[CRYPTO] aead: Return EBADMSG for ICV mismatch
authorHerbert Xu <herbert@gondor.apana.org.au>
Tue, 4 Dec 2007 09:07:27 +0000 (20:07 +1100)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 10 Jan 2008 21:16:32 +0000 (08:16 +1100)
This patch changes gcm/authenc to return EBADMSG instead of EINVAL for
ICV mismatches.  This convention has already been adopted by IPsec.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/authenc.c
crypto/gcm.c

index 82e03ffa62455a3afd8a058e395e66da2ad37e6d..6c9104ebf2f40999da0fde80b1c0ffff8c0cd40f 100644 (file)
@@ -200,7 +200,7 @@ auth_unlock:
 
        authsize = crypto_aead_authsize(authenc);
        scatterwalk_map_and_copy(ihash, src, cryptlen, authsize, 0);
-       return memcmp(ihash, ohash, authsize) ? -EINVAL : 0;
+       return memcmp(ihash, ohash, authsize) ? -EBADMSG: 0;
 }
 
 static void crypto_authenc_decrypt_done(struct crypto_async_request *req,
index ed8a6261b346f32e5f0cff67ca5f81520ff59185..d60c340b0b9dc7e18f0144ca0a1b5ccde75865ef 100644 (file)
@@ -327,7 +327,7 @@ static int crypto_gcm_decrypt(struct aead_request *req)
 
        scatterwalk_map_and_copy(iauth_tag, req->src, cryptlen, authsize, 0);
        if (memcmp(iauth_tag, auth_tag, authsize))
-               return -EINVAL;
+               return -EBADMSG;
 
        return crypto_ablkcipher_decrypt(&abreq);
 }