[PATCH 1/2] crypto: inside-secure - fix invalidation check in hmac_sha1

Linux cryptographic layer development
 help / color / mirror / Atom feed

* [PATCH 1/2] crypto: inside-secure - fix invalidation check in hmac_sha1_setkey
@ 2017-07-17  9:45 Antoine Tenart
  2017-07-17  9:45 ` [PATCH 2/2] crypto: inside-secure - fix the sha state length " Antoine Tenart
  2017-07-18 13:07 ` [PATCH 1/2] crypto: inside-secure - fix invalidation check " Antoine Tenart
  0 siblings, 2 replies; 3+ messages in thread
From: Antoine Tenart @ 2017-07-17  9:45 UTC (permalink / raw)
  To: herbert, davem
  Cc: Antoine Tenart, thomas.petazzoni, gregory.clement, oferh, igall,
	nadavh, linux-crypto

The safexcel_hmac_sha1_setkey function checks if an invalidation command
should be issued, i.e. when the context ipad/opad change. This checks is
done after filling the ipad/opad which and it can't be true. The patch
fixes this by moving the check before the ipad/opad memcpy operations.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
---
 drivers/crypto/inside-secure/safexcel_hash.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c
index 8527a5899a2f..a11b2edb41b9 100644
--- a/drivers/crypto/inside-secure/safexcel_hash.c
+++ b/drivers/crypto/inside-secure/safexcel_hash.c
@@ -883,9 +883,6 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key,
 	if (ret)
 		return ret;
 
-	memcpy(ctx->ipad, &istate.state, SHA1_DIGEST_SIZE);
-	memcpy(ctx->opad, &ostate.state, SHA1_DIGEST_SIZE);
-
 	for (i = 0; i < ARRAY_SIZE(istate.state); i++) {
 		if (ctx->ipad[i] != le32_to_cpu(istate.state[i]) ||
 		    ctx->opad[i] != le32_to_cpu(ostate.state[i])) {
@@ -894,6 +891,9 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key,
 		}
 	}
 
+	memcpy(ctx->ipad, &istate.state, SHA1_DIGEST_SIZE);
+	memcpy(ctx->opad, &ostate.state, SHA1_DIGEST_SIZE);
+
 	return 0;
 }
 
-- 
2.13.3

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [PATCH 2/2] crypto: inside-secure - fix the sha state length in hmac_sha1_setkey
  2017-07-17  9:45 [PATCH 1/2] crypto: inside-secure - fix invalidation check in hmac_sha1_setkey Antoine Tenart
@ 2017-07-17  9:45 ` Antoine Tenart
  2017-07-18 13:07 ` [PATCH 1/2] crypto: inside-secure - fix invalidation check " Antoine Tenart
  1 sibling, 0 replies; 3+ messages in thread
From: Antoine Tenart @ 2017-07-17  9:45 UTC (permalink / raw)
  To: herbert, davem
  Cc: Antoine Tenart, thomas.petazzoni, gregory.clement, oferh, igall,
	nadavh, linux-crypto

A check is performed on the ipad/opad in the safexcel_hmac_sha1_setkey
function, but the index used by the loop doing it is wrong. It is
currently the size of the state array while it should be the size of a
sha1 state. This patch fixes it.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
---
 drivers/crypto/inside-secure/safexcel_hash.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c
index a11b2edb41b9..3f819399cd95 100644
--- a/drivers/crypto/inside-secure/safexcel_hash.c
+++ b/drivers/crypto/inside-secure/safexcel_hash.c
@@ -883,7 +883,7 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key,
 	if (ret)
 		return ret;
 
-	for (i = 0; i < ARRAY_SIZE(istate.state); i++) {
+	for (i = 0; i < SHA1_DIGEST_SIZE / sizeof(u32); i++) {
 		if (ctx->ipad[i] != le32_to_cpu(istate.state[i]) ||
 		    ctx->opad[i] != le32_to_cpu(ostate.state[i])) {
 			ctx->base.needs_inv = true;
-- 
2.13.3

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH 1/2] crypto: inside-secure - fix invalidation check in hmac_sha1_setkey
  2017-07-17  9:45 [PATCH 1/2] crypto: inside-secure - fix invalidation check in hmac_sha1_setkey Antoine Tenart
  2017-07-17  9:45 ` [PATCH 2/2] crypto: inside-secure - fix the sha state length " Antoine Tenart
@ 2017-07-18 13:07 ` Antoine Tenart
  1 sibling, 0 replies; 3+ messages in thread
From: Antoine Tenart @ 2017-07-18 13:07 UTC (permalink / raw)
  To: herbert, davem
  Cc: Antoine Tenart, thomas.petazzoni, gregory.clement, oferh, igall,
	nadavh, linux-crypto

[-- Attachment #1: Type: text/plain, Size: 1749 bytes --]

Hi,

On Mon, Jul 17, 2017 at 11:45:19AM +0200, Antoine Tenart wrote:
> The safexcel_hmac_sha1_setkey function checks if an invalidation command
> should be issued, i.e. when the context ipad/opad change. This checks is
> done after filling the ipad/opad which and it can't be true. The patch
> fixes this by moving the check before the ipad/opad memcpy operations.
> 
> Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>

This patch should have stable: and fixes: tags. I'll add them and send a
v2.

Thanks,
Antoine

> ---
>  drivers/crypto/inside-secure/safexcel_hash.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c
> index 8527a5899a2f..a11b2edb41b9 100644
> --- a/drivers/crypto/inside-secure/safexcel_hash.c
> +++ b/drivers/crypto/inside-secure/safexcel_hash.c
> @@ -883,9 +883,6 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key,
>  	if (ret)
>  		return ret;
>  
> -	memcpy(ctx->ipad, &istate.state, SHA1_DIGEST_SIZE);
> -	memcpy(ctx->opad, &ostate.state, SHA1_DIGEST_SIZE);
> -
>  	for (i = 0; i < ARRAY_SIZE(istate.state); i++) {
>  		if (ctx->ipad[i] != le32_to_cpu(istate.state[i]) ||
>  		    ctx->opad[i] != le32_to_cpu(ostate.state[i])) {
> @@ -894,6 +891,9 @@ static int safexcel_hmac_sha1_setkey(struct crypto_ahash *tfm, const u8 *key,
>  		}
>  	}
>  
> +	memcpy(ctx->ipad, &istate.state, SHA1_DIGEST_SIZE);
> +	memcpy(ctx->opad, &ostate.state, SHA1_DIGEST_SIZE);
> +
>  	return 0;
>  }
>  
> -- 
> 2.13.3
> 

-- 
Antoine Ténart, Free Electrons
Embedded Linux and Kernel engineering
http://free-electrons.com

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2017-07-18 13:07 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-07-17  9:45 [PATCH 1/2] crypto: inside-secure - fix invalidation check in hmac_sha1_setkey Antoine Tenart
2017-07-17  9:45 ` [PATCH 2/2] crypto: inside-secure - fix the sha state length " Antoine Tenart
2017-07-18 13:07 ` [PATCH 1/2] crypto: inside-secure - fix invalidation check " Antoine Tenart

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox