Horia Geanta horia.geanta@nxp.com wrote:
On 12/7/2018 1:32 PM, Sascha Hauer wrote:
The crypto API wants the updated IV in req->info after decryption. The updated IV used to be copied correctly to req->info after running the decryption job. Since 115957bb3e59 this is done before running the job so instead of the updated IV only the unmodified input IV is given back to the crypto API.
Saving IV before running the decryption was done to address in-place cbc decryption - when the last block is overwritten with plaintext before having the chance to copy it.
The API expects the IV to be set to the next IV value so that chaining can be performed. This can mean different things depending on the algorithm.
Cheers,