summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2015-01-14 10:07:03 +1100
committerHerbert Xu <herbert@gondor.apana.org.au>2015-01-14 21:57:56 +1100
commit48eb3691e8beab349e3a700d45f070be8d4b88ba (patch)
tree41b9e5b80e17aa3c5b35e2bb4b56abf7d76662c1
parente31ac32d3bc27c33f002e0c9ffd6ae08b65474e6 (diff)
downloadlinux-stable-48eb3691e8beab349e3a700d45f070be8d4b88ba.tar.gz
linux-stable-48eb3691e8beab349e3a700d45f070be8d4b88ba.tar.bz2
linux-stable-48eb3691e8beab349e3a700d45f070be8d4b88ba.zip
crypto: qat - Ensure ipad and opad are zeroed
The patch ad511e260a27b8e35d273cc0ecfe5a8ff9543181 (crypto: qat - Fix incorrect uses of memzero_explicit) broke hashing because the code was in fact overwriting the qat_auth_state variable. In fact there is no reason for the variable to exist anyway since all we are using it for is to store ipad and opad. So we could simply create ipad and opad directly and avoid this whole mess. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--drivers/crypto/qat/qat_common/qat_algs.c15
1 files changed, 6 insertions, 9 deletions
diff --git a/drivers/crypto/qat/qat_common/qat_algs.c b/drivers/crypto/qat/qat_common/qat_algs.c
index a0d95f329094..e2c4b254ac41 100644
--- a/drivers/crypto/qat/qat_common/qat_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_algs.c
@@ -160,33 +160,30 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash,
const uint8_t *auth_key,
unsigned int auth_keylen)
{
- struct qat_auth_state auth_state;
SHASH_DESC_ON_STACK(shash, ctx->hash_tfm);
struct sha1_state sha1;
struct sha256_state sha256;
struct sha512_state sha512;
int block_size = crypto_shash_blocksize(ctx->hash_tfm);
int digest_size = crypto_shash_digestsize(ctx->hash_tfm);
- uint8_t *ipad = auth_state.data;
- uint8_t *opad = ipad + block_size;
+ char ipad[block_size];
+ char opad[block_size];
__be32 *hash_state_out;
__be64 *hash512_state_out;
int i, offset;
- memset(auth_state.data, 0, sizeof(auth_state.data));
+ memset(ipad, 0, block_size);
+ memset(opad, 0, block_size);
shash->tfm = ctx->hash_tfm;
shash->flags = 0x0;
if (auth_keylen > block_size) {
- char buff[SHA512_BLOCK_SIZE];
int ret = crypto_shash_digest(shash, auth_key,
- auth_keylen, buff);
+ auth_keylen, ipad);
if (ret)
return ret;
- memcpy(ipad, buff, digest_size);
- memcpy(opad, buff, digest_size);
- memzero_explicit(buff, sizeof(buff));
+ memcpy(opad, ipad, digest_size);
} else {
memcpy(ipad, auth_key, auth_keylen);
memcpy(opad, auth_key, auth_keylen);