> Fixes: d887c52d6ae43 ("crypto: algif_aead - overhaul memory management")
> Reported-by: Romain Izard
> Signed-off-by: Stephan Mueller
Tested-by: Romain Izard
On 4.14-rc8, with some fuzzing when applying the patch.
The deterministic crash is not reproduced.
> ---
&g
2017-11-06 16:45 GMT+01:00 Tudor Ambarus :
> Hi, Romain,
>
> On 10/31/2017 05:25 PM, Romain Izard wrote:
>>
>> When using the rfc4543(gcm(aes))) mode, the registers of the hardware
>> engine are not empty after use. If the engine is not reset before its
>> next u
is now correctly passed.
In the case of in-place decryption, copy the ciphertext in an
intermediate buffer before decryption.
Signed-off-by: Romain Izard
---
drivers/crypto/atmel-aes.c | 40 +---
1 file changed, 37 insertions(+), 3 deletions(-)
diff --git a/d
When using the rfc4543(gcm(aes))) mode, the registers of the hardware
engine are not empty after use. If the engine is not reset before its
next use, the following results will be invalid.
Always reset the hardware engine.
Signed-off-by: Romain Izard
---
drivers/crypto/atmel-aes.c | 10
th the v4.14 updates, new asynchronous tests
are enabled and report new issues.
Romain Izard (2):
crypto: atmel-aes - properly set IV after {en,de}crypt
crypto: atmel-aes - Reset the controller before each use
drivers/crypto/atmel-aes.c | 50 --
1 file chan
the hashing algorithm
will interpret the updated IV instead of the original value, which can
lead to out-of-bounds writes.
Reuse the idata buffer, only used in the hashing step, to preserve the
IV's value during the ciphering step in the decryption case.
Signed-off-by: Romain Izard
---
c
2017-10-29 21:39 GMT+01:00 Stephan Müller :
> Am Mittwoch, 25. Oktober 2017, 17:26:31 CET schrieb Romain Izard:
>
> Hi Romain,
>
> the patch below should cover the issue you see. Would you mind testing it?
>
> Thanks
> Stephan
>
> ---8<---
>
> The code paths
2017-10-26 14:34 GMT+02:00 Tudor Ambarus :
> Hi, Romain,
>
> On 10/18/2017 04:32 PM, Romain Izard wrote:
>>
>> diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
>> index 29e20c37f3a6..f3eabe1f1490 100644
>> --- a/drivers/crypto/atmel-aes.c
&g
rge
window, with the following commit:
e870456d8e7c crypto: algif_skcipher - overhaul memory management
Best regards,
--
Romain Izard
it into the IV buffer before
returning to the caller.
--
Romain Izard
My problem is that I do not understand why it works. It ensures that in both
encryption and decryption cases, the IV buffer is available and 16 bytes
wide. But normally the IV buffer provided by the crypto request is already
16 bytes wide, as the algorithm is registered with ivsize=16.
As I am not very familiar with the crypto subsystem, I fear that I missed
something. I would gladly appreciate the feedback of more experienced
developers regarding this issue.
Best regards,
--
Romain Izard
abs.org/patch/821959/
I'll try it.
--
Romain Izard
2017-10-06 17:51 GMT+02:00 Romain Izard :
>
> Certain cipher modes like CTS expect the IV (req->info) of
> ablkcipher_request (or equivalently req->iv of skcipher_request) to
> contain the last ciphertext block when the {en,de}crypt operation is done.
>
> Fix this issue fo
is now correctly passed.
To handle the case of in-place decryption, copy the ciphertext in an
intermediate buffer before decryption.
Signed-off-by: Romain Izard
---
drivers/crypto/atmel-aes.c | 28
1 file changed, 28 insertions(+)
diff --git a/drivers/crypto/atmel-a
14 matches
Mail list logo
