2007-12-17 10:31:19

by Herbert Xu

[permalink] [raw]
Subject: [PATCH 4/8] [CRYPTO] ccm: Fix crash in rfc4309_setkey

[CRYPTO] ccm: Fix crash in rfc4309_setkey

The nonce is being extracted from the wrong place due to the incorrect
placement of the keylen adjustment.

Signed-off-by: Herbert Xu <[email protected]>
---

crypto/ccm.c | 2 +-
1 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/ccm.c b/crypto/ccm.c
index 8c7d3b7..82bcc14 100644
--- a/crypto/ccm.c
+++ b/crypto/ccm.c
@@ -630,7 +630,7 @@ static int crypto_rfc4309_setkey(struct crypto_aead *parent, const u8 *key,
return -EINVAL;

keylen -= 3;
- memcpy(ctx->nonce, key + keylen - 3, 3);
+ memcpy(ctx->nonce, key + keylen, 3);

crypto_aead_clear_flags(child, CRYPTO_TFM_REQ_MASK);
crypto_aead_set_flags(child, crypto_aead_get_flags(parent) &