Re: [PATCH -stable] crypto: ccm - deal with CTR ciphers that honour iv_out

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 28 January 2017 at 20:40, Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:
> The skcipher API mandates that chaining modes involving IVs calculate
> an outgoing IV value that is suitable for encrypting additional blocks
> of data. This means the CCM driver cannot assume that req->iv points to
> the original IV value when it calls crypto_ccm_auth. So pass a copy to
> the skcipher instead.
>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
> ---
>  crypto/ccm.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/crypto/ccm.c b/crypto/ccm.c
> index b388ac6edfb9..8976ef9bc2e7 100644
> --- a/crypto/ccm.c
> +++ b/crypto/ccm.c
> @@ -362,7 +362,7 @@ static int crypto_ccm_decrypt(struct aead_request *req)
>         unsigned int cryptlen = req->cryptlen;
>         u8 *authtag = pctx->auth_tag;
>         u8 *odata = pctx->odata;
> -       u8 *iv = req->iv;
> +       u8 iv[16];
>         int err;
>
>         cryptlen -= authsize;
> @@ -378,6 +378,7 @@ static int crypto_ccm_decrypt(struct aead_request *req)
>         if (req->src != req->dst)
>                 dst = pctx->dst;
>
> +       memcpy(iv, req->iv, sizeof(iv));
>         skcipher_request_set_tfm(skreq, ctx->ctr);
>         skcipher_request_set_callback(skreq, pctx->flags,
>                                       crypto_ccm_decrypt_done, req);
> --
> 2.7.4
>

Herbert,

Could you please forward this patch to Linus as well? I noticed that the patch

crypto: arm64/aes-blk - honour iv_out requirement in CBC and CTR modes

is now in mainline, which means CCM is now broken on arm64, given that
the iv_out requirement for CTR apparently isn't honored by *any*
implementation, and CCM wrongly assumes that req->iv retains its value
across the call into the CTR skcipher

Thanks,
Ard.



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux