Skip to content

Commit 61b0dd6

Browse files
ambarusherbertx
ambarus
authored and
herbertx
committed
crypto: atmel-tdes - Set the IV after {en,de}crypt
The req->iv of the skcipher_request is expected to contain the last ciphertext block when the {en,de}crypt operation is done. In case of in-place decryption, copy the ciphertext in an intermediate buffer before decryption. This fixes the following tcrypt tests: alg: skcipher: atmel-cbc-des encryption test failed (wrong output IV) on test vector 0, cfg="in-place" 00000000: fe dc ba 98 76 54 32 10 alg: skcipher: atmel-cbc-tdes encryption test failed (wrong output IV) on test vector 0, cfg="in-place" 00000000: 7d 33 88 93 0f 93 b2 42 Signed-off-by: Tudor Ambarus <[email protected]> Signed-off-by: Herbert Xu <[email protected]>
1 parent d1d787b commit 61b0dd6

File tree

1 file changed

+38
-2
lines changed

1 file changed

+38
-2
lines changed

drivers/crypto/atmel-tdes.c

Lines changed: 38 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,7 @@ struct atmel_tdes_ctx {
8181

8282
struct atmel_tdes_reqctx {
8383
unsigned long mode;
84+
u8 lastc[DES_BLOCK_SIZE];
8485
};
8586

8687
struct atmel_tdes_dma {
@@ -572,6 +573,30 @@ static int atmel_tdes_crypt_start(struct atmel_tdes_dev *dd)
572573
return err;
573574
}
574575

576+
static void
577+
atmel_tdes_set_iv_as_last_ciphertext_block(struct atmel_tdes_dev *dd)
578+
{
579+
struct skcipher_request *req = dd->req;
580+
struct atmel_tdes_reqctx *rctx = skcipher_request_ctx(req);
581+
struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
582+
unsigned int ivsize = crypto_skcipher_ivsize(skcipher);
583+
584+
if (req->cryptlen < ivsize)
585+
return;
586+
587+
if (rctx->mode & TDES_FLAGS_ENCRYPT) {
588+
scatterwalk_map_and_copy(req->iv, req->dst,
589+
req->cryptlen - ivsize, ivsize, 0);
590+
} else {
591+
if (req->src == req->dst)
592+
memcpy(req->iv, rctx->lastc, ivsize);
593+
else
594+
scatterwalk_map_and_copy(req->iv, req->src,
595+
req->cryptlen - ivsize,
596+
ivsize, 0);
597+
}
598+
}
599+
575600
static void atmel_tdes_finish_req(struct atmel_tdes_dev *dd, int err)
576601
{
577602
struct skcipher_request *req = dd->req;
@@ -580,6 +605,8 @@ static void atmel_tdes_finish_req(struct atmel_tdes_dev *dd, int err)
580605

581606
dd->flags &= ~TDES_FLAGS_BUSY;
582607

608+
atmel_tdes_set_iv_as_last_ciphertext_block(dd);
609+
583610
req->base.complete(&req->base, err);
584611
}
585612

@@ -668,8 +695,8 @@ static int atmel_tdes_crypt_dma_stop(struct atmel_tdes_dev *dd)
668695

669696
static int atmel_tdes_crypt(struct skcipher_request *req, unsigned long mode)
670697
{
671-
struct atmel_tdes_ctx *ctx = crypto_skcipher_ctx(
672-
crypto_skcipher_reqtfm(req));
698+
struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
699+
struct atmel_tdes_ctx *ctx = crypto_skcipher_ctx(skcipher);
673700
struct atmel_tdes_reqctx *rctx = skcipher_request_ctx(req);
674701

675702
if (mode & TDES_FLAGS_CFB8) {
@@ -700,6 +727,15 @@ static int atmel_tdes_crypt(struct skcipher_request *req, unsigned long mode)
700727

701728
rctx->mode = mode;
702729

730+
if (!(mode & TDES_FLAGS_ENCRYPT) && req->src == req->dst) {
731+
unsigned int ivsize = crypto_skcipher_ivsize(skcipher);
732+
733+
if (req->cryptlen >= ivsize)
734+
scatterwalk_map_and_copy(rctx->lastc, req->src,
735+
req->cryptlen - ivsize,
736+
ivsize, 0);
737+
}
738+
703739
return atmel_tdes_handle_queue(ctx->dd, req);
704740
}
705741

0 commit comments

Comments
 (0)