Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Pull crypto fixes from Herbert Xu: "This fixes the newly added drbg generator so that it actually works on 32-bit machines. Previously the code was only tested on 64-bit and on 32-bit it overflowed and simply doesn't work" * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: drbg - remove check for uninitialized DRBG handle crypto: drbg - backport "fix maximum value checks on 32 bit systems"
CamonZ · Sep 15, 2014 · 3630056 · 3630056
2 parents 9e82bf0 + 78f543a
commit 3630056
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 3 deletions.
diff --git a/crypto/drbg.c b/crypto/drbg.c
@@ -1922,9 +1922,6 @@ static inline int __init drbg_healthcheck_sanity(void)
 	/* overflow max addtllen with personalization string */
 	ret = drbg_instantiate(drbg, &addtl, coreref, pr);
 	BUG_ON(0 == ret);
-	/* test uninstantated DRBG */
-	len = drbg_generate(drbg, buf, (max_request_bytes + 1), NULL);
-	BUG_ON(0 < len);
 	/* all tests passed */
 	rc = 0;
 

diff --git a/include/crypto/drbg.h b/include/crypto/drbg.h
@@ -162,12 +162,25 @@ static inline size_t drbg_max_request_bytes(struct drbg_state *drbg)
 
 static inline size_t drbg_max_addtl(struct drbg_state *drbg)
 {
+#if (__BITS_PER_LONG == 32)
+	/*
+	 * SP800-90A allows smaller maximum numbers to be returned -- we
+	 * return SIZE_MAX - 1 to allow the verification of the enforcement
+	 * of this value in drbg_healthcheck_sanity.
+	 */
+	return (SIZE_MAX - 1);
+#else
 	return (1UL<<(drbg->core->max_addtllen));
+#endif
 }
 
 static inline size_t drbg_max_requests(struct drbg_state *drbg)
 {
+#if (__BITS_PER_LONG == 32)
+	return SIZE_MAX;
+#else
 	return (1UL<<(drbg->core->max_req));
+#endif
 }
 
 /*