Commit 0be8a270 authored by Herbert Xu's avatar Herbert Xu

crypto: arm64/aes-ce-ccm - Fix AEAD decryption length

This patch fixes the ARM64 CE CCM implementation decryption by
using skcipher_walk_aead_decrypt instead of skcipher_walk_aead,
which ensures the correct length is used when doing the walk.

Fixes: cf2c0fe7 ("crypto: aes-ce-ccm - Use skcipher walk interface")
Reported-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent ff330f73
...@@ -167,7 +167,7 @@ static int ccm_encrypt(struct aead_request *req) ...@@ -167,7 +167,7 @@ static int ccm_encrypt(struct aead_request *req)
/* preserve the original iv for the final round */ /* preserve the original iv for the final round */
memcpy(buf, req->iv, AES_BLOCK_SIZE); memcpy(buf, req->iv, AES_BLOCK_SIZE);
err = skcipher_walk_aead(&walk, req, true); err = skcipher_walk_aead_encrypt(&walk, req, true);
while (walk.nbytes) { while (walk.nbytes) {
u32 tail = walk.nbytes % AES_BLOCK_SIZE; u32 tail = walk.nbytes % AES_BLOCK_SIZE;
...@@ -219,7 +219,7 @@ static int ccm_decrypt(struct aead_request *req) ...@@ -219,7 +219,7 @@ static int ccm_decrypt(struct aead_request *req)
/* preserve the original iv for the final round */ /* preserve the original iv for the final round */
memcpy(buf, req->iv, AES_BLOCK_SIZE); memcpy(buf, req->iv, AES_BLOCK_SIZE);
err = skcipher_walk_aead(&walk, req, true); err = skcipher_walk_aead_decrypt(&walk, req, true);
while (walk.nbytes) { while (walk.nbytes) {
u32 tail = walk.nbytes % AES_BLOCK_SIZE; u32 tail = walk.nbytes % AES_BLOCK_SIZE;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment