diff options
Diffstat (limited to 'crypto/ghash-generic.c')
| -rw-r--r-- | crypto/ghash-generic.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/crypto/ghash-generic.c b/crypto/ghash-generic.c index e6307935413c..dad9e1f91a78 100644 --- a/crypto/ghash-generic.c +++ b/crypto/ghash-generic.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0-only /* * GHASH: digest algorithm for GCM (Galois/Counter Mode). * @@ -6,10 +7,6 @@ * Author: Huang Ying <ying.huang@intel.com> * * The algorithm implementation is copied from gcm.c. - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 as published - * by the Free Software Foundation. */ #include <crypto/algapi.h> @@ -34,6 +31,7 @@ static int ghash_setkey(struct crypto_shash *tfm, const u8 *key, unsigned int keylen) { struct ghash_ctx *ctx = crypto_shash_ctx(tfm); + be128 k; if (keylen != GHASH_BLOCK_SIZE) { crypto_shash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); @@ -42,7 +40,12 @@ static int ghash_setkey(struct crypto_shash *tfm, if (ctx->gf128) gf128mul_free_4k(ctx->gf128); - ctx->gf128 = gf128mul_init_4k_lle((be128 *)key); + + BUILD_BUG_ON(sizeof(k) != GHASH_BLOCK_SIZE); + memcpy(&k, key, GHASH_BLOCK_SIZE); /* avoid violating alignment rules */ + ctx->gf128 = gf128mul_init_4k_lle(&k); + memzero_explicit(&k, GHASH_BLOCK_SIZE); + if (!ctx->gf128) return -ENOMEM; |