From b0b2161ce4b871148745fd1f451f57fb87a84992 Mon Sep 17 00:00:00 2001 From: John Baldwin Date: Fri, 12 Jun 2020 21:33:02 +0000 Subject: [PATCH] Fix AES-CCM requests with an AAD size smaller than a single block. The amount to copy for the first block is the minimum of the size of the AAD region or the remaining space in the first block. Reported by: cryptocheck -z MFC after: 2 weeks Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D25140 --- sys/crypto/aesni/aesni_ccm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/crypto/aesni/aesni_ccm.c b/sys/crypto/aesni/aesni_ccm.c index 41d4189ad9a8..fc01e92c697f 100644 --- a/sys/crypto/aesni/aesni_ccm.c +++ b/sys/crypto/aesni/aesni_ccm.c @@ -155,7 +155,7 @@ cbc_mac_start(const unsigned char *auth_data, size_t auth_len, * already partially filled, by auth_amt, so we need * to handle that. The last block needs to be zero padded. */ - copy_amt = MIN(auth_len - auth_amt, + copy_amt = MIN(auth_len, sizeof(staging_block) - auth_amt); byte_ptr = (uint8_t*)&staging_block; bcopy(auth_ptr, &byte_ptr[auth_amt], copy_amt);