From 25e6317272656a0cc4416a7471308257389c818f Mon Sep 17 00:00:00 2001 From: Michael Scire Date: Tue, 20 Feb 2018 09:41:16 -0800 Subject: [PATCH] Fix GHASH comment. --- exosphere/gcm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/exosphere/gcm.c b/exosphere/gcm.c index 7eae551ba..f20ab122f 100644 --- a/exosphere/gcm.c +++ b/exosphere/gcm.c @@ -148,7 +148,9 @@ int gcm_decrypt_key(unsigned int keyslot, void *dst, size_t dst_size, const void uint8_t j_block[0x10]; ghash(j_block, src, 0x10, NULL, 0); - /* MAC = GHASH(CTR) ^ ENCRYPT(J) */ + /* MAC = GHASH(PLAINTEXT) ^ ENCRYPT(J) */ + /* Note: That MAC is calculated over plaintext is non-standard. */ + /* It is supposed to be over the ciphertext. */ uint8_t calc_mac[0x10]; ghash(calc_mac, dst, src_size - 0x20, j_block, 1);