From: Ryan Wanner <[email protected]>
I made changes to the crypto engines to fix the errors in the crypto
manager tests. Mainly having to do with in-place tests with two
scatter lists. These are built and tested in 6.2.7 kernel, the
devices that are used for testing is the sam9x60, sama7g5, and
sama5d27_som1_ek.
Adding support for zero-length messages for hmac-sha operations. Using
the atmel_sha_fill_padding() function to padd the empty message manualy
then disabling auto padding. This is built and tested on kernel 6.2.7
using sam9x60, sama7g5, and sama5d27_som1_ek.
Ryan Wanner (4):
crypto: atmel-sha: Add zero length message digest support for hmac
crypto: atmel-tdes - Detecting in-place operations with two sg lists
crypto: atmel-aes - Detecting in-place operations two sg lists
crypto: atmel-aes - Match cfb block size with generic implementation
drivers/crypto/atmel-aes.c | 16 +++++-----------
drivers/crypto/atmel-sha.c | 34 ++++++++++++++++++++++++++++++----
drivers/crypto/atmel-tdes.c | 15 +++++----------
3 files changed, 40 insertions(+), 25 deletions(-)
--
2.37.2
From: Ryan Wanner <[email protected]>
Add softare padding to hmac-sha digest for zero length messages.
Using the atmel_sha_fill_padding() to fill the buffer with a padded
empty message with a length of the block size.
Create a temporary scatter list from the padded buffer to pass into the
data processing functions.
Signed-off-by: Ryan Wanner <[email protected]>
---
drivers/crypto/atmel-sha.c | 34 ++++++++++++++++++++++++++++++----
1 file changed, 30 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/atmel-sha.c b/drivers/crypto/atmel-sha.c
index 00be792e605c..b42e3a0b8cb5 100644
--- a/drivers/crypto/atmel-sha.c
+++ b/drivers/crypto/atmel-sha.c
@@ -1948,14 +1948,32 @@ static int atmel_sha_hmac_digest2(struct atmel_sha_dev *dd)
struct atmel_sha_reqctx *ctx = ahash_request_ctx(req);
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
struct atmel_sha_hmac_ctx *hmac = crypto_ahash_ctx(tfm);
+ struct scatterlist *sgbuf;
size_t hs = ctx->hash_size;
size_t i, num_words = hs / sizeof(u32);
bool use_dma = false;
u32 mr;
/* Special case for empty message. */
- if (!req->nbytes)
- return atmel_sha_complete(dd, -EINVAL); // TODO:
+ if (!req->nbytes) {
+ req->nbytes = 0;
+ ctx->bufcnt = 0;
+ ctx->digcnt[0] = 0;
+ ctx->digcnt[1] = 0;
+ switch (ctx->flags & SHA_FLAGS_ALGO_MASK) {
+ case SHA_FLAGS_SHA1:
+ case SHA_FLAGS_SHA224:
+ case SHA_FLAGS_SHA256:
+ atmel_sha_fill_padding(ctx, 64);
+ break;
+
+ case SHA_FLAGS_SHA384:
+ case SHA_FLAGS_SHA512:
+ atmel_sha_fill_padding(ctx, 128);
+ break;
+ }
+ sg_init_one(&dd->tmp, ctx->buffer, ctx->bufcnt);
+ }
/* Check DMA threshold and alignment. */
if (req->nbytes > ATMEL_SHA_DMA_THRESHOLD &&
@@ -1985,12 +2003,20 @@ static int atmel_sha_hmac_digest2(struct atmel_sha_dev *dd)
atmel_sha_write(dd, SHA_CR, SHA_CR_FIRST);
+ /* Special case for empty message. */
+ if (!req->nbytes) {
+ sgbuf = &dd->tmp;
+ req->nbytes = ctx->bufcnt;
+ } else {
+ sgbuf = req->src;
+ }
+
/* Process data. */
if (use_dma)
- return atmel_sha_dma_start(dd, req->src, req->nbytes,
+ return atmel_sha_dma_start(dd, sgbuf, req->nbytes,
atmel_sha_hmac_final_done);
- return atmel_sha_cpu_start(dd, req->src, req->nbytes, false, true,
+ return atmel_sha_cpu_start(dd, sgbuf, req->nbytes, false, true,
atmel_sha_hmac_final_done);
}
--
2.37.2
From: Ryan Wanner <[email protected]>
Avoiding detecting finely in-place operations with different
scatter lists. Copying the source data for decryption into rctx->lastc
regardless if the operation is in-place or not. This allows in-place
operations with different scatter lists without affecting other
operations.
This approach takes less resources than parsing both scatter lists to
check if they are equal.
Signed-off-by: Ryan Wanner <[email protected]>
---
drivers/crypto/atmel-tdes.c | 15 +++++----------
1 file changed, 5 insertions(+), 10 deletions(-)
diff --git a/drivers/crypto/atmel-tdes.c b/drivers/crypto/atmel-tdes.c
index 8b7bc1076e0d..edf18073516e 100644
--- a/drivers/crypto/atmel-tdes.c
+++ b/drivers/crypto/atmel-tdes.c
@@ -565,17 +565,12 @@ atmel_tdes_set_iv_as_last_ciphertext_block(struct atmel_tdes_dev *dd)
if (req->cryptlen < ivsize)
return;
- if (rctx->mode & TDES_FLAGS_ENCRYPT) {
+ if (rctx->mode & TDES_FLAGS_ENCRYPT)
scatterwalk_map_and_copy(req->iv, req->dst,
req->cryptlen - ivsize, ivsize, 0);
- } else {
- if (req->src == req->dst)
- memcpy(req->iv, rctx->lastc, ivsize);
- else
- scatterwalk_map_and_copy(req->iv, req->src,
- req->cryptlen - ivsize,
- ivsize, 0);
- }
+ else
+ memcpy(req->iv, rctx->lastc, ivsize);
+
}
static void atmel_tdes_finish_req(struct atmel_tdes_dev *dd, int err)
@@ -722,7 +717,7 @@ static int atmel_tdes_crypt(struct skcipher_request *req, unsigned long mode)
rctx->mode = mode;
if ((mode & TDES_FLAGS_OPMODE_MASK) != TDES_FLAGS_ECB &&
- !(mode & TDES_FLAGS_ENCRYPT) && req->src == req->dst) {
+ !(mode & TDES_FLAGS_ENCRYPT)) {
unsigned int ivsize = crypto_skcipher_ivsize(skcipher);
if (req->cryptlen >= ivsize)
--
2.37.2