d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix AES-CCM requests with an AAD size smaller than a single block.

Browse Source 
The amount to copy for the first block is the minimum of the size of
the AAD region or the remaining space in the first block.

Reported by:	cryptocheck -z
MFC after:	2 weeks
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D25140
This commit is contained in:
jhb 2020-06-12 21:33:02 +00:00
parent bb2575e27d
commit 8abd951159
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/crypto/aesni/aesni_ccm.c
View File

@ -155,7 +155,7 @@ cbc_mac_start(const unsigned char *auth_data, size_t auth_len,
* already partially filled, by auth_amt, so we need
* to handle that. The last block needs to be zero padded.
*/
copy_amt = MIN(auth_len - auth_amt,
copy_amt = MIN(auth_len,
sizeof(staging_block) - auth_amt);
byte_ptr = (uint8_t*)&staging_block;
bcopy(auth_ptr, &byte_ptr[auth_amt], copy_amt);