Fix partial block encryption in cfb and ofb for s390x

Use the number of processed bytes information (num) from the generic cipher context for the partial block handling in cfb and ofb, instead of keep this information in the s390x-specific part of the cipher context. The information in the generic context is reset properly, even if the context is re-initialized without resetting the key or iv. Fixes: #23175 Signed-off-by: Holger Dengler <dengler@linux.ibm.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #23201) (cherry picked from commit 576a357)
openssl · Jan 12, 2024 · 8e60b9d · 8e60b9d
1 parent 41b16c8
commit 8e60b9d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 7 deletions.
diff --git a/providers/implementations/ciphers/cipher_aes.h b/providers/implementations/ciphers/cipher_aes.h
@@ -44,7 +44,6 @@ typedef struct prov_aes_ctx_st {
                 /* KMO-AES/KMF-AES parameter block - end */
             } param;
             unsigned int fc;
-            int res;
         } s390x;
 #endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */
     } plat;

diff --git a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc
@@ -58,15 +58,14 @@ static int s390x_aes_ofb128_initkey(PROV_CIPHER_CTX *dat,
 
     memcpy(adat->plat.s390x.param.kmo_kmf.k, key, keylen);
     adat->plat.s390x.fc = S390X_AES_FC(keylen);
-    adat->plat.s390x.res = 0;
     return 1;
 }
 
 static int s390x_aes_ofb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
                                       const unsigned char *in, size_t len)
 {
     PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
-    int n = adat->plat.s390x.res;
+    int n = dat->num;
     int rem;
 
     memcpy(adat->plat.s390x.param.kmo_kmf.cv, dat->iv, dat->ivlen);
@@ -102,7 +101,7 @@ static int s390x_aes_ofb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
     }
 
     memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
-    adat->plat.s390x.res = n;
+    dat->num = n;
     return 1;
 }
 
@@ -113,7 +112,6 @@ static int s390x_aes_cfb128_initkey(PROV_CIPHER_CTX *dat,
 
     adat->plat.s390x.fc = S390X_AES_FC(keylen);
     adat->plat.s390x.fc |= 16 << 24;   /* 16 bytes cipher feedback */
-    adat->plat.s390x.res = 0;
     memcpy(adat->plat.s390x.param.kmo_kmf.k, key, keylen);
     return 1;
 }
@@ -123,7 +121,7 @@ static int s390x_aes_cfb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
 {
     PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
     unsigned int modifier = adat->base.enc ? 0 : S390X_DECRYPT;
-    int n = adat->plat.s390x.res;
+    int n = dat->num;
     int rem;
     unsigned char tmp;
 
@@ -164,7 +162,7 @@ static int s390x_aes_cfb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
     }
 
     memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
-    adat->plat.s390x.res = n;
+    dat->num = n;
     return 1;
 }