From 0d0433599d84bf7db8caa8fb76915dc0ff818150 Mon Sep 17 00:00:00 2001 From: Tudor Ambarus Date: Tue, 20 Jul 2021 11:55:31 +0300 Subject: [PATCH] crypto: atmel-aes - Add NIST 800-38A's zero length cryptlen constraint NIST 800-38A requires for the ECB, CBC, CFB, OFB and CTR modes that the plaintext and ciphertext to have a positive integer length. Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu --- drivers/crypto/atmel-aes.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c index 4e9515e8dd25..8ea873bf6b86 100644 --- a/drivers/crypto/atmel-aes.c +++ b/drivers/crypto/atmel-aes.c @@ -1094,6 +1094,13 @@ static int atmel_aes_crypt(struct skcipher_request *req, unsigned long mode) if (opmode == AES_FLAGS_XTS && req->cryptlen < XTS_BLOCK_SIZE) return -EINVAL; + /* + * ECB, CBC, CFB, OFB or CTR mode require the plaintext and ciphertext + * to have a positve integer length. + */ + if (!req->cryptlen && opmode != AES_FLAGS_XTS) + return 0; + if ((opmode == AES_FLAGS_ECB || opmode == AES_FLAGS_CBC) && !IS_ALIGNED(req->cryptlen, crypto_skcipher_blocksize(skcipher))) return -EINVAL;