@@ -1129,15 +1129,16 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
11291129 tfm = crypto_aead_reqtfm (req );
11301130 ctx = crypto_aead_ctx (tfm );
11311131
1132+ if (((word32 )req -> assoclen + (word32 )req -> cryptlen ) !=
1133+ ((word64 )req -> assoclen + (word64 )req -> cryptlen ))
1134+ {
1135+ return - EOVERFLOW ;
1136+ }
1137+
11321138 if (decrypt_p ) {
11331139 /* Copy out original auth tag from req->src. */
11341140 if (req -> cryptlen < tfm -> authsize )
11351141 return - EINVAL ;
1136- if (((word32 )req -> assoclen + (word32 )req -> cryptlen ) !=
1137- ((word64 )req -> assoclen + (word64 )req -> cryptlen ))
1138- {
1139- return - EOVERFLOW ;
1140- }
11411142 scatterwalk_map_and_copy (authTag , req -> src ,
11421143 req -> assoclen + req -> cryptlen - tfm -> authsize ,
11431144 tfm -> authsize , 0 );
@@ -1355,15 +1356,16 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
13551356 tfm = crypto_aead_reqtfm (req );
13561357 ctx = crypto_aead_ctx (tfm );
13571358
1359+ if (((word32 )req -> assoclen + (word32 )req -> cryptlen ) !=
1360+ ((word64 )req -> assoclen + (word64 )req -> cryptlen ))
1361+ {
1362+ return - EOVERFLOW ;
1363+ }
1364+
13581365 if (decrypt_p ) {
13591366 /* Copy out original auth tag from req->src. */
13601367 if (req -> cryptlen < tfm -> authsize )
13611368 return - EINVAL ;
1362- if (((word32 )req -> assoclen + (word32 )req -> cryptlen ) !=
1363- ((word64 )req -> assoclen + (word64 )req -> cryptlen ))
1364- {
1365- return - EOVERFLOW ;
1366- }
13671369 scatterwalk_map_and_copy (authTag , req -> src ,
13681370 req -> assoclen + req -> cryptlen - tfm -> authsize ,
13691371 tfm -> authsize , 0 );
@@ -1378,7 +1380,7 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
13781380 crypto_tfm_alg_driver_name (crypto_aead_tfm (tfm )),
13791381 decrypt_p ? "skcipher_walk_aead_decrypt" : "skcipher_walk_aead_encrypt" ,
13801382 err );
1381- return - EINVAL ;
1383+ return err ;
13821384 }
13831385
13841386 err = km_AesGet (ctx , decrypt_p , 1 /* copy_p */ , & aes_copy );
@@ -1513,6 +1515,7 @@ static int AesGcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4106_p)
15131515out :
15141516
15151517 if (sg_buf ) {
1518+ ForceZero (sg_buf , req -> assoclen + req -> cryptlen );
15161519 free (sg_buf );
15171520 }
15181521 else {
@@ -1835,15 +1838,16 @@ static int AesCcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4309_p)
18351838 tfm = crypto_aead_reqtfm (req );
18361839 ctx = crypto_aead_ctx (tfm );
18371840
1841+ if (((word32 )req -> assoclen + (word32 )req -> cryptlen ) !=
1842+ ((word64 )req -> assoclen + (word64 )req -> cryptlen ))
1843+ {
1844+ return - EOVERFLOW ;
1845+ }
1846+
18381847 if (decrypt_p ) {
18391848 /* Copy out the original auth tag from req->src. */
18401849 if (req -> cryptlen < tfm -> authsize )
18411850 return - EINVAL ;
1842- if (((word32 )req -> assoclen + (word32 )req -> cryptlen ) !=
1843- ((word64 )req -> assoclen + (word64 )req -> cryptlen ))
1844- {
1845- return - EOVERFLOW ;
1846- }
18471851 scatterwalk_map_and_copy (authTag , req -> src ,
18481852 req -> assoclen + req -> cryptlen - tfm -> authsize ,
18491853 tfm -> authsize , 0 );
