* [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
@ 2018-10-03 5:22 ` Eric Biggers
0 siblings, 0 replies; 6+ messages in thread
From: Eric Biggers @ 2018-10-03 5:22 UTC (permalink / raw)
To: linux-crypto, Herbert Xu; +Cc: linux-arm-kernel, Ard Biesheuvel
From: Eric Biggers <ebiggers@google.com>
In the new arm64 CTS-CBC implementation, return an error code rather
than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set
cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to
indicate the minimum input size.
Fixes: dd597fb33ff0 ("crypto: arm64/aes-blk - add support for CTS-CBC mode")
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
arch/arm64/crypto/aes-glue.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c
index 26d2b0263ba63..1e676625ef33f 100644
--- a/arch/arm64/crypto/aes-glue.c
+++ b/arch/arm64/crypto/aes-glue.c
@@ -243,8 +243,11 @@ static int cts_cbc_encrypt(struct skcipher_request *req)
skcipher_request_set_tfm(&rctx->subreq, tfm);
- if (req->cryptlen == AES_BLOCK_SIZE)
+ if (req->cryptlen <= AES_BLOCK_SIZE) {
+ if (req->cryptlen < AES_BLOCK_SIZE)
+ return -EINVAL;
cbc_blocks = 1;
+ }
if (cbc_blocks > 0) {
unsigned int blocks;
@@ -305,8 +308,11 @@ static int cts_cbc_decrypt(struct skcipher_request *req)
skcipher_request_set_tfm(&rctx->subreq, tfm);
- if (req->cryptlen == AES_BLOCK_SIZE)
+ if (req->cryptlen <= AES_BLOCK_SIZE) {
+ if (req->cryptlen < AES_BLOCK_SIZE)
+ return -EINVAL;
cbc_blocks = 1;
+ }
if (cbc_blocks > 0) {
unsigned int blocks;
@@ -486,14 +492,13 @@ static struct skcipher_alg aes_algs[] = { {
.cra_driver_name = "__cts-cbc-aes-" MODE,
.cra_priority = PRIO,
.cra_flags = CRYPTO_ALG_INTERNAL,
- .cra_blocksize = 1,
+ .cra_blocksize = AES_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct crypto_aes_ctx),
.cra_module = THIS_MODULE,
},
.min_keysize = AES_MIN_KEY_SIZE,
.max_keysize = AES_MAX_KEY_SIZE,
.ivsize = AES_BLOCK_SIZE,
- .chunksize = AES_BLOCK_SIZE,
.walksize = 2 * AES_BLOCK_SIZE,
.setkey = skcipher_aes_setkey,
.encrypt = cts_cbc_encrypt,
--
2.19.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
@ 2018-10-03 5:22 ` Eric Biggers
0 siblings, 0 replies; 6+ messages in thread
From: Eric Biggers @ 2018-10-03 5:22 UTC (permalink / raw)
To: linux-arm-kernel
From: Eric Biggers <ebiggers@google.com>
In the new arm64 CTS-CBC implementation, return an error code rather
than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set
cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to
indicate the minimum input size.
