diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-08-25 18:04:20 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-08-25 18:04:20 +0200 |
| commit | 3b521fbc223cafd360def97841544d34d7396dc2 (patch) | |
| tree | b211daefe2d2e25f113bda131ba06535c732799b | |
| parent | e8372045818cb278ad2fe05ab64d3a76990cd1ed (diff) | |
| download | kernel-crypto-3b521fbc223cafd360def97841544d34d7396dc2.tar.gz kernel-crypto-3b521fbc223cafd360def97841544d34d7396dc2.tar.xz kernel-crypto-3b521fbc223cafd360def97841544d34d7396dc2.zip | |
enforce the key wrap version.
| -rw-r--r-- | ncr-key-wrap.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c index 2f2695de6d7..08689cb4759 100644 --- a/ncr-key-wrap.c +++ b/ncr-key-wrap.c @@ -34,6 +34,8 @@ #include "ncr-int.h" #include "cryptodev_int.h" +#define KEY_WRAP_VERSION 0 + typedef uint8_t val64_t[8]; static const val64_t initA = "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"; @@ -826,7 +828,7 @@ static int key_to_packed_data( uint8_t** sdata, size_t * sdata_size, const struc uint8_t * derkey = NULL; uint32_t pkey_size; int ret, err; - unsigned long zero = 0; + unsigned long version = KEY_WRAP_VERSION; unsigned long type; unsigned long derlen; @@ -887,7 +889,7 @@ static int key_to_packed_data( uint8_t** sdata, size_t * sdata_size, const struc } err = der_encode_sequence_multi(derkey, &derlen, - LTC_ASN1_SHORT_INTEGER, 1UL, &zero, + LTC_ASN1_SHORT_INTEGER, 1UL, &version, LTC_ASN1_SHORT_INTEGER, 1UL, &type, LTC_ASN1_OCTET_STRING, (unsigned long)pkey_size, pkey, LTC_ASN1_EOL, 0UL, NULL); @@ -998,6 +1000,12 @@ static int key_from_packed_data(unsigned int flags, goto fail; } + if (version != KEY_WRAP_VERSION) { + err(); + ret = -EINVAL; + goto fail; + } + pkey_size = list[2].size; ret = packed_type_to_key_type(type, key); |