Additional testing features added to the crypto framework (including fuzzy probing and variations of the lengths of input parameters such as AAD and authsize) expose some gaps in robustness and function in the CCP driver. Address these gaps: Input text is allowed to be zero bytes in length. In this case no encryption/decryption occurs, and certain data structures are not allocated. Don't clean up what doesn't exist. Valid auth tag sizes are 4, 8, 12, 13, 14, 15 or 16 bytes. Note: since the CCP driver has been designed to be used directly, add validation of the authsize parameter at this layer. AES GCM defines the input text for decryption as the concatenation of the AAD, the ciphertext, and the tag. Only the cipher text needs to be decrypted; the tag is simple used for comparison. Gary R Hook (3): crypto: ccp - Fix oops by properly managing allocated structures crypto: ccp - Add support for valid authsize values less than 16 crypto: ccp - Ignore tag length when decrypting GCM ciphertext drivers/crypto/ccp/ccp-crypto-aes-galois.c | 14 +++++++++ drivers/crypto/ccp/ccp-ops.c | 33 ++++++++++++++++------ include/linux/ccp.h | 2 ++ 3 files changed, 40 insertions(+), 9 deletions(-) -- 2.17.1