crypto: ensure XTS is only used with ciphers with 16 byte blocks - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Daniel P. Berrange <berrange@redhat.com>	2016-08-24 16:28:15 +0100
committer	Daniel P. Berrange <berrange@redhat.com>	2016-09-12 12:00:06 +0100
commit	a5d2f44d0d3e7523670e103a8c37faed29ff2b76 (patch)
tree	605c0414b74ebd8bdea7a31fde1da0205a056be0 /scripts/qapi-commands.py
parent	c2a57aae9a1c3dd7de77daf5478df10379aeeebf (diff)
download	focaccia-qemu-a5d2f44d0d3e7523670e103a8c37faed29ff2b76.tar.gz focaccia-qemu-a5d2f44d0d3e7523670e103a8c37faed29ff2b76.zip

crypto: ensure XTS is only used with ciphers with 16 byte blocks

The XTS cipher mode needs to be used with a cipher which has
a block size of 16 bytes. If a mis-matching block size is used,
the code will either corrupt memory beyond the IV array, or
not fully encrypt/decrypt the IV.

This fixes a memory corruption crash when attempting to use
cast5-128 with xts, since the former has an 8 byte block size.

A test case is added to ensure the cipher creation fails with
such an invalid combination.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

Diffstat (limited to 'scripts/qapi-commands.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: