| Message ID | 20210207143946.2099859-5-thara.gopinath@linaro.org |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Regression fixes/clean ups in the Qualcomm crypto engine driver | expand |
On Sun, Feb 07, 2021 at 09:39:39AM -0500, Thara Gopinath wrote: > > + /* > + * The crypto engine does not support any two keys > + * being the same for triple des algorithms. The > + * verify_skcipher_des3_key does not check for all the > + * below conditions. Return -ENOKEY in case any two keys > + * are the same. Revisit to see if a fallback cipher > + * is needed to handle this condition. > + */ > + memcpy(_key, key, DES3_EDE_KEY_SIZE); > + if (!((_key[0] ^ _key[2]) | (_key[1] ^ _key[3])) | > + !((_key[2] ^ _key[4]) | (_key[3] ^ _key[5])) | > + !((_key[0] ^ _key[4]) | (_key[1] ^ _key[5]))) > + return -ENOKEY; This introduces a sparse warning: CHECK ../drivers/crypto/qce/skcipher.c ../drivers/crypto/qce/skcipher.c:241:58: warning: dubious: !x | !y ../drivers/crypto/qce/skcipher.c:242:58: warning: dubious: x | !y Please make sure that you test your patches with C=1 so that you don't introduce new sparse warnings. Thanks, -- Email: Herbert Xu <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c index 12955dcd53dd..de1f37ed4ee6 100644 --- a/drivers/crypto/qce/skcipher.c +++ b/drivers/crypto/qce/skcipher.c @@ -221,12 +221,27 @@ static int qce_des3_setkey(struct crypto_skcipher *ablk, const u8 *key, unsigned int keylen) { struct qce_cipher_ctx *ctx = crypto_skcipher_ctx(ablk); + u32 _key[6]; int err; err = verify_skcipher_des3_key(ablk, key); if (err) return err; + /* + * The crypto engine does not support any two keys + * being the same for triple des algorithms. The + * verify_skcipher_des3_key does not check for all the + * below conditions. Return -ENOKEY in case any two keys + * are the same. Revisit to see if a fallback cipher + * is needed to handle this condition. + */ + memcpy(_key, key, DES3_EDE_KEY_SIZE); + if (!((_key[0] ^ _key[2]) | (_key[1] ^ _key[3])) | + !((_key[2] ^ _key[4]) | (_key[3] ^ _key[5])) | + !((_key[0] ^ _key[4]) | (_key[1] ^ _key[5]))) + return -ENOKEY; + ctx->enc_keylen = keylen; memcpy(ctx->enc_key, key, keylen); return 0;
Return unsupported if any three keys are same for DES3 algorithms since CE does not support this and the operation causes the engine to hang. Signed-off-by: Thara Gopinath <thara.gopinath@linaro.org> --- drivers/crypto/qce/skcipher.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) -- 2.25.1