| From 2a6bc713f1cef32e39e3c4e6f2e1a9849da6379c Mon Sep 17 00:00:00 2001 |
| From: Gilad Ben-Yossef <gilad@benyossef.com> |
| Date: Thu, 16 Jan 2020 12:14:38 +0200 |
| Subject: crypto: ccree - fix AEAD decrypt auth fail |
| |
| From: Gilad Ben-Yossef <gilad@benyossef.com> |
| |
| commit 2a6bc713f1cef32e39e3c4e6f2e1a9849da6379c upstream. |
| |
| On AEAD decryption authentication failure we are suppose to |
| zero out the output plaintext buffer. However, we've missed |
| skipping the optional associated data that may prefix the |
| ciphertext. This commit fixes this issue. |
| |
| Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> |
| Fixes: e88b27c8eaa8 ("crypto: ccree - use std api sg_zero_buffer") |
| Cc: stable@vger.kernel.org |
| Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| drivers/crypto/ccree/cc_aead.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/drivers/crypto/ccree/cc_aead.c |
| +++ b/drivers/crypto/ccree/cc_aead.c |
| @@ -237,7 +237,7 @@ static void cc_aead_complete(struct devi |
| * revealed the decrypted message --> zero its memory. |
| */ |
| sg_zero_buffer(areq->dst, sg_nents(areq->dst), |
| - areq->cryptlen, 0); |
| + areq->cryptlen, areq->assoclen); |
| err = -EBADMSG; |
| } |
| /*ENCRYPT*/ |