Commit 00cd6b23 authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Herbert Xu

crypto: ccree/des - switch to new verification routines

Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent b5250416
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
#include <crypto/algapi.h> #include <crypto/algapi.h>
#include <crypto/internal/aead.h> #include <crypto/internal/aead.h>
#include <crypto/authenc.h> #include <crypto/authenc.h>
#include <crypto/des.h> #include <crypto/internal/des.h>
#include <linux/rtnetlink.h> #include <linux/rtnetlink.h>
#include "cc_driver.h" #include "cc_driver.h"
#include "cc_buffer_mgr.h" #include "cc_buffer_mgr.h"
...@@ -649,33 +649,17 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, ...@@ -649,33 +649,17 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
unsigned int keylen) unsigned int keylen)
{ {
struct crypto_authenc_keys keys; struct crypto_authenc_keys keys;
u32 flags;
int err; int err;
err = crypto_authenc_extractkeys(&keys, key, keylen); err = crypto_authenc_extractkeys(&keys, key, keylen);
if (unlikely(err)) if (unlikely(err))
goto badkey; return err;
err = -EINVAL;
if (keys.enckeylen != DES3_EDE_KEY_SIZE)
goto badkey;
flags = crypto_aead_get_flags(aead);
err = __des3_verify_key(&flags, keys.enckey);
if (unlikely(err)) {
crypto_aead_set_flags(aead, flags);
goto out;
}
err = cc_aead_setkey(aead, key, keylen); err = verify_aead_des3_key(aead, keys.enckey, keys.enckeylen) ?:
cc_aead_setkey(aead, key, keylen);
out:
memzero_explicit(&keys, sizeof(keys)); memzero_explicit(&keys, sizeof(keys));
return err; return err;
badkey:
crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
goto out;
} }
static int cc_rfc4309_ccm_setkey(struct crypto_aead *tfm, const u8 *key, static int cc_rfc4309_ccm_setkey(struct crypto_aead *tfm, const u8 *key,
......
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
#include <linux/module.h> #include <linux/module.h>
#include <crypto/algapi.h> #include <crypto/algapi.h>
#include <crypto/internal/skcipher.h> #include <crypto/internal/skcipher.h>
#include <crypto/des.h> #include <crypto/internal/des.h>
#include <crypto/xts.h> #include <crypto/xts.h>
#include <crypto/sm4.h> #include <crypto/sm4.h>
#include <crypto/scatterwalk.h> #include <crypto/scatterwalk.h>
...@@ -411,16 +411,9 @@ static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key, ...@@ -411,16 +411,9 @@ static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key,
* HW does the expansion on its own. * HW does the expansion on its own.
*/ */
if (ctx_p->flow_mode == S_DIN_to_DES) { if (ctx_p->flow_mode == S_DIN_to_DES) {
u32 tmp[DES3_EDE_EXPKEY_WORDS]; if ((keylen == DES3_EDE_KEY_SIZE &&
if (keylen == DES3_EDE_KEY_SIZE && verify_skcipher_des3_key(sktfm, key)) ||
__des3_ede_setkey(tmp, &tfm->crt_flags, key, verify_skcipher_des_key(sktfm, key)) {
DES3_EDE_KEY_SIZE)) {
dev_dbg(dev, "weak 3DES key");
return -EINVAL;
} else if (!des_ekey(tmp, key) &&
(crypto_tfm_get_flags(tfm) &
CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
dev_dbg(dev, "weak DES key"); dev_dbg(dev, "weak DES key");
return -EINVAL; return -EINVAL;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment