Patch Applied
On Mon, 2019-04-15 at 14:16 -0700, Brian Gix wrote:
> Multiple networks use different IV Index's, so we should only use
> decryption cache after successful decoding.
> ---
> mesh/net-keys.c | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/mesh/net-keys.c b/mesh/net-keys.c
> index 84e3982f5..4f85d5e52 100644
> --- a/mesh/net-keys.c
> +++ b/mesh/net-keys.c
> @@ -216,8 +216,14 @@ uint32_t net_key_decrypt(uint32_t iv_index,
> const uint8_t *pkt, size_t len,
> if (iv_pkt != iv_flag)
> iv_index--;
>
> - if (cache_len == len && memcmp(pkt, cache_pkt, len) == 0)
> + /* If we already successfully decrypted this packet, use cached
> data */
> + if (cache_id && cache_len == len && !memcmp(pkt, cache_pkt,
> len)) {
> + /* IV Index must match what was used to decrypt */
> + if (cache_iv_index != iv_index)
> + return 0;
> +
> goto done;
> + }
>
> cache_id = 0;
> memcpy(cache_pkt, pkt, len);
> @@ -228,9 +234,6 @@ uint32_t net_key_decrypt(uint32_t iv_index, const
> uint8_t *pkt, size_t len,
> l_queue_foreach(keys, decrypt_net_pkt, NULL);
>
> done:
> - if (cache_iv_index != iv_index)
> - return 0;
> -
> if (cache_id) {
> *plain = cache_plain;
> *plain_len = cache_plainlen;
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