Fixes: dd597fb33ff0 ("crypto: arm64/aes-blk - add support for CTS-CBC mode")
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
arch/arm64/crypto/aes-glue.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c
index 26d2b0263ba63..1e676625ef33f 100644
--- a/arch/arm64/crypto/aes-glue.c
+++ b/arch/arm64/crypto/aes-glue.c
@@ -243,8 +243,11 @@ static int cts_cbc_encrypt(struct skcipher_request *req)
skcipher_request_set_tfm(&rctx->subreq, tfm);
- if (req->cryptlen == AES_BLOCK_SIZE)
+ if (req->cryptlen <= AES_BLOCK_SIZE) {
+ if (req->cryptlen < AES_BLOCK_SIZE)
+ return -EINVAL;
cbc_blocks = 1;
+ }
if (cbc_blocks > 0) {
unsigned int blocks;
@@ -305,8 +308,11 @@ static int cts_cbc_decrypt(struct skcipher_request *req)
skcipher_request_set_tfm(&rctx->subreq, tfm);
- if (req->cryptlen == AES_BLOCK_SIZE)
+ if (req->cryptlen <= AES_BLOCK_SIZE) {
+ if (req->cryptlen < AES_BLOCK_SIZE)
+ return -EINVAL;
cbc_blocks = 1;
+ }
if (cbc_blocks > 0) {
unsigned int blocks;
@@ -486,14 +492,13 @@ static struct skcipher_alg aes_algs[] = { {
.cra_driver_name = "__cts-cbc-aes-" MODE,
.cra_priority = PRIO,
.cra_flags = CRYPTO_ALG_INTERNAL,
- .cra_blocksize = 1,
+ .cra_blocksize = AES_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct crypto_aes_ctx),
.cra_module = THIS_MODULE,
},
.min_keysize = AES_MIN_KEY_SIZE,
.max_keysize = AES_MAX_KEY_SIZE,
.ivsize = AES_BLOCK_SIZE,
- .chunksize = AES_BLOCK_SIZE,
.walksize = 2 * AES_BLOCK_SIZE,
.setkey = skcipher_aes_setkey,
.encrypt = cts_cbc_encrypt,
--
2.19.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
2018-10-03 5:22 ` Eric Biggers
@ 2018-10-03 8:02 ` Ard Biesheuvel
-1 siblings, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2018-10-03 8:02 UTC (permalink / raw)
To: Eric Biggers
Cc: open list:HARDWARE RANDOM NUMBER GENERATOR CORE, linux-arm-kernel,
Herbert Xu
On 3 October 2018 at 07:22, Eric Biggers <ebiggers@kernel.org> wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> In the new arm64 CTS-CBC implementation, return an error code rather
> than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set
> cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to
> indicate the minimum input size.
>
> Fixes: dd597fb33ff0 ("crypto: arm64/aes-blk - add support for CTS-CBC mode")
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Thanks Eric
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> arch/arm64/crypto/aes-glue.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c
> index 26d2b0263ba63..1e676625ef33f 100644
> --- a/arch/arm64/crypto/aes-glue.c
> +++ b/arch/arm64/crypto/aes-glue.c
> @@ -243,8 +243,11 @@ static int cts_cbc_encrypt(struct skcipher_request *req)
>
> skcipher_request_set_tfm(&rctx->subreq, tfm);
>
> - if (req->cryptlen == AES_BLOCK_SIZE)
> + if (req->cryptlen <= AES_BLOCK_SIZE) {
> + if (req->cryptlen < AES_BLOCK_SIZE)
> + return -EINVAL;
> cbc_blocks = 1;
> + }
>
> if (cbc_blocks > 0) {
> unsigned int blocks;
> @@ -305,8 +308,11 @@ static int cts_cbc_decrypt(struct skcipher_request *req)
>
> skcipher_request_set_tfm(&rctx->subreq, tfm);
>
> - if (req->cryptlen == AES_BLOCK_SIZE)
> + if (req->cryptlen <= AES_BLOCK_SIZE) {
> + if (req->cryptlen < AES_BLOCK_SIZE)
> + return -EINVAL;
> cbc_blocks = 1;
> + }
>
> if (cbc_blocks > 0) {
> unsigned int blocks;
> @@ -486,14 +492,13 @@ static struct skcipher_alg aes_algs[] = { {
> .cra_driver_name = "__cts-cbc-aes-" MODE,
> .cra_priority = PRIO,
> .cra_flags = CRYPTO_ALG_INTERNAL,
> - .cra_blocksize = 1,
> + .cra_blocksize = AES_BLOCK_SIZE,
> .cra_ctxsize = sizeof(struct crypto_aes_ctx),
> .cra_module = THIS_MODULE,
> },
> .min_keysize = AES_MIN_KEY_SIZE,
> .max_keysize = AES_MAX_KEY_SIZE,
> .ivsize = AES_BLOCK_SIZE,
> - .chunksize = AES_BLOCK_SIZE,
> .walksize = 2 * AES_BLOCK_SIZE,
> .setkey = skcipher_aes_setkey,
> .encrypt = cts_cbc_encrypt,
> --
> 2.19.0
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
@ 2018-10-03 8:02 ` Ard Biesheuvel
0 siblings, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2018-10-03 8:02 UTC (permalink / raw)
To: linux-arm-kernel
On 3 October 2018 at 07:22, Eric Biggers <ebiggers@kernel.org> wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> In the new arm64 CTS-CBC implementation, return an error code rather
> than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set
> cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to
> indicate the minimum input size.
