git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Elena Petrova <lenaptr@google.com>
	Tue, 28 May 2019 14:35:06 +0000 (15:35 +0100)
committer	Kleber Sacilotto de Souza <kleber.souza@canonical.com>
	Wed, 14 Aug 2019 09:18:49 +0000 (11:18 +0200)
commit	e88788852280e5ffa91063bc2394da4171261b1a
tree	1be4e771b76a3b3aea741b3fdf1b662180a48f32	tree
parent	21781ab9c442f80f9e7d2e5a26b9f287aaa9c80c	commit \| diff

crypto: arm64/sha2-ce - correct digest for empty data in finup

BugLink: https://bugs.launchpad.net/bugs/1839036
commit 6bd934de1e393466b319d29c4427598fda096c57 upstream.

The sha256-ce finup implementation for ARM64 produces wrong digest
for empty input (len=0). Expected: the actual digest, result: initial
value of SHA internal state. The error is in sha256_ce_finup:
for empty data `finalize` will be 1, so the code is relying on
sha2_ce_transform to make the final round. However, in
sha256_base_do_update, the block function will not be called when
len == 0.

Fix it by setting finalize to 0 if data is empty.

Fixes: 03802f6a80b3a ("crypto: arm64/sha2-ce - move SHA-224/256 ARMv8 implementation to base layer")
Cc: stable@vger.kernel.org
Signed-off-by: Elena Petrova <lenaptr@google.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>