crypto: qce - Return unsupported if key1 and key 2 are same for AES XTS algorithm

Crypto engine does not support key1 = key2 for AES XTS algorithm; the operation hangs the engines. Return -EINVAL in case key1 and key2 are the same. Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2024-11-17 01:22:07 +00:00 · 2021-02-11 15:01:20 -05:00 · 2021-02-11 15:01:20 -05:00 · f0d078dd6c
commit f0d078dd6c
parent 38de3cf21f
1 changed files with 18 additions and 1 deletions
--- a/drivers/crypto/qce/skcipher.c
+++ b/drivers/crypto/qce/skcipher.c
@ -167,16 +167,33 @@ static int qce_skcipher_setkey(struct crypto_skcipher *ablk, const u8 *key,
 	struct crypto_tfm *tfm = crypto_skcipher_tfm(ablk);
 	struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
 	unsigned long flags = to_cipher_tmpl(ablk)->alg_flags;
+	unsigned int __keylen;
 	int ret;

 	if (!key || !keylen)
 		return -EINVAL;

-	switch (IS_XTS(flags) ? keylen >> 1 : keylen) {
+	/*
+	 * AES XTS key1 = key2 not supported by crypto engine.
+	 * Revisit to request a fallback cipher in this case.
+	 */
+	if (IS_XTS(flags)) {
+		__keylen = keylen >> 1;
+		if (!memcmp(key, key + __keylen, __keylen))
+			return -ENOKEY;
+	} else {
+		__keylen = keylen;
+	}
+
+	switch (__keylen) {
 	case AES_KEYSIZE_128:
 	case AES_KEYSIZE_256:
 		memcpy(ctx->enc_key, key, keylen);
 		break;
+	case AES_KEYSIZE_192:
+		break;
+	default:
+		return -EINVAL;
 	}

 	ret = crypto_skcipher_setkey(ctx->fallback, key, keylen);