projects
/
cascardo
/
linux.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
rpmsg: fix published buffer length in rpmsg_recv_done
[cascardo/linux.git]
/
crypto
/
ansi_cprng.c
diff --git
a/crypto/ansi_cprng.c
b/crypto/ansi_cprng.c
index
ffa0245
..
6ddd99e
100644
(file)
--- a/
crypto/ansi_cprng.c
+++ b/
crypto/ansi_cprng.c
@@
-414,10
+414,18
@@
static int fips_cprng_get_random(struct crypto_rng *tfm, u8 *rdata,
static int fips_cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen)
{
u8 rdata[DEFAULT_BLK_SZ];
static int fips_cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen)
{
u8 rdata[DEFAULT_BLK_SZ];
+ u8 *key = seed + DEFAULT_BLK_SZ;
int rc;
struct prng_context *prng = crypto_rng_ctx(tfm);
int rc;
struct prng_context *prng = crypto_rng_ctx(tfm);
+ if (slen < DEFAULT_PRNG_KSZ + DEFAULT_BLK_SZ)
+ return -EINVAL;
+
+ /* fips strictly requires seed != key */
+ if (!memcmp(seed, key, DEFAULT_PRNG_KSZ))
+ return -EINVAL;
+
rc = cprng_reset(tfm, seed, slen);
if (!rc)
rc = cprng_reset(tfm, seed, slen);
if (!rc)