d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix AES-CCM requests with an AAD size smaller than a single block.

Browse Source 
The amount to copy for the first block is the minimum of the size of
the AAD region or the remaining space in the first block.

Reported by:	cryptocheck -z
MFC after:	2 weeks
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D25140
This commit is contained in:
John Baldwin 2020-06-12 21:33:02 +00:00
parent 822d2d6ac9
commit b0b2161ce4
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=362123
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/crypto/aesni/aesni_ccm.c
View File

@ -155,7 +155,7 @@ cbc_mac_start(const unsigned char *auth_data, size_t auth_len,
* already partially filled, by auth_amt, so we need
* to handle that. The last block needs to be zero padded.
*/
copy_amt = MIN(auth_len - auth_amt,
copy_amt = MIN(auth_len,
sizeof(staging_block) - auth_amt);
byte_ptr = (uint8_t*)&staging_block;
bcopy(auth_ptr, &byte_ptr[auth_amt], copy_amt);