[PATCH v0 4/8] sk_cipher: checking for hw bound operation

Pankaj Gupta pankaj.gupta at nxp.com
Thu Oct 6 13:08:33 UTC 2022


Checking for hw bound key. If yes,
 - skipping the key-length validation to fall in min-max range.

Signed-off-by: Pankaj Gupta <pankaj.gupta at nxp.com>
---
 crypto/skcipher.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto/skcipher.c b/crypto/skcipher.c
index 418211180cee..0f2d0228d73e 100644
--- a/crypto/skcipher.c
+++ b/crypto/skcipher.c
@@ -598,7 +598,8 @@ int crypto_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key,
 	unsigned long alignmask = crypto_skcipher_alignmask(tfm);
 	int err;
 
-	if (keylen < cipher->min_keysize || keylen > cipher->max_keysize)
+	if ((!tfm->base.is_hbk)
+	    && (keylen < cipher->min_keysize || keylen > cipher->max_keysize))
 		return -EINVAL;
 
 	if ((unsigned long)key & alignmask)
-- 
2.17.1



More information about the Linux-security-module-archive mailing list