diff options
author | Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org> | 2017-06-01 12:03:21 +0300 |
---|---|---|
committer | Maxim Uvarov <maxim.uvarov@linaro.org> | 2017-06-16 17:01:10 +0300 |
commit | 93e9e20c17426d3262aa96a589106e635b755090 (patch) | |
tree | 2513b8a5c0fdf47cab72a02d886e65f64eb7c2d6 /platform | |
parent | ab3003c87e4cc25e3b26c7bddbfbce61525a94ad (diff) |
linux-generic: crypto: use auth_digest_len when calculating HMACs
Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>
Reviewed-by: Petri Savolainen <petri.savolainen@linaro.org>
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Diffstat (limited to 'platform')
-rw-r--r-- | platform/linux-generic/odp_crypto.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index a993542f5..472ee3107 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -522,7 +522,6 @@ static int process_des_param(odp_crypto_generic_session_t *session) } static int process_auth_param(odp_crypto_generic_session_t *session, - uint32_t bits, uint32_t key_length, const EVP_MD *evp_md) { @@ -535,7 +534,9 @@ static int process_auth_param(odp_crypto_generic_session_t *session, session->auth.evp_md = evp_md; /* Number of valid bytes */ - session->auth.bytes = bits / 8; + session->auth.bytes = session->p.auth_digest_len; + if (session->auth.bytes < (unsigned)EVP_MD_size(evp_md) / 2) + return -1; /* Convert keys */ session->auth.key_length = key_length; @@ -745,17 +746,23 @@ odp_crypto_session_create(odp_crypto_session_param_t *param, session->auth.func = null_crypto_routine; rc = 0; break; - case ODP_AUTH_ALG_MD5_HMAC: #if ODP_DEPRECATED_API case ODP_AUTH_ALG_MD5_96: + /* Fixed digest tag length with deprecated algo */ + session->p.auth_digest_len = 96 / 8; + /* Fallthrough */ #endif - rc = process_auth_param(session, 96, 16, EVP_md5()); + case ODP_AUTH_ALG_MD5_HMAC: + rc = process_auth_param(session, 16, EVP_md5()); break; - case ODP_AUTH_ALG_SHA256_HMAC: #if ODP_DEPRECATED_API case ODP_AUTH_ALG_SHA256_128: + /* Fixed digest tag length with deprecated algo */ + session->p.auth_digest_len = 128 / 8; + /* Fallthrough */ #endif - rc = process_auth_param(session, 128, 32, EVP_sha256()); + case ODP_AUTH_ALG_SHA256_HMAC: + rc = process_auth_param(session, 32, EVP_sha256()); break; #if ODP_DEPRECATED_API case ODP_AUTH_ALG_AES128_GCM: |