diff options
| author | Holger Dengler <dengler@linux.ibm.com> | 2024-01-04 09:37:39 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2024-01-12 10:35:59 +0100 |
| commit | 8e60b9dfefa8d97102e6f1c20affcaa86dfe0afb (patch) | |
| tree | f74aab568994e1473e82aa3295809ca5074fdfa5 | |
| parent | 41b16c82933d9d30f29b4c5bdfc61accf5cd096b (diff) | |
Fix partial block encryption in cfb and ofb for s390x
Use the number of processed bytes information (num) from the generic
cipher context for the partial block handling in cfb and ofb, instead
of keep this information in the s390x-specific part of the cipher
context. The information in the generic context is reset properly,
even if the context is re-initialized without resetting the key or iv.
Fixes: #23175
Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23201)
(cherry picked from commit 576a3572bebf6115df1c03527114cbf74d06f861)
| -rw-r--r-- | providers/implementations/ciphers/cipher_aes.h | 1 | ||||
| -rw-r--r-- | providers/implementations/ciphers/cipher_aes_hw_s390x.inc | 10 |
2 files changed, 4 insertions, 7 deletions
diff --git a/providers/implementations/ciphers/cipher_aes.h b/providers/implementations/ciphers/cipher_aes.h index 7eaf76c8c4..86a30ab145 100644 --- a/providers/implementations/ciphers/cipher_aes.h +++ b/providers/implementations/ciphers/cipher_aes.h @@ -44,7 +44,6 @@ typedef struct prov_aes_ctx_st { /* KMO-AES/KMF-AES parameter block - end */ } param; unsigned int fc; - int res; } s390x; #endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */ } plat; diff --git a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc index c8282dbd08..0939b147e6 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc @@ -58,7 +58,6 @@ static int s390x_aes_ofb128_initkey(PROV_CIPHER_CTX *dat, memcpy(adat->plat.s390x.param.kmo_kmf.k, key, keylen); adat->plat.s390x.fc = S390X_AES_FC(keylen); - adat->plat.s390x.res = 0; return 1; } @@ -66,7 +65,7 @@ static int s390x_aes_ofb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out, const unsigned char *in, size_t len) { PROV_AES_CTX *adat = (PROV_AES_CTX *)dat; - int n = adat->plat.s390x.res; + int n = dat->num; int rem; memcpy(adat->plat.s390x.param.kmo_kmf.cv, dat->iv, dat->ivlen); @@ -102,7 +101,7 @@ static int s390x_aes_ofb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out, } memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen); - adat->plat.s390x.res = n; + dat->num = n; return 1; } @@ -113,7 +112,6 @@ static int s390x_aes_cfb128_initkey(PROV_CIPHER_CTX *dat, adat->plat.s390x.fc = S390X_AES_FC(keylen); adat->plat.s390x.fc |= 16 << 24; /* 16 bytes cipher feedback */ - adat->plat.s390x.res = 0; memcpy(adat->plat.s390x.param.kmo_kmf.k, key, keylen); return 1; } @@ -123,7 +121,7 @@ static int s390x_aes_cfb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out, { PROV_AES_CTX *adat = (PROV_AES_CTX *)dat; unsigned int modifier = adat->base.enc ? 0 : S390X_DECRYPT; - int n = adat->plat.s390x.res; + int n = dat->num; int rem; unsigned char tmp; @@ -164,7 +162,7 @@ static int s390x_aes_cfb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out, } memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen); - adat->plat.s390x.res = n; + dat->num = n; return 1; } |