Add stricter checking on mac key lengths.
ClosedPublic
Actions

Authored by jhb on Jan 8 2020, 8:01 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Tue, Oct 21, 9:46 AM

	Unknown Object (File)
	Tue, Oct 21, 9:45 AM

	Unknown Object (File)
	Tue, Oct 21, 9:45 AM

	Unknown Object (File)
	Tue, Oct 21, 6:50 AM

	Unknown Object (File)
	Mon, Oct 20, 10:18 PM

	Unknown Object (File)
	Sun, Oct 12, 1:28 AM

	Unknown Object (File)
	Sun, Oct 5, 3:39 AM

	Unknown Object (File)
	Sep 22 2025, 12:23 PM

View All 73 Files

Subscribers

imp

Details

Reviewers

cem
jmg

Commits

rS356561: Add stricter checking on mac key lengths.

Summary

Negative lengths are always invalid. The key length should also
be zero for hash algorithms that do not accept a key.

Test Plan

cryptocheck passes
test program that provokes a panic with a length of -1 now fails with an error

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb created this revision.Jan 8 2020, 8:01 PM

Harbormaster completed remote builds in B28555: Diff 66518.Jan 8 2020, 8:01 PM

cem accepted this revision.Jan 9 2020, 12:35 AM

This revision is now accepted and ready to land.Jan 9 2020, 12:35 AM

Closed by commit rS356561: Add stricter checking on mac key lengths. (authored by jhb). · Explain WhyJan 9 2020, 6:30 PM

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rS356561: Add stricter checking on mac key lengths..

Herald added a reviewer: jmg. · View Herald TranscriptJan 9 2020, 6:30 PM

Herald added a subscriber: imp. · View Herald Transcript

Revision Contents
Changeset List

Path

Size

head/

sys/

opencrypto/

cryptodev.c

4 lines

Diff 66565

View Options

head/sys/opencrypto/cryptodev.c

Add stricter checking on mac key lengths.ClosedPublicActions