HomeFreeBSD

Fix another bug introduced during the review process of r344140:

Description

Fix another bug introduced during the review process of r344140:
the tag wasn't being computed properly due to chaning a >= comparison
to an == comparison.

Specifically: CBC-MAC encodes the length of the authorization data
into the the stream to be encrypted/hashed. For short data, this is
two bytes (big-endian 16 bit value); for larger data, it's 6 bytes
(a prefix of 0xff, 0xfe, followed by a 32-bit big-endian length). And
there's a larger size, which is 10 bytes. These extra bytes weren't
being accounted for with the post-review code. The other bit that then came
into play was that OCF only calls the Update code with blksiz=16, which
meant that I had to ignore the length variable. (It also means that it
can't be called with a single buffer containing the AAD and payload;
however, OCF doesn't do this for the software-only algorithsm.)

I tested with this script:

ALG=aes-ccm
DEV=soft

for aad in 0 1 2 3 4 14 16 24 30 32 34 36 1020
do

for dln in 16 32 1024 2048 10240
do
        echo "Testing AAD length ${aad} data length ${dln}"
        /root/cryptocheck -A ${aad} -a ${ALG} -d ${DEV} ${dln}
done

done

Reviewed by: cem
Sponsored by: iXsystems Inc.

Details

Provenance
sefAuthored on
Reviewer
cem
Parents
rS344546: Tag lldb release_80 branch r354799.
Branches
Unknown
Tags
Unknown