@@ -2006,6 +2010,7 @@ static int AesCcmCrypt_1(struct aead_request *req, int decrypt_p, int rfc4309_p)
20062010out :
20072011
20082012 if (sg_buf ) {
2013+ ForceZero (sg_buf , req -> assoclen + req -> cryptlen );
20092014 free (sg_buf );
20102015 }
20112016 else {
@@ -2312,6 +2317,11 @@ static int km_AesXtsEncrypt(struct skcipher_request *req)
23122317 err = skcipher_walk_done (& walk , 0 );
23132318 } else if (! (stream .bytes_crypted_with_this_tweak & ((word32 )WC_AES_BLOCK_SIZE - 1U ))) {
23142319 err = wc_AesXtsEncryptFinal (ctx -> aesXts , NULL , NULL , 0 , & stream );
2320+ if (unlikely (err )) {
2321+ pr_err ("%s: wc_AesXtsEncryptFinal failed: %d\n" ,
2322+ crypto_tfm_alg_driver_name (crypto_skcipher_tfm (tfm )), err );
2323+ err = - EINVAL ;
2324+ }
23152325 }
23162326 }
23172327
@@ -2458,6 +2468,11 @@ static int km_AesXtsDecrypt(struct skcipher_request *req)
24582468 err = skcipher_walk_done (& walk , 0 );
24592469 } else if (! (stream .bytes_crypted_with_this_tweak & ((word32 )WC_AES_BLOCK_SIZE - 1U ))) {
24602470 err = wc_AesXtsDecryptFinal (ctx -> aesXts , NULL , NULL , 0 , & stream );
2471+ if (unlikely (err )) {
2472+ pr_err ("%s: wc_AesXtsDecryptFinal failed: %d\n" ,
2473+ crypto_tfm_alg_driver_name (crypto_skcipher_tfm (tfm )), err );
2474+ err = - EINVAL ;
2475+ }
24612476 }
24622477 }
24632478
@@ -3099,12 +3114,14 @@ static int linuxkm_test_aescbc(void)
30993114 enc2 = malloc (sizeof (p_vector ));
31003115 if (!enc2 ) {
31013116 pr_err ("error: malloc failed\n" );
3117+ ret = MEMORY_E ;
31023118 goto test_cbc_end ;
31033119 }
31043120
31053121 dec2 = malloc (sizeof (p_vector ));
31063122 if (!dec2 ) {
31073123 pr_err ("error: malloc failed\n" );
3124+ ret = MEMORY_E ;
31083125 goto test_cbc_end ;
31093126 }
31103127
@@ -3140,7 +3157,7 @@ static int linuxkm_test_aescbc(void)
31403157 req = skcipher_request_alloc (tfm , GFP_KERNEL );
31413158 if (! req ) {
31423159 ret = - ENOMEM ;
3143- pr_err ("error: allocating AES skcipher request %s failed\n" ,
3160+ pr_err ("error: allocating AES skcipher request %s failed. \n" ,
31443161 WOLFKM_AESCBC_DRIVER );
31453162 goto test_cbc_end ;
31463163 }
@@ -3310,12 +3327,14 @@ static int linuxkm_test_aescfb(void)
33103327 enc2 = malloc (sizeof (p_vector ));
33113328 if (!enc2 ) {
33123329 pr_err ("error: malloc failed\n" );
3330+ ret = MEMORY_E ;
33133331 goto test_cfb_end ;
33143332 }
33153333
33163334 dec2 = malloc (sizeof (p_vector ));
33173335 if (!dec2 ) {
33183336 pr_err ("error: malloc failed\n" );
3337+ ret = MEMORY_E ;
33193338 goto test_cfb_end ;
33203339 }
33213340
@@ -3342,7 +3361,7 @@ static int linuxkm_test_aescfb(void)
33423361 req = skcipher_request_alloc (tfm , GFP_KERNEL );
33433362 if (! req ) {
33443363 ret = - ENOMEM ;
3345- pr_err ("error: allocating AES skcipher request %s failed\n" ,
3364+ pr_err ("error: allocating AES skcipher request %s failed. \n" ,
33463365 WOLFKM_AESCFB_DRIVER );
33473366 goto test_cfb_end ;
33483367 }
@@ -3552,6 +3571,7 @@ static int linuxkm_test_aesgcm(void)
35523571 assoc2 = malloc (sizeof (assoc ));
35533572 if (! assoc2 ) {
35543573 pr_err ("error: malloc failed\n" );
3574+ ret = MEMORY_E ;
35553575 goto test_gcm_end ;
35563576 }
35573577 memset (assoc2 , 0 , sizeof (assoc ));
