Message ID | 520c0215.kHFgBNcJQfAPXpv3%jmlatten@linux.vnet.ibm.com (mailing list archive) |
---|---|
State | Not Applicable |
Headers | show |
On Wed, Aug 14, 2013 at 05:17:57PM -0500, jmlatten@linux.vnet.ibm.com wrote: > This patch fixes a bug in the nx-aes-gcm implementation. > Corrected the code so that the authtag is always verified after > decrypting and not just when there is associated data included. > Also, corrected the code to retrieve the input authtag from src > instead of dst. > > Reviewed-by: Fionnuala Gunter <fin@linux.vnet.ibm.com> > Reviewed-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com> > Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com> Patch applied. Thanks!
diff --git a/drivers/crypto/nx/nx-aes-gcm.c b/drivers/crypto/nx/nx-aes-gcm.c index 6cca6c3..eb851bb 100644 --- a/drivers/crypto/nx/nx-aes-gcm.c +++ b/drivers/crypto/nx/nx-aes-gcm.c @@ -243,11 +243,11 @@ static int gcm_aes_nx_crypt(struct aead_request *req, int enc) req->dst, nbytes, crypto_aead_authsize(crypto_aead_reqtfm(req)), SCATTERWALK_TO_SG); - } else if (req->assoclen) { + } else { u8 *itag = nx_ctx->priv.gcm.iauth_tag; u8 *otag = csbcpb->cpb.aes_gcm.out_pat_or_mac; - scatterwalk_map_and_copy(itag, req->dst, nbytes, + scatterwalk_map_and_copy(itag, req->src, nbytes, crypto_aead_authsize(crypto_aead_reqtfm(req)), SCATTERWALK_FROM_SG); rc = memcmp(itag, otag,