From patchwork Fri Jun 28 09:35:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168022 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454369ilk; Fri, 28 Jun 2019 02:35:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqzyj6mYDGnqsn2Fqi7JwvDUjLtY7rk+JiPLhAh4m7WY6T4944+CQrLxbQEzqyTEAXHg297S X-Received: by 2002:a17:902:4e25:: with SMTP id f34mr10290054ple.305.1561714544113; Fri, 28 Jun 2019 02:35:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714544; cv=none; d=google.com; s=arc-20160816; b=KQGMjomX4nRgZRbh77Exq1WkkIIUiJTLiDLcA3jipmbCljgjAF63hc1vlJCZ+rj6oQ y5WncalWK5tbTPe0WXijR3pjqky0/Z9I5J2BLTdZ/YpwylTY81VLspPntVGpTninxtLk LW+wF6saJH+v1Z6U96Z0rVj0Jd1s5hfR+Vkq0glke8o1FRX+M8ocCCaPMnvMawCPlB0C WRUo72Wlx83oIsTCybfzRnQmyHo8MrxWWuyyfB7FpqBCRZfd6as9v8c+AjevMdifQMZT qVD24zJ256LZNy/qTFfUjatbfI7ustWSaazt8nslirdxMhQaq78jigaVerHETZgCzJD/ MA5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=d6Ad4sF3J0KuAM2WiwWhIDJxHqK9C/INPTZTWpUiWwE=; b=X2g1Dwf85VAFFzMMiCBvOp6ZG5GzG3e5tMUkxJxwaWFB9IRHNJbKTzyeoxzVbatYnS 80kVvCSsKmRDTFafpkHxgZziUUzxoACoNVbllNfxjwQtQ5sLAm8QTUFGF5FnSnCbxIWp liLgCl7vGumfxe4yYH5zF32j0IXPyJ9vD2u6s36xp+CrKZrGtJMcdwBPalfPHnKrkG38 4FXwOGjIbh+kW/QkRx/B49PBhMSuycBL7vvWp1V2ddgTOXoLrT14Y7tskbR/u3mgSgDA JoHPm+xmQaNyXv/4fTakT8aqX9/Up5fnrYj8eBv4LaFpyPu2/AUbYE1ScVOSNiM3KzDt CmlA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MfQZJHZg; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.43; Fri, 28 Jun 2019 02:35:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MfQZJHZg; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726655AbfF1Jfn (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:43 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:55294 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726619AbfF1Jfm (ORCPT ); Fri, 28 Jun 2019 05:35:42 -0400 Received: by mail-wm1-f66.google.com with SMTP id g135so8407183wme.4 for ; Fri, 28 Jun 2019 02:35:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=d6Ad4sF3J0KuAM2WiwWhIDJxHqK9C/INPTZTWpUiWwE=; b=MfQZJHZgSFSJlEPSo4vhyo+HOPH3N0XJyJU3gZ5EvaR6mUDuJOcCvoH5Xihxa4igur IjQyHHPBVP3YEXmtos9R9j0w0WaT9xaq60c6PHWfdHwZ0sMDR2BBHZIVDTi8cbQwULiZ nCdgeA67OM6wkEOKit/VhgS+FP0JY4VTHINR9dDvEc53Z5aExahVX45G/PggQvT37JOP qUTyvi7Nd/kfw1Np7LJdhDSQxWo7rjhWy0+ruTMtObEBAhhtZgIpEllojyKfFi+ywecx yAXw2CjVs7f5p7VNkPNNLfAztk4pPVJb65Fg9Vj3kCLxmegmQRg8hD/sfxvZaCfPa2/u OZ+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=d6Ad4sF3J0KuAM2WiwWhIDJxHqK9C/INPTZTWpUiWwE=; b=bsz1JbOatm89proVP4aHJ77uTBVkPtLcRistXtI4XlD8ggb2aCQzllvqKgvlsuBhYI GURUdougrCr9R9lhNERw6VZ1kGGDqDhBBfWAZNfIYl3ZNwPV3xxieUlnStxBW6AYyJkq QqqfRGqgXJUItbVZ10WOwuy0uaEYMnHeS6NEM/QKRkQSGVPv2EWQQ6uiLGE4bxomTb9u Ypv5iZoNoCf1SpdJsptldNtj+kiMGUeFEUqqCc/vOwTAiaWZ5b3JUFLBxbZflp7IFu0F 4R8KBqXHd4bkfBYVAyLFFfoc8vzK+82AnVZMLVccTmyk51dgD2xmkEdP75goWUZuD8OY 9iow== X-Gm-Message-State: APjAAAUQ5nOozU6TB+RgIYrWOxaQhVUwPTJDtB66dgPk5adgRlPquH1d Fc4bLIC/YSGS7FX6HHYLHBZ3co3ro11GdA== X-Received: by 2002:a7b:cbc6:: with SMTP id n6mr6884977wmi.14.1561714539278; Fri, 28 Jun 2019 02:35:39 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.38 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:38 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 01/30] crypto: des/3des_ede - add new helpers to verify key length Date: Fri, 28 Jun 2019 11:35:00 +0200 Message-Id: <20190628093529.12281-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The recently added helper routines to perform key strength validation of 3ede_keys is slightly inadequate, since it doesn't check the key length, and it comes in two versions, neither of which are highly useful for anything other than skciphers (and many users still use the older blkcipher interfaces). So let's add a new helper and, considering that this is a helper function that is only intended to be used by crypto code itself, put it in a new des.h header under crypto/internal. While at it, implement a similar helper for single DES, so that we can replace the pattern of calling des_ekey() into a temp buffer that occurs in many drivers in drivers/crypto. Signed-off-by: Ard Biesheuvel --- crypto/des_generic.c | 13 --- include/crypto/internal/des.h | 96 ++++++++++++++++++++ 2 files changed, 96 insertions(+), 13 deletions(-) -- 2.20.1 diff --git a/crypto/des_generic.c b/crypto/des_generic.c index d7a88b4fa611..c94a303da4dd 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -846,19 +846,6 @@ static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) d[1] = cpu_to_le32(L); } -/* - * RFC2451: - * - * For DES-EDE3, there is no known need to reject weak or - * complementation keys. Any weakness is obviated by the use of - * multiple keys. - * - * However, if the first two or last two independent 64-bit keys are - * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the - * same as DES. Implementers MUST reject keys that exhibit this - * property. - * - */ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h new file mode 100644 index 000000000000..53dffa0667ca --- /dev/null +++ b/include/crypto/internal/des.h @@ -0,0 +1,96 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * DES & Triple DES EDE key verification helpers + */ + +#ifndef __CRYPTO_INTERNAL_DES_H +#define __CRYPTO_INTERNAL_DES_H + +#include +#include +#include + +/** + * crypto_des_verify_key - Check whether a DES is weak + * @tfm: the crypto algo + * @key: the key buffer + * + * Returns -EINVAL if the key is weak and the crypto TFM does not permit weak + * keys. Otherwise, 0 is returned. + * + * It is the job of the caller to ensure that the size of the key equals + * DES_KEY_SIZE. + */ +static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) +{ + u32 tmp[DES_EXPKEY_WORDS]; + int err = 0; + + if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) + return 0; + + if (!des_ekey(tmp, key)) { + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + err = -EINVAL; + } + + err = 0; + memzero_explicit(tmp, sizeof(tmp)); + return err; +} + +/* + * RFC2451: + * + * For DES-EDE3, there is no known need to reject weak or + * complementation keys. Any weakness is obviated by the use of + * multiple keys. + * + * However, if the first two or last two independent 64-bit keys are + * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the + * same as DES. Implementers MUST reject keys that exhibit this + * property. + * + */ + +/** + * crypto_des3_ede_verify_key - Check whether a DES3-EDE is weak + * @tfm: the crypto algo + * @key: the key buffer + * + * Returns -EINVAL if the key is weak and the crypto TFM does not permit weak + * keys or when running in FIPS mode. Otherwise, 0 is returned. Note that some + * keys are rejected in FIPS mode even if weak keys are permitted by the TFM + * flags. + * + * It is the job of the caller to ensure that the size of the key equals + * DES3_EDE_KEY_SIZE. + */ +static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, + const u8 *key) +{ + int err = -EINVAL; + u32 K[6]; + + memcpy(K, key, DES3_EDE_KEY_SIZE); + + if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || + !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && + (fips_enabled || (crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) + goto bad; + + if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) + goto bad; + + err = 0; +out: + memzero_explicit(K, DES3_EDE_KEY_SIZE); + return err; + +bad: + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + goto out; +} + +#endif /* __CRYPTO_INTERNAL_DES_H */ From patchwork Fri Jun 28 09:35:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168023 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454389ilk; Fri, 28 Jun 2019 02:35:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqyoixOCq3pCTliNaTWh0ZJBR9DokF0ZI1EdFjwaRCLU8jRJJktRSerPOXi8Ulq/PXO47gOO X-Received: by 2002:a17:90a:ad41:: with SMTP id w1mr11849775pjv.52.1561714544391; Fri, 28 Jun 2019 02:35:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714544; cv=none; d=google.com; s=arc-20160816; b=BIg/eYG8hjEU3wflqxXUe1Fw9dnbmAHmElk3JjpB3kMc8bv32ZzAAf0zT0Xdf2smox oLyaqVx7aRzZsEmRIVlXrTxKIj1nJfyClg2R5vPUlVeLg3jXEJ63ZZ8JJIRdA61QWc8/ j9NyMX4anfkUhWuh3T+2t8WNHcoP5VH23EatFy6gAGMe2ZRHostx+nDDtJFlO16XChvn 6/dY7/RuK4pvkDMZWx2wpWOtyNZKIVpemGtEi1fXmUbBPw7aZUjNBOzoeMczgL+ZJH9S TBUdYb72SH6Ydftc6V+kO0bzgX15bYRZqbGpdGHDPfFhaKThABbkiCTKiGjwJAEeiAwW Kk1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=eV01uQdPZTJ7/ilJN4hJbZST5nCOhRZhfQyfAGOz1ts=; b=RW6lYhVECe/oEdLNEYE4tyGGBU9f3OxZzdN4t9CxQtsuzbvIB5lq/07wafakjRVZI5 Th2k0raNkwZss2zBTPFZqGTBRWACa0JI3FceL11Ws8TieOrouJSJVv5AV9wLPLJKl2XN mOv5ei+OLNhANJ8FpMLSTyg83Gj9FNVBiQv9+zQFJPGCtpDkP3hHY7/iLIpAboVaI4qW 9cBO0lRRpH5JeqVoB8D55o/Lb5eEK58ZiYLmM5glrFpwXowy1ZsvwaRFK8sakqh5nuKL jQCUky1Y+xllSfolAo5LebeL6u0pC5r2joieEFLynN4MC4AFFao1LsY93337S52gscRh 4e9Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QPAyy8U2; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.44; Fri, 28 Jun 2019 02:35:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QPAyy8U2; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726619AbfF1Jfn (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:43 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:42094 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfF1Jfn (ORCPT ); Fri, 28 Jun 2019 05:35:43 -0400 Received: by mail-wr1-f68.google.com with SMTP id x17so5527168wrl.9 for ; Fri, 28 Jun 2019 02:35:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=eV01uQdPZTJ7/ilJN4hJbZST5nCOhRZhfQyfAGOz1ts=; b=QPAyy8U2Tg8zuxxtRQeYT2uu9rNCq2ozTlCwPWAqbsY3OgnQsRyRZMq+4hxgLb95y6 xfQf6XRGgwT966h7LgX9J6WhRRggkECnCyWGr3Gpm3Vz3JR+6EK0fdG1E0mQCM1AFtNw OsF8xYxvWTNIzZGCyovR7IJbBsABwYTYUS2zgi823j2u9Gwbzd9jZv4iZ89ormk+2kZP 2e3Hu96xDlWo0+YSPHUzk9ZnRdA4uLCvr0AdZ8SKzdv5nxfthn2/jTDwHchtzJNZKF51 1pH1Xtes9M/1rqiFnS6Pi5elruX7/52psnde7tVwYhedAfui+Rpd1fGdFX8GK9HDdrXr h3nQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=eV01uQdPZTJ7/ilJN4hJbZST5nCOhRZhfQyfAGOz1ts=; b=igcu+4ieCcwnGDrbfko5qaxZNM6WjYtOu9T9jPbLSz7Y9D+KI9dCpBvpIpOtlRBAcO 7PF7bN0r6RVjz/U397rTlVoNtZfaGhPX9VDybWr1AIGeewUH5S9G/D8r+dy3HUWoUpNd fUuPRmEtE3HuUsFpi7dXu3Gzzu4/0Ya1xcxq260hvNYXyken15yvjqCyPGQYKD+M+9a9 0sk2wPF65IolfW1138eSpOiq6sxn6tzCOlNYRg/JexbmETmNzIzGcCq0Qr5Lyx67V9/n 8lX9fvIXgiV3w7A6unC1ybIj0QK16xKnriUyJoDwvJxhEzmwG8DT1hkTuA7CaY0l79Bp bn9Q== X-Gm-Message-State: APjAAAXw2vrFg4cdGuuW+PfEPzGllqC1+v5/Ic2uMPy2JxOmIOkndQgW XYMhfrKz38Gfm9eQi/J4QNeE2/pjqYia2A== X-Received: by 2002:adf:ea8b:: with SMTP id s11mr597242wrm.100.1561714540531; Fri, 28 Jun 2019 02:35:40 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.39 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:39 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel , Harald Freudenberger Subject: [PATCH v3 02/30] crypto: s390/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:01 +0200 Message-Id: <20190628093529.12281-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Acked-by: Harald Freudenberger Signed-off-by: Ard Biesheuvel --- arch/s390/crypto/des_s390.c | 25 +++++++++----------- 1 file changed, 11 insertions(+), 14 deletions(-) -- 2.20.1 diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c index 1f9ab24dc048..5be891170a89 100644 --- a/arch/s390/crypto/des_s390.c +++ b/arch/s390/crypto/des_s390.c @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include #define DES3_KEY_SIZE (3 * DES_KEY_SIZE) @@ -34,27 +34,24 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - /* check for weak keys */ - if (!des_ekey(tmp, key) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; memcpy(ctx->key, key, key_len); return 0; } -static void des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); cpacf_km(CPACF_KM_DEA, ctx->key, out, in, DES_BLOCK_SIZE); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); @@ -75,8 +72,8 @@ static struct crypto_alg des_alg = { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_setkey, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt, + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt, } } }; @@ -226,8 +223,8 @@ static int des3_setkey(struct crypto_tfm *tfm, const u8 *key, struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); int err; - err = __des3_verify_key(&tfm->crt_flags, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(tfm, key); + if (err) return err; memcpy(ctx->key, key, key_len); From patchwork Fri Jun 28 09:35:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168024 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454421ilk; Fri, 28 Jun 2019 02:35:45 -0700 (PDT) X-Google-Smtp-Source: APXvYqwYeczE0M+MCqa/WJYdQEYD4YRvJONpIsau+Xo+ZRjbWWru7xsGxLyYRrUOV6uoL3rpaeUR X-Received: by 2002:a63:3ec7:: with SMTP id l190mr8645964pga.334.1561714545373; Fri, 28 Jun 2019 02:35:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714545; cv=none; d=google.com; s=arc-20160816; b=pNSsN3T4QvzLVkiwslXib8Uui4afBmaEMZVZaiFR5k5uVprxzNR5SRYJsNpFRLCHg5 QtNxKqcuI4rSDe7oJlZmVThTLg0ACw1D0zBpc/6Dw6IHv4Qm4r1I6HSe7y3jjStAmBfr j/xKiWjIlMn4erbgfqmnXdlW0QjLMAEkE86/ZGLLA6v9KJ2rWr1PQWFs/rwfDg8QeZpo PKBRyhVkLqszhX7GmyHl/DuQo0G8wWE+auvydy9STxaPrNnDPsoJjXTF330glYY2JiYL WP3atkXSggF4EM99PlrrKuIoO3t7xTNOFW39EwM/mFWAF/ZA4YWGLZXFXhBq9pt1d4dI QSZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Cn/4xS2+9iH5jH+iLcS0rdXNUDZPIJrnRSc05Y5YX+o=; b=xBpOdpEAcT/Fh36ejI/qZW18HUpjASWwosZulWyj2i4LdMrDxhfrFCyL9xH7P08n+U 32IJHveZGJraIkDy9JbEs6124L2SjZsMVQIFL9LSW4tiySOQ5dp49doBsl55Ic2P9//m fPtfy/QAinDQB5Ckj76BH2TMbk4dyoAMjyDnoouQgltR6tlqh0lTb5ABZbC9AHBidFGZ 7N8ZdeQVkAT5/CSfbJ37H5SrkIechyShUv/CBmRUp2x9W0X71RyHdvu9Z5OH7AJFx8il ymGKSXu/JGhfUDqYyTR/ELBiUGtI+90ITq3CWpn2ortvh2/w/Jr9iF5i37aM+TCEOTmm FUvQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=AvPEdUyL; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.45; Fri, 28 Jun 2019 02:35:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=AvPEdUyL; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726663AbfF1Jfo (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:44 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:52060 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726531AbfF1Jfo (ORCPT ); Fri, 28 Jun 2019 05:35:44 -0400 Received: by mail-wm1-f65.google.com with SMTP id 207so8404545wma.1 for ; Fri, 28 Jun 2019 02:35:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Cn/4xS2+9iH5jH+iLcS0rdXNUDZPIJrnRSc05Y5YX+o=; b=AvPEdUyLhYlqdFiZmwmH25y8ZXahV306yrZr394PZC1FPYPjcXrJ1ySdO9nlY9PZKW wxtAY31i09RwIXYWTG5Njaqoy7Q1wwriiOyi6S2MAEZ5ywQOUL8rjuzEBh031u5eS4pk PxWli+0Ejj7x/zaUp/Btk5NLx17v8t2HHdc9ObezXuHif7zQoA71f8QzmwCINXZjIpXt pbD0kUseAnPbFAhhQT55lULrs1kahu7L4TEPIf+mKBBlITS3pft9AmeumJLfNC3L5ncO M+NjcoNHIsbgkI9gQidKIaDF+7s7LvMedeD7nnuhSEhxyE0G4adifjthD5LyGaqJFSi+ iqMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Cn/4xS2+9iH5jH+iLcS0rdXNUDZPIJrnRSc05Y5YX+o=; b=U2Yd9CtcBrXKfGfEkdFmvHP+RQGnYLaH610i+Sa7uP/6Aov9qwSjvfPDc1pkFKo+/6 Dfrpi/jTAZi0EPcDMxxc/h4QPfF1xRcrcFuMsf/nJzkE3E/fLhTB+M5dMWAmrIbH2bn7 IqE0sU918VvKZtowQbR+99qQZMmYi5p13vSt5AyY9JvV/9reegTjhANwU2xDeLcTykL5 317CQW/fvGfdD3/r/rCkcCL7OHa/YLVI9d22lWpqSuqv4N5kEn00EoiefTgCevmTIR5C v7JPu7TV3nSAvzCcv8g/korR0V0PgLIRwdCoyHZ7afk134q3tZjuqPaZBzhuzQpF3Fcr aWSg== X-Gm-Message-State: APjAAAUV1aSfQ6beOHfqDD42tgOzjgTFYpwFPrm+Up1CeZXbEMLko+Zf yFoRUIxND7OWYeZLcqvrHSCUOvg9yT/Abw== X-Received: by 2002:a7b:cc04:: with SMTP id f4mr6823350wmh.125.1561714541579; Fri, 28 Jun 2019 02:35:41 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.40 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:40 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 03/30] crypto: sparc/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:02 +0200 Message-Id: <20190628093529.12281-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/sparc/crypto/des_glue.c | 37 +++++++++----------- 1 file changed, 16 insertions(+), 21 deletions(-) -- 2.20.1 diff --git a/arch/sparc/crypto/des_glue.c b/arch/sparc/crypto/des_glue.c index 453a4cf5492a..80b646d32ee8 100644 --- a/arch/sparc/crypto/des_glue.c +++ b/arch/sparc/crypto/des_glue.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include @@ -44,19 +44,15 @@ static int des_set_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des_sparc64_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; + int err; /* Even though we have special instructions for key expansion, - * we call des_ekey() so that we don't have to write our own + * we call des_verify_key() so that we don't have to write our own * weak key detection code. */ - ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; des_sparc64_key_expand((const u32 *) key, &dctx->encrypt_expkey[0]); encrypt_to_decrypt(&dctx->decrypt_expkey[0], &dctx->encrypt_expkey[0]); @@ -67,7 +63,7 @@ static int des_set_key(struct crypto_tfm *tfm, const u8 *key, extern void des_sparc64_crypt(const u64 *key, const u64 *input, u64 *output); -static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->encrypt_expkey; @@ -75,7 +71,7 @@ static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des_sparc64_crypt(K, (const u64 *) src, (u64 *) dst); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->decrypt_expkey; @@ -201,14 +197,13 @@ static int des3_ede_set_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_sparc64_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; u64 k1[DES_EXPKEY_WORDS / 2]; u64 k2[DES_EXPKEY_WORDS / 2]; u64 k3[DES_EXPKEY_WORDS / 2]; int err; - err = __des3_verify_key(flags, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(tfm, key); + if (err) return err; des_sparc64_key_expand((const u32 *)key, k1); @@ -234,7 +229,7 @@ static int des3_ede_set_key(struct crypto_tfm *tfm, const u8 *key, extern void des3_ede_sparc64_crypt(const u64 *key, const u64 *input, u64 *output); -static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des3_ede_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->encrypt_expkey; @@ -242,7 +237,7 @@ static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des3_ede_sparc64_crypt(K, (const u64 *) src, (u64 *) dst); } -static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des3_ede_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->decrypt_expkey; @@ -389,8 +384,8 @@ static struct crypto_alg algs[] = { { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_set_key, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt } } }, { @@ -446,8 +441,8 @@ static struct crypto_alg algs[] = { { .cia_min_keysize = DES3_EDE_KEY_SIZE, .cia_max_keysize = DES3_EDE_KEY_SIZE, .cia_setkey = des3_ede_set_key, - .cia_encrypt = des3_ede_encrypt, - .cia_decrypt = des3_ede_decrypt + .cia_encrypt = crypto_des3_ede_encrypt, + .cia_decrypt = crypto_des3_ede_decrypt } } }, { From patchwork Fri Jun 28 09:35:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168025 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454435ilk; Fri, 28 Jun 2019 02:35:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqxO+W0e7pugXe+H+wXt/Ldie3cuKYWO1hTii7OM9cO/oinb7HspeEKFThCULI+hNM45MvPq X-Received: by 2002:a17:902:1004:: with SMTP id b4mr10542847pla.325.1561714546149; Fri, 28 Jun 2019 02:35:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714546; cv=none; d=google.com; s=arc-20160816; b=X0PI39/0KfdzAa8CQ+LrBOvFwGIapE3hfopG8gt7UnOtgO8OAYDED+IsRbudK0wipe g9XyOuDwjfW1PIHcwlAQwAQFJb1x170Jre2bQYXZJXa2r/LN4Yoz11s++uJvbcKMgEMp ne8k8sEtrrZARZ2QJfNyoU9TtUVpSs42jBgWtJLEnbUkPI859okdmLujYM01TcClmApn NF0NAS+M9L8FUWEJIEvCp97sEP7VZ7yVP8+ClCWJsSWA/vMyc4du2m9iKXzj67/rQemH 1K62/eSLOU58Y0JSeP1t4Xdo4IcHF0Fvf7jmbZpORAsV662RsgvEwGbaWdBQD8I/CgHi Tr8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=g7i2ZeLmxiVPOgMFtREvWuPCCFZFsjn7qjyJc0aT0qk=; b=SFGMB9YXrhNSHhSROtDl7QmxdR9KPkvY+76sv9I+3Y5gTkG5zxCHVC8xFRVJMlxjms WklZmx9+Njka0m5tCZb3WM56xOlqCOrB/j0bQZomCSglW3HiMQnSxlioH+f8v4IYWXE5 TwSz2LSLMx7xY75y4PTpMnOopWfp4sy8q/8nkFjBaXAVYYOL7W/9YiWjCSK6MMnb2+uH SaXk/C28kREybg60HmBU9NAIlUNz/bGmMJkiGV4ts/VfxEoT50sh8SeBpwr0tHsvFuqJ 9OYwIxSDIAD4pDQdYoZEReOAgD0EjyWxz+GESPNDC4r8FB+nguiDkA4/IB63l2NXZV8G ZCqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=HONQYpGu; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.45; Fri, 28 Jun 2019 02:35:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=HONQYpGu; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726531AbfF1Jfp (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:45 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:46701 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfF1Jfo (ORCPT ); Fri, 28 Jun 2019 05:35:44 -0400 Received: by mail-wr1-f66.google.com with SMTP id n4so5504215wrw.13 for ; Fri, 28 Jun 2019 02:35:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=g7i2ZeLmxiVPOgMFtREvWuPCCFZFsjn7qjyJc0aT0qk=; b=HONQYpGuHmQVrjQCNaaTEMw1t6HNmsN8mt04cX8Dlg9bzelZf/Bj1Rk4TgvRk9lsIF 46enjWA/lvnBFHp4IliDeNUfIVJUun8e0mBEJta3n9SU/rSRBMjpI6rKftqe2hFtLeIK Jqy9zmV2Gcdztar8MfSqCEk0qVCmhh9rP1h2hYgj2cpDzLaKjXLa/9Zyr3UnjdEHWwIX JHuLS+XnTgR/iy84gNynWmCmmzSnITsc8Ct0QD40iISeMBZSF9yLK5WI6BP731Ez9wQ8 ih1UKGFWNKv4a3YgPZDMIwgzbpo+mZ1v4/6P5EEDYnEFRxbMVM1NFiuIJFcKXDXxyCBf HEwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=g7i2ZeLmxiVPOgMFtREvWuPCCFZFsjn7qjyJc0aT0qk=; b=RVy6TAbDNGoEF99TVqd5UjkEVPgH1DOXtk1FzW8nO8shdRRKea2VrgYPZHWVd+un4z 2iewpURgq6r4qMpYmLSGO3P2UZh9Xpa426RNvfymc4yJ63WzllyXrsNhBBXLCiR05pCy tXipkgVcrx38J5KNUqnKSIIREIvWVzKC7K0p1QTkfPk2U9P4LnaLiSFtZCw6nrposRIs yzTqhwzu7L6b5FV9oCskIQMPLvWxjOStPYn3vZiaxdZmvUKpFHe6veQQfqCJDDMQlYR6 kkz/hbucBrtBMi/N5VOQfiwOSeptR/y3OSCIFM8WKkcI/6xrugV2Fr/a7VXJXhvwGvhD OIzA== X-Gm-Message-State: APjAAAWRgWQ0wlpXKDiBvIS31tFevQKP/3e2gchcXSY2udagxmPMXHNc Sxy6LPhhGAUY7YQL022cDeiKXVNE/OwbQw== X-Received: by 2002:adf:b605:: with SMTP id f5mr7522691wre.305.1561714542678; Fri, 28 Jun 2019 02:35:42 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.41 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:41 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 04/30] crypto: atmel/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:03 +0200 Message-Id: <20190628093529.12281-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/atmel-tdes.c | 28 +++++--------------- 1 file changed, 7 insertions(+), 21 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/atmel-tdes.c b/drivers/crypto/atmel-tdes.c index fa76620281e8..4e1d9ca3a347 100644 --- a/drivers/crypto/atmel-tdes.c +++ b/drivers/crypto/atmel-tdes.c @@ -33,7 +33,7 @@ #include #include #include -#include +#include #include #include #include @@ -773,22 +773,12 @@ static void atmel_tdes_dma_cleanup(struct atmel_tdes_dev *dd) static int atmel_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - int err; - struct crypto_tfm *ctfm = crypto_ablkcipher_tfm(tfm); - struct atmel_tdes_ctx *ctx = crypto_ablkcipher_ctx(tfm); + int err; - if (keylen != DES_KEY_SIZE) { - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - err = des_ekey(tmp, key); - if (err == 0 && (ctfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - ctfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (err) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -800,15 +790,11 @@ static int atmel_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { struct atmel_tdes_ctx *ctx = crypto_ablkcipher_ctx(tfm); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(tfm, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (err) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Fri Jun 28 09:35:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168026 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454470ilk; Fri, 28 Jun 2019 02:35:47 -0700 (PDT) X-Google-Smtp-Source: APXvYqxrRm7AC4Ef3eCI7OODao8x9iY8fr7ooWk9b7PDVrzpSohpmq+p3RNFLcmhiAJzARzgp72u X-Received: by 2002:a17:90a:80c4:: with SMTP id k4mr12079182pjw.74.1561714547452; Fri, 28 Jun 2019 02:35:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714547; cv=none; d=google.com; s=arc-20160816; b=iJC4M7uh8f/dCGcY0RYNkWiF2FIyQt/R9bvQ4eqPuCL9Z9ezeealiLYXlEjjHPLHtO CQ4x0EWRUN38F6OfrCQ6VJjPM1/7Q9DnndqrG9zMangog6ZYFTmsPGdzt9IiXIFQW4Dz yi1GsfqWA2yWCIxyFGAMKeFOGp6F1JYl3gd663HN+Eyo6kmIxt/QRhLg1MXKwWmjagO9 sS8JOd55VU0UF5ktpknx5WZQshSMJQ86EmDMJY5ViW+mkrSI8Yc5SLWk0X/Df6jINfVW 6XHNnskiIIXSorprdktx9rsFm9C499ahFBYqvHIHDj/DmQzT/XZPLEo1yLiTuWgNMEzH nMJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Yx4YWquoX+LfjASs0AKiOHlXM1JrCIj00PEwIb+JOi0=; b=TYnXJ3RHqbcJVLtXp9L2/d5dqcjXVV0fdpAJ2wB7hUf5pzMpsdM542JZ+HlmtA3bus M0t/NdlIP4WZxxSDD3OX3R+vyd5WZknhLqf4a1PMdf/PhDmx7wajRZb/LBeemQ0I4id/ dbwv5Y49CUzuJx4hFvIsRQJ4YalUO6qG0E6rYF6gQ7DiyqJE8iScH+DheMO8unK/56Qo pRE2T+RFs1tbOE2xjj72txTGXyeQHTIWdj6NoNJGeNAJu80O2TXOggc/xoJmAXN4rKEj kMefGI8LG+r9Pnj03egmlxyUgXvmOeC1jGryDTWnqZa6LUOYdd4RCt/2Hcu0igmCAVaV f3ow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dx9zGs36; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.47; Fri, 28 Jun 2019 02:35:47 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dx9zGs36; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726664AbfF1Jfq (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:46 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:38830 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726656AbfF1Jfq (ORCPT ); Fri, 28 Jun 2019 05:35:46 -0400 Received: by mail-wm1-f67.google.com with SMTP id s15so8294442wmj.3 for ; Fri, 28 Jun 2019 02:35:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Yx4YWquoX+LfjASs0AKiOHlXM1JrCIj00PEwIb+JOi0=; b=dx9zGs36dWERe93FgKmClYwUO4Ir0sRrwrEea77DHmzt61gpUX1k0E9OXZ8pNv0fzG Z7fOpDVKVTyipqMEwqDRACYl28fOMJaEJG/mKHm426X+vpURfFagZd30kNl87BxZRl6S p8LDjcAcehpwIzJTwNMp7ZrNFPiGhmB8m/4gVbIQqOCk1k1C2cGDg3h7Tuldx+CzPgaM 8tvPLq42RcJSHBV2mmmzvThvuC4Cfh8DLRMq9LaW8ud9GlvWbmQoerVLPMMmDV6VoAJ3 ZBDqPKEN/NI931aBfz2/NcCGugcb8BFXzL/teMBifKskmsxFbwVwuwtBT1ig2NLlGiqh 8qTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Yx4YWquoX+LfjASs0AKiOHlXM1JrCIj00PEwIb+JOi0=; b=YdkPXC8sGl/YtqaowA3sJcz4V1kxqR9aO84aQTRe9eKyhtWjh5Ajw4oABM6x6zWVmr rPmH58hf2Lwp6E32nE8S5bvZ4UBNYhuR9/P+SvGtiY5S7udnINvZdPz/7Yy93flfUnAg 1iNYZKczR7BqpP0kK9EbHcOp73Nbp5a0rv9WYTOngtBoMH48tt5UDneZFZYBgnm2yXzT Isb1YhHDMfocEIwcbFLq7KSA4Egqf255eKZBdJowceibUKgV38R+m/AYp4/U3ZwVxCpM gDKSt9bVa9bzk/2o9zhYWpBoJ1y0ylAHNcCVcThk+EoDI9wR7q3zqcIdk/zxCod7/muH 5XkA== X-Gm-Message-State: APjAAAXVrxieQP+HaCUN3xIkXwLZPmNCiRwfsIZDJ7B6Z5WYPvcGXpim aukdzcC9FR33CrQB0wJMTLL9SWLgfslPpg== X-Received: by 2002:a1c:3:: with SMTP id 3mr6681916wma.6.1561714543646; Fri, 28 Jun 2019 02:35:43 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.42 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:43 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 05/30] crypto: bcm/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:04 +0200 Message-Id: <20190628093529.12281-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/bcm/cipher.c | 82 +++++--------------- 1 file changed, 20 insertions(+), 62 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/bcm/cipher.c b/drivers/crypto/bcm/cipher.c index d972ffac779d..ca28b9ff21aa 100644 --- a/drivers/crypto/bcm/cipher.c +++ b/drivers/crypto/bcm/cipher.c @@ -35,7 +35,7 @@ #include #include #include -#include +#include #include #include #include @@ -1813,24 +1813,13 @@ static int des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher); - u32 tmp[DES_EXPKEY_WORDS]; - - if (keylen == DES_KEY_SIZE) { - if (des_ekey(tmp, key) == 0) { - if (crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - u32 flags = CRYPTO_TFM_RES_WEAK_KEY; + int err; - crypto_ablkcipher_set_flags(cipher, flags); - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; - ctx->cipher_type = CIPHER_TYPE_DES; - } else { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + ctx->cipher_type = CIPHER_TYPE_DES; return 0; } @@ -1838,23 +1827,13 @@ static int threedes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher); + int err; - if (keylen == (DES_KEY_SIZE * 3)) { - u32 flags; - int ret; - - flags = crypto_ablkcipher_get_flags(cipher); - ret = __des3_verify_key(&flags, key); - if (unlikely(ret)) { - crypto_ablkcipher_set_flags(cipher, flags); - return ret; - } + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; - ctx->cipher_type = CIPHER_TYPE_3DES; - } else { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + ctx->cipher_type = CIPHER_TYPE_3DES; return 0; } @@ -2866,40 +2845,19 @@ static int aead_authenc_setkey(struct crypto_aead *cipher, switch (ctx->alg->cipher_info.alg) { case CIPHER_ALG_DES: - if (ctx->enckeylen == DES_KEY_SIZE) { - u32 tmp[DES_EXPKEY_WORDS]; - u32 flags = CRYPTO_TFM_RES_WEAK_KEY; - - if (des_ekey(tmp, keys.enckey) == 0) { - if (crypto_aead_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - crypto_aead_set_flags(cipher, flags); - return -EINVAL; - } - } + if (keys.enckeylen != DES_KEY_SIZE || + crypto_des_verify_key(crypto_aead_tfm(cipher), keys.enckey)) + return -EINVAL; - ctx->cipher_type = CIPHER_TYPE_DES; - } else { - goto badkey; - } + ctx->cipher_type = CIPHER_TYPE_DES; break; case CIPHER_ALG_3DES: - if (ctx->enckeylen == (DES_KEY_SIZE * 3)) { - u32 flags; - - flags = crypto_aead_get_flags(cipher); - ret = __des3_verify_key(&flags, keys.enckey); - if (unlikely(ret)) { - crypto_aead_set_flags(cipher, flags); - return ret; - } - - ctx->cipher_type = CIPHER_TYPE_3DES; - } else { - crypto_aead_set_flags(cipher, - CRYPTO_TFM_RES_BAD_KEY_LEN); + if (keys.enckeylen != DES3_EDE_KEY_SIZE || + crypto_des3_ede_verify_key(crypto_aead_tfm(cipher), + keys.enckey)) return -EINVAL; - } + + ctx->cipher_type = CIPHER_TYPE_3DES; break; case CIPHER_ALG_AES: switch (ctx->enckeylen) { From patchwork Fri Jun 28 09:35:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168028 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454487ilk; Fri, 28 Jun 2019 02:35:48 -0700 (PDT) X-Google-Smtp-Source: APXvYqxJt/PEn8eOxqIrwwlI4GAxRp9sVDLvt+HvIXx84qIkRIGdB1GDnDgqCWhy4n4QX48rNIQR X-Received: by 2002:a17:90a:9a95:: with SMTP id e21mr11680732pjp.98.1561714548490; Fri, 28 Jun 2019 02:35:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714548; cv=none; d=google.com; s=arc-20160816; b=RHpyBS4XQ2yA0dhv14dolYagiZFy4GI1Goyxf+WorbDZ84SyJowdfAdwQrIvMNxFiD R9e6LEjLMcHBOOmDjofUDaSys7KfOXH3B2ZaYr7KRrw0mqOMrqPnFthYtanlWW2kIatq zHr3h2IIAjdvswwshsosVNccMn1zWUblgPuwiDVJKZRHloHUOcd3Hlr3lTaPOhddv/ei jKQJdpZFc/IHgp0tb15tEaKV418HpmvgXdcoAVwmXbUeBkgZ4x9+kJVwbc5IkyvyvLRg jX5cf+q57qM2C6cGLlag+0AmD8w/3P3g2ocuQ2wfpUVmKH+79Ll70R6o/zmbNfSNAob2 5NDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=xiXfaTfcHNmXQXrZbZppecn1+XjTuidegBVVmTGjHhU=; b=UvoeyRCFFS9U3mSOdpcwGFj+0VADJb3H7bgD3MKa0jhqEEwC4ExljiJP1uP0RyqhmO egnxq4GDKm8O9i7fotxS8uPSPqRu9L/+iPR1FyUEZdCN3qJNr/B7tPYYKhsoER21LuS6 IhiLaVrc+njdR6B34HDnZ+zjX6iApZ9YGvZiaRXS1ALiRKFtex3+Emk2147miXzfKfmO 9GaZmNJQNLA4mOBfvii9cJgMzJVdPaSSuXBvpv7AIE4Cih+7n9A2S5jvVDyEgVgvrUXG HbppTviYgS06fSeZZz1h2SL133iPa6KSjYBbBI9gVYQA2N+Az2ly8wedG8Wz8socO71v bQWw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=NmOY6m7u; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.48; Fri, 28 Jun 2019 02:35:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=NmOY6m7u; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726666AbfF1Jfr (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:47 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:39531 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfF1Jfr (ORCPT ); Fri, 28 Jun 2019 05:35:47 -0400 Received: by mail-wm1-f67.google.com with SMTP id z23so8312667wma.4 for ; Fri, 28 Jun 2019 02:35:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=xiXfaTfcHNmXQXrZbZppecn1+XjTuidegBVVmTGjHhU=; b=NmOY6m7uysJCw04k2UVIPXaBeNA1MB8fx4SqVi9Pk/Gd2fZ9aZdE9EkI8x7hDKSGZl DnWacO/Ek9juMK2zhjq6AVM/JGfp4uuNzrbAsHDi8Qdj6Wv93q8dC7ChIAlTs1J0BfUd GFetWBFE1uMneslkK86N1orZRptukd9V5YMcXDAWu4EMUENqnK0FA0UNe+bAs6C4xX7W vAgBIdTBPeevvlUxAgFyGlnDECkQawq5jurusOWcL8Ag+khT+VRk4U9glVn2dSej9IrA 4dj400qBDwFaJMVStDVuYyCwoSHQ/vBQHfxtrKtnyoaYcnKeowVUsRhlyT/uMyHVDfI7 7fEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=xiXfaTfcHNmXQXrZbZppecn1+XjTuidegBVVmTGjHhU=; b=UfqpBe1Me2vQimH0byg0YBLJXLzC7XsnaocCXmpFSGnpzGxfqzCJv4jejfpD7T3o06 xU4MUyCQuHszSdSOcvIe7lI6fS0T5lkiD4KSpnJI75GQvC7YBkDWickGdgOQDcLtkqiG cN3IlSdn36PSl2z1Jag4VVGprBH200EOp+geI2sMkWOCiWGtQcN41dMAD7wKi4T5RBNK 1L7VL1/oRomYzOkXbVVMqAJoE8noIfnomDkQIch4Yf4wptV9UGNctSUa/EvUw2XtkNQg O15w/Sd5z/Wj8WaX9ec6uUbfflAPgTUrP+hr0RJI0D97ANCFZ/bZ85MSdDROg36JhSfl AeYA== X-Gm-Message-State: APjAAAWpSqGnTXiT43XjvAdbNH4p+ru2P5UanPHrCNVloRuMmr5qwkxc E/aUkb4qXfafoWJClv+2EA4Qbb3byS6MIw== X-Received: by 2002:a1c:ca06:: with SMTP id a6mr6692519wmg.48.1561714544612; Fri, 28 Jun 2019 02:35:44 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.43 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:44 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 06/30] crypto: caam/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:05 +0200 Message-Id: <20190628093529.12281-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/caam/caamalg.c | 38 +++++++------------- drivers/crypto/caam/caamalg_qi.c | 13 ++----- drivers/crypto/caam/caamalg_qi2.c | 13 ++----- drivers/crypto/caam/compat.h | 2 +- 4 files changed, 19 insertions(+), 47 deletions(-) -- 2.20.1 Tested-by: Horia Geantă diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 43f18253e5b6..9a9a55263b17 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -633,7 +633,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -644,14 +643,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); - goto out; - } - - err = aead_setkey(aead, key, keylen); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: + aead_setkey(aead, key, keylen); out: memzero_explicit(&keys, sizeof(keys)); @@ -785,22 +778,15 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES3_EDE_EXPKEY_WORDS]; - struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); - - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) { - return -EINVAL; - } - - if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(skcipher, - CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + return crypto_des_verify_key(crypto_skcipher_tfm(skcipher), key) ?: + skcipher_setkey(skcipher, key, keylen); +} - return skcipher_setkey(skcipher, key, keylen); +static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, + const u8 *key, unsigned int keylen) +{ + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?: + skcipher_setkey(skcipher, key, keylen); } static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, @@ -1899,7 +1885,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "cbc-3des-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, @@ -2018,7 +2004,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "ecb-des3-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c index 32f0f8a72067..b3868c996af8 100644 --- a/drivers/crypto/caam/caamalg_qi.c +++ b/drivers/crypto/caam/caamalg_qi.c @@ -296,7 +296,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -307,14 +306,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); - goto out; - } - - err = aead_setkey(aead, key, keylen); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: + aead_setkey(aead, key, keylen); out: memzero_explicit(&keys, sizeof(keys)); @@ -697,7 +690,7 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?: skcipher_setkey(skcipher, key, keylen); } diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c index 06bf32c32cbd..b5c41b36cdec 100644 --- a/drivers/crypto/caam/caamalg_qi2.c +++ b/drivers/crypto/caam/caamalg_qi2.c @@ -329,7 +329,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -340,14 +339,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); - goto out; - } - - err = aead_setkey(aead, key, keylen); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: + aead_setkey(aead, key, keylen); out: memzero_explicit(&keys, sizeof(keys)); @@ -999,7 +992,7 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?: skcipher_setkey(skcipher, key, keylen); } diff --git a/drivers/crypto/caam/compat.h b/drivers/crypto/caam/compat.h index 8639b2df0371..60e2a54c19f1 100644 --- a/drivers/crypto/caam/compat.h +++ b/drivers/crypto/caam/compat.h @@ -32,7 +32,7 @@ #include #include #include -#include +#include #include #include #include From patchwork Fri Jun 28 09:35:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168027 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454492ilk; Fri, 28 Jun 2019 02:35:48 -0700 (PDT) X-Google-Smtp-Source: APXvYqw1oQDvzhoDDDN47So2TQXuOVJT2QMRiQp5PR0a23bcZBGSTEGFlxChk39VwOC7Bd7vTVU/ X-Received: by 2002:a17:90a:b903:: with SMTP id p3mr11728882pjr.79.1561714548874; Fri, 28 Jun 2019 02:35:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714548; cv=none; d=google.com; s=arc-20160816; b=GfpF+Uo1INWYel1YKAvdcAv4tnlxiub2aDTdHdekdCJxH5qz1GUWMIkURM2giHFKAF baZHp8BtytAze1vWuu+G08s3EIAR8rhHzx37GulRX64O7FgGfL/G0hbYhKHwluy26ZJk y74fAIxsZjNI5UenugUyJzRjeHmtUNK8+eQgfopnj9X9PUbMlHtqNU/GIQNDZqVHOqAv wmg1PmoETsK4SIgekSgHrDS12I5CffsmXn/a+f6YXM1Hy5hmNOfoDkF64pqXahNGF9vy r+DNBNIpA5cFwD5UKXPRxdQE6DXSiVAc7DILA/6az0ajFFXGTNAU8tykBBSh4zROkVs0 s0EA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Y8cozxp6Xii9yB6DFN4x0vfTCcaxHuhUPOIZlSSDZJs=; b=rjBDFQ76qjsLkQ64MlAJA8xsQGsURX1w9HqLhc9RGJhS4YhwTmWfxCnlR6LWeuuE7d tARsFLtci4hlldgrYj8y6ZiLKizdcgVry45fS9LC+iggzAllcmR9AxHgfJasf5G9j4q6 lb+LLDa+sXWWTSYULwurfXgldOKB5tscSKDRQxGphR3DwQurOKSVfEaLD84ycq9x/4yp OU+MZuZ+stqCHcwg+M63WIAnuXzl99AJOcQQcSa0tyKUeo9znP4jAeBbjvt54bzzlK26 xla2lktSFirCtKKeRGdMCb5/dk3Js1F7dOv6ppDpPbzvL7lHCPbzZnPQ1+PbPDE4eaJz U+pQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gY1RcBtV; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.48; Fri, 28 Jun 2019 02:35:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gY1RcBtV; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726669AbfF1Jfs (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:48 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:40050 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726656AbfF1Jfs (ORCPT ); Fri, 28 Jun 2019 05:35:48 -0400 Received: by mail-wr1-f66.google.com with SMTP id p11so5535659wre.7 for ; Fri, 28 Jun 2019 02:35:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Y8cozxp6Xii9yB6DFN4x0vfTCcaxHuhUPOIZlSSDZJs=; b=gY1RcBtVeSmaeK2JwBw4azY0/038ytn50aEb5jF37R6pDaYZO/FwbsN6xlFUhqvEmN xcXw6mXMdIQ9prWvTbZjnLtedp1gdF2lIYJbPcpAjQObDibMAbge1s6t9U/nPlR+Igr0 Km2KIWD5ysRQ6FNY7BPy9ZzcbSs7gogfU5oPk/3V8O+hSd07L8xMcklpseHlRjMTUj4u 9376Vrnjlt1/D8CjnPjuC584a0HxSHzzAY5usvk3oodlS4paek2S3bhoz6SagNFsykv4 IbU07nP0wdpcPyeWuZ9l2/QzG22so4u90QuqvT5tIzOt1k8lG2WUdKUgH8N5GTOsinYq TZzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Y8cozxp6Xii9yB6DFN4x0vfTCcaxHuhUPOIZlSSDZJs=; b=NYvk2UPECcKU2YeKRTXj81aXLfo6wX89IsphQUHqsi5WaB85auvLUTphtuvskDd5sW objA4hhRjxR9E+aQiuAMkhgF6xAL4w+0mPmv5FUgtNDngFSjY7nS/EnvwBREmP1H7Uou p/4TLby7d5gG13KbPEIQDP0AtuE0E5hDboeX30eFERCvh1loJUiF9tZAE5KPkKIUYFkZ 2nMHVIzo/g9/Zak5tjp74SVUm4oNdCosXVmkeoBMh9DwuTQ7s2BTQhMR2bNDHrYIJSIY yuI64P3rmy1oU2Uoa1UZgS0s5/gsMP7F+lgFUQ3rL43u3j3vEnhLkdzgKJkV2g6kaWj3 aOpA== X-Gm-Message-State: APjAAAXfW7zRAd69azJpGLIEGgWXSxkHi+I+8YFssHS2qoAurs6O015F dX1Mf5+MtEtSYONW18IgC3p/GjwZf1FDNQ== X-Received: by 2002:adf:bc4a:: with SMTP id a10mr484455wrh.230.1561714546055; Fri, 28 Jun 2019 02:35:46 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.44 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:44 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 07/30] crypto: cpt/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:06 +0200 Message-Id: <20190628093529.12281-8-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/cavium/cpt/cptvf_algs.c | 26 ++++---------------- 1 file changed, 5 insertions(+), 21 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/cavium/cpt/cptvf_algs.c b/drivers/crypto/cavium/cpt/cptvf_algs.c index f6b0c9df12ed..a42b531c12d0 100644 --- a/drivers/crypto/cavium/cpt/cptvf_algs.c +++ b/drivers/crypto/cavium/cpt/cptvf_algs.c @@ -10,7 +10,7 @@ #include #include #include -#include +#include #include #include #include @@ -325,31 +325,15 @@ static int cvm_cfb_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, static int cvm_cbc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, u32 keylen) { - u32 flags = crypto_ablkcipher_get_flags(cipher); - int err; - - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); - return err; - } - - return cvm_setkey(cipher, key, keylen, DES3_CBC); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + cvm_setkey(cipher, key, keylen, DES3_CBC); } static int cvm_ecb_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, u32 keylen) { - u32 flags = crypto_ablkcipher_get_flags(cipher); - int err; - - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); - return err; - } - - return cvm_setkey(cipher, key, keylen, DES3_ECB); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + cvm_setkey(cipher, key, keylen, DES3_ECB); } static int cvm_enc_dec_init(struct crypto_tfm *tfm) From patchwork Fri Jun 28 09:35:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168029 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454515ilk; Fri, 28 Jun 2019 02:35:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqzHd2hXsOJ5yekyVc3dSpSMUcMLtl4kq54exJRpqrWqPVhQ2KvUbfCUx3uQ2rYKSkWOGmmu X-Received: by 2002:a17:90a:35e5:: with SMTP id r92mr12151132pjb.34.1561714550249; Fri, 28 Jun 2019 02:35:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714550; cv=none; d=google.com; s=arc-20160816; b=Ejk95xVTMtCZGB6hNBKsbcZnXpt79DoNZhl+NcNfclHl1HwLI4Ah3/PXFBy+bRNxuS w5DpjPIu8MR1JrhT81NigrhlPqS3vitS1T/9xDxNMU4/+zAAZ7lFX3RnpKI6uE7RH0fl jE7IY7ivolDigOhsyHx0A3OQPbDN+TjZ5UqfcYidhRBcGp8rmOzkEhG9n8D28MOH7IWS 1licPwQaSlGXN5QvFM+ClxsKg6EAx9HsdqxPVtL62Q5sJ/x4CfJ2l4HVwxojK35LPxvk BmegxKIqCMnlTGH6FmNg4mFxvZTz9LlwHH02nh4xDjFL9EPV/5IYpdR9UdqSC9uhmUSB GW6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=mArMgkRrrTiVovX0YGM+hqVcrESzFxDSVfPYZOwfEaQ=; b=PTOCgn9ezKPeUlm5F1etAYHvvzT6IbYV5hixF6/jdKgQFxkc+U/RnytkNL9UsW3we5 sK81bskvGYWZQ/kyBQ20bqGNSHu0EDk3QGxjQFwRxHiMdl8sJj8TOeblVRArw6boasTE K+96THs8/dycRyZyWMYyiiLu8Qn1lhrR2J+pDVTXysPOLebtm2GRmn2X+k89gPkIq/ND RcYv14OfsniARZTnnjLXXL9LvcLZzYs+VYlAmLf/jFiOtfqyitPW7IvPl8neNRZtJ/Qv J8YKmGtw+6WE2xJRbrdyeMZVJOZRc8/SAw8OHcrA+F4YMpSHO4hXGDvuYQ0t2KnxnkyR WCwQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="j0VC/rm0"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.50; Fri, 28 Jun 2019 02:35:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="j0VC/rm0"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726673AbfF1Jft (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:49 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:39537 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfF1Jft (ORCPT ); Fri, 28 Jun 2019 05:35:49 -0400 Received: by mail-wm1-f67.google.com with SMTP id z23so8312786wma.4 for ; Fri, 28 Jun 2019 02:35:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=mArMgkRrrTiVovX0YGM+hqVcrESzFxDSVfPYZOwfEaQ=; b=j0VC/rm0465wbrdiRp6gSb6bwOawU+hPV6Yzs/955GHHfnnuXWaPxGz4KVX/xYMO17 czaNhguo3ZgXcDEezvwddhJieEo03feKI6Gkawcy568lktrYMB4e9dJHbJooH82vKTB8 dpUb4S0IE3MbR855h1D542DtaNDYCasGuLQiACUgoUTLqqsPM5iBjETNqkbecjmXbiPm e1Uqg4r0oWEVKozRTeRTdZ2GoAAaLJBCXPfGbbi1LMqXfrUP3RmnvL0podEJK7FEsxpm /g7iDGQnj+h7vNzlo5XOVUw5B0Odcz1ObG43sorQEu88ZYzoBJuvkw6BbzxPT9J4jffB azGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=mArMgkRrrTiVovX0YGM+hqVcrESzFxDSVfPYZOwfEaQ=; b=T6E+9OaByP1Vyrrn/9GQq9gnNrEZrO7bHfhbShZkIMOJhOIQ1lIHwNXvdfM7SNreDe T7Ld9BnFJd2kCGA9bDgPQXnH3hBHI2tIKP+KEV0TaTVVBwmvKRelEgPXQA1QODBoy274 VLSMHz2h/cTfUxYh3NTpZ72+9bvsGV2dXCIlD2uC+B7sFGj/11I9tMAL1QalbD4OJXVo a0xV/50T4TDr00gfxX1TEmqSF36uj0wE4PcWS9T1gHp8+h2aCiapvhp/xmhDRHa+brSx E3sUvccvW4GvaDhyeGozA6hxnL0cVGf48X+8sZ+EYHRudpq6ll6qk5ulXpMTck9+QBcm QTdQ== X-Gm-Message-State: APjAAAV6A1s0COh70GjE0DpOuqDNRXpNCmuHnIda/uc7hpQPqHyLaepE HOwHdjPsdl7ZsoXR1S3ervuOmLWhsR0c/g== X-Received: by 2002:a05:600c:2409:: with SMTP id 9mr6244159wmp.110.1561714547090; Fri, 28 Jun 2019 02:35:47 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.46 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:46 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 08/30] crypto: nitrox/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:07 +0200 Message-Id: <20190628093529.12281-9-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/cavium/nitrox/nitrox_skcipher.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c index 7e4a5e69085e..9d3bd1b589e0 100644 --- a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c +++ b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include "nitrox_dev.h" @@ -257,7 +257,7 @@ static int nitrox_aes_decrypt(struct skcipher_request *skreq) static int nitrox_3des_setkey(struct crypto_skcipher *cipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(cipher, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(cipher), key) ?: nitrox_skcipher_setkey(cipher, 0, key, keylen); } From patchwork Fri Jun 28 09:35:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168030 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454535ilk; Fri, 28 Jun 2019 02:35:51 -0700 (PDT) X-Google-Smtp-Source: APXvYqzuX3LoNFQA7sBzkkdM0xXV1Xe0NaapapPplY6v6kzkhZc3QVxV2uqnvczGw2StbHde8r5B X-Received: by 2002:a63:c34c:: with SMTP id e12mr8106938pgd.195.1561714551469; Fri, 28 Jun 2019 02:35:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714551; cv=none; d=google.com; s=arc-20160816; b=f3v7L+WlRPdFkSt6xHBVP4aEYwL10BUfKdbF93P8f/qLuPc2TyNAc5J5AJfRXdLI66 Hr+0oDLnn7eg3nHF5WgZl5Wy4g5Ii4+31cZBcLlFBJixmewvUL+VOnMDGfpEYYuq/Pva Q9KLOXhX7JMF3ObB1o4sg3KD7lyKmHpIaB1S2SSxHdxjiDaQGEg9ak9Mp5A2j8VDqiPU plV09mWzA6NvvL/12TGVhG309KIKuvpGO5ieUsyNMBb4jtuAiLcKMfuj4qm3dMQa0ErK Hn7YmtGT24z6MOnlpozUCGycg71zG8afx2rpWopm/0WkDw7SUSyIP2CYlmFTFWfwIJDC IOHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=V8kUdKzOHm3U3Q+L+CiRSbO6vCtGHpWxywiKx8gNh1M=; b=UkYUDhi+TCl+NTae4hGlVxXEOZtBG+Rd+NqUBGIq8BNnnvJ707LU3kcpes49Zxn+yz +rzoGw3KQ0ZAjWYhmyE/pS2ZSqeWEU0nzyvA7oosr5eRgpc4/09v4H0PwirD1NLAtpMW F2U6mkMXYPMOvifxFdvq5iU2OtuuwRA4SiTorczvmMczxWlvjRlquu4FywdQlCRSiS1S YwO67AzIydV7bT+awPFp+hQ9ACOE1vRYmOOJlgvpMalvinQycD/5qNkQ1WZGRDWrBgOI zCdgJ0YwY6dYIr0EQDPfQMp+GlPF1Q2le4DJHVqsyifrkin8cjb0jiUm/o2c+0DGuigh SB4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QiTQFAHx; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.51; Fri, 28 Jun 2019 02:35:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QiTQFAHx; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726674AbfF1Jfu (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:50 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:35528 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726656AbfF1Jfu (ORCPT ); Fri, 28 Jun 2019 05:35:50 -0400 Received: by mail-wm1-f65.google.com with SMTP id c6so8334316wml.0 for ; Fri, 28 Jun 2019 02:35:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=V8kUdKzOHm3U3Q+L+CiRSbO6vCtGHpWxywiKx8gNh1M=; b=QiTQFAHxcbq1Jf6P3yCPbX1D8MunbEeJw+mMRhmdbvgzRtX6LTlIuaKkZ8A2+jWFaO OeNX9UiE4C3Kn3fbw6GNUPp82yX7MQrNz69lTLFP/U/VsxDVPlxssuXBp9A9GKD+T8Bm BzI9BURPYNXp/x76dppCJiOylkilL8SnNyiu6e1fC1lhW1hXQJTPY63nVDqaT12vd/ie NJkAyHlU2wS7Tdeyz8M8cutHVkHvVHM5wvt8/9cibkKn/MDQHnbZBix1eyppC/whSgVI pdLQLjjGDW+/lIJqj5gLmtuEJYiomM0YS541upNs+jZ0XBC7TqRSMx1Kg16ekdy93O71 stEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=V8kUdKzOHm3U3Q+L+CiRSbO6vCtGHpWxywiKx8gNh1M=; b=BPKGpPtqRTSHR9+kmq2sSF5jhZId/h/bOE8pXwMLikVEIcjxxFlz9OZI5yPbx6JEf1 yFsCqkFxZ8gk7w9XtbXsV5w623GVLTqVAyOXvZnRhDhr/Sd55KT9S1hsYkFVTzGA/n9z 1oHFldbIOAJXbfZnAtnFgkCGzxjZs+55Ms7ReHkM8Riu62n1ZZG8Ww2nHIDx1W0wu7QQ iLhwbWRft5Rpev5yaS7vdXIVlyRTReakRcFGO+rjBCr6mHftsxnPwPakQQQf+hvuQEbA BXQVPc8GsO9bSYVvq4uYqCJAAJBsfdtveZpUz3TDBEJiTyYKW4H25PHGWxtlaa3tul67 nctg== X-Gm-Message-State: APjAAAUZrOAvmhmivAGT+ZSr8klY0+yhry7H95ENDAFb5X9pLS7tS0D4 TRLqmLt0Hh/g/yD0MfXl30lNZQy9cnWlIQ== X-Received: by 2002:a1c:c706:: with SMTP id x6mr6466087wmf.162.1561714548326; Fri, 28 Jun 2019 02:35:48 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.47 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:47 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 09/30] crypto: ccp/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:08 +0200 Message-Id: <20190628093529.12281-10-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccp/ccp-crypto-des3.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ccp/ccp-crypto-des3.c b/drivers/crypto/ccp/ccp-crypto-des3.c index 91482ffcac59..23e6dfba2abb 100644 --- a/drivers/crypto/ccp/ccp-crypto-des3.c +++ b/drivers/crypto/ccp/ccp-crypto-des3.c @@ -17,7 +17,7 @@ #include #include #include -#include +#include #include "ccp-crypto.h" @@ -42,11 +42,10 @@ static int ccp_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ablkcipher_tfm(tfm)); struct ccp_crypto_ablkcipher_alg *alg = ccp_crypto_ablkcipher_alg(crypto_ablkcipher_tfm(tfm)); - u32 *flags = &tfm->base.crt_flags; int err; - err = __des3_verify_key(flags, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (err) return err; /* It's not clear that there is any support for a keysize of 112. From patchwork Fri Jun 28 09:35:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168031 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454540ilk; Fri, 28 Jun 2019 02:35:51 -0700 (PDT) X-Google-Smtp-Source: APXvYqwIdDBVZ62BIMZy9qHS6CyWoGICS3LTvMw5vw4qdwPeG90tuGJG1AFlNvnobGRmNpaGt7c7 X-Received: by 2002:a17:902:467:: with SMTP id 94mr10277648ple.131.1561714551833; Fri, 28 Jun 2019 02:35:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714551; cv=none; d=google.com; s=arc-20160816; b=E7sWjfNlDLR3kkt1Wt7obPqHL3bAoWWaQI8eznTnRp/akmxe59EsJet9EdvTkvE2KZ BA5KbM9X9Zh/hbfQrKYMw0toNcSG5mMW3owV6YPtj84gYCzFmN97mA6/qWKoYzZj75oU WKaBG14jcupeybtsgzKyR+XFvTYYU/YpDfrURBHKVGBo9lr4QUqrsUOw2R7VwMro9alo ChkzvyEbmsX+I01F3uh0pfCY4XMnvPoobN7cU9n0wsY+Q0Hg6tOVQkbarN+hRz9ZrwQA br8ZKa7EfGyMs4Bp0+SG5hH/qefmFOCuUK1V60FKWPiOqf0cbmAFfHNWj2j0i2XanhNI tRHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=j6M5TRu+t5b8dNBp8eA+gJ51MqfKI7hT8cP2zMiglEs=; b=nh+ceadZ7dyoAAAbmTDR3jcU/kW4AK/sAzmPH8s1OTGqzYp/0E5L2fGIlYM7T7dlKM 4xibHym86KCH/sarrbiby7ZKlaxVQBZKo4JsXF4XS2Fa7BRsfKGkAgzM3tmp/HaIEjk6 dcWIoodU8H2KS0TE4HAQey7UuypqymHIASv5t8u9N/6LTdQv81Ts+7IqJ6NDdevlyMlY is47evOC5PGRpaNifo6INclCqxGBlFYWNW+TilYQvvzzB04npWubb1KRnuygQEtclhNm +noPZcSwflpUysqO2oSAOgkGVE6NZtoiB964lN3RLKKMwasyT4HPWYQaQBrEpp7v4gk1 V4nQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=C25sjKCh; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.51; Fri, 28 Jun 2019 02:35:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=C25sjKCh; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726656AbfF1Jfv (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:51 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:40975 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfF1Jfu (ORCPT ); Fri, 28 Jun 2019 05:35:50 -0400 Received: by mail-wr1-f68.google.com with SMTP id c2so5525970wrm.8 for ; Fri, 28 Jun 2019 02:35:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=j6M5TRu+t5b8dNBp8eA+gJ51MqfKI7hT8cP2zMiglEs=; b=C25sjKChJLD27lnSwe7p7Njq81Df4LB7wH067xu6wri7NDF7YgKBiMBuSceOMlJHIP ziU/YXzOgSBaVrI0HNfVEvlaqnLWQLwRyhf/YmfaVqtW/h1st2/F6Ckfz5BwJydFyohm HKJ23SuYnNMzN/d7xBkTF1ueH8+iOiW24L+QibLngqcxwghq179vVsSqCKWVbjcDpeM3 1JQzPUDLSIgls+oPpOPEZtTkOFjy3I4uat8y++1QOZqvShDjIz43+Z7cf+AbQQe0ghvq ek9hSBmlFxwwpZpXLZ34xHw/JLvsj4eD0a1Owk+2POqXFjKz8O1Xqr91tgbJB6llVepN 9q+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=j6M5TRu+t5b8dNBp8eA+gJ51MqfKI7hT8cP2zMiglEs=; b=MsVhss1fIWQ5jIwpQH/VrEnPNtKLTT9NssuhvM8sKSo3PBbgUOBBaSQ5IMrp5jlwb6 daGJo112JmEw0ve+zSCTsNnCK0FpTy53A6V4D9ep4UqV1ffQTwpnQv8eMNCvnY0fJAIU uY7bNUnpgneey5CcS68+lrg6R91CvT3iuyng7xzJig9T0ItxyaCjpfV3p1R2wfHTKmcp cyPt8tOu/c0HUZqnOJykAaJ145LoExJvLfeXfD7au4pUwJqlK9FIKs3p4Y6zpREPkLhm lbaj1kmlrslgN8mLWArbH65rjfNr9doJRnbeiGQnCZn6SCU8WXITTPnGARmfvbHeRccx Uhaw== X-Gm-Message-State: APjAAAVQJpojH3IY5Vd6XCmn5Eqto1jWCFFAJp6pfhaBl3q7mFTkf4cl BfsbqGp4vGPebJIwxppGE0/PsBy9GNXUKQ== X-Received: by 2002:adf:fb47:: with SMTP id c7mr6856983wrs.116.1561714549209; Fri, 28 Jun 2019 02:35:49 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.48 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:48 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 10/30] crypto: ccree/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:09 +0200 Message-Id: <20190628093529.12281-11-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccree/cc_aead.c | 13 +++---------- drivers/crypto/ccree/cc_cipher.c | 15 ++++----------- 2 files changed, 7 insertions(+), 21 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c index 7aa4cbe19a86..ec6aecd2781d 100644 --- a/drivers/crypto/ccree/cc_aead.c +++ b/drivers/crypto/ccree/cc_aead.c @@ -6,7 +6,7 @@ #include #include #include -#include +#include #include #include "cc_driver.h" #include "cc_buffer_mgr.h" @@ -663,7 +663,6 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -674,14 +673,8 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); - goto out; - } - - err = cc_aead_setkey(aead, key, keylen); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: + cc_aead_setkey(aead, key, keylen); out: memzero_explicit(&keys, sizeof(keys)); diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index 