crypto: ccree - fix AEAD decrypt auth fail

On AEAD decryption authentication failure we are suppose to zero out the output plaintext buffer. However, we've missed skipping the optional associated data that may prefix the ciphertext. This commit fixes this issue. Signed-off-by: N Gilad Ben-Yossef <gilad@benyossef.com> Fixes: e88b27c8 ("crypto: ccree - use std api sg_zero_buffer") Cc: stable@vger.kernel.org Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au>

crypto: ccree - fix AEAD decrypt auth fail
On AEAD decryption authentication failure we are suppose to zero out the output plaintext buffer. However, we've missed skipping the optional associated data that may prefix the ciphertext. This commit fixes this issue. Signed-off-by: N Gilad Ben-Yossef <gilad@benyossef.com> Fixes: e88b27c8 ("crypto: ccree - use std api sg_zero_buffer") Cc: stable@vger.kernel.org Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au>
2a6bc713 · Gilad Ben-Yossef · Herbert Xu · 684cf266 · 2a6bc713
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

drivers/crypto/ccree/cc_aead.c drivers/crypto/ccree/cc_aead.c +1 -1

未找到文件。
--- a/drivers/crypto/ccree/cc_aead.c
+++ b/drivers/crypto/ccree/cc_aead.c
@@ -237,7 +237,7 @@ static void cc_aead_complete(struct device *dev, void *cc_req, int err)
 			 * revealed the decrypted message --> zero its memory.
 			 */
 			sg_zero_buffer(areq->dst, sg_nents(areq->dst),
-				       areq->cryptlen, 0);
+				       areq->cryptlen, areq->assoclen);
 			err = -EBADMSG;
 		}
 	/*ENCRYPT*/