crypto: artpec6 - set correct iv size for gcm(aes)
authorLars Persson <lars.persson@axis.com>
Tue, 12 Dec 2017 11:40:22 +0000 (12:40 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 24 Mar 2018 10:01:28 +0000 (11:01 +0100)
[ Upstream commit 6d6e71feb183aa588c849e20e7baa47cb162928a ]

The IV size should not include the 32 bit counter. Because we had the
IV size set as 16 the transform only worked when the IV input was zero
padded.

Fixes: a21eb94fc4d3 ("crypto: axis - add ARTPEC-6/7 crypto accelerator driver")
Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/crypto/axis/artpec6_crypto.c

index 0f9754e077191e07f3ad985ad2897822f99a932c..6eb5cb92b9863d2800717fb996bcd0353332e78a 100644 (file)
@@ -22,6 +22,7 @@
 #include <linux/slab.h>
 
 #include <crypto/aes.h>
+#include <crypto/gcm.h>
 #include <crypto/internal/aead.h>
 #include <crypto/internal/hash.h>
 #include <crypto/internal/skcipher.h>
@@ -1934,7 +1935,7 @@ static int artpec6_crypto_prepare_aead(struct aead_request *areq)
 
        memcpy(req_ctx->hw_ctx.J0, areq->iv, crypto_aead_ivsize(cipher));
        // The HW omits the initial increment of the counter field.
-       crypto_inc(req_ctx->hw_ctx.J0+12, 4);
+       memcpy(req_ctx->hw_ctx.J0 + GCM_AES_IV_SIZE, "\x00\x00\x00\x01", 4);
 
        ret = artpec6_crypto_setup_out_descr(common, &req_ctx->hw_ctx,
                sizeof(struct artpec6_crypto_aead_hw_ctx), false, false);
@@ -2956,7 +2957,7 @@ static struct aead_alg aead_algos[] = {
                .setkey = artpec6_crypto_aead_set_key,
                .encrypt = artpec6_crypto_aead_encrypt,
                .decrypt = artpec6_crypto_aead_decrypt,
-               .ivsize = AES_BLOCK_SIZE,
+               .ivsize = GCM_AES_IV_SIZE,
                .maxauthsize = AES_BLOCK_SIZE,
 
                .base = {