diff options
author | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2018-10-01 10:36:37 +0200 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2018-10-08 13:44:53 +0800 |
commit | 5a8dedfa3276e88c5865f265195d63d72aec3e72 (patch) | |
tree | cd847d1a7001bb85e18199fe7848a8d454a8b463 /crypto/morus1280.c | |
parent | fd27b571c9f6cf95ddbdf9de7cf0aa8c8cfe8066 (diff) | |
download | lwn-5a8dedfa3276e88c5865f265195d63d72aec3e72.tar.gz lwn-5a8dedfa3276e88c5865f265195d63d72aec3e72.zip |
crypto: morus/generic - fix for big endian systems
Omit the endian swabbing when folding the lengths of the assoc and
crypt input buffers into the state to finalize the tag. This is not
necessary given that the memory representation of the state is in
machine native endianness already.
This fixes an error reported by tcrypt running on a big endian system:
alg: aead: Test 2 failed on encryption for morus640-generic
00000000: a8 30 ef fb e6 26 eb 23 b0 87 dd 98 57 f3 e1 4b
00000010: 21
alg: aead: Test 2 failed on encryption for morus1280-generic
00000000: 88 19 1b fb 1c 29 49 0e ee 82 2f cb 97 a6 a5 ee
00000010: 5f
Fixes: 396be41f16fd ("crypto: morus - Add generic MORUS AEAD implementations")
Cc: <stable@vger.kernel.org> # v4.18+
Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/morus1280.c')
-rw-r--r-- | crypto/morus1280.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/crypto/morus1280.c b/crypto/morus1280.c index d057cf5ac4a8..3889c188f266 100644 --- a/crypto/morus1280.c +++ b/crypto/morus1280.c @@ -385,14 +385,11 @@ static void crypto_morus1280_final(struct morus1280_state *state, struct morus1280_block *tag_xor, u64 assoclen, u64 cryptlen) { - u64 assocbits = assoclen * 8; - u64 cryptbits = cryptlen * 8; - struct morus1280_block tmp; unsigned int i; - tmp.words[0] = cpu_to_le64(assocbits); - tmp.words[1] = cpu_to_le64(cryptbits); + tmp.words[0] = assoclen * 8; + tmp.words[1] = cryptlen * 8; tmp.words[2] = 0; tmp.words[3] = 0; |