mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2025-01-11 10:12:42 +01:00
crypto: Skip aes-ctr decryption for in_len = 16
If the input length is 16 bytes, this means aes_siv_decrypt should only be verifying the 16 byte SIV and not decrypting any data. If this is the case, we can skip over the whole AES-CTR portion of AES-SIV and only verify the SIV.
This commit is contained in:
parent
799a29d37c
commit
89017afdb2
@ -365,11 +365,17 @@ bool aes_siv_decrypt(const uint8_t *key, size_t key_len, const uint8_t *in,
|
|||||||
uint8_t iv[16];
|
uint8_t iv[16];
|
||||||
uint8_t v[16];
|
uint8_t v[16];
|
||||||
|
|
||||||
|
if (in_len < 16)
|
||||||
|
return false;
|
||||||
|
|
||||||
memcpy(iov, ad, sizeof(iov) * num_ad);
|
memcpy(iov, ad, sizeof(iov) * num_ad);
|
||||||
iov[num_ad].iov_base = (void *)out;
|
iov[num_ad].iov_base = (void *)out;
|
||||||
iov[num_ad].iov_len = in_len - 16;
|
iov[num_ad].iov_len = in_len - 16;
|
||||||
num_ad++;
|
num_ad++;
|
||||||
|
|
||||||
|
if (in_len == 16)
|
||||||
|
goto check_cmac;
|
||||||
|
|
||||||
memcpy(iv, in, 16);
|
memcpy(iv, in, 16);
|
||||||
|
|
||||||
iv[8] &= 0x7f;
|
iv[8] &= 0x7f;
|
||||||
@ -387,6 +393,7 @@ bool aes_siv_decrypt(const uint8_t *key, size_t key_len, const uint8_t *in,
|
|||||||
|
|
||||||
l_cipher_free(ctr);
|
l_cipher_free(ctr);
|
||||||
|
|
||||||
|
check_cmac:
|
||||||
cmac = l_checksum_new_cmac_aes(key, key_len / 2);
|
cmac = l_checksum_new_cmac_aes(key, key_len / 2);
|
||||||
if (!cmac)
|
if (!cmac)
|
||||||
return false;
|
return false;
|
||||||
|
Loading…
Reference in New Issue
Block a user