diff options
| author | Mathias Kresin <dev@kresin.me> | 2021-04-18 14:26:01 +0200 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2022-01-05 23:05:38 +0100 |
| commit | ab270c6fbc38f81669529300daee85b809111c39 (patch) | |
| tree | f3c95d546c2d5cf9ee2141e46c85b24632e69850 /scripts/kconfig.pl | |
| parent | 11d2c71538944ad55aca33d60d8bd442b8246ed6 (diff) | |
| download | upstream-ab270c6fbc38f81669529300daee85b809111c39.tar.gz upstream-ab270c6fbc38f81669529300daee85b809111c39.tar.bz2 upstream-ab270c6fbc38f81669529300daee85b809111c39.zip | |
ltq-deu: aes: do not read/write behind buffer
When handling non-aligned remaining data (not padded to 16 byte
[AES_BLOCK_SIZE]), a full 16 byte block is read from the input buffer
and written to the output buffer after en-/decryption.
While code already assumes that an input buffer could have less than 16
byte remaining, as it can be seen by the code zeroing the remaining
bytes till AES_BLOCK_SIZE, the full AES_BLOCK_SIZE is read.
An output buffer size of a multiple of AES_BLOCK_SIZE is expected but
never validated.
To get rid of the read/write behind buffer, use a temporary buffer when
dealing with not padded data and only write as much bytes to the output
as we read.
Do not memcpy directly to the register, to make used of the endian swap
macro and to trigger the crypto start operator via the ID0R to trigger
the register. Since we might need an endian swap for the output in
future, use a temporary buffer for the output as well.
The issue could not be observed so far, since all caller of ifx_deu_aes
will ignore the padded (remaining) data. Considering that the minimum
blocksize for the algorithm is set to AES_BLOCK_SIZE, the behaviour
could be called expected.
Signed-off-by: Mathias Kresin <dev@kresin.me>
[fix commit title prefix]
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
Diffstat (limited to 'scripts/kconfig.pl')
0 files changed, 0 insertions, 0 deletions