CRYPTO_gcm128_decrypt: fix mac or tag calculation

author Zhang Jinde <zjd5536@163.com>

Thu, 24 Sep 2020 06:48:28 +0000 (14:48 +0800)

committer Tomas Mraz <tomas@openssl.org>

Fri, 19 Feb 2021 11:24:03 +0000 (12:24 +0100)
author Zhang Jinde <zjd5536@163.com>
Thu, 24 Sep 2020 06:48:28 +0000 (14:48 +0800)
committer Tomas Mraz <tomas@openssl.org>
Fri, 19 Feb 2021 11:24:03 +0000 (12:24 +0100)
diff --git a/crypto/modes/gcm128.c b/crypto/modes/gcm128.c

index 4f52073d7f7a70a350d4e3aaf61e1f29b1708689..a6147e41a1fa0c3b8318585e3cf1ab8a384f68cd 100644 (file)
--- a/crypto/modes/gcm128.c
+++ b/crypto/modes/gcm128.c
@@ -1359,8 +1359,8 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
                  else
                      ctx->Yi.d[3] = ctr;
                  for (i = 0; i < 16 / sizeof(size_t); ++i) {
-                    size_t c = in[i];
-                    out[i] = c ^ ctx->EKi.t[i];
+                    size_t c = in_t[i];
+                    out_t[i] = c ^ ctx->EKi.t[i];
                      ctx->Xi.t[i] ^= c;
                  }
                  GCM_MUL(ctx);
author	Zhang Jinde <zjd5536@163.com>
	Thu, 24 Sep 2020 06:48:28 +0000 (14:48 +0800)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 19 Feb 2021 11:24:03 +0000 (12:24 +0100)