diff options
author | Lars Persson <lars.persson@axis.com> | 2019-01-23 12:59:45 +0100 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-02-01 07:42:04 +0100 |
commit | 5997a245c77b754fb8ef807043066fcfde64858c (patch) | |
tree | c0a9aeafd7531ab46c1adfe25d84a83b3d49055d /drivers/crypto/axis | |
parent | crypto: axis - support variable AEAD tag length (diff) | |
download | linux-5997a245c77b754fb8ef807043066fcfde64858c.tar.xz linux-5997a245c77b754fb8ef807043066fcfde64858c.zip |
crypto: axis - use a constant time tag compare
Avoid plain memcmp() on the AEAD tag value as this could leak
information through a timing side channel.
Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers/crypto/axis')
-rw-r--r-- | drivers/crypto/axis/artpec6_crypto.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/drivers/crypto/axis/artpec6_crypto.c b/drivers/crypto/axis/artpec6_crypto.c index 5089ad2c49f9..109efab6a9df 100644 --- a/drivers/crypto/axis/artpec6_crypto.c +++ b/drivers/crypto/axis/artpec6_crypto.c @@ -2201,9 +2201,9 @@ static void artpec6_crypto_complete_aead(struct crypto_async_request *req) areq->assoclen + areq->cryptlen - authsize); - if (memcmp(req_ctx->decryption_tag, - input_tag, - authsize)) { + if (crypto_memneq(req_ctx->decryption_tag, + input_tag, + authsize)) { pr_debug("***EBADMSG:\n"); print_hex_dump_debug("ref:", DUMP_PREFIX_ADDRESS, 32, 1, input_tag, authsize, true); |