diff mbox series

[v5,06/11] crypto: qce: skcipher: Return error for non-blocksize data(ECB/CBC algorithms)

Message ID 20210204214359.1993065-7-thara.gopinath@linaro.org
State Superseded
Headers show
Series Regression fixes/clean ups in the Qualcomm crypto engine driver | expand

Commit Message

Thara Gopinath Feb. 4, 2021, 9:43 p.m. UTC
ECB/CBC encryption/decryption requires the data to be blocksize aligned.
Crypto engine hangs on non-block sized operations for these algorithms.
Return invalid data if data size is not blocksize aligned for these
algorithms.

Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org>

---
 drivers/crypto/qce/skcipher.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

-- 
2.25.1

Comments

Eric Biggers Feb. 4, 2021, 10:50 p.m. UTC | #1
On Thu, Feb 04, 2021 at 04:43:54PM -0500, Thara Gopinath wrote:
> +	/*

> +	 * ECB and CBC algorithms require message lengths to be

> +	 * multiples of block size.

> +	 * TODO: The spec says AES CBC mode for certain versions

> +	 * of crypto engine can handle partial blocks as well.

> +	 * Test and enable such messages.

> +	 */

> +	if (IS_ECB(rctx->flags) || IS_CBC(rctx->flags))

> +		if (!IS_ALIGNED(req->cryptlen, blocksize))

> +			return -EINVAL;


CBC by definition only operates on full blocks, so the TODO doesn't make sense.
Is the partial block support really CTS-CBC?

- Eric
Thara Gopinath Feb. 5, 2021, 12:24 a.m. UTC | #2
On 2/4/21 5:50 PM, Eric Biggers wrote:
> On Thu, Feb 04, 2021 at 04:43:54PM -0500, Thara Gopinath wrote:

>> +	/*

>> +	 * ECB and CBC algorithms require message lengths to be

>> +	 * multiples of block size.

>> +	 * TODO: The spec says AES CBC mode for certain versions

>> +	 * of crypto engine can handle partial blocks as well.

>> +	 * Test and enable such messages.

>> +	 */

>> +	if (IS_ECB(rctx->flags) || IS_CBC(rctx->flags))

>> +		if (!IS_ALIGNED(req->cryptlen, blocksize))

>> +			return -EINVAL;

> 

> CBC by definition only operates on full blocks, so the TODO doesn't make sense.

> Is the partial block support really CTS-CBC?


Ya you are right. It should be CTS-CBC and not AES CBC. Though the spec 
is quite fuzzy about this part.

I can remove the comment and spin the next version or just leave it 
there for now and remove it later.

> 

> - Eric

> 


-- 
Warm Regards
Thara
diff mbox series

Patch

diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c
index 331b3c3a5b59..28bea9584c33 100644
--- a/drivers/crypto/qce/skcipher.c
+++ b/drivers/crypto/qce/skcipher.c
@@ -254,6 +254,7 @@  static int qce_skcipher_crypt(struct skcipher_request *req, int encrypt)
 	struct qce_cipher_ctx *ctx = crypto_skcipher_ctx(tfm);
 	struct qce_cipher_reqctx *rctx = skcipher_request_ctx(req);
 	struct qce_alg_template *tmpl = to_cipher_tmpl(tfm);
+	unsigned int blocksize = crypto_skcipher_blocksize(tfm);
 	int keylen;
 	int ret;
 
@@ -265,6 +266,17 @@  static int qce_skcipher_crypt(struct skcipher_request *req, int encrypt)
 	if (!req->cryptlen)
 		return -EOPNOTSUPP;
 
+	/*
+	 * ECB and CBC algorithms require message lengths to be
+	 * multiples of block size.
+	 * TODO: The spec says AES CBC mode for certain versions
+	 * of crypto engine can handle partial blocks as well.
+	 * Test and enable such messages.
+	 */
+	if (IS_ECB(rctx->flags) || IS_CBC(rctx->flags))
+		if (!IS_ALIGNED(req->cryptlen, blocksize))
+			return -EINVAL;
+
 	/* qce is hanging when AES-XTS request len > QCE_SECTOR_SIZE and
 	 * is not a multiple of it; pass such requests to the fallback
 	 */