summaryrefslogtreecommitdiffstats
path: root/drivers/crypto
diff options
context:
space:
mode:
authorLars Persson <lars.persson@axis.com>2019-01-23 12:59:45 +0100
committerHerbert Xu <herbert@gondor.apana.org.au>2019-02-01 07:42:04 +0100
commit5997a245c77b754fb8ef807043066fcfde64858c (patch)
treec0a9aeafd7531ab46c1adfe25d84a83b3d49055d /drivers/crypto
parentcrypto: axis - support variable AEAD tag length (diff)
downloadlinux-5997a245c77b754fb8ef807043066fcfde64858c.tar.xz
linux-5997a245c77b754fb8ef807043066fcfde64858c.zip
crypto: axis - use a constant time tag compare
Avoid plain memcmp() on the AEAD tag value as this could leak information through a timing side channel. Signed-off-by: Lars Persson <larper@axis.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers/crypto')
-rw-r--r--drivers/crypto/axis/artpec6_crypto.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/drivers/crypto/axis/artpec6_crypto.c b/drivers/crypto/axis/artpec6_crypto.c
index 5089ad2c49f9..109efab6a9df 100644
--- a/drivers/crypto/axis/artpec6_crypto.c
+++ b/drivers/crypto/axis/artpec6_crypto.c
@@ -2201,9 +2201,9 @@ static void artpec6_crypto_complete_aead(struct crypto_async_request *req)
areq->assoclen + areq->cryptlen -
authsize);
- if (memcmp(req_ctx->decryption_tag,
- input_tag,
- authsize)) {
+ if (crypto_memneq(req_ctx->decryption_tag,
+ input_tag,
+ authsize)) {
pr_debug("***EBADMSG:\n");
print_hex_dump_debug("ref:", DUMP_PREFIX_ADDRESS, 32, 1,
input_tag, authsize, true);