[lng-odp] [PATCH] linux-generic: crypto: fix AES-GCM compatibility with old version of OpenSSL

[Nicolas Morey-Chaisemartin]

Old version of OpenSSL require SET_TAG to be called before
 decrypting the data. New versions are compatible either way

Signed-off-by: Nicolas Morey-Chaisemartin 
---

Repost due to previous mail tagged as SPAM

 platform/linux-generic/odp_crypto.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/platform/linux-generic/odp_crypto.c 
b/platform/linux-generic/odp_crypto.c
index 65e8503..92bc2f3 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -397,6 +397,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t 
*params,
int plain_len = 0;
 
EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);
+   EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
 
/* Authenticate header data (if any) without encrypting them */
if (aad_head < cipherdata) {
@@ -414,8 +415,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t 
*params,
  auth_len - (aad_tail - aad_head));
}
 
-   EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
-
if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, _len) < 0)
return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
 
___
lng-odp mailing list
lng-odp@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/lng-odp

Re: [lng-odp] [PATCH] linux-generic: crypto: fix AES-GCM compatibility with old version of OpenSSL

[Maxim Uvarov]

resend to list (google marked it as spam).

Maxim.



On 01/12/2016 20:40, Nicolas Morey-Chaisemartin wrote:

Old version of OpenSSL require SET_TAG to be called before
  decrypting the data. New versions are compatible either way

Signed-off-by: Nicolas Morey-Chaisemartin 
---
  platform/linux-generic/odp_crypto.c | 3 +--
  1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/platform/linux-generic/odp_crypto.c 
b/platform/linux-generic/odp_crypto.c
index 65e8503..92bc2f3 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -397,6 +397,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t 
*params,
int plain_len = 0;
  
  	EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);

+   EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
  
  	/* Authenticate header data (if any) without encrypting them */

if (aad_head < cipherdata) {
@@ -414,8 +415,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t 
*params,
  auth_len - (aad_tail - aad_head));
}
  
-	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);

-
if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, _len) < 0)
return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
  


___
lng-odp mailing list
lng-odp@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/lng-odp

[lng-odp] [PATCH] linux-generic: crypto: fix AES-GCM compatibility with old version of OpenSSL

[Nicolas Morey-Chaisemartin]

Old version of OpenSSL require SET_TAG to be called before
 decrypting the data. New versions are compatible either way

Signed-off-by: Nicolas Morey-Chaisemartin 
---
 platform/linux-generic/odp_crypto.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/platform/linux-generic/odp_crypto.c 
b/platform/linux-generic/odp_crypto.c
index 65e8503..92bc2f3 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -397,6 +397,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t 
*params,
int plain_len = 0;
 
EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_enc);
+   EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
 
/* Authenticate header data (if any) without encrypting them */
if (aad_head < cipherdata) {
@@ -414,8 +415,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_crypto_op_params_t 
*params,
  auth_len - (aad_tail - aad_head));
}
 
-   EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
-
if (EVP_DecryptFinal_ex(ctx, cipherdata + cipher_len, _len) < 0)
return ODP_CRYPTO_ALG_ERR_ICV_CHECK;
 
-- 
2.6.3.372.gcb93895

___
lng-odp mailing list
lng-odp@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/lng-odp