1 files changed, 19 insertions, 21 deletions
diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c
index f2643cda45db..a3527c00b29a 100644
--- a/drivers/crypto/ccree/cc_aead.c
+++ b/drivers/crypto/ccree/cc_aead.c
@@ -549,13 +549,12 @@ static int cc_aead_setkey(struct crypto_aead *tfm, const u8 *key,
                          unsigned int keylen)
 {
        struct cc_aead_ctx *ctx = crypto_aead_ctx(tfm);
-        struct rtattr *rta = (struct rtattr *)key;
        struct cc_crypto_req cc_req = {};
-        struct crypto_authenc_key_param *param;
        struct cc_hw_desc desc[MAX_AEAD_SETKEY_SEQ];
-        int rc = -EINVAL;
        unsigned int seq_len = 0;
        struct device *dev = drvdata_to_dev(ctx->drvdata);
+        const u8 *enckey, *authkey;
+        int rc;
        dev_dbg(dev, "Setting key in context @%p for %s. key=%p keylen=%u\n",
                ctx, crypto_tfm_alg_name(crypto_aead_tfm(tfm)), key, keylen);
@@ -563,35 +562,33 @@ static int cc_aead_setkey(struct crypto_aead *tfm, const u8 *key,
        /* STAT_PHASE_0: Init and sanity checks */
        if (ctx->auth_mode != DRV_HASH_NULL) { /* authenc() alg. */
-                if (!RTA_OK(rta, keylen))
+                struct crypto_authenc_keys keys;
-                        goto badkey;
-                if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
+                rc = crypto_authenc_extractkeys(&keys, key, keylen);
-                        goto badkey;
+                if (rc)
-                if (RTA_PAYLOAD(rta) < sizeof(*param))
-                        goto badkey;
-                param = RTA_DATA(rta);
-                ctx->enc_keylen = be32_to_cpu(param->enckeylen);
-                key += RTA_ALIGN(rta->rta_len);
-                keylen -= RTA_ALIGN(rta->rta_len);
-                if (keylen < ctx->enc_keylen)
                        goto badkey;
-                ctx->auth_keylen = keylen - ctx->enc_keylen;
+                enckey = keys.enckey;
+                authkey = keys.authkey;
+                ctx->enc_keylen = keys.enckeylen;
+                ctx->auth_keylen = keys.authkeylen;
                if (ctx->cipher_mode == DRV_CIPHER_CTR) {
                        /* the nonce is stored in bytes at end of key */
+                        rc = -EINVAL;
                        if (ctx->enc_keylen <
                            (AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE))
                                goto badkey;
                        /* Copy nonce from last 4 bytes in CTR key to
                         *  first 4 bytes in CTR IV
                         */
-                        memcpy(ctx->ctr_nonce, key + ctx->auth_keylen +
+                        memcpy(ctx->ctr_nonce, enckey + ctx->enc_keylen -
-                               ctx->enc_keylen - CTR_RFC3686_NONCE_SIZE,
+                               CTR_RFC3686_NONCE_SIZE, CTR_RFC3686_NONCE_SIZE);
-                               CTR_RFC3686_NONCE_SIZE);
                        /* Set CTR key size */
                        ctx->enc_keylen -= CTR_RFC3686_NONCE_SIZE;
                }
        } else { /* non-authenc - has just one key */
+                enckey = key;
+                authkey = NULL;
                ctx->enc_keylen = keylen;
                ctx->auth_keylen = 0;
        }
@@ -603,13 +600,14 @@ static int cc_aead_setkey(struct crypto_aead *tfm, const u8 *key,
        /* STAT_PHASE_1: Copy key to ctx */
        /* Get key material */
-        memcpy(ctx->enckey, key + ctx->auth_keylen, ctx->enc_keylen);
+        memcpy(ctx->enckey, enckey, ctx->enc_keylen);
        if (ctx->enc_keylen == 24)
                memset(ctx->enckey + 24, 0, CC_AES_KEY_SIZE_MAX - 24);
        if (ctx->auth_mode == DRV_HASH_XCBC_MAC) {
-                memcpy(ctx->auth_state.xcbc.xcbc_keys, key, ctx->auth_keylen);
+                memcpy(ctx->auth_state.xcbc.xcbc_keys, authkey,
+                       ctx->auth_keylen);
        } else if (ctx->auth_mode != DRV_HASH_NULL) { /* HMAC */
-                rc = cc_get_plain_hmac_key(tfm, key, ctx->auth_keylen);
+                rc = cc_get_plain_hmac_key(tfm, authkey, ctx->auth_keylen);
                if (rc)
                        goto badkey;
        }

diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c index f2643cda45db..a3527c00b29a 100644 --- a/drivers/crypto/ccree/cc_aead.c +++ b/drivers/crypto/ccree/cc_aead.c
