Skip to content

Commit

Permalink
[CRYPTO] aead: Return EBADMSG for ICV mismatch
Browse files Browse the repository at this point in the history 
This patch changes gcm/authenc to return EBADMSG instead of EINVAL for
ICV mismatches.  This convention has already been adopted by IPsec.

Signed-off-by: Herbert Xu <[email protected]>
  • Loading branch information
@herbertx
herbertx committed Jan 10, 2008
1 parent 6160b28 commit fe70f5d
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion crypto/authenc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,7 @@ static int crypto_authenc_verify(struct aead_request *req,

authsize = crypto_aead_authsize(authenc);
scatterwalk_map_and_copy(ihash, src, cryptlen, authsize, 0);
return memcmp(ihash, ohash, authsize) ? -EINVAL : 0;
return memcmp(ihash, ohash, authsize) ? -EBADMSG: 0;
}

static void crypto_authenc_decrypt_done(struct crypto_async_request *req,
Expand Down
2 changes: 1 addition & 1 deletion crypto/gcm.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -327,7 +327,7 @@ static int crypto_gcm_decrypt(struct aead_request *req)

scatterwalk_map_and_copy(iauth_tag, req->src, cryptlen, authsize, 0);
if (memcmp(iauth_tag, auth_tag, authsize))
return -EINVAL;
return -EBADMSG;

return crypto_ablkcipher_decrypt(&abreq);
}
Expand Down

0 comments on commit fe70f5d

Please sign in to comment.