diff options
| author | pjd <pjd@FreeBSD.org> | 2005-08-16 18:59:00 +0000 |
|---|---|---|
| committer | pjd <pjd@FreeBSD.org> | 2005-08-16 18:59:00 +0000 |
| commit | 372c5a7d070d26ae5777e72e5403b62d9f0da99e (patch) | |
| tree | 667a1055e89ba718cbf020e12793de0cd3a16ca7 /sys | |
| parent | 1d6676e5bc30f3c6a759289b8e17002de8f5a721 (diff) | |
| download | FreeBSD-src-372c5a7d070d26ae5777e72e5403b62d9f0da99e.zip FreeBSD-src-372c5a7d070d26ae5777e72e5403b62d9f0da99e.tar.gz | |
Check key size for rijndael, as invalid key size can lead to kernel panic.
It checked other algorithms against this bug and it seems they aren't
affected.
Reported by: Mike Tancsa <mike@sentex.net>
PR: i386/84860
Reviewed by: phk, cperciva(x2)
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/crypto/rijndael/rijndael-alg-fst.c | 2 | ||||
| -rw-r--r-- | sys/opencrypto/xform.c | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/sys/crypto/rijndael/rijndael-alg-fst.c b/sys/crypto/rijndael/rijndael-alg-fst.c index 4f2164f..a0eb4fd 100644 --- a/sys/crypto/rijndael/rijndael-alg-fst.c +++ b/sys/crypto/rijndael/rijndael-alg-fst.c @@ -734,6 +734,8 @@ int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBit int i = 0; u32 temp; + KASSERT(keyBits == 128 || keyBits == 192 || keyBits == 256, + ("Invalid key size (%d).", keyBits)); rk[0] = GETU32(cipherKey ); rk[1] = GETU32(cipherKey + 4); rk[2] = GETU32(cipherKey + 8); diff --git a/sys/opencrypto/xform.c b/sys/opencrypto/xform.c index 5dfb317..a24d6da 100644 --- a/sys/opencrypto/xform.c +++ b/sys/opencrypto/xform.c @@ -512,6 +512,8 @@ rijndael128_setkey(u_int8_t **sched, u_int8_t *key, int len) { int err; + if (len != 16 && len != 24 && len != 32) + return (EINVAL); MALLOC(*sched, u_int8_t *, sizeof(rijndael_ctx), M_CRYPTO_DATA, M_NOWAIT|M_ZERO); if (*sched != NULL) { |
