
> -#define TALITOS_MAX_KEY_SIZE 96
> +#define TALITOS_MAX_KEY_SIZE SHA512_BLOCK_SIZE /* SHA512 has the
> largest keysize input */
> #define TALITOS_MAX_IV_LENGTH 16 /* max of AES_BLOCK_SIZE,
> DES3_EDE_BLOCK_SIZE */
>
> struct talitos_ctx {
>
