[PATCH 0/3] AES GCM fixes for the CCP crypto driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Additional testing features added to the crypto framework (including fuzzy
probing and variations of the lengths of input parameters such as AAD and
authsize) expose some gaps in robustness and function in the CCP driver.
Address these gaps:

Input text is allowed to be zero bytes in length. In this case no
encryption/decryption occurs, and certain data structures are not
allocated. Don't clean up what doesn't exist.

Valid auth tag sizes are 4, 8, 12, 13, 14, 15 or 16 bytes.
Note: since the CCP driver has been designed to be used directly, add
      validation of the authsize parameter at this layer.

AES GCM defines the input text for decryption as the concatenation of
the AAD, the ciphertext, and the tag. Only the cipher text needs to
be decrypted; the tag is simple used for comparison.

Gary R Hook (3):
  crypto: ccp - Fix oops by properly managing allocated structures
  crypto: ccp - Add support for valid authsize values less than 16
  crypto: ccp - Ignore tag length when decrypting GCM ciphertext

 drivers/crypto/ccp/ccp-crypto-aes-galois.c | 14 +++++++++
 drivers/crypto/ccp/ccp-ops.c               | 33 ++++++++++++++++------
 include/linux/ccp.h                        |  2 ++
 3 files changed, 40 insertions(+), 9 deletions(-)

-- 
2.17.1





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux