diff mbox series

[v4,02/30] crypto: s390/des - switch to new verification routines

Message ID 20190805170037.31330-3-ard.biesheuvel@linaro.org
State Superseded
Headers show
Series crypto: DES/3DES cleanup | expand

Commit Message

Ard Biesheuvel Aug. 5, 2019, 5 p.m. UTC 
Acked-by: Harald Freudenberger <freude@linux.ibm.com>

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

---
 arch/s390/crypto/des_s390.c | 25 +++++++++-----------
 1 file changed, 11 insertions(+), 14 deletions(-)

-- 
2.17.1

Comments

Harald Freudenberger Aug. 6, 2019, 6:12 a.m. UTC | #1 
On 05.08.19 19:00, Ard Biesheuvel wrote:
> Acked-by: Harald Freudenberger <freude@linux.ibm.com>

> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

> ---

>  arch/s390/crypto/des_s390.c | 25 +++++++++-----------

>  1 file changed, 11 insertions(+), 14 deletions(-)

>

> diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c

> index 374b42fc7637..f56a84751fdb 100644

> --- a/arch/s390/crypto/des_s390.c

> +++ b/arch/s390/crypto/des_s390.c

> @@ -16,7 +16,7 @@

>  #include <linux/fips.h>

>  #include <linux/mutex.h>

>  #include <crypto/algapi.h>

> -#include <crypto/des.h>

> +#include <crypto/internal/des.h>

>  #include <asm/cpacf.h>

>

>  #define DES3_KEY_SIZE	(3 * DES_KEY_SIZE)

> @@ -35,27 +35,24 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key,

>  		      unsigned int key_len)

>  {

>  	struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);

> -	u32 tmp[DES_EXPKEY_WORDS];

> +	int err;

>

> -	/* check for weak keys */

> -	if (!des_ekey(tmp, key) &&

> -	    (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {

> -		tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;

> -		return -EINVAL;

> -	}

> +	err = crypto_des_verify_key(tfm, key);

> +	if (err)

> +		return err;

>

>  	memcpy(ctx->key, key, key_len);

>  	return 0;

>  }

>

> -static void des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)

> +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)

>  {

>  	struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);

>

>  	cpacf_km(CPACF_KM_DEA, ctx->key, out, in, DES_BLOCK_SIZE);

>  }

>

> -static void des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)

> +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)

>  {

>  	struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);

>

> @@ -76,8 +73,8 @@ static struct crypto_alg des_alg = {

>  			.cia_min_keysize	=	DES_KEY_SIZE,

>  			.cia_max_keysize	=	DES_KEY_SIZE,

>  			.cia_setkey		=	des_setkey,

> -			.cia_encrypt		=	des_encrypt,

> -			.cia_decrypt		=	des_decrypt,

> +			.cia_encrypt		=	crypto_des_encrypt,

> +			.cia_decrypt		=	crypto_des_decrypt,

>  		}

>  	}

>  };

> @@ -227,8 +224,8 @@ static int des3_setkey(struct crypto_tfm *tfm, const u8 *key,

>  	struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);

>  	int err;

>

> -	err = __des3_verify_key(&tfm->crt_flags, key);

> -	if (unlikely(err))

> +	err = crypto_des3_ede_verify_key(tfm, key);

> +	if (err)

>  		return err;

>

>  	memcpy(ctx->key, key, key_len);


add my

reviewed-by Harald Freudenberger <freude@de.ibm.com>

however, could you please choose another prefix when there's a symbol
collision instead of the "crypto_" maybe "s390_" or something like "des_s390_xxx".
Thanks
diff mbox series

Patch

diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c
index 374b42fc7637..f56a84751fdb 100644
--- a/arch/s390/crypto/des_s390.c
+++ b/arch/s390/crypto/des_s390.c
@@ -16,7 +16,7 @@ 
 #include <linux/fips.h>
 #include <linux/mutex.h>
 #include <crypto/algapi.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
 #include <asm/cpacf.h>
 
 #define DES3_KEY_SIZE	(3 * DES_KEY_SIZE)
@@ -35,27 +35,24 @@  static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
 		      unsigned int key_len)
 {
 	struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
-	u32 tmp[DES_EXPKEY_WORDS];
+	int err;
 
-	/* check for weak keys */
-	if (!des_ekey(tmp, key) &&
-	    (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
-		tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
-		return -EINVAL;
-	}
+	err = crypto_des_verify_key(tfm, key);
+	if (err)
+		return err;
 
 	memcpy(ctx->key, key, key_len);
 	return 0;
 }
 
-static void des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
+static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
 {
 	struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
 
 	cpacf_km(CPACF_KM_DEA, ctx->key, out, in, DES_BLOCK_SIZE);
 }
 
-static void des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
+static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
 {
 	struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
 
@@ -76,8 +73,8 @@  static struct crypto_alg des_alg = {
 			.cia_min_keysize	=	DES_KEY_SIZE,
 			.cia_max_keysize	=	DES_KEY_SIZE,
 			.cia_setkey		=	des_setkey,
-			.cia_encrypt		=	des_encrypt,
-			.cia_decrypt		=	des_decrypt,
+			.cia_encrypt		=	crypto_des_encrypt,
+			.cia_decrypt		=	crypto_des_decrypt,
 		}
 	}
 };
@@ -227,8 +224,8 @@  static int des3_setkey(struct crypto_tfm *tfm, const u8 *key,
 	struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
 	int err;
 
-	err = __des3_verify_key(&tfm->crt_flags, key);
-	if (unlikely(err))
+	err = crypto_des3_ede_verify_key(tfm, key);
+	if (err)
 		return err;
 
 	memcpy(ctx->key, key, key_len);