]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b0d40e) | patch
net/tls: Fix authentication failure in CCM mode
authorTianjia Zhang <tianjia.zhang@linux.alibaba.com>
Mon, 29 Nov 2021 09:32:12 +0000 (17:32 +0800)
committerDavid S. Miller <davem@davemloft.net>
Mon, 29 Nov 2021 12:48:28 +0000 (12:48 +0000)
commitef0f153d904f67cff34ca30730072e127fbb8f99
tree62e480923a500499c1a9297164ab5260da08f637tree | snapshot
parent6b0d40e28318f05390aa5d50bdf38f17aa90b70fcommit | diff
net/tls: Fix authentication failure in CCM mode

When the TLS cipher suite uses CCM mode, including AES CCM and
SM4 CCM, the first byte of the B0 block is flags, and the real
IV starts from the second byte. The XOR operation of the IV and
rec_seq should be skip this byte, that is, add the iv_offset.

Fixes: 75c85ed6019e ("net/tls: Add support of AES128-CCM based ciphers")
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Cc: Vakul Garg <vakul.garg@nxp.com>
Cc: stable@vger.kernel.org # v5.2+
Signed-off-by: David S. Miller <davem@davemloft.net>
net/tls/tls_sw.c diff | blob | history
Linux Kernel Source Tree.