@@ -3560,6 +3580,7 @@ static int linuxkm_test_aesgcm(void)
35603580 iv = malloc (WC_AES_BLOCK_SIZE );
35613581 if (! iv ) {
35623582 pr_err ("error: malloc failed\n" );
3583+ ret = MEMORY_E ;
35633584 goto test_gcm_end ;
35643585 }
35653586 memset (iv , 0 , WC_AES_BLOCK_SIZE );
@@ -3568,12 +3589,14 @@ static int linuxkm_test_aesgcm(void)
35683589 enc2 = malloc (decryptLen );
35693590 if (! enc2 ) {
35703591 pr_err ("error: malloc failed\n" );
3592+ ret = MEMORY_E ;
35713593 goto test_gcm_end ;
35723594 }
35733595
35743596 dec2 = malloc (decryptLen );
35753597 if (! dec2 ) {
35763598 pr_err ("error: malloc failed\n" );
3599+ ret = MEMORY_E ;
35773600 goto test_gcm_end ;
35783601 }
35793602
@@ -3608,24 +3631,24 @@ static int linuxkm_test_aesgcm(void)
36083631 req = aead_request_alloc (tfm , GFP_KERNEL );
36093632 if (! req ) {
36103633 ret = - ENOMEM ;
3611- pr_err ("error: allocating AES aead request %s failed: %ld \n" ,
3612- WOLFKM_AESCBC_DRIVER , PTR_ERR ( req ) );
3634+ pr_err ("error: allocating AES aead request %s failed. \n" ,
3635+ WOLFKM_AESCBC_DRIVER );
36133636 goto test_gcm_end ;
36143637 }
36153638
36163639 src = malloc (sizeof (struct scatterlist ) * 2 );
36173640
36183641 if (! src ) {
3619- pr_err ("error: malloc src failed: %ld \n" ,
3620- PTR_ERR ( src )) ;
3642+ pr_err ("error: malloc src failed. \n" );
3643+ ret = MEMORY_E ;
36213644 goto test_gcm_end ;
36223645 }
36233646
36243647 dst = malloc (sizeof (struct scatterlist ) * 2 );
36253648
36263649 if (! dst ) {
3627- pr_err ("error: malloc dst failed: %ld \n" ,
3628- PTR_ERR ( dst )) ;
3650+ pr_err ("error: malloc dst failed. \n" );
3651+ ret = MEMORY_E ;
36293652 goto test_gcm_end ;
36303653 }
36313654
@@ -4511,11 +4534,27 @@ static int aes_xts_256_test(void)
45114534 goto out ;
45124535 }
45134536
4537+ #if defined(DEBUG_VECTOR_REGISTER_ACCESS ) && defined(WC_C_DYNAMIC_FALLBACK )
4538+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL (WC_NO_ERR_TRACE (SYSLIB_FAILED_E ));
4539+ ret = wc_AesXtsEncrypt (aes , buf , p1 , sizeof (p1 ), i1 , sizeof (i1 ));
4540+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL (0 );
4541+ if (ret != 0 )
4542+ goto out ;
4543+ if (XMEMCMP (c1 , buf , WC_AES_BLOCK_SIZE )) {
4544+ ret = LINUXKM_LKCAPI_AES_KAT_MISMATCH_E ;
4545+ goto out ;
4546+ }
4547+ #endif
4548+
45144549 /* partial block encryption test */
45154550 XMEMSET (cipher , 0 , AES_XTS_256_TEST_BUF_SIZ );
45164551 ret = wc_AesXtsEncrypt (aes , cipher , pp , sizeof (pp ), i1 , sizeof (i1 ));
45174552 if (ret != 0 )
45184553 goto out ;
4554+ if (XMEMCMP (cp , cipher , sizeof (cp ))) {
4555+ ret = LINUXKM_LKCAPI_AES_KAT_MISMATCH_E ;
4556+ goto out ;
4557+ }
45194558
45204559 /* partial block decrypt test */
45214560 XMEMSET (buf , 0 , AES_XTS_256_TEST_BUF_SIZ );
@@ -4705,8 +4744,8 @@ static int aes_xts_256_test(void)
47054744 req = skcipher_request_alloc (tfm , GFP_KERNEL );
47064745 if (! req ) {
47074746 ret = - ENOMEM ;
4708- pr_err ("error: allocating AES skcipher request %s failed: %d \n" ,
4709- WOLFKM_AESXTS_DRIVER , ret );
4747+ pr_err ("error: allocating AES skcipher request %s failed. \n" ,
4748+ WOLFKM_AESXTS_DRIVER );
47104749 goto test_xts_end ;
47114750 }
47124751
0 commit comments