Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
crypto: qce - Return unsupported if key1 and key 2 are same for AES XTS algorithm
Crypto engine does not support key1 = key2 for AES XTS algorithm; the
operation hangs the engines. Return -EINVAL in case key1 and key2 are the
same.
Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
authored by
Thara Gopinath
and committed by
Herbert Xu
f0d078dd
38de3cf2
+18
-1
+18
-1
drivers/crypto/qce/skcipher.c
+18
-1
drivers/crypto/qce/skcipher.c
···
167
167
struct crypto_tfm *tfm = crypto_skcipher_tfm(ablk);
168
168
struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
169
169
unsigned long flags = to_cipher_tmpl(ablk)->alg_flags;
170
+
unsigned int __keylen;
170
171
int ret;
171
172
172
173
if (!key || !keylen)
173
174
return -EINVAL;
174
175
175
-
switch (IS_XTS(flags) ? keylen >> 1 : keylen) {
176
+
/*
177
+
* AES XTS key1 = key2 not supported by crypto engine.
178
+
* Revisit to request a fallback cipher in this case.
179
+
*/
180
+
if (IS_XTS(flags)) {
181
+
__keylen = keylen >> 1;
182
+
if (!memcmp(key, key + __keylen, __keylen))
183
+
return -ENOKEY;
184
+
} else {
185
+
__keylen = keylen;
186
+
}
187
+
188
+
switch (__keylen) {
176
189
case AES_KEYSIZE_128:
177
190
case AES_KEYSIZE_256:
178
191
memcpy(ctx->enc_key, key, keylen);
179
192
break;
193
+
case AES_KEYSIZE_192:
194
+
break;
195
+
default:
196
+
return -EINVAL;
180
197
}
181
198
182
199
ret = crypto_skcipher_setkey(ctx->fallback, key, keylen);