Commit 5997a245 authored Jan 23, 2019 by Lars Persson Committed by Herbert Xu Feb 01, 2019

crypto: axis - use a constant time tag compare



Avoid plain memcmp() on the AEAD tag value as this could leak
information through a timing side channel.

Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

parent 48ef0908

drivers/crypto/axis/artpec6_crypto.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -2201,7 +2201,7 @@ static void artpec6_crypto_complete_aead(struct crypto_async_request *req)
		areq->assoclen + areq->cryptlen -
		authsize);

		if (memcmp(req_ctx->decryption_tag,
		if (crypto_memneq(req_ctx->decryption_tag,
		input_tag,
		authsize)) {
		pr_debug("***EBADMSG:\n");

Admin message