diff options
author | Miloslav Trmač <mitr@redhat.com> | 2010-08-24 20:43:13 +0200 |
---|---|---|
committer | Miloslav Trmač <mitr@redhat.com> | 2010-08-24 20:43:13 +0200 |
commit | 51a92d357aebc84b45cf8c90061319d22b170bb5 (patch) | |
tree | ef86e6681d7ecded3d543f0238a30dcadb4730c2 /ncr-key-wrap.c | |
parent | 5c340eee0020717c793fd9d7e74e5f065225a8f3 (diff) | |
download | kernel-crypto-51a92d357aebc84b45cf8c90061319d22b170bb5.tar.gz kernel-crypto-51a92d357aebc84b45cf8c90061319d22b170bb5.tar.xz kernel-crypto-51a92d357aebc84b45cf8c90061319d22b170bb5.zip |
Reject prohibited key flags immediately
Silently ignoring user's requests is unexpected.
Diffstat (limited to 'ncr-key-wrap.c')
-rw-r--r-- | ncr-key-wrap.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c index 93103b5a9a5..eea252ee85c 100644 --- a/ncr-key-wrap.c +++ b/ncr-key-wrap.c @@ -455,12 +455,17 @@ const uint8_t * iv = wrap_st->params.params.cipher.iv; goto cleanup; } + ret = ncr_key_assign_flags(output, wrap_st->wrapped_key_flags); + if (ret != 0) { + err(); + goto cleanup; + } + memset(&output->key, 0, sizeof(output->key)); for (i=0;i<n;i++) { memcpy(&output->key.secret.data[i*8], R[i], sizeof(R[i])); } output->key.secret.size = n*8; - ncr_key_assign_flags(output, wrap_st->wrapped_key_flags); output->type = NCR_KEY_TYPE_SECRET; ret = 0; @@ -864,7 +869,11 @@ static int key_from_packed_data(ncr_algorithm_t algorithm, unsigned int flags, } key->type = key->algorithm->key_type; - ncr_key_assign_flags(key, flags); + ret = ncr_key_assign_flags(key, flags); + if (ret != 0) { + err(); + return ret; + } if (key->type == NCR_KEY_TYPE_SECRET) { if (data_size > NCR_CIPHER_MAX_KEY_LEN) { |