commit af09eba64f808946c6c901436e7dfabd17a11498
author Андрей Мозжухин <amozzhuhin@yandex.ru> Wed Jan 03 15:43:56 2018 +0300
committer Tom Rini <trini@konsulko.com> Mon Jan 29 12:50:13 2018 -0500
tree 69ae8dbb79cbea7643ff143d57de39a1f7046d95
parent 1414e09b4f25f2ad5886f124024e10878feb75f0

aes: Allow non-zero initialization vector

AES encryption in CBC mode, in most cases, must be used with random
initialization vector. Using the same key and initialization vector several
times is weak and must be avoided.

Added iv parameter to the aes_cbc_encrypt_blocks and aes_cbc_decrypt_blocks
functions for passing initialization vector.

Command 'aes' now also require the initialization vector parameter.

Signed-off-by: Andrey Mozzhuhin <amozzhuhin@yandex.ru>

arch/arm/mach-tegra/tegra20/crypto.c

diff --git a/arch/arm/mach-tegra/tegra20/crypto.c b/arch/arm/mach-tegra/tegra20/crypto.c
index eae7921..58d6662 100644
--- a/arch/arm/mach-tegra/tegra20/crypto.c
+++ b/arch/arm/mach-tegra/tegra20/crypto.c
@@ -50,6 +50,7 @@
 			u32 num_aes_blocks)
 {
 	u8 tmp_data[AES_KEY_LENGTH];
+	u8 iv[AES_KEY_LENGTH] = {0};
 	u8 left[AES_KEY_LENGTH];
 	u8 k1[AES_KEY_LENGTH];
 	u8 *cbc_chain_data;
@@ -61,7 +62,7 @@
 	for (i = 0; i < AES_KEY_LENGTH; i++)
 		tmp_data[i] = 0;
 
-	aes_cbc_encrypt_blocks(key_schedule, tmp_data, left, 1);
+	aes_cbc_encrypt_blocks(key_schedule, iv, tmp_data, left, 1);
 
 	left_shift_vector(left, k1, sizeof(left));
 
@@ -102,6 +103,7 @@
 {
 	u32 num_aes_blocks;
 	u8 key_schedule[AES_EXPAND_KEY_LENGTH];
+	u8 iv[AES_KEY_LENGTH] = {0};
 
 	debug("encrypt_and_sign: length = %d\n", length);
 
@@ -116,7 +118,8 @@
 	if (oper & SECURITY_ENCRYPT) {
 		/* Perform this in place, resulting in src being encrypted. */
 		debug("encrypt_and_sign: begin encryption\n");
-		aes_cbc_encrypt_blocks(key_schedule, src, src, num_aes_blocks);
+		aes_cbc_encrypt_blocks(key_schedule, iv, src, src,
+				       num_aes_blocks);
 		debug("encrypt_and_sign: end encryption\n");
 	}