diff mbox series

[v4,23/30] crypto: talitos/des - switch to new verification routines

Message ID 20190805170037.31330-24-ard.biesheuvel@linaro.org
State Superseded
Headers show
Series crypto: DES/3DES cleanup | expand

Commit Message

Ard Biesheuvel Aug. 5, 2019, 5 p.m. UTC 
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

---
 drivers/crypto/talitos.c | 34 ++++----------------
 1 file changed, 7 insertions(+), 27 deletions(-)

-- 
2.17.1

Comments

Christophe Leroy Aug. 5, 2019, 8 p.m. UTC | #1 
Le 05/08/2019 à 19:00, Ard Biesheuvel a écrit :
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>


Reviewed-by: Christophe Leroy <christophe.leroy@c-s.fr>


> ---

>   drivers/crypto/talitos.c | 34 ++++----------------

>   1 file changed, 7 insertions(+), 27 deletions(-)

> 

> diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c

> index c9d686a0e805..890cf52007f2 100644

> --- a/drivers/crypto/talitos.c

> +++ b/drivers/crypto/talitos.c

> @@ -30,7 +30,7 @@

>   

>   #include <crypto/algapi.h>

>   #include <crypto/aes.h>

> -#include <crypto/des.h>

> +#include <crypto/internal/des.h>

>   #include <crypto/sha.h>

>   #include <crypto/md5.h>

>   #include <crypto/internal/aead.h>

> @@ -939,12 +939,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc,

>   	if (keys.enckeylen != DES3_EDE_KEY_SIZE)

>   		goto badkey;

>   

> -	flags = crypto_aead_get_flags(authenc);

> -	err = __des3_verify_key(&flags, keys.enckey);

> -	if (unlikely(err)) {

> -		crypto_aead_set_flags(authenc, flags);

> +	err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey);

> +	if (err)

>   		goto out;

> -	}

>   

>   	if (ctx->keylen)

>   		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);

> @@ -1517,32 +1514,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,

>   static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher,

>   				 const u8 *key, unsigned int keylen)

>   {

> -	u32 tmp[DES_EXPKEY_WORDS];

> -

> -	if (unlikely(crypto_ablkcipher_get_flags(cipher) &

> -		     CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) &&

> -	    !des_ekey(tmp, key)) {

> -		crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);

> -		return -EINVAL;

> -	}

> -

> -	return ablkcipher_setkey(cipher, key, keylen);

> +	return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:

> +	       ablkcipher_setkey(cipher, key, keylen);

>   }

>   

>   static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher,

>   				  const u8 *key, unsigned int keylen)

>   {

> -	u32 flags;

> -	int err;

> -

> -	flags = crypto_ablkcipher_get_flags(cipher);

> -	err = __des3_verify_key(&flags, key);

> -	if (unlikely(err)) {

> -		crypto_ablkcipher_set_flags(cipher, flags);

> -		return err;

> -	}

> -

> -	return ablkcipher_setkey(cipher, key, keylen);

> +	return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:

> +	       ablkcipher_setkey(cipher, key, keylen);

>   }

>   

>   static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,

>
diff mbox series

Patch

diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index c9d686a0e805..890cf52007f2 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -30,7 +30,7 @@ 
 
 #include <crypto/algapi.h>
 #include <crypto/aes.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
 #include <crypto/sha.h>
 #include <crypto/md5.h>
 #include <crypto/internal/aead.h>
@@ -939,12 +939,9 @@  static int aead_des3_setkey(struct crypto_aead *authenc,
 	if (keys.enckeylen != DES3_EDE_KEY_SIZE)
 		goto badkey;
 
-	flags = crypto_aead_get_flags(authenc);
-	err = __des3_verify_key(&flags, keys.enckey);
-	if (unlikely(err)) {
-		crypto_aead_set_flags(authenc, flags);
+	err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey);
+	if (err)
 		goto out;
-	}
 
 	if (ctx->keylen)
 		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
@@ -1517,32 +1514,15 @@  static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
 static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher,
 				 const u8 *key, unsigned int keylen)
 {
-	u32 tmp[DES_EXPKEY_WORDS];
-
-	if (unlikely(crypto_ablkcipher_get_flags(cipher) &
-		     CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) &&
-	    !des_ekey(tmp, key)) {
-		crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
-		return -EINVAL;
-	}
-
-	return ablkcipher_setkey(cipher, key, keylen);
+	return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
+	       ablkcipher_setkey(cipher, key, keylen);
 }
 
 static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher,
 				  const u8 *key, unsigned int keylen)
 {
-	u32 flags;
-	int err;
-
-	flags = crypto_ablkcipher_get_flags(cipher);
-	err = __des3_verify_key(&flags, key);
-	if (unlikely(err)) {
-		crypto_ablkcipher_set_flags(cipher, flags);
-		return err;
-	}
-
-	return ablkcipher_setkey(cipher, key, keylen);
+	return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
+	       ablkcipher_setkey(cipher, key, keylen);
 }
 
 static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,