crypto: aead - add check for presence of auth tag

The AEAD decryption operation requires the authentication tag to be
present as part of the cipher text buffer. The added check verifies that
the caller provides a cipher text with at least the authentication tag.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 9c8776d0ada87bcf9fa70bc401ce69e336b93d74..90998348e564342c8c9a1ee8e8815761c9fa75a1 100644 (file)
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -1412,6 +1412,9 @@ static inline int crypto_aead_encrypt(struct aead_request *req)
  */
 static inline int crypto_aead_decrypt(struct aead_request *req)
 {
+       if (req->cryptlen < crypto_aead_authsize(crypto_aead_reqtfm(req)))
+               return -EINVAL;
+
        return crypto_aead_crt(crypto_aead_reqtfm(req))->decrypt(req);
 }