diff options
| author | Eric Biggers | 2017-06-08 08:49:49 -0500 |
|---|---|---|
| committer | James Morris | 2017-06-08 22:29:49 -0500 |
| commit | 0ddd9f1a6b7e5746b52959f645fc66859b805e88 (patch) | |
| tree | d9a9c465c41a379ae416f84e95ccf9a0dd84d5d0 | |
| parent | 281590b4221779dbc4a5e2c33c0c5b0239cfe794 (diff) | |
| download | linux-phy-0ddd9f1a6b7e5746b52959f645fc66859b805e88.tar.gz linux-phy-0ddd9f1a6b7e5746b52959f645fc66859b805e88.tar.xz linux-phy-0ddd9f1a6b7e5746b52959f645fc66859b805e88.zip | |
KEYS: DH: ensure the KDF counter is properly aligned
Accessing a 'u8[4]' through a '__be32 *' violates alignment rules. Just
make the counter a __be32 instead.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: James Morris <james.l.morris@oracle.com>
| -rw-r--r-- | security/keys/dh.c | 16 |
1 files changed, 3 insertions, 13 deletions
diff --git a/security/keys/dh.c b/security/keys/dh.c index 1c1cac677041..63ac87d430db 100644 --- a/security/keys/dh.c +++ b/security/keys/dh.c | |||
| @@ -130,14 +130,6 @@ static void kdf_dealloc(struct kdf_sdesc *sdesc) | |||
| 130 | kzfree(sdesc); | 130 | kzfree(sdesc); |
| 131 | } | 131 | } |
| 132 | 132 | ||
| 133 | /* convert 32 bit integer into its string representation */ | ||
| 134 | static inline void crypto_kw_cpu_to_be32(u32 val, u8 *buf) | ||
| 135 | { | ||
| 136 | __be32 *a = (__be32 *)buf; | ||
| 137 | |||
| 138 | *a = cpu_to_be32(val); | ||
| 139 | } | ||
| 140 | |||
| 141 | /* | 133 | /* |
| 142 | * Implementation of the KDF in counter mode according to SP800-108 section 5.1 | 134 | * Implementation of the KDF in counter mode according to SP800-108 section 5.1 |
| 143 | * as well as SP800-56A section 5.8.1 (Single-step KDF). | 135 | * as well as SP800-56A section 5.8.1 (Single-step KDF). |
| @@ -154,16 +146,14 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen, | |||
| 154 | unsigned int h = crypto_shash_digestsize(desc->tfm); | 146 | unsigned int h = crypto_shash_digestsize(desc->tfm); |
| 155 | int err = 0; | 147 | int err = 0; |
| 156 | u8 *dst_orig = dst; | 148 | u8 *dst_orig = dst; |
| 157 | u32 i = 1; | 149 | __be32 counter = cpu_to_be32(1); |
| 158 | u8 iteration[sizeof(u32)]; | ||
| 159 | 150 | ||
| 160 | while (dlen) { | 151 | while (dlen) { |
| 161 | err = crypto_shash_init(desc); | 152 | err = crypto_shash_init(desc); |
| 162 | if (err) | 153 | if (err) |
| 163 | goto err; | 154 | goto err; |
| 164 | 155 | ||
| 165 | crypto_kw_cpu_to_be32(i, iteration); | 156 | err = crypto_shash_update(desc, (u8 *)&counter, sizeof(__be32)); |
| 166 | err = crypto_shash_update(desc, iteration, sizeof(u32)); | ||
| 167 | if (err) | 157 | if (err) |
| 168 | goto err; | 158 | goto err; |
| 169 | 159 | ||
| @@ -189,7 +179,7 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen, | |||
| 189 | 179 | ||
| 190 | dlen -= h; | 180 | dlen -= h; |
| 191 | dst += h; | 181 | dst += h; |
| 192 | i++; | 182 | counter = cpu_to_be32(be32_to_cpu(counter) + 1); |
| 193 | } | 183 | } |
| 194 | } | 184 | } |
| 195 | 185 | ||