On 31 October 2016 at 17:51, Maxim Uvarov <maxim.uva...@linaro.org> wrote:
> We should first initialize, then set up decryption > and only then push blocks for decryption. > https://bugs.linaro.org/show_bug.cgi?id=2571 > > Signed-off-by: Maxim Uvarov <maxim.uva...@linaro.org> > --- > v2: clear reworking > > rewording :) > btw, it was tested here: > https://s3.amazonaws.com/archive.travis-ci.org/jobs/171998583/log.txt > > platform/linux-generic/odp_crypto.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/platform/linux-generic/odp_crypto.c > b/platform/linux-generic/odp_crypto.c > index c7431e6..9e09d42 100644 > --- a/platform/linux-generic/odp_crypto.c > +++ b/platform/linux-generic/odp_crypto.c > @@ -398,6 +398,8 @@ odp_crypto_alg_err_t > aes_gcm_decrypt(odp_crypto_op_params_t > *params, > > EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc); > > + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag); > + > /* Authenticate header data (if any) without encrypting them */ > if (aad_head < cipherdata) { > EVP_DecryptUpdate(ctx, NULL, &plain_len, > @@ -414,8 +416,6 @@ odp_crypto_alg_err_t > aes_gcm_decrypt(odp_crypto_op_params_t > *params, > auth_len - (aad_tail - aad_head)); > } > > - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag); > - > if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, &plain_len) > < 0) > return ODP_CRYPTO_ALG_ERR_ICV_CHECK; > > -- > 2.7.1.250.gff4ea60 > >