]> www.infradead.org Git - users/hch/configfs.git/commitdiff
projects / users / hch / configfs.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 48ef090)
crypto: axis - use a constant time tag compare
authorLars Persson <lars.persson@axis.com>
Wed, 23 Jan 2019 11:59:45 +0000 (12:59 +0100)
committerHerbert Xu <herbert@gondor.apana.org.au>
Fri, 1 Feb 2019 06:42:04 +0000 (14:42 +0800)
Avoid plain memcmp() on the AEAD tag value as this could leak
information through a timing side channel.

Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/axis/artpec6_crypto.c patch | blob | history

diff --git a/drivers/crypto/axis/artpec6_crypto.c b/drivers/crypto/axis/artpec6_crypto.c
index 5089ad2c49f916cec43a0209c14826a6ed8b1118..109efab6a9df2849e70a7ef26928a2d0a547eab9 100644 (file)
--- a/drivers/crypto/axis/artpec6_crypto.c
+++ b/drivers/crypto/axis/artpec6_crypto.c
@@ -2201,9 +2201,9 @@ static void artpec6_crypto_complete_aead(struct crypto_async_request *req)
                                   areq->assoclen + areq->cryptlen -
                                   authsize);
 
-               if (memcmp(req_ctx->decryption_tag,
-                          input_tag,
-                          authsize)) {
+               if (crypto_memneq(req_ctx->decryption_tag,
+                                 input_tag,
+                                 authsize)) {
                        pr_debug("***EBADMSG:\n");
                        print_hex_dump_debug("ref:", DUMP_PREFIX_ADDRESS, 32, 1,
                                             input_tag, authsize, true);
Unnamed repository; edit this file 'description' to name the repository.