projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cb8affb) | patch
crypto: talitos - Fix timing leak in ESP ICV verification
authorDavid Gstir <david@sigma-star.at>
Sun, 15 Nov 2015 16:14:42 +0000 (17:14 +0100)
committerHerbert Xu <herbert@gondor.apana.org.au>
Mon, 16 Nov 2015 13:39:24 +0000 (21:39 +0800)
commit79960943fdc114fd4583c9ab164b5c89da7aa601
treeeee34426e869bbc88d47c233f490808dc38ffa02tree | snapshot (tar.gz zip)
parentcb8affb55c7e64816f3effcd9b2fc3268c016faccommit | diff
crypto: talitos - Fix timing leak in ESP ICV verification

Using non-constant time memcmp() makes the verification of the authentication
tag in the decrypt path vulnerable to timing attacks. Fix this by using
crypto_memneq() instead.

Cc: stable@vger.kernel.org
Signed-off-by: David Gstir <david@sigma-star.at>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/talitos.c diff | blob | blame | history