summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjmlatten@linux.vnet.ibm.com <jmlatten@linux.vnet.ibm.com>2013-08-14 22:17:57 (GMT)
committerHerbert Xu <herbert@gondor.apana.org.au>2013-08-21 11:08:38 (GMT)
commitb4eba0ca341fb6ad0199ab3f2244aa7e0c4cb34d (patch)
treed2b9cc14eb30f6bcdf1b139e4ae382984209e9e6
parentd4d8edf88544e4df694d32594c3dde63f82be960 (diff)
downloadlinux-b4eba0ca341fb6ad0199ab3f2244aa7e0c4cb34d.tar.xz
crypto: nx - fix nx-aes-gcm verification
This patch fixes a bug in the nx-aes-gcm implementation. Corrected the code so that the authtag is always verified after decrypting and not just when there is associated data included. Also, corrected the code to retrieve the input authtag from src instead of dst. Reviewed-by: Fionnuala Gunter <fin@linux.vnet.ibm.com> Reviewed-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com> Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--drivers/crypto/nx/nx-aes-gcm.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/crypto/nx/nx-aes-gcm.c b/drivers/crypto/nx/nx-aes-gcm.c
index df90d03..74feee1 100644
--- a/drivers/crypto/nx/nx-aes-gcm.c
+++ b/drivers/crypto/nx/nx-aes-gcm.c
@@ -246,11 +246,11 @@ static int gcm_aes_nx_crypt(struct aead_request *req, int enc)
req->dst, nbytes,
crypto_aead_authsize(crypto_aead_reqtfm(req)),
SCATTERWALK_TO_SG);
- } else if (req->assoclen) {
+ } else {
u8 *itag = nx_ctx->priv.gcm.iauth_tag;
u8 *otag = csbcpb->cpb.aes_gcm.out_pat_or_mac;
- scatterwalk_map_and_copy(itag, req->dst, nbytes,
+ scatterwalk_map_and_copy(itag, req->src, nbytes,
crypto_aead_authsize(crypto_aead_reqtfm(req)),
SCATTERWALK_FROM_SG);
rc = memcmp(itag, otag,