- overhaul memory management")
> Fixes: d887c52d6ae43 ("crypto: algif_aead - overhaul memory management")
> Reported-by: Romain Izard <romain.izard....@gmail.com>
> Signed-off-by: Stephan Mueller <smuel...@chronox.de>
Tested-by: Romain Izard <romain.izard@gmail.co
2017-11-06 16:45 GMT+01:00 Tudor Ambarus <tudor.amba...@microchip.com>:
> Hi, Romain,
>
> On 10/31/2017 05:25 PM, Romain Izard wrote:
>>
>> When using the rfc4543(gcm(aes))) mode, the registers of the hardware
>> engine are not empty after use. If the engine is
is now correctly passed.
In the case of in-place decryption, copy the ciphertext in an
intermediate buffer before decryption.
Signed-off-by: Romain Izard <romain.izard@gmail.com>
---
drivers/crypto/atmel-aes.c | 40 +---
1 file changed, 37 inse
When using the rfc4543(gcm(aes))) mode, the registers of the hardware
engine are not empty after use. If the engine is not reset before its
next use, the following results will be invalid.
Always reset the hardware engine.
Signed-off-by: Romain Izard <romain.izard@gmail.com>
---
d
asynchronous tests
are enabled and report new issues.
Romain Izard (2):
crypto: atmel-aes - properly set IV after {en,de}crypt
crypto: atmel-aes - Reset the controller before each use
drivers/crypto/atmel-aes.c | 50 --
1 file changed, 40 insertions(+), 10
of the hashing algorithm
will interpret the updated IV instead of the original value, which can
lead to out-of-bounds writes.
Reuse the idata buffer, only used in the hashing step, to preserve the
IV's value during the ciphering step in the decryption case.
Signed-off-by: Romain Izard <romain.iz
2017-10-29 21:39 GMT+01:00 Stephan Müller <smuel...@chronox.de>:
> Am Mittwoch, 25. Oktober 2017, 17:26:31 CET schrieb Romain Izard:
>
> Hi Romain,
>
> the patch below should cover the issue you see. Would you mind testing it?
>
> Thanks
> Stephan
>
> -
2017-10-26 14:34 GMT+02:00 Tudor Ambarus <tudor.amba...@microchip.com>:
> Hi, Romain,
>
> On 10/18/2017 04:32 PM, Romain Izard wrote:
>>
>> diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
>> index 29e20c37f3a6..f3eabe1f1490 100644
>> --
rge
window, with the following commit:
e870456d8e7c crypto: algif_skcipher - overhaul memory management
Best regards,
--
Romain Izard
decoding, and restore it into the IV buffer before
returning to the caller.
--
Romain Izard
do not understand why it works. It ensures that in both
encryption and decryption cases, the IV buffer is available and 16 bytes
wide. But normally the IV buffer provided by the crypto request is already
16 bytes wide, as the algorithm is registered with ivsize=16.
As I am not very familiar with the crypto subsystem, I fear that I missed
something. I would gladly appreciate the feedback of more experienced
developers regarding this issue.
Best regards,
--
Romain Izard
y/Tested-by?
>
> [1]http://patchwork.ozlabs.org/patch/821959/
I'll try it.
--
Romain Izard
2017-10-06 17:51 GMT+02:00 Romain Izard <romain.izard@gmail.com>:
>
> Certain cipher modes like CTS expect the IV (req->info) of
> ablkcipher_request (or equivalently req->iv of skcipher_request) to
> contain the last ciphertext block when the {en,de}crypt operation is
is now correctly passed.
To handle the case of in-place decryption, copy the ciphertext in an
intermediate buffer before decryption.
Signed-off-by: Romain Izard <romain.izard@gmail.com>
---
drivers/crypto/atmel-aes.c | 28
1 file changed, 28 insertions(+)
14 matches
Mail list logo