Date: Fri, 12 Jun 2020 21:33:02 +0000 (UTC) From: John Baldwin <jhb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r362123 - head/sys/crypto/aesni Message-ID: <202006122133.05CLX2dF079316@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jhb Date: Fri Jun 12 21:33:02 2020 New Revision: 362123 URL: https://svnweb.freebsd.org/changeset/base/362123 Log: Fix AES-CCM requests with an AAD size smaller than a single block. The amount to copy for the first block is the minimum of the size of the AAD region or the remaining space in the first block. Reported by: cryptocheck -z MFC after: 2 weeks Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D25140 Modified: head/sys/crypto/aesni/aesni_ccm.c Modified: head/sys/crypto/aesni/aesni_ccm.c ============================================================================== --- head/sys/crypto/aesni/aesni_ccm.c Fri Jun 12 21:21:18 2020 (r362122) +++ head/sys/crypto/aesni/aesni_ccm.c Fri Jun 12 21:33:02 2020 (r362123) @@ -155,7 +155,7 @@ cbc_mac_start(const unsigned char *auth_data, size_t a * already partially filled, by auth_amt, so we need * to handle that. The last block needs to be zero padded. */ - copy_amt = MIN(auth_len - auth_amt, + copy_amt = MIN(auth_len, sizeof(staging_block) - auth_amt); byte_ptr = (uint8_t*)&staging_block; bcopy(auth_ptr, &byte_ptr[auth_amt], copy_amt);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202006122133.05CLX2dF079316>