diff options
-rw-r--r-- | include/crypto/aead.h | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/include/crypto/aead.h b/include/crypto/aead.h index 94141dc1225e..61306ed81b8f 100644 --- a/include/crypto/aead.h +++ b/include/crypto/aead.h @@ -473,8 +473,15 @@ static inline void aead_request_set_callback(struct aead_request *req, * destination is the ciphertext. For a decryption operation, the use is * reversed - the source is the ciphertext and the destination is the plaintext. * - * For both src/dst the layout is associated data, skipped data, - * plain/cipher text, authentication tag. + * For both src/dst the layout is associated data, plain/cipher text, + * authentication tag. + * + * The content of the AD in the destination buffer after processing + * will either be untouched, or it will contain a copy of the AD + * from the source buffer. In order to ensure that it always has + * a copy of the AD, the user must copy the AD over either before + * or after processing. Of course this is not relevant if the user + * is doing in-place processing where src == dst. * * IMPORTANT NOTE AEAD requires an authentication tag (MAC). For decryption, * the caller must concatenate the ciphertext followed by the @@ -525,8 +532,7 @@ static inline void aead_request_set_assoc(struct aead_request *req, * @assoclen: number of bytes in associated data * * Setting the AD information. This function sets the length of - * the associated data and the number of bytes to skip after it to - * access the plain/cipher text. + * the associated data. */ static inline void aead_request_set_ad(struct aead_request *req, unsigned int assoclen) |