Commit f0d078dd authored by Thara Gopinath's avatar Thara Gopinath Committed by Herbert Xu
Browse files

crypto: qce - Return unsupported if key1 and key 2 are same for AES XTS algorithm



Crypto engine does not support key1 = key2 for AES XTS algorithm; the
operation hangs the engines.  Return -EINVAL in case key1 and key2 are the
same.

Signed-off-by: default avatarThara Gopinath <thara.gopinath@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 38de3cf2
Loading
Loading
Loading
Loading
+18 −1
Original line number Diff line number Diff line
@@ -167,16 +167,33 @@ static int qce_skcipher_setkey(struct crypto_skcipher *ablk, const u8 *key,
	struct crypto_tfm *tfm = crypto_skcipher_tfm(ablk);
	struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
	unsigned long flags = to_cipher_tmpl(ablk)->alg_flags;
	unsigned int __keylen;
	int ret;

	if (!key || !keylen)
		return -EINVAL;

	switch (IS_XTS(flags) ? keylen >> 1 : keylen) {
	/*
	 * AES XTS key1 = key2 not supported by crypto engine.
	 * Revisit to request a fallback cipher in this case.
	 */
	if (IS_XTS(flags)) {
		__keylen = keylen >> 1;
		if (!memcmp(key, key + __keylen, __keylen))
			return -ENOKEY;
	} else {
		__keylen = keylen;
	}

	switch (__keylen) {
	case AES_KEYSIZE_128:
	case AES_KEYSIZE_256:
		memcpy(ctx->enc_key, key, keylen);
		break;
	case AES_KEYSIZE_192:
		break;
	default:
		return -EINVAL;
	}

	ret = crypto_skcipher_setkey(ctx->fallback, key, keylen);