crypto: nx - fix nx-aes-gcm verification

This patch fixes a bug in the nx-aes-gcm implementation. Corrected the code so that the authtag is always verified after decrypting and not just when there is associated data included. Also, corrected the code to retrieve the input authtag from src instead of dst. Reviewed-by: Fionnuala Gunter <fin@linux.vnet.ibm.com> Reviewed-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com> Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: jmlatten@linux.vnet.ibm.com <jmlatten@linux.vnet.ibm.com> 2013-08-14 18:17:57 -0400
committer: Herbert Xu <herbert@gondor.apana.org.au> 2013-08-21 07:08:38 -0400
commit: b4eba0ca341fb6ad0199ab3f2244aa7e0c4cb34d (patch)
tree: d2b9cc14eb30f6bcdf1b139e4ae382984209e9e6 /drivers/crypto/nx
parent: d4d8edf88544e4df694d32594c3dde63f82be960 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/crypto/nx/nx-aes-gcm.c b/drivers/crypto/nx/nx-aes-gcm.c
index df90d03afc10..74feee10f943 100644
--- a/drivers/crypto/nx/nx-aes-gcm.c
+++ b/drivers/crypto/nx/nx-aes-gcm.c
@@ -246,11 +246,11 @@ static int gcm_aes_nx_crypt(struct aead_request *req, int enc)
                                 req->dst, nbytes,
                                 crypto_aead_authsize(crypto_aead_reqtfm(req)),
                                 SCATTERWALK_TO_SG);
-        } else if (req->assoclen) {
+        } else {
                u8 *itag = nx_ctx->priv.gcm.iauth_tag;
                u8 *otag = csbcpb->cpb.aes_gcm.out_pat_or_mac;
-                scatterwalk_map_and_copy(itag, req->dst, nbytes,
+                scatterwalk_map_and_copy(itag, req->src, nbytes,
                                 crypto_aead_authsize(crypto_aead_reqtfm(req)),
                                 SCATTERWALK_FROM_SG);
                rc = memcmp(itag, otag,
author	jmlatten@linux.vnet.ibm.com <jmlatten@linux.vnet.ibm.com>	2013-08-14 18:17:57 -0400
committer	Herbert Xu <herbert@gondor.apana.org.au>	2013-08-21 07:08:38 -0400
commit	b4eba0ca341fb6ad0199ab3f2244aa7e0c4cb34d (patch)
tree	d2b9cc14eb30f6bcdf1b139e4ae382984209e9e6 /drivers/crypto/nx
parent	d4d8edf88544e4df694d32594c3dde63f82be960 (diff)

diff --git a/drivers/crypto/nx/nx-aes-gcm.c b/drivers/crypto/nx/nx-aes-gcm.c index df90d03afc10..74feee10f943 100644 --- a/drivers/crypto/nx/nx-aes-gcm.c +++ b/drivers/crypto/nx/nx-aes-gcm.c
@@ -246,11 +246,11 @@ static int gcm_aes_nx_crypt(struct aead_request *req, int enc)
246	req->dst, nbytes,	246	req->dst, nbytes,
247	crypto_aead_authsize(crypto_aead_reqtfm(req)),	247	crypto_aead_authsize(crypto_aead_reqtfm(req)),
248	SCATTERWALK_TO_SG);	248	SCATTERWALK_TO_SG);
249	} else if (req->assoclen) {	249	} else {
250	u8 *itag = nx_ctx->priv.gcm.iauth_tag;	250	u8 *itag = nx_ctx->priv.gcm.iauth_tag;
251	u8 *otag = csbcpb->cpb.aes_gcm.out_pat_or_mac;	251	u8 *otag = csbcpb->cpb.aes_gcm.out_pat_or_mac;
252		252
253	scatterwalk_map_and_copy(itag, req->dst, nbytes,	253	scatterwalk_map_and_copy(itag, req->src, nbytes,
254	crypto_aead_authsize(crypto_aead_reqtfm(req)),	254	crypto_aead_authsize(crypto_aead_reqtfm(req)),
255	SCATTERWALK_FROM_SG);	255	SCATTERWALK_FROM_SG);
256	rc = memcmp(itag, otag,	256	rc = memcmp(itag, otag,