[openssl/openssl] 576a35: Fix partial block encryption in cfb and ofb for s390x

Holger Dengler noreply at github.com
Fri Jan 12 09:36:51 UTC 2024 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 576a3572bebf6115df1c03527114cbf74d06f861
      https://github.com/openssl/openssl/commit/576a3572bebf6115df1c03527114cbf74d06f861
  Author: Holger Dengler <dengler at linux.ibm.com>
  Date:   2024-01-12 (Fri, 12 Jan 2024)

  Changed paths:
    M providers/implementations/ciphers/cipher_aes.h
    M providers/implementations/ciphers/cipher_aes_hw_s390x.inc

  Log Message:
  -----------
  Fix partial block encryption in cfb and ofb for s390x

Use the number of processed bytes information (num) from the generic
cipher context for the partial block handling in cfb and ofb, instead
of keep this information in the s390x-specific part of the cipher
context. The information in the generic context is reset properly,
even if the context is re-initialized without resetting the key or iv.

Fixes: #23175

Signed-off-by: Holger Dengler <dengler at linux.ibm.com>

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23201)


  Commit: f9ccd209c3d121668c51a992613c698f2a774cb3
      https://github.com/openssl/openssl/commit/f9ccd209c3d121668c51a992613c698f2a774cb3
  Author: Holger Dengler <dengler at linux.ibm.com>
  Date:   2024-01-12 (Fri, 12 Jan 2024)

  Changed paths:
    M crypto/evp/e_aes.c

  Log Message:
  -----------
  Fix partial block encryption in cfb and ofb for s390x (legacy)

Use the number of processed bytes information (num) from the generic
cipher context for the partial block handling in cfb and ofb also in
s390x-legacy code. For more details see 4df92c1a14 ("Fix partial block
encryption in cfb and ofb for s390x").

Signed-off-by: Holger Dengler <dengler at linux.ibm.com>

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23201)


  Commit: 3cb1b51dddf4deaf5e3886b827f3245d81670bc7
      https://github.com/openssl/openssl/commit/3cb1b51dddf4deaf5e3886b827f3245d81670bc7
  Author: Holger Dengler <dengler at linux.ibm.com>
  Date:   2024-01-12 (Fri, 12 Jan 2024)

  Changed paths:
    M test/evp_extra_test.c

  Log Message:
  -----------
  Add tests for re-using cipher contexts

Add test case for re-using a cipher context with the same key, iv and
cipher. It detects, if the hardware-specific cipher context is reset
correctly, like reported in issue #23175.

This test has encrypt and decrypt iterations for cfb128 and
ofb128. All iteations use the same key, iv and plaintext.

Signed-off-by: Holger Dengler <dengler at linux.ibm.com>

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23201)


Compare: https://github.com/openssl/openssl/compare/0856bf519ffc...3cb1b51dddf4

More information about the openssl-commits mailing list