>
> Fixes: dd597fb33ff0 ("crypto: arm64/aes-blk - add support for CTS-CBC mode")
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Thanks Eric
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> arch/arm64/crypto/aes-glue.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c
> index 26d2b0263ba63..1e676625ef33f 100644
> --- a/arch/arm64/crypto/aes-glue.c
> +++ b/arch/arm64/crypto/aes-glue.c
> @@ -243,8 +243,11 @@ static int cts_cbc_encrypt(struct skcipher_request *req)
>
> skcipher_request_set_tfm(&rctx->subreq, tfm);
>
> - if (req->cryptlen == AES_BLOCK_SIZE)
> + if (req->cryptlen <= AES_BLOCK_SIZE) {
> + if (req->cryptlen < AES_BLOCK_SIZE)
> + return -EINVAL;
> cbc_blocks = 1;
> + }
>
> if (cbc_blocks > 0) {
> unsigned int blocks;
> @@ -305,8 +308,11 @@ static int cts_cbc_decrypt(struct skcipher_request *req)
>
> skcipher_request_set_tfm(&rctx->subreq, tfm);
>
> - if (req->cryptlen == AES_BLOCK_SIZE)
> + if (req->cryptlen <= AES_BLOCK_SIZE) {
> + if (req->cryptlen < AES_BLOCK_SIZE)
> + return -EINVAL;
> cbc_blocks = 1;
> + }
>
> if (cbc_blocks > 0) {
> unsigned int blocks;
> @@ -486,14 +492,13 @@ static struct skcipher_alg aes_algs[] = { {
> .cra_driver_name = "__cts-cbc-aes-" MODE,
> .cra_priority = PRIO,
> .cra_flags = CRYPTO_ALG_INTERNAL,
> - .cra_blocksize = 1,
> + .cra_blocksize = AES_BLOCK_SIZE,
> .cra_ctxsize = sizeof(struct crypto_aes_ctx),
> .cra_module = THIS_MODULE,
> },
> .min_keysize = AES_MIN_KEY_SIZE,
> .max_keysize = AES_MAX_KEY_SIZE,
> .ivsize = AES_BLOCK_SIZE,
> - .chunksize = AES_BLOCK_SIZE,
> .walksize = 2 * AES_BLOCK_SIZE,
> .setkey = skcipher_aes_setkey,
> .encrypt = cts_cbc_encrypt,
> --
> 2.19.0
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
2018-10-03 5:22 ` Eric Biggers
@ 2018-10-08 5:53 ` Herbert Xu
-1 siblings, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2018-10-08 5:53 UTC (permalink / raw)
To: Eric Biggers; +Cc: linux-crypto, linux-arm-kernel, Ard Biesheuvel
On Tue, Oct 02, 2018 at 10:22:15PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> In the new arm64 CTS-CBC implementation, return an error code rather
> than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set
> cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to
> indicate the minimum input size.
>
> Fixes: dd597fb33ff0 ("crypto: arm64/aes-blk - add support for CTS-CBC mode")
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs
@ 2018-10-08 5:53 ` Herbert Xu
0 siblings, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2018-10-08 5:53 UTC (permalink / raw)
To: linux-arm-kernel
On Tue, Oct 02, 2018 at 10:22:15PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> In the new arm64 CTS-CBC implementation, return an error code rather
> than crashing on inputs shorter than AES_BLOCK_SIZE bytes. Also set
> cra_blocksize to AES_BLOCK_SIZE (like is done in the cts template) to
> indicate the minimum input size.
>
> Fixes: dd597fb33ff0 ("crypto: arm64/aes-blk - add support for CTS-CBC mode")
> Signed-off-by: Eric Biggers <ebiggers@google.com>
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-10-08 5:53 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-10-03 5:22 [PATCH] crypto: arm64/aes - fix handling sub-block CTS-CBC inputs Eric Biggers
2018-10-03 5:22 ` Eric Biggers
2018-10-03 8:02 ` Ard Biesheuvel
2018-10-03 8:02 ` Ard Biesheuvel
2018-10-08 5:53 ` Herbert Xu
2018-10-08 5:53 ` Herbert Xu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.