Commit 50beceba7fdf5f10a04d8a053e62d40b742099ad
Committed by
Herbert Xu
1 parent
cbb9bf65ae
Exists in
master
and in
20 other branches
crypto: authenc - Move saved IV in front of the ablkcipher request
In crypto_authenc_encrypt() we save the IV behind the ablkcipher request. To save space on the request, we overwrite the ablkcipher request with a ahash request after encryption. So the IV may be overwritten by the ahash request. This patch fixes this by placing the IV in front of the ablkcipher/ahash request. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Showing 1 changed file with 14 additions and 11 deletions Side-by-side Diff
crypto/authenc.c
... | ... | @@ -386,11 +386,13 @@ |
386 | 386 | { |
387 | 387 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
388 | 388 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
389 | - struct ablkcipher_request *abreq = aead_request_ctx(req); | |
389 | + struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | |
390 | 390 | struct crypto_ablkcipher *enc = ctx->enc; |
391 | 391 | struct scatterlist *dst = req->dst; |
392 | 392 | unsigned int cryptlen = req->cryptlen; |
393 | - u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc); | |
393 | + struct ablkcipher_request *abreq = (void *)(areq_ctx->tail | |
394 | + + ctx->reqoff); | |
395 | + u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(enc); | |
394 | 396 | int err; |
395 | 397 | |
396 | 398 | ablkcipher_request_set_tfm(abreq, enc); |
... | ... | @@ -546,10 +548,6 @@ |
546 | 548 | if (IS_ERR(auth)) |
547 | 549 | return PTR_ERR(auth); |
548 | 550 | |
549 | - ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) + | |
550 | - crypto_ahash_alignmask(auth), | |
551 | - crypto_ahash_alignmask(auth) + 1); | |
552 | - | |
553 | 551 | enc = crypto_spawn_skcipher(&ictx->enc); |
554 | 552 | err = PTR_ERR(enc); |
555 | 553 | if (IS_ERR(enc)) |
556 | 554 | |
... | ... | @@ -558,13 +556,18 @@ |
558 | 556 | ctx->auth = auth; |
559 | 557 | ctx->enc = enc; |
560 | 558 | |
561 | - tfm->crt_aead.reqsize = max_t(unsigned int, | |
562 | - crypto_ahash_reqsize(auth) + ctx->reqoff + | |
563 | - sizeof(struct authenc_request_ctx) + | |
559 | + ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) + | |
560 | + crypto_ahash_alignmask(auth), | |
561 | + crypto_ahash_alignmask(auth) + 1) + | |
562 | + crypto_ablkcipher_ivsize(enc); | |
563 | + | |
564 | + tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) + | |
565 | + ctx->reqoff + | |
566 | + max_t(unsigned int, | |
567 | + crypto_ahash_reqsize(auth) + | |
564 | 568 | sizeof(struct ahash_request), |
565 | 569 | sizeof(struct skcipher_givcrypt_request) + |
566 | - crypto_ablkcipher_reqsize(enc) + | |
567 | - crypto_ablkcipher_ivsize(enc)); | |
570 | + crypto_ablkcipher_reqsize(enc)); | |
568 | 571 | |
569 | 572 | return 0; |
570 | 573 |