@@ -549,13 +549,12 @@ static int cc_aead_setkey(struct crypto_aead tfm, const u8 key,
549	unsigned int keylen)	549	unsigned int keylen)
550	{	550	{
551	struct cc_aead_ctx *ctx = crypto_aead_ctx(tfm);	551	struct cc_aead_ctx *ctx = crypto_aead_ctx(tfm);
552	struct rtattr rta = (struct rtattr )key;
553	struct cc_crypto_req cc_req = {};	552	struct cc_crypto_req cc_req = {};
554	struct crypto_authenc_key_param *param;
555	struct cc_hw_desc desc[MAX_AEAD_SETKEY_SEQ];	553	struct cc_hw_desc desc[MAX_AEAD_SETKEY_SEQ];
556	int rc = -EINVAL;
557	unsigned int seq_len = 0;	554	unsigned int seq_len = 0;
558	struct device *dev = drvdata_to_dev(ctx->drvdata);	555	struct device *dev = drvdata_to_dev(ctx->drvdata);
		556	const u8 enckey, authkey;
		557	int rc;
559		558
560	dev_dbg(dev, "Setting key in context @%p for %s. key=%p keylen=%u\n",	559	dev_dbg(dev, "Setting key in context @%p for %s. key=%p keylen=%u\n",
561	ctx, crypto_tfm_alg_name(crypto_aead_tfm(tfm)), key, keylen);	560	ctx, crypto_tfm_alg_name(crypto_aead_tfm(tfm)), key, keylen);
@@ -563,35 +562,33 @@ static int cc_aead_setkey(struct crypto_aead tfm, const u8 key,
563	/* STAT_PHASE_0: Init and sanity checks */	562	/* STAT_PHASE_0: Init and sanity checks */
564		563
565	if (ctx->auth_mode != DRV_HASH_NULL) { /* authenc() alg. */	564	if (ctx->auth_mode != DRV_HASH_NULL) { /* authenc() alg. */
566	if (!RTA_OK(rta, keylen))	565	struct crypto_authenc_keys keys;
567	goto badkey;	566
568	if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)	567	rc = crypto_authenc_extractkeys(&keys, key, keylen);
569	goto badkey;	568	if (rc)
570	if (RTA_PAYLOAD(rta) < sizeof(*param))
571	goto badkey;
572	param = RTA_DATA(rta);
573	ctx->enc_keylen = be32_to_cpu(param->enckeylen);
574	key += RTA_ALIGN(rta->rta_len);
575	keylen -= RTA_ALIGN(rta->rta_len);
576	if (keylen < ctx->enc_keylen)
577	goto badkey;	569	goto badkey;
578	ctx->auth_keylen = keylen - ctx->enc_keylen;	570	enckey = keys.enckey;
		571	authkey = keys.authkey;
		572	ctx->enc_keylen = keys.enckeylen;
		573	ctx->auth_keylen = keys.authkeylen;
579		574
580	if (ctx->cipher_mode == DRV_CIPHER_CTR) {	575	if (ctx->cipher_mode == DRV_CIPHER_CTR) {
581	/* the nonce is stored in bytes at end of key */	576	/* the nonce is stored in bytes at end of key */
		577	rc = -EINVAL;
582	if (ctx->enc_keylen <	578	if (ctx->enc_keylen <
583	(AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE))	579	(AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE))
584	goto badkey;	580	goto badkey;
585	/* Copy nonce from last 4 bytes in CTR key to	581	/* Copy nonce from last 4 bytes in CTR key to
586	* first 4 bytes in CTR IV	582	* first 4 bytes in CTR IV
587	*/	583	*/
588	memcpy(ctx->ctr_nonce, key + ctx->auth_keylen +	584	memcpy(ctx->ctr_nonce, enckey + ctx->enc_keylen -
589	ctx->enc_keylen - CTR_RFC3686_NONCE_SIZE,	585	CTR_RFC3686_NONCE_SIZE, CTR_RFC3686_NONCE_SIZE);
590	CTR_RFC3686_NONCE_SIZE);
591	/* Set CTR key size */	586	/* Set CTR key size */
592	ctx->enc_keylen -= CTR_RFC3686_NONCE_SIZE;	587	ctx->enc_keylen -= CTR_RFC3686_NONCE_SIZE;
593	}	588	}
594	} else { /* non-authenc - has just one key */	589	} else { /* non-authenc - has just one key */
		590	enckey = key;
		591	authkey = NULL;
595	ctx->enc_keylen = keylen;	592	ctx->enc_keylen = keylen;
596	ctx->auth_keylen = 0;	593	ctx->auth_keylen = 0;
597	}	594	}
@@ -603,13 +600,14 @@ static int cc_aead_setkey(struct crypto_aead tfm, const u8 key,
603	/* STAT_PHASE_1: Copy key to ctx */	600	/* STAT_PHASE_1: Copy key to ctx */
604		601
605	/* Get key material */	602	/* Get key material */
606	memcpy(ctx->enckey, key + ctx->auth_keylen, ctx->enc_keylen);	603	memcpy(ctx->enckey, enckey, ctx->enc_keylen);
607	if (ctx->enc_keylen == 24)	604	if (ctx->enc_keylen == 24)
608	memset(ctx->enckey + 24, 0, CC_AES_KEY_SIZE_MAX - 24);	605	memset(ctx->enckey + 24, 0, CC_AES_KEY_SIZE_MAX - 24);
609	if (ctx->auth_mode == DRV_HASH_XCBC_MAC) {	606	if (ctx->auth_mode == DRV_HASH_XCBC_MAC) {
610	memcpy(ctx->auth_state.xcbc.xcbc_keys, key, ctx->auth_keylen);	607	memcpy(ctx->auth_state.xcbc.xcbc_keys, authkey,
		608	ctx->auth_keylen);
611	} else if (ctx->auth_mode != DRV_HASH_NULL) { /* HMAC */	609	} else if (ctx->auth_mode != DRV_HASH_NULL) { /* HMAC */
612	rc = cc_get_plain_hmac_key(tfm, key, ctx->auth_keylen);	610	rc = cc_get_plain_hmac_key(tfm, authkey, ctx->auth_keylen);
613	if (rc)	611	if (rc)
614	goto badkey;	612	goto badkey;
615	}	613	}