5b58226ea24d..dc30f5aeca10 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -5,7 +5,7 @@ #include #include #include -#include +#include #include #include #include @@ -411,16 +411,9 @@ static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key, * HW does the expansion on its own. */ if (ctx_p->flow_mode == S_DIN_to_DES) { - u32 tmp[DES3_EDE_EXPKEY_WORDS]; - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, - DES3_EDE_KEY_SIZE)) { - dev_dbg(dev, "weak 3DES key"); - return -EINVAL; - } else if (!des_ekey(tmp, key) && - (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; + if ((keylen == DES3_EDE_KEY_SIZE && + crypto_des3_ede_verify_key(tfm, key)) || + crypto_des_verify_key(tfm, key)) { dev_dbg(dev, "weak DES key"); return -EINVAL; } From patchwork Fri Jun 28 09:35:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168032 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454558ilk; Fri, 28 Jun 2019 02:35:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqxUK+h4Jr0IIGJbbuFVET18ZOFafJ1mlkYxb9bUB6UXaF7O/FEPfH8ZKUY2yHRFJRFgg4r0 X-Received: by 2002:a63:db07:: with SMTP id e7mr3986296pgg.110.1561714552931; Fri, 28 Jun 2019 02:35:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714552; cv=none; d=google.com; s=arc-20160816; b=AgGfioV2eLWFH/ER2QyxBtV3/saeH7FZKQO5PtBrwLTsiRt9s/SYZn6MM1Ojn+frSy XxRO6cS8xb0sJEpuqVJdottp3DVdfMAxegujmSBoE74MQahk6Pr7jcsEllnyfA0N9s8s xR2LVYwfW2ECYXNRDycWLmAkI9OekpBBLZ/jAITuTn2xysA6s8eFygfexOXhXDYF4qL1 5fI5dfhfe8VOq8QKwBvNjtBnZhxqheimxGPEMtE1wMYTiWp8ynY/1uDs0g75kVONGyac ceoR+fz+nlJVQVoO3KxFv8BwzP9DGcwsfUCvy6byu+pFB+DPUNzmsc4bEjzTGBPRB1gG HQTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Q5518Fu0qbEYULyTPyyJZ5MNF13pn8CvciS2tOCCXSU=; b=0YX9PKe81RRAxdnbLpY7y1z1UvsdyyyMebsZwwMEar6wrCzcfGaRhJH61p+P0aHRnz WzjYYnCoT7yjVFm0bdNurwyibtwBXVior0rWd/MPxUZXkCuPWV44PWmh1lgEB0xWSE4D 9TQZQCE/9iOr/j/aBjxHbiGwcEIrALdWjoRWKm1ogVoJd9peeI+CKzJqIabONIGnV3JN A9eaKavNb9vKz6Db7pebiYxKJFYWOYrLZrcU6RwwVDXBajCmliRu+pLGgbFLS4PVQ1P7 r/WpKGvGehtB63GPXlWrWwV7+6EVPq+nlkFmsnSopBhngFYRfPCQOjMkVR7PaiMRVe8y Jz1Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=BtHuZ18E; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.52; Fri, 28 Jun 2019 02:35:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=BtHuZ18E; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726678AbfF1Jfw (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:52 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:35013 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfF1Jfw (ORCPT ); Fri, 28 Jun 2019 05:35:52 -0400 Received: by mail-wr1-f67.google.com with SMTP id f15so5564750wrp.2 for ; Fri, 28 Jun 2019 02:35:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Q5518Fu0qbEYULyTPyyJZ5MNF13pn8CvciS2tOCCXSU=; b=BtHuZ18EzYN3SILXl9LvM0f7VRwtGKe4rW+9i4aVHuFqG4pcyzhfOVDIS8CVHbMMOq kfvOPlmSVMUgCnFXIOTWFutPGlOLE3gaaWYItJvAL9u34HzuqbCTE+DBG0TvzW4FfYJW tjOxaXVgL7AoDQwZI8RxVe/cav2o4TTQWn2kqV092roTeLrtCQuY0LWyAYs9x1W+wWCX O0qqkY/ISJh2K5p+AI9ZEr6um0oF6oRiOxSqEoIp6Vous/dyBGVIP/dPZjVRTzl5F5su zQNwgGFhR5bSjfQdFlqVprBJ6g35zAB0IgmWKEEn6tuDNd5nDkBOdwdUQxCapQyWmhE0 QHug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Q5518Fu0qbEYULyTPyyJZ5MNF13pn8CvciS2tOCCXSU=; b=baGSQPkn/GTuhigl24nuWiPQgmS4Cr/scdBbz+dI20qJ3nccYgu9oXnMuoZyXXlzkT sIFp4kz6gXVyIDnM8BRbf2iPHmv1nt6irwCBIplDpQvn2c3beoQ+OYMFm0Sgoc6LMa0W BcLMbgK/dbLtobfHwL4zftsQMA9LPIlp7/OFR+nqkRGCd76zRl9grJPrGyBkQjG67Wva 8vQAUmnQ+crmKUF8vOHqFsj+rwJa2h/sJY3ivh+0UkAhIQFXo6dVghSsi+CBqr0bT06Y hfPzrtmJKVKAxJoq1ykvjtXXwxPThAnG1BT8MnQbUtZazCYRoZVkH2g8es2xrTLJrksj yosA== X-Gm-Message-State: APjAAAWICZ/KmUA8zwr+cY6X7Lggn8Smcc17vE/QZocBXkXUzboK8tyH tIUzwf/rYMolnawgUIqEpurhhVXjf8mZcg== X-Received: by 2002:adf:a305:: with SMTP id c5mr6915355wrb.29.1561714550294; Fri, 28 Jun 2019 02:35:50 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.49 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:49 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 11/30] crypto: hifn/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:10 +0200 Message-Id: <20190628093529.12281-12-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/hifn_795x.c | 29 +++++--------------- 1 file changed, 7 insertions(+), 22 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c index d656be0a142b..5a86d0cf9070 100644 --- a/drivers/crypto/hifn_795x.c +++ b/drivers/crypto/hifn_795x.c @@ -30,7 +30,7 @@ #include #include -#include +#include static char hifn_pll_ref[sizeof("extNNN")] = "ext"; module_param_string(hifn_pll_ref, hifn_pll_ref, sizeof(hifn_pll_ref), 0444); @@ -1951,22 +1951,11 @@ static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct hifn_context *ctx = crypto_tfm_ctx(tfm); struct hifn_device *dev = ctx->dev; + int err; - if (len > HIFN_MAX_CRYPT_KEY_LENGTH) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -1; - } - - if (len == HIFN_DES_KEY_LENGTH) { - u32 tmp[DES_EXPKEY_WORDS]; - int ret = des_ekey(tmp, key); - - if (unlikely(ret == 0) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; dev->flags &= ~HIFN_FLAG_OLD_KEY; @@ -1981,15 +1970,11 @@ static int hifn_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, { struct hifn_context *ctx = crypto_ablkcipher_ctx(cipher); struct hifn_device *dev = ctx->dev; - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } dev->flags &= ~HIFN_FLAG_OLD_KEY; From patchwork Fri Jun 28 09:35:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168033 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454592ilk; Fri, 28 Jun 2019 02:35:55 -0700 (PDT) X-Google-Smtp-Source: APXvYqxdAhcc/PRadvWs81qJ7GA2zKG2qllA6EjZZAIyYlash8AlkBSSGDctB+DA+uMbBS3xZT9k X-Received: by 2002:a63:e251:: with SMTP id y17mr963106pgj.8.1561714554917; Fri, 28 Jun 2019 02:35:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714554; cv=none; d=google.com; s=arc-20160816; b=RPlmBCNR51QR1+ZKU+ViXWz/9rs6mDe6F2x4xEPyAsX4XctflHhpOpeht1vsQwUWKW 30jM2bycb8AsjDBEJzf4/NaOfG/W+1UAyultdu8G95BlsRzGKWZLzQM51klJ4axCNVrS dC3EqjqTgzgvrZBBnFyJe9QkA3BAKvhvupJ3otPsqfpZ1Q556pOgWA+7CS72kf9d/Pa1 Ld9csrnM9jokGVeeh6THp7X3MoKqWo9svwUpOaiZ/ox0radNg/KD7dItxoPfIZbpvluw 5pd1BRPOARzKB+DVSKLq4q5syhq3Wa++rsZnu1Iry2r2jopTPsiq0mzwLwr9Hzc/dhDq nwSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=gU5XdhRzqh4V0nFMyqKcG3tn/WS8nvCNXfGNVcUotfs=; b=CYCZgjORpc/DFlhcm+jEQn3C3BWGLSvmr3pa1mr/0U18Sef+dbRx30tQhCF8e0sGsm OYgsaM95GqDtekHjmW3GKoQXb0q49lNhJCEkOy2D5fYT87a00V/O37i66+gZLAhxeRFw ZezV+3A4oDeDvmtWea9gQY4ciqgPL93cRwB6x1RmireIxxiuWv13NxTnIf7/bRlNXRoh e/wcHqOx5M9AJw5GEspVmANRs88Hcht1Y6dgbZB/I4eid+trU/+/h2fI1O5sIKvGCgRz XJQynRcaYLsExqVxtG1NnujoJ8DPzLeFr2f/kEhOBTH/Tc70YcXCGMjaVDxi/Y3ESzg0 ImkA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="lRlNEV/2"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.54; Fri, 28 Jun 2019 02:35:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="lRlNEV/2"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726686AbfF1Jfy (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:54 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:44123 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfF1Jfy (ORCPT ); Fri, 28 Jun 2019 05:35:54 -0400 Received: by mail-wr1-f68.google.com with SMTP id r16so3671806wrl.11 for ; Fri, 28 Jun 2019 02:35:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=gU5XdhRzqh4V0nFMyqKcG3tn/WS8nvCNXfGNVcUotfs=; b=lRlNEV/2sRpjhiJeMx2zbCYFRDJrVrCUoAOTiplP2+y8lRfQOJiZfphcDrfEnJA4gJ sUrOZTSmP7VxnnKbJ+/AD6Kfwp4sdggkbe1/ubgXsI9vSuYGphY6ck8FGHzK1KHGBJhx Rsf2ZVoDbcIrs8m8EJkiY1jRm8HeuliCwX+Ct5nHtP+0erln8+45qfGbsLaG7dpOHUmi ArvUnGWQ/E9v5jVzkhjZ8kbPd96Urp1sbyUhUKa6EeAh3G61s9qAS/aMaSUdW9m/nWz2 VJitbroa30lxft527cdaILMHYAHyupN9jCuC/rGMUnUbt5AeQ4a49iUtFGjYiOJUTxHi BQwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=gU5XdhRzqh4V0nFMyqKcG3tn/WS8nvCNXfGNVcUotfs=; b=axWAsW745Nn2Jkvg72XV8Lsgr51GTVEn7tshnCGkr7K3t4ypcGFAcfQKGA5YEFdhrm hKEM+XqjiZG9PTgrl+OMGG2WDBlY8XqJJulc5CGOeO9D4DeZ0o8GAcEiIvV/vgtzzUvR WuhBzI2NavWqzn0C1CDP/BbXa63Or3ARcdPpYQ++chFP1F3lsG5mFv4W/Y97+b+Qj89m R3dVXHaFEJQujJrJv+tgz25jdk9w1nMlM/U7SHlCWegHpbmsZPYZLhvqeGAI3u8fD8E1 Oq0edh/NHIusH++LzboGtA3qdwV0S8rLwj0Cbzyi+JJyIFfzt8VfrC+76CCAkqP9zUqo v+bA== X-Gm-Message-State: APjAAAXpfHfeGbVbMVCBxr5xY9s7lV0+MfM30QZmCrsfMmXkURLpr7hj e7ixgEv+zFKWskvK4D9Ets10YjyK/6z1vQ== X-Received: by 2002:a5d:5342:: with SMTP id t2mr7653990wrv.126.1561714551541; Fri, 28 Jun 2019 02:35:51 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.50 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:50 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 12/30] crypto: hisilicon/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:11 +0200 Message-Id: <20190628093529.12281-13-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/hisilicon/sec/sec_algs.