diff mbox

linux-gen: crypto: fix aes gcm decryption

Message ID 1477925401-6860-1-git-send-email-maxim.uvarov@linaro.org
State Superseded
Headers show

Commit Message

Maxim Uvarov Oct. 31, 2016, 2:50 p.m. UTC 
We should first initialize, then set up decryption also
and only then push blocks for decryption.
https://bugs.linaro.org/show_bug.cgi?id=2571

Signed-off-by: Max Uvarov <muvarov@gmail.com>

Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>

---
 platform/linux-generic/odp_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.7.1.250.gff4ea60
diff mbox

Patch

diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c
index c7431e6..9e09d42 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -398,6 +398,8 @@  odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t *params,
 
 	EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);
 
+	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
+
 	/* Authenticate header data (if any) without encrypting them */
 	if (aad_head < cipherdata) {
 		EVP_DecryptUpdate(ctx, NULL, &plain_len,
@@ -414,8 +416,6 @@  odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t *params,
 				  auth_len - (aad_tail - aad_head));
 	}
 
-	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
-
 	if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) < 0)
 		return ODP_CRYPTO_ALG_ERR_ICV_CHECK;