svn commit: r362123 - head/sys/crypto/aesni
John Baldwin
jhb at FreeBSD.org
Fri Jun 12 21:33:03 UTC 2020
Author: jhb
Date: Fri Jun 12 21:33:02 2020
New Revision: 362123
URL: https://svnweb.freebsd.org/changeset/base/362123
Log:
Fix AES-CCM requests with an AAD size smaller than a single block.
The amount to copy for the first block is the minimum of the size of
the AAD region or the remaining space in the first block.
Reported by: cryptocheck -z
MFC after: 2 weeks
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D25140
Modified:
head/sys/crypto/aesni/aesni_ccm.c
Modified: head/sys/crypto/aesni/aesni_ccm.c
==============================================================================
--- head/sys/crypto/aesni/aesni_ccm.c Fri Jun 12 21:21:18 2020 (r362122)
+++ head/sys/crypto/aesni/aesni_ccm.c Fri Jun 12 21:33:02 2020 (r362123)
@@ -155,7 +155,7 @@ cbc_mac_start(const unsigned char *auth_data, size_t a
* already partially filled, by auth_amt, so we need
* to handle that. The last block needs to be zero padded.
*/
- copy_amt = MIN(auth_len - auth_amt,
+ copy_amt = MIN(auth_len,
sizeof(staging_block) - auth_amt);
byte_ptr = (uint8_t*)&staging_block;
bcopy(auth_ptr, &byte_ptr[auth_amt], copy_amt);
More information about the svn-src-all
mailing list