Add stricter checking on mac key lengths.
ClosedPublic
Actions

Authored by jhb on Jan 8 2020, 8:01 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Mon, Dec 1, 9:10 AM

	Unknown Object (File)
	Fri, Nov 28, 9:25 AM

	Unknown Object (File)
	Sun, Nov 23, 1:39 AM

	Unknown Object (File)
	Sun, Nov 23, 1:39 AM

	Unknown Object (File)
	Sun, Nov 23, 1:39 AM

	Unknown Object (File)
	Sun, Nov 23, 1:30 AM

	Unknown Object (File)
	Fri, Nov 21, 3:31 AM

	Unknown Object (File)
	Mon, Nov 17, 9:17 PM

View All 86 Files

Subscribers

imp

Details

Reviewers

cem
jmg

Commits

rS356561: Add stricter checking on mac key lengths.

Summary

Negative lengths are always invalid. The key length should also
be zero for hash algorithms that do not accept a key.

Test Plan

cryptocheck passes
test program that provokes a panic with a length of -1 now fails with an error

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb created this revision.Jan 8 2020, 8:01 PM

Harbormaster completed remote builds in B28555: Diff 66518.Jan 8 2020, 8:01 PM

cem accepted this revision.Jan 9 2020, 12:35 AM

This revision is now accepted and ready to land.Jan 9 2020, 12:35 AM

Closed by commit rS356561: Add stricter checking on mac key lengths. (authored by jhb). · Explain WhyJan 9 2020, 6:30 PM

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rS356561: Add stricter checking on mac key lengths..

Herald added a reviewer: jmg. · View Herald TranscriptJan 9 2020, 6:30 PM

Herald added a subscriber: imp. · View Herald Transcript

Revision Contents
Changeset List

Path

Size

head/

sys/

opencrypto/

cryptodev.c

4 lines

Diff 66565

View Options

head/sys/opencrypto/cryptodev.c

Add stricter checking on mac key lengths.ClosedPublicActions