net/tls: Fix authentication failure in CCM mode (59610606) · Commits · Mirrors / git.kernel.org / pub_scm_linux_kernel_git_stable_linux · GitLab

Commit 59610606 authored Nov 29, 2021 by

Tianjia Zhang Committed by David S. Miller Nov 29, 2021

net/tls: Fix authentication failure in CCM mode

When the TLS cipher suite uses CCM mode, including AES CCM and
SM4 CCM, the first byte of the B0 block is flags, and the real
IV starts from the second byte. The XOR operation of the IV and
rec_seq should be skip this byte, that is, add the iv_offset.

Fixes: f295b3ae

 ("net/tls: Add support of AES128-CCM based ciphers")
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Cc: Vakul Garg <vakul.garg@nxp.com>
Cc: stable@vger.kernel.org # v5.2+
Signed-off-by: David S. Miller <davem@davemloft.net>

parent ef56b640

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit a8d18fb4
· Dec 09, 2021

mentioned in commit a8d18fb4

mentioned in commit a8d18fb4d11bdac881931b9ca305d3ce5daa0eea

Toggle commit list
mirror @mirror
mentioned in commit 5d1e83ff
· Dec 09, 2021

mentioned in commit 5d1e83ff

mentioned in commit 5d1e83fffbc9d81d982778b0dc68be80308706e3

Toggle commit list

Please register or to comment