upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-08 16:22:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

crypto: Don't assert on valid IV length for Chacha20-Poly1305.

Browse source 
The assertion checking for valid IV lengths added in 1833d6042c
was not properly updated to permit an IV length of 8 in commit
42dcd39528.

Reported by:	syzbot+f0c0559b8be1d6eb28c7@syzkaller.appspotmail.com
Reviewed by:	markj
Fixes:		42dcd39528 crypto: Support Chacha20-Poly1305 with a nonce size of 8 bytes.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32860
This commit is contained in:
John Baldwin 2021-11-09 10:52:30 -08:00
parent e3ba94d4f3
commit 442ad83e38
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
sys/opencrypto/xform_chacha20_poly1305.c
View file

@ -55,7 +55,7 @@ chacha20_poly1305_reinit(void *vctx, const uint8_t *iv, size_t ivlen)
{
struct chacha20_poly1305_cipher_ctx *ctx = vctx;
KASSERT(ivlen == sizeof(ctx->nonce),
KASSERT(ivlen == 8 || ivlen == sizeof(ctx->nonce),
("%s: invalid nonce length", __func__));
/* Block 0 is used for the poly1305 key. */