1. 03 May, 2019 2 commits
    • Christian Lamparter's avatar
      crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues · 7e92e171
      Christian Lamparter authored
      Currently, crypto4xx CFB and OFB AES ciphers are
      failing testmgr's test vectors.
      
      |cfb-aes-ppc4xx encryption overran dst buffer on test vector 3, cfg="in-place"
      |ofb-aes-ppc4xx encryption overran dst buffer on test vector 1, cfg="in-place"
      
      This is because of a very subtile "bug" in the hardware that
      gets indirectly mentioned in 18.1.3.5 Encryption/Decryption
      of the hardware spec:
      
      the OFB and CFB modes for AES are listed there as operation
      modes for >>> "Block ciphers" <<<. Which kind of makes sense,
      but we would like them to be considered as stream ciphers just
      like the CTR mode.
      
      To workaround this issue and stop the hardware from causing
      "overran dst buffer" on crypttexts that are not a multiple
      of 16 (AES_BLOCK_SIZE), we force the driver to use the scatter
      buffers as the go-between.
      
      As a bonus this patch also kills redundant pd_uinfo->num_gd
      and pd_uinfo->num_sd setters since the value has already been
      set before.
      
      Cc: stable@vger.kernel.org
      Fixes: f2a13e7c ("crypto: crypto4xx - enable AES RFC3686, ECB, CFB and OFB offloads")
      Signed-off-by: default avatarChristian Lamparter <chunkeey@gmail.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      7e92e171
    • Christian Lamparter's avatar
      crypto: crypto4xx - fix ctr-aes missing output IV · 25baaf8e
      Christian Lamparter authored
      Commit 8efd972e ("crypto: testmgr - support checking skcipher output IV")
      caused the crypto4xx driver to produce the following error:
      
      | ctr-aes-ppc4xx encryption test failed (wrong output IV)
      | on test vector 0, cfg="in-place"
      
      This patch fixes this by reworking the crypto4xx_setkey_aes()
      function to:
      
       - not save the iv for ECB (as per 18.2.38 CRYP0_SA_CMD_0:
         "This bit mut be cleared for DES ECB mode or AES ECB mode,
         when no IV is used.")
      
       - instruct the hardware to save the generated IV for all
         other modes of operations that have IV and then supply
         it back to the callee in pretty much the same way as we
         do it for cbc-aes already.
      
       - make it clear that the DIR_(IN|OUT)BOUND is the important
         bit that tells the hardware to encrypt or decrypt the data.
         (this is cosmetic - but it hopefully prevents me from
          getting confused again).
      
       - don't load any bogus hash when we don't use any hash
         operation to begin with.
      
      Cc: stable@vger.kernel.org
      Fixes: f2a13e7c ("crypto: crypto4xx - enable AES RFC3686, ECB, CFB and OFB offloads")
      Signed-off-by: default avatarChristian Lamparter <chunkeey@gmail.com>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      25baaf8e
  2. 25 Apr, 2019 38 commits