Skip to content

Commit

Permalink
crypto: tegra - Set IV to NULL explicitly for AES ECB
Browse files Browse the repository at this point in the history 
It may happen that the variable req->iv may have stale values or
zero sized buffer by default and may end up getting used during
encryption/decryption. This inturn may corrupt the results or break the
operation. Set the req->iv variable to NULL explicitly for algorithms
like AES-ECB where IV is not used.

Fixes: 0880bb3 ("crypto: tegra - Add Tegra Security Engine driver")
Signed-off-by: Akhil R <akhilrajeev@nvidia.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  • Loading branch information
Akhil R authored and Herbert Xu committed Mar 8, 2025
1 parent ce390d6 commit bde5582
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions drivers/crypto/tegra/tegra-se-aes.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -446,6 +446,9 @@ static int tegra_aes_crypt(struct skcipher_request *req, bool encrypt)
if (!req->cryptlen)
return 0;

if (ctx->alg == SE_ALG_ECB)
req->iv = NULL;

rctx->encrypt = encrypt;
rctx->config = tegra234_aes_cfg(ctx->alg, encrypt);
rctx->crypto_config = tegra234_aes_crypto_cfg(ctx->alg, encrypt);
Expand Down

0 comments on commit bde5582

Please sign in to comment.