Searched hist:"102986213 c9fb99b332df89c1670e00fa337c5c8" (Results 1 – 2 of 2) sorted by relevance
| /optee_os/core/arch/arm/crypto/ |
| H A D | aes-gcm-ce.c | 102986213c9fb99b332df89c1670e00fa337c5c8 Tue Sep 23 07:45:34 UTC 2025 Rayan Hu <rayan.hu@mediatek.com> core: crypto: fix AES-GCM in-place decryption order
Fix AES-GCM in-place decryption to ensure GHASH always uses the original
ciphertext. Previously, plaintext could overwrite ciphertext before GHASH,
causing authentication failures. Now GHASH is processed before decryption,
so in-place and non in-place decryption both work correctly without extra
buffering or conditional checks.
Tested with both in-place and non in-place decryption; all cases now
produce correct authentication tags.
Fixes: 1fca7e269b13 ("core: crypto: add new AES-GCM implementation")
Signed-off-by: Rayan Hu <rayan.hu@mediatek.com>
Reviewed-by: Menson Chen <menson.chen@mediatek.com>
Reviewed-by: ChingMing Chen <chingming.chen@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
| /optee_os/core/crypto/ |
| H A D | aes-gcm.c | 102986213c9fb99b332df89c1670e00fa337c5c8 Tue Sep 23 07:45:34 UTC 2025 Rayan Hu <rayan.hu@mediatek.com> core: crypto: fix AES-GCM in-place decryption order
Fix AES-GCM in-place decryption to ensure GHASH always uses the original
ciphertext. Previously, plaintext could overwrite ciphertext before GHASH,
causing authentication failures. Now GHASH is processed before decryption,
so in-place and non in-place decryption both work correctly without extra
buffering or conditional checks.
Tested with both in-place and non in-place decryption; all cases now
produce correct authentication tags.
Fixes: 1fca7e269b13 ("core: crypto: add new AES-GCM implementation")
Signed-off-by: Rayan Hu <rayan.hu@mediatek.com>
Reviewed-by: Menson Chen <menson.chen@mediatek.com>
Reviewed-by: ChingMing Chen <chingming.chen@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|