On 10/14/2014 12:17 PM, Tudor Ambarus wrote:

+static int rfc4106_setkey(struct crypto_aead *aead,
+                         const u8 *key, unsigned int keylen)
+{
+       struct caam_ctx *ctx = crypto_aead_ctx(aead);
+       struct device *jrdev = ctx->jrdev;
+       int ret = 0;
+
+       /*
+        * The last four bytes of the key material are used as the salt value
+        * in the nonce. Update the AES key length.
+        */
+       if (keylen < 4)
+               return -EINVAL;
+       keylen -= 4;

The salt will not be copied in the ctx->key, so the descriptors will use as a salt whatever resides in memory after (updated) keylen bytes.

I will submit a new patch set in which I will update the AES key length after copying the key material in ctx->key.

tcrypt tests passed because they use salt values of zero.
Back-to-back tests passed because I used caam with rfc4106 accelerated on both boards.

+
+#ifdef DEBUG
+       print_hex_dump(KERN_ERR, "key in @"__stringify(__LINE__)": ",
+                      DUMP_PREFIX_ADDRESS, 16, 4, key, keylen, 1);
+#endif
+
+       memcpy(ctx->key, key, keylen);

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to