From 851f3915659941db00a0cda58867e68139e5e0d1 Mon Sep 17 00:00:00 2001 From: Sebastien Buisson Date: Tue, 18 Oct 2022 17:19:01 +0200 Subject: [PATCH 1/1] LU-16249 sec: krb5_decrypt_bulk calls decryption primitive krb5_decrypt_bulk() was mistakenly calling an encryption primitive instead of a decryption primitive for the confounder. Test-Parameters: trivial Fixes: 0a65279121 ("LU-13344 gss: Update crypto to use sync_skcipher") Signed-off-by: Sebastien Buisson Change-Id: I9251172644ed6baa3bb06a59dbe7c1bab401d817 --- lustre/ptlrpc/gss/gss_krb5_mech.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lustre/ptlrpc/gss/gss_krb5_mech.c b/lustre/ptlrpc/gss/gss_krb5_mech.c index a544e8b..d959249 100644 --- a/lustre/ptlrpc/gss/gss_krb5_mech.c +++ b/lustre/ptlrpc/gss/gss_krb5_mech.c @@ -840,7 +840,7 @@ int krb5_decrypt_bulk(struct crypto_sync_skcipher *tfm, skcipher_request_set_crypt(req, sg_src.sgl, sg_dst.sgl, blocksize, local_iv); - rc = crypto_skcipher_encrypt_iv(req, sg_dst.sgl, sg_src.sgl, blocksize); + rc = crypto_skcipher_decrypt_iv(req, sg_dst.sgl, sg_src.sgl, blocksize); gss_teardown_sgtable(&sg_dst); gss_teardown_sgtable(&sg_src); -- 1.8.3.1