Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
crypto: qce - Return unsupported if any three keys are same for DES3 algorithms
Return unsupported if any three keys are same for DES3 algorithms
since CE does not support this and the operation causes the engine to
hang.
Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
authored by
Thara Gopinath
and committed by
Herbert Xu
42f730a4
f0d078dd
+15
+15
drivers/crypto/qce/skcipher.c
+15
drivers/crypto/qce/skcipher.c
···
221
221
unsigned int keylen)
222
222
{
223
223
struct qce_cipher_ctx *ctx = crypto_skcipher_ctx(ablk);
224
+
u32 _key[6];
224
225
int err;
225
226
226
227
err = verify_skcipher_des3_key(ablk, key);
227
228
if (err)
228
229
return err;
230
+
231
+
/*
232
+
* The crypto engine does not support any two keys
233
+
* being the same for triple des algorithms. The
234
+
* verify_skcipher_des3_key does not check for all the
235
+
* below conditions. Return -ENOKEY in case any two keys
236
+
* are the same. Revisit to see if a fallback cipher
237
+
* is needed to handle this condition.
238
+
*/
239
+
memcpy(_key, key, DES3_EDE_KEY_SIZE);
240
+
if (!((_key[0] ^ _key[2]) | (_key[1] ^ _key[3])) ||
241
+
!((_key[2] ^ _key[4]) | (_key[3] ^ _key[5])) ||
242
+
!((_key[0] ^ _key[4]) | (_key[1] ^ _key[5])))
243
+
return -ENOKEY;
229
244
230
245
ctx->enc_keylen = keylen;
231
246
memcpy(ctx->enc_key, key, keylen);