From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: linux-crypto@vger.kernel.org
Cc: herbert@gondor.apana.org.au,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Christophe Leroy <christophe.leroy@c-s.fr>
Subject: [PATCH v5 23/30] crypto: talitos/des - switch to new verification routines
Date: Thu, 15 Aug 2019 12:01:05 +0300 [thread overview]
Message-ID: <20190815090112.9377-24-ard.biesheuvel@linaro.org> (raw)
In-Reply-To: <20190815090112.9377-1-ard.biesheuvel@linaro.org>
Cc: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
drivers/crypto/talitos.c | 37 ++++----------------
1 file changed, 7 insertions(+), 30 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index c9d686a0e805..117c831b5ede 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -30,7 +30,7 @@
#include <crypto/algapi.h>
#include <crypto/aes.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
#include <crypto/sha.h>
#include <crypto/md5.h>
#include <crypto/internal/aead.h>
@@ -936,15 +936,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc,
if (keys.authkeylen + keys.enckeylen > TALITOS_MAX_KEY_SIZE)
goto badkey;
- if (keys.enckeylen != DES3_EDE_KEY_SIZE)
- goto badkey;
-
- flags = crypto_aead_get_flags(authenc);
- err = __des3_verify_key(&flags, keys.enckey);
- if (unlikely(err)) {
- crypto_aead_set_flags(authenc, flags);
+ err = verify_aead_des3_key(authenc, keys.enckey, keys.enckeylen);
+ if (err)
goto out;
- }
if (ctx->keylen)
dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
@@ -1517,32 +1511,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher,
const u8 *key, unsigned int keylen)
{
- u32 tmp[DES_EXPKEY_WORDS];
-
- if (unlikely(crypto_ablkcipher_get_flags(cipher) &
- CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) &&
- !des_ekey(tmp, key)) {
- crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
- return -EINVAL;
- }
-
- return ablkcipher_setkey(cipher, key, keylen);
+ return verify_ablkcipher_des_key(cipher, key) ?:
+ ablkcipher_setkey(cipher, key, keylen);
}
static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher,
const u8 *key, unsigned int keylen)
{
- u32 flags;
- int err;
-
- flags = crypto_ablkcipher_get_flags(cipher);
- err = __des3_verify_key(&flags, key);
- if (unlikely(err)) {
- crypto_ablkcipher_set_flags(cipher, flags);
- return err;
- }
-
- return ablkcipher_setkey(cipher, key, keylen);
+ return verify_ablkcipher_des3_key(cipher, key) ?:
+ ablkcipher_setkey(cipher, key, keylen);
}
static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,
--
2.17.1
next prev parent reply other threads:[~2019-08-15 9:02 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-15 9:00 [PATCH v5 00/30] crypto: DES/3DES cleanup Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 01/30] crypto: des/3des_ede - add new helpers to verify keys Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 02/30] crypto: s390/des - switch to new verification routines Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 03/30] crypto: sparc/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 04/30] crypto: atmel/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 05/30] crypto: bcm/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 06/30] crypto: caam/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 07/30] crypto: cpt/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 08/30] crypto: nitrox/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 09/30] crypto: ccp/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 10/30] crypto: ccree/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 11/30] crypto: hifn/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 12/30] crypto: hisilicon/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 13/30] crypto: safexcel/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 14/30] crypto: ixp4xx/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 15/30] crypto: cesa/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 16/30] crypto: n2/des " Ard Biesheuvel
2019-08-15 9:00 ` [PATCH v5 17/30] crypto: omap/des " Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 18/30] crypto: picoxcell/des " Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 19/30] crypto: qce/des " Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 20/30] crypto: rk3288/des " Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 21/30] crypto: stm32/des " Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 22/30] crypto: sun4i/des " Ard Biesheuvel
2019-08-15 9:01 ` Ard Biesheuvel [this message]
2019-08-15 9:01 ` [PATCH v5 24/30] crypto: ux500/des " Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 25/30] crypto: 3des - move verification out of exported routine Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 26/30] crypto: des - remove unused function Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 27/30] crypto: des - split off DES library from generic DES cipher driver Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 28/30] crypto: x86/des - switch to library interface Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 29/30] crypto: des - remove now unused __des3_ede_setkey() Ard Biesheuvel
2019-08-15 9:01 ` [PATCH v5 30/30] fs: cifs: move from the crypto cipher API to the new DES library interface Ard Biesheuvel
2019-08-22 5:56 ` [PATCH v5 00/30] crypto: DES/3DES cleanup Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190815090112.9377-24-ard.biesheuvel@linaro.org \
--to=ard.biesheuvel@linaro.org \
--cc=christophe.leroy@c-s.fr \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.