| Message ID | 20170717094520.3497-1-antoine.tenart@free-electrons.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Herbert Xu |
| Headers | show |
Hi, On Mon, Jul 17, 2017 at 11:45:19AM +0200, Antoine Tenart wrote: > The safexcel_hmac_sha1_setkey function checks if an invalidation command > should be issued, i.e. when the context ipad/opad change. This checks is > done after filling the ipad/opad which and it can't be true. The patch > fixes this by moving the check before the ipad/opad memcpy operations. > > Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> This patch should have stable: and fixes: tags. I'll add them and send a v2. Thanks, Antoine > --- > drivers/crypto/inside-secure/safexcel_hash.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c > index 8527a5899a2f..a11b2edb41b9 100644 > --- a/drivers/crypto/inside-secure/safexcel_hash.c > +++ b/drivers/crypto/inside-secure/safexcel_hash.c > @@ -883,9 +883,6 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key, > if (ret) > return ret; > > - memcpy(ctx->ipad, &istate.state, SHA1_DIGEST_SIZE); > - memcpy(ctx->opad, &ostate.state, SHA1_DIGEST_SIZE); > - > for (i = 0; i < ARRAY_SIZE(istate.state); i++) { > if (ctx->ipad[i] != le32_to_cpu(istate.state[i]) || > ctx->opad[i] != le32_to_cpu(ostate.state[i])) { > @@ -894,6 +891,9 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key, > } > } > > + memcpy(ctx->ipad, &istate.state, SHA1_DIGEST_SIZE); > + memcpy(ctx->opad, &ostate.state, SHA1_DIGEST_SIZE); > + > return 0; > } > > -- > 2.13.3 >
diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c index 8527a5899a2f..a11b2edb41b9 100644 --- a/drivers/crypto/inside-secure/safexcel_hash.c +++ b/drivers/crypto/inside-secure/safexcel_hash.c @@ -883,9 +883,6 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key, if (ret) return ret; - memcpy(ctx->ipad, &istate.state, SHA1_DIGEST_SIZE); - memcpy(ctx->opad, &ostate.state, SHA1_DIGEST_SIZE); - for (i = 0; i < ARRAY_SIZE(istate.state); i++) { if (ctx->ipad[i] != le32_to_cpu(istate.state[i]) || ctx->opad[i] != le32_to_cpu(ostate.state[i])) { @@ -894,6 +891,9 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key, } } + memcpy(ctx->ipad, &istate.state, SHA1_DIGEST_SIZE); + memcpy(ctx->opad, &ostate.state, SHA1_DIGEST_SIZE); + return 0; }
The safexcel_hmac_sha1_setkey function checks if an invalidation command should be issued, i.e. when the context ipad/opad change. This checks is done after filling the ipad/opad which and it can't be true. The patch fixes this by moving the check before the ipad/opad memcpy operations. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> --- drivers/crypto/inside-secure/safexcel_hash.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)