Old version of OpenSSL require SET_TAG to be called before
decrypting the data. New versions are compatible either way
Signed-off-by: Nicolas Morey-Chaisemartin <nmo...@kalray.eu>
---
platform/linux-generic/odp_crypto.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/platform/linux-generic/odp_crypto.c
b/platform/linux-generic/odp_crypto.c
index 65e8503..92bc2f3 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -397,6 +397,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t
*params,
int plain_len = 0;
EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
/* Authenticate header data (if any) without encrypting them */
if (aad_head < cipherdata) {
@@ -414,8 +415,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t
*params,
auth_len - (aad_tail - aad_head));
}
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
-
if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) < 0)
return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
--
2.6.3.372.gcb93895
_______________________________________________
lng-odp mailing list
lng-odp@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/lng-odp
