forked from OP-TEE/optee_os
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
core: crypto: cleanup and fix CE accelerated AES CTR
There is a problem with how the counter is incremented in our Aarch32 implementation of ce_aes_ctr_encrypt(). When 3 or more 16-byte blocks of data are processed, the counter is incremented one time too many and invalid data is produced as a result [1]. More generally, the way the counter is handled is quite convoluted. It is incremented: - In the generic LibTomCrypt code in ctr_encrypt_sub(), - In the Crypto Extension glue layer in aes_ctr_encrypt_nblocks(), - In the CE accelerated assembly code in ce_aes_ctr_encrypt(). We can easily get rid of the second one. We can also avoid always calling the non-accelerated function on the first block of data. This commit simplifies the C code to reflect the following rules: - The core encryption functions (accelerated or not) should use the counter value as is to process the first block of data, - They should increment it for each block that is processed and return it as an output parameter The AArch32 and AArch64 CE assembler implementations are updated to the latest available in the upstream Linux kernel (v4.17-rc7), thus incorporating further improvements/simplifications by Ard Biesheuvel. These functions handle the counter as described above so they fit our use case perfectly. Fixes: [1] OP-TEE#2305 CC: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960, 32/64, CE/no CE) Acked-by: Jens Wiklander <jens.wiklander@linaro.org> [jf: pick aaec75e] Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
- Loading branch information
1 parent
3f4d78d
commit c54b634
Showing
4 changed files
with
124 additions
and
163 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters