Re: [PATCH 0/3] AES GCM fixes for the CCP crypto driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jul 30, 2019 at 04:05:07PM +0000, Hook, Gary wrote:
> Additional testing features added to the crypto framework (including fuzzy
> probing and variations of the lengths of input parameters such as AAD and
> authsize) expose some gaps in robustness and function in the CCP driver.
> Address these gaps:
> 
> Input text is allowed to be zero bytes in length. In this case no
> encryption/decryption occurs, and certain data structures are not
> allocated. Don't clean up what doesn't exist.
> 
> Valid auth tag sizes are 4, 8, 12, 13, 14, 15 or 16 bytes.
> Note: since the CCP driver has been designed to be used directly, add
>       validation of the authsize parameter at this layer.
> 
> AES GCM defines the input text for decryption as the concatenation of
> the AAD, the ciphertext, and the tag. Only the cipher text needs to
> be decrypted; the tag is simple used for comparison.
> 
> Gary R Hook (3):
>   crypto: ccp - Fix oops by properly managing allocated structures
>   crypto: ccp - Add support for valid authsize values less than 16
>   crypto: ccp - Ignore tag length when decrypting GCM ciphertext
> 
>  drivers/crypto/ccp/ccp-crypto-aes-galois.c | 14 +++++++++
>  drivers/crypto/ccp/ccp-ops.c               | 33 ++++++++++++++++------
>  include/linux/ccp.h                        |  2 ++
>  3 files changed, 40 insertions(+), 9 deletions(-)

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux