[v4,23/30] crypto: talitos/des - switch to new verification routines
diff mbox series

Message ID 20190805170037.31330-24-ard.biesheuvel@linaro.org
State Changes Requested
Delegated to: Herbert Xu
Headers show
Series
  • crypto: DES/3DES cleanup
Related show

Commit Message

Ard Biesheuvel Aug. 5, 2019, 5 p.m. UTC
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/crypto/talitos.c | 34 ++++----------------
 1 file changed, 7 insertions(+), 27 deletions(-)

Comments

Christophe Leroy Aug. 5, 2019, 8 p.m. UTC | #1
Le 05/08/2019 à 19:00, Ard Biesheuvel a écrit :
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Reviewed-by: Christophe Leroy <christophe.leroy@c-s.fr>

> ---
>   drivers/crypto/talitos.c | 34 ++++----------------
>   1 file changed, 7 insertions(+), 27 deletions(-)
> 
> diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
> index c9d686a0e805..890cf52007f2 100644
> --- a/drivers/crypto/talitos.c
> +++ b/drivers/crypto/talitos.c
> @@ -30,7 +30,7 @@
>   
>   #include <crypto/algapi.h>
>   #include <crypto/aes.h>
> -#include <crypto/des.h>
> +#include <crypto/internal/des.h>
>   #include <crypto/sha.h>
>   #include <crypto/md5.h>
>   #include <crypto/internal/aead.h>
> @@ -939,12 +939,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc,
>   	if (keys.enckeylen != DES3_EDE_KEY_SIZE)
>   		goto badkey;
>   
> -	flags = crypto_aead_get_flags(authenc);
> -	err = __des3_verify_key(&flags, keys.enckey);
> -	if (unlikely(err)) {
> -		crypto_aead_set_flags(authenc, flags);
> +	err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey);
> +	if (err)
>   		goto out;
> -	}
>   
>   	if (ctx->keylen)
>   		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
> @@ -1517,32 +1514,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
>   static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher,
>   				 const u8 *key, unsigned int keylen)
>   {
> -	u32 tmp[DES_EXPKEY_WORDS];
> -
> -	if (unlikely(crypto_ablkcipher_get_flags(cipher) &
> -		     CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) &&
> -	    !des_ekey(tmp, key)) {
> -		crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
> -		return -EINVAL;
> -	}
> -
> -	return ablkcipher_setkey(cipher, key, keylen);
> +	return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
> +	       ablkcipher_setkey(cipher, key, keylen);
>   }
>   
>   static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher,
>   				  const u8 *key, unsigned int keylen)
>   {
> -	u32 flags;
> -	int err;
> -
> -	flags = crypto_ablkcipher_get_flags(cipher);
> -	err = __des3_verify_key(&flags, key);
> -	if (unlikely(err)) {
> -		crypto_ablkcipher_set_flags(cipher, flags);
> -		return err;
> -	}
> -
> -	return ablkcipher_setkey(cipher, key, keylen);
> +	return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
> +	       ablkcipher_setkey(cipher, key, keylen);
>   }
>   
>   static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,
>

Patch
diff mbox series

diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index c9d686a0e805..890cf52007f2 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -30,7 +30,7 @@ 
 
 #include <crypto/algapi.h>
 #include <crypto/aes.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
 #include <crypto/sha.h>
 #include <crypto/md5.h>
 #include <crypto/internal/aead.h>
@@ -939,12 +939,9 @@  static int aead_des3_setkey(struct crypto_aead *authenc,
 	if (keys.enckeylen != DES3_EDE_KEY_SIZE)
 		goto badkey;
 
-	flags = crypto_aead_get_flags(authenc);
-	err = __des3_verify_key(&flags, keys.enckey);
-	if (unlikely(err)) {
-		crypto_aead_set_flags(authenc, flags);
+	err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey);
+	if (err)
 		goto out;
-	}
 
 	if (ctx->keylen)
 		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
@@ -1517,32 +1514,15 @@  static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
 static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher,
 				 const u8 *key, unsigned int keylen)
 {
-	u32 tmp[DES_EXPKEY_WORDS];
-
-	if (unlikely(crypto_ablkcipher_get_flags(cipher) &
-		     CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) &&
-	    !des_ekey(tmp, key)) {
-		crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
-		return -EINVAL;
-	}
-
-	return ablkcipher_setkey(cipher, key, keylen);
+	return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
+	       ablkcipher_setkey(cipher, key, keylen);
 }
 
 static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher,
 				  const u8 *key, unsigned int keylen)
 {
-	u32 flags;
-	int err;
-
-	flags = crypto_ablkcipher_get_flags(cipher);
-	err = __des3_verify_key(&flags, key);
-	if (unlikely(err)) {
-		crypto_ablkcipher_set_flags(cipher, flags);
-		return err;
-	}
-
-	return ablkcipher_setkey(cipher, key, keylen);
+	return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
+	       ablkcipher_setkey(cipher, key, keylen);
 }
 
 static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,