Page MenuHomeFreeBSD

Add stricter checking on mac key lengths.
ClosedPublic

Authored by jhb on Wed, Jan 8, 8:01 PM.

Details

Summary

Negative lengths are always invalid. The key length should also
be zero for hash algorithms that do not accept a key.

Test Plan
  • cryptocheck passes
  • test program that provokes a panic with a length of -1 now fails with an error

Diff Detail

Repository
rS FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

jhb created this revision.Wed, Jan 8, 8:01 PM
cem accepted this revision.Thu, Jan 9, 12:35 AM
This revision is now accepted and ready to land.Thu, Jan 9, 12:35 AM
This revision was automatically updated to reflect the committed changes.