crypto: aegis128 - wipe plaintext and tag if decryption fails - linux

diff options

author	Ard Biesheuvel <ardb@kernel.org>	2020-11-17 14:32:11 +0100
committer	Herbert Xu <herbert@gondor.apana.org.au>	2020-11-27 07:13:39 +0100
commit	02685906d3afa4f7c72d86cf99242e3b08078865 (patch)
tree	b7f7dc34b6fb06cd27e8e42f43d809065c7f163c /crypto/ansi_cprng.c
parent	crypto: sun8i-ce - fix two error path's memory leak (diff)
download	linux-02685906d3afa4f7c72d86cf99242e3b08078865.tar.xz linux-02685906d3afa4f7c72d86cf99242e3b08078865.zip

crypto: aegis128 - wipe plaintext and tag if decryption fails

The AEGIS spec mentions explicitly that the security guarantees hold only if the resulting plaintext and tag of a failed decryption are withheld. So ensure that we abide by this. While at it, drop the unused struct aead_request *req parameter from crypto_aegis128_process_crypt(). Reviewed-by: Ondrej Mosnacek <omosnacek@gmail.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Diffstat (limited to 'crypto/ansi_cprng.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: