Merge pull request #10471 from JacobBarthelmeh/cavium_octeon

fix Octeon AES-GCM J0 derivation when ivSz is a non-12-byte non-zero …
This commit is contained in:
David Garske
2026-05-13 15:25:11 -07:00
committed by GitHub
@@ -514,10 +514,12 @@ static NOOPT int Octeon_AesGcm_SetIV(Aes* aes, byte* iv, word32 ivSz)
for (i = 0; i < blocks; i++, iv += WC_AES_BLOCK_SIZE)
Octeon_GHASH_Update(iv);
XMEMSET(aesBlock, 0, sizeof(aesBlock));
for (i = 0; i < remainder; i++)
aesBlock[i] = iv[i];
Octeon_GHASH_Update(aesBlock);
if (remainder > 0) {
XMEMSET(aesBlock, 0, sizeof(aesBlock));
for (i = 0; i < remainder; i++)
aesBlock[i] = iv[i];
Octeon_GHASH_Update(aesBlock);
}
Octeon_GHASH_Final((byte*)aes->reg, 0, ivSz);
}