HomeFreeBSD
Diffusion FreeBSD src repository 433fe061fc59

ossl: Fix some bugs in the fallback AES-GCM implementation
433fe061fc59
Actions

Description

ossl: Fix some bugs in the fallback AES-GCM implementation

gcm_*_aesni() are used when the AVX512 implementation is not available.
Fix two bugs which manifest when handling operations spanning multiple
segments:

  • Avoid underflow when the length of the input is smaller than the residual.
  • In gcm_decrypt_aesni(), ensure that we begin the operation at the right offset into the input and output buffers.

Reviewed by: jhb
Fixes: 9b1d87286c78 ("ossl: Add a fallback AES-GCM implementation using AES-NI")
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D42838
Approved by: so
Security: FreeBSD-EN-23:17.ossl

(cherry picked from commit 47d767dab54895f3ba8abac6ab2295797394659e)
(cherry picked from commit 118b866d9c39da1f5a17680e2034b3eff7337988)

Details

Provenance
markjAuthored on Nov 29 2023, 8:08 PM
Reviewer
rG9b1d87286c78: ossl: Add a fallback AES-GCM implementation using AES-NI
Differential Revision
D42838: ossl: Fix some bugs in the fallback AES-GCM implementation
Parents
rG9fd62386ad6e: ossl: Keep mutable AES-GCM state on the stack
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
sys/
crypto/
openssl/
amd64/

rG433fe061fc59

View Options

sys/crypto/openssl/amd64/ossl_aes_gcm.c

Loading...