| Message ID | 20190805170037.31330-24-ard.biesheuvel@linaro.org (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | crypto: DES/3DES cleanup | expand |
Le 05/08/2019 à 19:00, Ard Biesheuvel a écrit : > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Christophe Leroy <christophe.leroy@c-s.fr> > --- > drivers/crypto/talitos.c | 34 ++++---------------- > 1 file changed, 7 insertions(+), 27 deletions(-) > > diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c > index c9d686a0e805..890cf52007f2 100644 > --- a/drivers/crypto/talitos.c > +++ b/drivers/crypto/talitos.c > @@ -30,7 +30,7 @@ > > #include <crypto/algapi.h> > #include <crypto/aes.h> > -#include <crypto/des.h> > +#include <crypto/internal/des.h> > #include <crypto/sha.h> > #include <crypto/md5.h> > #include <crypto/internal/aead.h> > @@ -939,12 +939,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc, > if (keys.enckeylen != DES3_EDE_KEY_SIZE) > goto badkey; > > - flags = crypto_aead_get_flags(authenc); > - err = __des3_verify_key(&flags, keys.enckey); > - if (unlikely(err)) { > - crypto_aead_set_flags(authenc, flags); > + err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey); > + if (err) > goto out; > - } > > if (ctx->keylen) > dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE); > @@ -1517,32 +1514,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, > static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, > const u8 *key, unsigned int keylen) > { > - u32 tmp[DES_EXPKEY_WORDS]; > - > - if (unlikely(crypto_ablkcipher_get_flags(cipher) & > - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && > - !des_ekey(tmp, key)) { > - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); > - return -EINVAL; > - } > - > - return ablkcipher_setkey(cipher, key, keylen); > + return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: > + ablkcipher_setkey(cipher, key, keylen); > } > > static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher, > const u8 *key, unsigned int keylen) > { > - u32 flags; > - int err; > - > - flags = crypto_ablkcipher_get_flags(cipher); > - err = __des3_verify_key(&flags, key); > - if (unlikely(err)) { > - crypto_ablkcipher_set_flags(cipher, flags); > - return err; > - } > - > - return ablkcipher_setkey(cipher, key, keylen); > + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: > + ablkcipher_setkey(cipher, key, keylen); > } > > static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher, >
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index c9d686a0e805..890cf52007f2 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -30,7 +30,7 @@ #include <crypto/algapi.h> #include <crypto/aes.h> -#include <crypto/des.h> +#include <crypto/internal/des.h> #include <crypto/sha.h> #include <crypto/md5.h> #include <crypto/internal/aead.h> @@ -939,12 +939,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(authenc); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(authenc, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey); + if (err) goto out; - } if (ctx->keylen) dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE); @@ -1517,32 +1514,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - - if (unlikely(crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - !des_ekey(tmp, key)) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } - - return ablkcipher_setkey(cipher, key, keylen); + return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + ablkcipher_setkey(cipher, key, keylen); } static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 flags; - int err; - - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); - return err; - } - - return ablkcipher_setkey(cipher, key, keylen); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + ablkcipher_setkey(cipher, key, keylen); } static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> --- drivers/crypto/talitos.c | 34 ++++---------------- 1 file changed, 7 insertions(+), 27 deletions(-)