From: Ondrej Mosnacek <omosnacek@xxxxxxxxx>
AEGIS-256 key is two blocks, not one.
Fixes: 1d373d4e8e15 ("crypto: x86 - Add optimized AEGIS implementations")
Reported-by: Eric Biggers <ebiggers3@xxxxxxxxx>
Signed-off-by: Ondrej Mosnacek <omosnacek@xxxxxxxxx>
---
arch/x86/crypto/aegis256-aesni-glue.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/x86/crypto/aegis256-aesni-glue.c b/arch/x86/crypto/aegis256-aesni-glue.c
index 3181655dd862..2b5dd3af8f4d 100644
--- a/arch/x86/crypto/aegis256-aesni-glue.c
+++ b/arch/x86/crypto/aegis256-aesni-glue.c
@@ -57,7 +57,7 @@ struct aegis_state {
};
struct aegis_ctx {
- struct aegis_block key;
+ struct aegis_block key[AEGIS256_KEY_SIZE / AEGIS256_BLOCK_SIZE];
};
struct aegis_crypt_ops {
@@ -164,7 +164,7 @@ static int crypto_aegis256_aesni_setkey(struct crypto_aead *aead, const u8 *key,
return -EINVAL;
}
- memcpy(ctx->key.bytes, key, AEGIS256_KEY_SIZE);
+ memcpy(ctx->key, key, AEGIS256_KEY_SIZE);
return 0;
}
@@ -190,7 +190,7 @@ static void crypto_aegis256_aesni_crypt(struct aead_request *req,
kernel_fpu_begin();
- crypto_aegis256_aesni_init(&state, ctx->key.bytes, req->iv);
+ crypto_aegis256_aesni_init(&state, ctx->key, req->iv);
crypto_aegis256_aesni_process_ad(&state, req->src, req->assoclen);
crypto_aegis256_aesni_process_crypt(&state, req, ops);
crypto_aegis256_aesni_final(&state, tag_xor, req->assoclen, cryptlen);
--
2.17.0
