From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: linux-crypto@vger.kernel.org
Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org,
horia.geanta@nxp.com, Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [PATCH v4 06/30] crypto: caam/des - switch to new verification routines
Date: Mon, 5 Aug 2019 20:00:13 +0300 [thread overview]
Message-ID: <20190805170037.31330-7-ard.biesheuvel@linaro.org> (raw)
In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org>
Tested-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
drivers/crypto/caam/caamalg.c | 38 +++++++-------------
drivers/crypto/caam/caamalg_qi.c | 13 ++-----
drivers/crypto/caam/caamalg_qi2.c | 13 ++-----
drivers/crypto/caam/compat.h | 2 +-
4 files changed, 19 insertions(+), 47 deletions(-)
diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 43f18253e5b6..9a9a55263b17 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -633,7 +633,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
unsigned int keylen)
{
struct crypto_authenc_keys keys;
- u32 flags;
int err;
err = crypto_authenc_extractkeys(&keys, key, keylen);
@@ -644,14 +643,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
if (keys.enckeylen != DES3_EDE_KEY_SIZE)
goto badkey;
- flags = crypto_aead_get_flags(aead);
- err = __des3_verify_key(&flags, keys.enckey);
- if (unlikely(err)) {
- crypto_aead_set_flags(aead, flags);
- goto out;
- }
-
- err = aead_setkey(aead, key, keylen);
+ err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?:
+ aead_setkey(aead, key, keylen);
out:
memzero_explicit(&keys, sizeof(keys));
@@ -785,22 +778,15 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
static int des_skcipher_setkey(struct crypto_skcipher *skcipher,
const u8 *key, unsigned int keylen)
{
- u32 tmp[DES3_EDE_EXPKEY_WORDS];
- struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher);
-
- if (keylen == DES3_EDE_KEY_SIZE &&
- __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) {
- return -EINVAL;
- }
-
- if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) &
- CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
- crypto_skcipher_set_flags(skcipher,
- CRYPTO_TFM_RES_WEAK_KEY);
- return -EINVAL;
- }
+ return crypto_des_verify_key(crypto_skcipher_tfm(skcipher), key) ?:
+ skcipher_setkey(skcipher, key, keylen);
+}
- return skcipher_setkey(skcipher, key, keylen);
+static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,
+ const u8 *key, unsigned int keylen)
+{
+ return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?:
+ skcipher_setkey(skcipher, key, keylen);
}
static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
@@ -1899,7 +1885,7 @@ static struct caam_skcipher_alg driver_algs[] = {
.cra_driver_name = "cbc-3des-caam",
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
},
- .setkey = des_skcipher_setkey,
+ .setkey = des3_skcipher_setkey,
.encrypt = skcipher_encrypt,
.decrypt = skcipher_decrypt,
.min_keysize = DES3_EDE_KEY_SIZE,
@@ -2018,7 +2004,7 @@ static struct caam_skcipher_alg driver_algs[] = {
.cra_driver_name = "ecb-des3-caam",
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
},
- .setkey = des_skcipher_setkey,
+ .setkey = des3_skcipher_setkey,
.encrypt = skcipher_encrypt,
.decrypt = skcipher_decrypt,
.min_keysize = DES3_EDE_KEY_SIZE,
diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c
index 32f0f8a72067..b3868c996af8 100644
--- a/drivers/crypto/caam/caamalg_qi.c
+++ b/drivers/crypto/caam/caamalg_qi.c
@@ -296,7 +296,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
unsigned int keylen)
{
struct crypto_authenc_keys keys;
- u32 flags;
int err;
err = crypto_authenc_extractkeys(&keys, key, keylen);
@@ -307,14 +306,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
if (keys.enckeylen != DES3_EDE_KEY_SIZE)
goto badkey;
- flags = crypto_aead_get_flags(aead);
- err = __des3_verify_key(&flags, keys.enckey);
- if (unlikely(err)) {
- crypto_aead_set_flags(aead, flags);
- goto out;
- }
-
- err = aead_setkey(aead, key, keylen);
+ err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?:
+ aead_setkey(aead, key, keylen);
out:
memzero_explicit(&keys, sizeof(keys));
@@ -697,7 +690,7 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,
const u8 *key, unsigned int keylen)
{
- return unlikely(des3_verify_key(skcipher, key)) ?:
+ return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?:
skcipher_setkey(skcipher, key, keylen);
}
diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c
index a78a36dfa7b9..66a11ef7fd96 100644
--- a/drivers/crypto/caam/caamalg_qi2.c
+++ b/drivers/crypto/caam/caamalg_qi2.c
