summaryrefslogtreecommitdiffstats
path: root/drivers
diff options
context:
space:
mode:
authorLongfang Liu <liulongfang@huawei.com>2021-03-27 11:28:30 +0100
committerHerbert Xu <herbert@gondor.apana.org.au>2021-04-02 09:28:14 +0200
commit059c5342812c448f21bed1881a75134320e9c8a2 (patch)
tree841a09f31048f17c4054bc6cc24471324aea9cb6 /drivers
parentcrypto: hisilicon/hpre - Add processing of src_data in 'CURVE25519' (diff)
downloadlinux-059c5342812c448f21bed1881a75134320e9c8a2.tar.xz
linux-059c5342812c448f21bed1881a75134320e9c8a2.zip
crypto: hisilicon/sec - Fixes AES algorithm mode parameter problem
The input data of the ECB (AES) algorithm needs to be aligned with 16 bytes, and the input data of the XTS (AES) algorithm is at least 16 bytes. Otherwise the SEC hardware will go wrong. Signed-off-by: Longfang Liu <liulongfang@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers')
-rw-r--r--drivers/crypto/hisilicon/sec2/sec_crypto.c37
1 files changed, 32 insertions, 5 deletions
diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c
index c74082ced4a0..71c01256ef0c 100644
--- a/drivers/crypto/hisilicon/sec2/sec_crypto.c
+++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c
@@ -1397,6 +1397,36 @@ static int sec_aead_sha512_ctx_init(struct crypto_aead *tfm)
return sec_aead_ctx_init(tfm, "sha512");
}
+
+static int sec_skcipher_cryptlen_ckeck(struct sec_ctx *ctx,
+ struct sec_req *sreq)
+{
+ u32 cryptlen = sreq->c_req.sk_req->cryptlen;
+ struct device *dev = ctx->dev;
+ u8 c_mode = ctx->c_ctx.c_mode;
+ int ret = 0;
+
+ switch (c_mode) {
+ case SEC_CMODE_XTS:
+ if (unlikely(cryptlen < AES_BLOCK_SIZE)) {
+ dev_err(dev, "skcipher XTS mode input length error!\n");
+ ret = -EINVAL;
+ }
+ break;
+ case SEC_CMODE_ECB:
+ case SEC_CMODE_CBC:
+ if (unlikely(cryptlen & (AES_BLOCK_SIZE - 1))) {
+ dev_err(dev, "skcipher AES input length error!\n");
+ ret = -EINVAL;
+ }
+ break;
+ default:
+ ret = -EINVAL;
+ }
+
+ return ret;
+}
+
static int sec_skcipher_param_check(struct sec_ctx *ctx, struct sec_req *sreq)
{
struct skcipher_request *sk_req = sreq->c_req.sk_req;
@@ -1421,12 +1451,9 @@ static int sec_skcipher_param_check(struct sec_ctx *ctx, struct sec_req *sreq)
}
return 0;
} else if (c_alg == SEC_CALG_AES || c_alg == SEC_CALG_SM4) {
- if (unlikely(sk_req->cryptlen & (AES_BLOCK_SIZE - 1))) {
- dev_err(dev, "skcipher aes input length error!\n");
- return -EINVAL;
- }
- return 0;
+ return sec_skcipher_cryptlen_ckeck(ctx, sreq);
}
+
dev_err(dev, "skcipher algorithm error!\n");
return -EINVAL;