crypto: atmel-aes - Add NIST 800-38A's zero length cryptlen constraint

NIST 800-38A requires for the ECB, CBC, CFB, OFB and CTR modes that
the plaintext and ciphertext to have a positive integer length.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
index 4e9515e..8ea873b 100644 (file)
--- a/drivers/crypto/atmel-aes.c
+++ b/drivers/crypto/atmel-aes.c
@@ -1094,6 +1094,13 @@ static int atmel_aes_crypt(struct skcipher_request *req, unsigned long mode)
        if (opmode == AES_FLAGS_XTS && req->cryptlen < XTS_BLOCK_SIZE)
                return -EINVAL;
 
+       /*
+        * ECB, CBC, CFB, OFB or CTR mode require the plaintext and ciphertext
+        * to have a positve integer length.
+        */
+       if (!req->cryptlen && opmode != AES_FLAGS_XTS)
+               return 0;
+
        if ((opmode == AES_FLAGS_ECB || opmode == AES_FLAGS_CBC) &&
            !IS_ALIGNED(req->cryptlen, crypto_skcipher_blocksize(skcipher)))
                return -EINVAL;