@@ -330,7 +330,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
unsigned int keylen)
{
struct crypto_authenc_keys keys;
- u32 flags;
int err;
err = crypto_authenc_extractkeys(&keys, key, keylen);
@@ -341,14 +340,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
if (keys.enckeylen != DES3_EDE_KEY_SIZE)
goto badkey;
- flags = crypto_aead_get_flags(aead);
- err = __des3_verify_key(&flags, keys.enckey);
- if (unlikely(err)) {
- crypto_aead_set_flags(aead, flags);
- goto out;
- }
-
- err = aead_setkey(aead, key, keylen);
+ err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?:
+ aead_setkey(aead, key, keylen);
out:
memzero_explicit(&keys, sizeof(keys));
@@ -1000,7 +993,7 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,
const u8 *key, unsigned int keylen)
{
- return unlikely(des3_verify_key(skcipher, key)) ?:
+ return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?:
skcipher_setkey(skcipher, key, keylen);
}
diff --git a/drivers/crypto/caam/compat.h b/drivers/crypto/caam/compat.h
index 8639b2df0371..60e2a54c19f1 100644
--- a/drivers/crypto/caam/compat.h
+++ b/drivers/crypto/caam/compat.h
@@ -32,7 +32,7 @@
#include <crypto/null.h>
#include <crypto/aes.h>
#include <crypto/ctr.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
#include <crypto/gcm.h>
#include <crypto/sha.h>
#include <crypto/md5.h>
--
2.17.1
next prev parent reply other threads:[~2019-08-05 17:01 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-05 17:00 [PATCH v4 00/30] crypto: DES/3DES cleanup Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 01/30] crypto: des/3des_ede - add new helpers to verify keys Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 02/30] crypto: s390/des - switch to new verification routines Ard Biesheuvel
2019-08-06 6:12 ` Harald Freudenberger
2019-08-05 17:00 ` [PATCH v4 03/30] crypto: sparc/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 04/30] crypto: atmel/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 05/30] crypto: bcm/des " Ard Biesheuvel
2019-08-05 17:00 ` Ard Biesheuvel [this message]
2019-08-15 4:54 ` [PATCH v4 06/30] crypto: caam/des " Herbert Xu
2019-08-15 5:01 ` Ard Biesheuvel
2019-08-15 5:43 ` Ard Biesheuvel
2019-08-15 11:37 ` Herbert Xu
2019-08-05 17:00 ` [PATCH v4 07/30] crypto: cpt/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 08/30] crypto: nitrox/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 09/30] crypto: ccp/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 10/30] crypto: ccree/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 11/30] crypto: hifn/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 12/30] crypto: hisilicon/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 13/30] crypto: safexcel/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 14/30] crypto: ixp4xx/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 15/30] crypto: cesa/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 16/30] crypto: n2/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 17/30] crypto: omap/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 18/30] crypto: picoxcell/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 19/30] crypto: qce/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 20/30] crypto: rk3288/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 21/30] crypto: stm32/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 22/30] crypto: sun4i/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 23/30] crypto: talitos/des " Ard Biesheuvel
2019-08-05 20:00 ` Christophe Leroy
2019-08-05 17:00 ` [PATCH v4 24/30] crypto: ux500/des " Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 25/30] crypto: 3des - move verification out of exported routine Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 26/30] crypto: des - remove unused function Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 27/30] crypto: des - split off DES library from generic DES cipher driver Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 28/30] crypto: x86/des - switch to library interface Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 29/30] crypto: des - remove now unused __des3_ede_setkey() Ard Biesheuvel
2019-08-05 17:00 ` [PATCH v4 30/30] fs: cifs: move from the crypto cipher API to the new DES library interface Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190805170037.31330-7-ard.biesheuvel@linaro.org \
--to=ard.biesheuvel@linaro.org \
--cc=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=horia.geanta@nxp.com \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).