提交 6775e2c4 编写于 作者: D Daniel P. Berrange 提交者: Paolo Bonzini

crypto: fix built-in AES decrypt function

The qcrypto_cipher_decrypt_aes method was using the wrong
key material, and passing the wrong mode. This caused it
to incorrectly decrypt ciphertext.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
Message-Id: <1437740634-6261-1-git-send-email-berrange@redhat.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
上级 f793d97e
...@@ -117,7 +117,7 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, ...@@ -117,7 +117,7 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher,
uint8_t *outptr = out; uint8_t *outptr = out;
while (len) { while (len) {
if (len > AES_BLOCK_SIZE) { if (len > AES_BLOCK_SIZE) {
AES_decrypt(inptr, outptr, &ctxt->state.aes.encrypt_key); AES_decrypt(inptr, outptr, &ctxt->state.aes.decrypt_key);
inptr += AES_BLOCK_SIZE; inptr += AES_BLOCK_SIZE;
outptr += AES_BLOCK_SIZE; outptr += AES_BLOCK_SIZE;
len -= AES_BLOCK_SIZE; len -= AES_BLOCK_SIZE;
...@@ -126,15 +126,15 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, ...@@ -126,15 +126,15 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher,
memcpy(tmp1, inptr, len); memcpy(tmp1, inptr, len);
/* Fill with 0 to avoid valgrind uninitialized reads */ /* Fill with 0 to avoid valgrind uninitialized reads */
memset(tmp1 + len, 0, sizeof(tmp1) - len); memset(tmp1 + len, 0, sizeof(tmp1) - len);
AES_decrypt(tmp1, tmp2, &ctxt->state.aes.encrypt_key); AES_decrypt(tmp1, tmp2, &ctxt->state.aes.decrypt_key);
memcpy(outptr, tmp2, len); memcpy(outptr, tmp2, len);
len = 0; len = 0;
} }
} }
} else { } else {
AES_cbc_encrypt(in, out, len, AES_cbc_encrypt(in, out, len,
&ctxt->state.aes.encrypt_key, &ctxt->state.aes.decrypt_key,
ctxt->state.aes.iv, 1); ctxt->state.aes.iv, 0);
} }
return 0; return 0;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册