[PATCH] crypto: caam - fix IV loading for authenc (giv)decryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



For algorithms that implement IV generators before the crypto ops,
the IV needed for decryption is initially located in req->src
scatterlist, not in req->iv.
aead_givdecrypt() is updated to put the IV in place.

Cc: <stable@xxxxxxxxxxxxxxx> # 4.3+
Fixes: 479bcc7c5b9e ("crypto: caam - Convert authenc to new AEAD interface")
Suggested-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Horia Geantă <horia.geanta@xxxxxxx>
---

Herbert, as you suggested, aead_givdecrypt() is now setting the IV.

In terms of optimizations, would it be safe to assume all "geniv" authenc
algorithms - {echainiv, seqiv}(authenc) - get assoc,iv,ciphertext in
req->src for decryption?
The idea would be to avoid copying IV into req->iv and instruct
the crypto engine to access it directly from req->src scatterlist.

 drivers/crypto/caam/caamalg.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 6dc597126b79..78be2bea1273 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -2545,6 +2545,7 @@ static int aead_givdecrypt(struct aead_request *req)
 	if (req->cryptlen < ivsize)
 		return -EINVAL;
 
+	scatterwalk_map_and_copy(req->iv, req->src, req->assoclen, ivsize, 0);
 	req->cryptlen -= ivsize;
 	req->assoclen += ivsize;
 
-- 
2.4.4

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux