Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 17 Aug 2005 16:02:25 +0200
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Mike Tancsa <mike@sentex.net>
Cc:        FreeBSD-current <freebsd-current@FreeBSD.org>
Subject:   Re: VIA/ACE PadLock integration with crypto(9).
Message-ID:  <20050817140225.GF11066@garage.freebsd.pl>
In-Reply-To: <6.2.3.4.0.20050816154326.087cf7b8@64.7.153.2>
References:  <20050812134511.GE25162@garage.freebsd.pl> <6.2.3.4.0.20050813012441.061d08b0@64.7.153.2> <20050813074636.GH27996@garage.freebsd.pl> <6.2.3.4.0.20050813102138.0644fe08@64.7.153.2> <20050816185956.GA8407@garage.freebsd.pl> <6.2.3.4.0.20050816154326.087cf7b8@64.7.153.2>
next in thread | previous in thread | raw e-mail | index | archive | help 

--HCdXmnRlPgeNBad2
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Aug 16, 2005 at 03:53:26PM -0400, Mike Tancsa wrote:
+> >Ok, I committed a fix to HEAD.
+> >Here is the patch:
+> >        http://people.freebsd.org/~pjd/patches/rijndael.patch
+>=20
+>=20
+> Perhaps a lame question, but would it be possible to craft such a packet=
 from the outside world to send as a DoS ?

No, you need to be able to setup wrong key locally.

Is local DoS possible? Here answer is more complex and short version is
"I believe it is not.".
Long version: The bug is in kernel rijndael software code.
You cannot setup wrong key via crypto(4), because you can use it only
if crypto hardware is available.
Another method to configure software crypto from userland is setkey(8),
but you need uid 0 for this.

--=20
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd@FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

--HCdXmnRlPgeNBad2
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)

iD8DBQFDA0NxForvXbEpPzQRAjC3AJwP7UoHgNyT9giUWPqseF7SbOheJwCfbfpT
gMxnAW6k8Gi/ZuzMXUX7Ntk=
=5HyJ
-----END PGP SIGNATURE-----

--HCdXmnRlPgeNBad2--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050817140225.GF11066>