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/hisilicon/sec/sec_algs.c b/drivers/crypto/hisilicon/sec/sec_algs.c index 02768af0dccd..4a9fae297b0f 100644 --- a/drivers/crypto/hisilicon/sec/sec_algs.c +++ b/drivers/crypto/hisilicon/sec/sec_algs.c @@ -9,7 +9,7 @@ #include #include -#include +#include #include #include #include @@ -347,25 +347,21 @@ static int sec_alg_skcipher_setkey_aes_xts(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_des_ecb(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - if (keylen != DES_KEY_SIZE) - return -EINVAL; - - return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_ECB_64); + return crypto_des_verify_key(crypto_skcipher_tfm(tfm), key) ?: + sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_ECB_64); } static int sec_alg_skcipher_setkey_des_cbc(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - if (keylen != DES_KEY_SIZE) - return -EINVAL; - - return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_CBC_64); + return crypto_des_verify_key(crypto_skcipher_tfm(tfm), key) ?: + sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_CBC_64); } static int sec_alg_skcipher_setkey_3des_ecb(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(tfm, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key) ?: sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_3DES_ECB_192_3KEY); } @@ -373,7 +369,7 @@ static int sec_alg_skcipher_setkey_3des_ecb(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_3des_cbc(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(tfm, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key) ?: sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_3DES_CBC_192_3KEY); } From patchwork Fri Jun 28 09:35:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168034 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454611ilk; Fri, 28 Jun 2019 02:35:56 -0700 (PDT) X-Google-Smtp-Source: APXvYqyu4LTia5rAeG90KlsXmYOuAi/Djx7OS3fSVK+9wD0u02KZq1QJ638Tmd+Nq/x1MDoVgTNr X-Received: by 2002:a17:902:1566:: with SMTP id b35mr10701751plh.147.1561714556039; Fri, 28 Jun 2019 02:35:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714556; cv=none; d=google.com; s=arc-20160816; b=Cwy9KJPWNWXWd83qMtNsKt1Dlwrhj6hN4YvvWrq9lNU8mpV1jke8jHRdvFiyMF16aF lEyqvL3uRwuOmvFqHK2617oop0FqFQMpltp92l1dW41W8nv8sFxHbq12gHqadiATz0YY OVTB66aYFt+CuHEzMS0ROoH9qMaJTKiJMArdrl2RMtCfNs6OvGvWRvp/BjnNomYD4oTh 6SCEdI82FoP5R2jWMv00ENT4kS3hyztAVG0+LK6Fd5FVlnjVSWe9jqdPS/urZCm8epCe uK3bKY7qUTTkJY2g9ugxtjtnTHXZAktSySTFhhPnsOiC9n/ra5M0eI4m/3aTj+WLKet0 Rh/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=opCK7nFY8V0KaYYnEjmOqVTHZQ6Vla/hvfg5QkTQ77U=; b=TVl2DB/gL+GMJnE5UTUBATCdeLKBPe6HSp/T3m5tbpEqFka7y1ZQbABjAzOg0cfUg5 gDOcx21hGHji4UZg8qlEEat4M9cKqF/Jc6agZXYjefjPufvw8wHqtfPR9vyfy26U9aJM Y41O7n44B0wek6afo0JFnKCGpaLzpWGlQudhuh7K3S57f6zd+qVyUXPRdK+Xwyu6kezk /2Occs0JItcSBNsDqLwLfqFbT0FFVERX44GysrG3ZtgU1w2jNwnxqHVnP3y3p4wn7s7M /+4QGLYpLA41+2KsPaxn/VYZZKckaMvf0vGWjaGy8prDSd3RiHV2q8+rA3wMsHuoN7PA UEUg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LtkkTQna; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.55; Fri, 28 Jun 2019 02:35:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LtkkTQna; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726694AbfF1Jfz (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:55 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:53597 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726681AbfF1Jfz (ORCPT ); Fri, 28 Jun 2019 05:35:55 -0400 Received: by mail-wm1-f67.google.com with SMTP id x15so8414456wmj.3 for ; Fri, 28 Jun 2019 02:35:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=opCK7nFY8V0KaYYnEjmOqVTHZQ6Vla/hvfg5QkTQ77U=; b=LtkkTQnaPEbq+VBhZF4Z1SF9q9wCnTx4FXLXDJSoONW1vptaqni7edW2bdaX357Mj8 0gcdu/dSS2zxDoUGOAN106eu13nxmZDqKaYpKXB6jsS6HUXTWOrSykQFZY/JygCkTCY5 E/eYwA/rqme1VJdNDHYoC+xFpFN+TygtO1+lz13zfTmo1GJZ1tNx0hTF/omFKczFDdga 1JlFS4Wk4H4gUGJQEbVd7uPzB26V4grAW/zUCa1adfaRJRjk9h821yCsjuBPmlkjGwzs 9Eu7ztxRu17fY1FU3pIuzFSivl80870HGlrtd2XdzVAvOANLlZYXRCj5BvLetq6HlnZ1 DpOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=opCK7nFY8V0KaYYnEjmOqVTHZQ6Vla/hvfg5QkTQ77U=; b=XzDGPA3Uvp8LR+1d1YmdtxCNnlCfH0ugjo22VR7zIF3jab6eipmENL5K3DOTNfQgXY pc/F7IAwIjKvxYw09fItBrFYfFyFdLtF15d++aBklrzzwDjoelh5KHnIldtewNL/y5uQ LTK8k+C5Lf/9ELITepHEiOYE8sqPZ/FlkCd1+TyP9ypFtNMECfYNlF3nuLEEAZ9ssnOh qoUvBLsLGqS/WKb0XNmtqNSnC7as1IHxgc6mpaW/ZevoIFXn5f67wSM93WyP0eIKD2C7 QhKZOTXjTAa6xyd6h5i85OvhRbYz0yUVTR6QRHA1IX/tmiWbFVN3+eU+pUOK5NxXHsww oP+w== X-Gm-Message-State: APjAAAWO2xWGY6dXEvHhiBDxFqS/0hTpgRcLdxKzFqOsgQwW4PMZLpu9 DtD0sA9i4fE8WGgT8iPIaRnN7hRMuh3Z+g== X-Received: by 2002:a1c:4b1a:: with SMTP id y26mr6561464wma.105.1561714552496; Fri, 28 Jun 2019 02:35:52 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.51 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:51 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 13/30] crypto: safexcel/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:12 +0200 Message-Id: <20190628093529.12281-14-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/inside-secure/safexcel_cipher.c | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index 8cdbdbe35681..7593b99c948c 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -963,19 +963,11 @@ static int safexcel_des_setkey(struct crypto_skcipher *ctfm, const u8 *key, { struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm); struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; int ret; - if (len != DES_KEY_SIZE) { - crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - ret = des_ekey(tmp, key); - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + ret = crypto_des_verify_key(tfm, key); + if (ret) + return ret; /* if context exits and key changed, need to invalidate it */ if (ctx->base.ctxr_dma) @@ -1074,8 +1066,8 @@ static int safexcel_des3_ede_setkey(struct crypto_skcipher *ctfm, struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm); int err; - err = des3_verify_key(ctfm, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(ctfm), key); + if (err) return err; /* if context exits and key changed, need to invalidate it */ From patchwork Fri Jun 28 09:35:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168035 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454618ilk; Fri, 28 Jun 2019 02:35:56 -0700 (PDT) X-Google-Smtp-Source: APXvYqxHzMaZQqlTQDpQPTDemNtMataspOCQ4Vj4OgZdsFBuQSATNgEoEJA4QTqKDuzEZzNuW5lp X-Received: by 2002:a17:90a:7d04:: with SMTP id g4mr12040600pjl.41.1561714556825; Fri, 28 Jun 2019 02:35:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714556; cv=none; d=google.com; s=arc-20160816; b=Dt34lQDBuoLz/9fms1tL6Xkq66bt3r4jWjJsRH8FUv3rt0lKoWGPxBhJTnDA+TH9Qd BT6YJpmsKQ8/mtk9PSmU34+n8zoc+dHoDV7rLisi5v1yzT7XjLiuWvGruGdzDPXd35BK n1GzVPypcCuWE2TV+cnyS6OPgWbaOxsowRz9m0ZTbi5H03+ol6Yv3LtNSbbmpL7EwljH oOxWHAZ5wfpUnS0DBLGRd29J7aUuVG+qsY4+2UtexJ77Bb48vxPROPKetJWUMOgUETsB eXx2hRrzu4iPnaRnjL35IakzX2YRrTfWrNHm5oAi5L69LAz741kEX6/3jMbmz5evCDOD nEBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=rdODT+FHjoSLRdaSp+suVW4mRIrssGGLkWxGg/PtoU8=; b=xom65B/MqIzHX/nqRMHwXsdTCMWpyzRC3oi1+SowvCOLOj9NWJF2j0jGnwU0zk38AI 33L7pl6GplE8zFZx9/LhFTFChm/XSJMEuaRMqOgkupRz6Dst0XtcXE0z/jaJizjsGM8N SPfO5MkIdDluD3ubxInmlsuXyNw4GqnxyCLOd8lSjkOjh0S6/+TfLtW1YqHcd9WVc8n9 hwnfjmtVqR+UCBjcw3y8g+javf89CixI/OrkxY/7BN/hahnleI2PP/N+sFfMUQia0HPr 7/i9SnWTMcgKu1sx4wxv1sLYl5uc5dRqJocK7417YURnBIr6w+Q9gTz6WkUWJKr3jecd pjYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=nfq7HSWx; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.56; Fri, 28 Jun 2019 02:35:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=nfq7HSWx; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726696AbfF1Jf4 (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:56 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:52852 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbfF1Jfz (ORCPT ); Fri, 28 Jun 2019 05:35:55 -0400 Received: by mail-wm1-f68.google.com with SMTP id s3so8401961wms.2 for ; Fri, 28 Jun 2019 02:35:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=rdODT+FHjoSLRdaSp+suVW4mRIrssGGLkWxGg/PtoU8=; b=nfq7HSWxaIt7leLBM7hzJ5ONkzzGF0Etf+Sfm4JJxMeeFtB/q3/7IjDwxJSzdSf2GG kNJleZDA1QQsAl8UR6Yd/c2wBo40/iGbtP5OPrA/jvvpXurI419EI6ZwJq+5gZAT2JyK oS48M7Wd8joGgSaMA/yGLm4/sP2KYUl3Q64Rwc38xDERD5yLjlmYcRrJhO26FYg5ntZ6 8tgMEyMgKN++xN0IYXx0fzOXg4+DPLdfVC8AmguVlvjc0gYL/dd6NhlQHtVa9TkIuisO Lmd626mwSds5qW/k1B30s/Ul+Fyo8DBiymQO/0ZgXJgv84SWIzfC5tx6Hn9bUmKOrSP5 /+6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rdODT+FHjoSLRdaSp+suVW4mRIrssGGLkWxGg/PtoU8=; b=e5yzse6BqQPTuzSkOONDIdfHFKBFIbaODgY98o+dmO/0jfOZc7END7wG/FweXXE1fx HX41wIa8Pj1JIBukAuHJeojtxyVptIyxLtw9/SiPLLnx4JAPU2w40MMaeLjY6t1pz2N/ gmFQxk8jqiXV1DnI2x5VZFIBkP6+YnOJG8tMBdEulUUrhPhZnU9oEHRWvi0mEZ1BHQvH 66ssVpmcMsUDM6yQkXrv9KP0+XsS+5sMwLCBOrdyJ6w3tOhRY9MlTfFz+APEskhq3Wo0 In+LlRWtp99jE8qhsGsVCT5GeNTV4sz/t0S+QK4M6GeumvI5l82gP8H+Ue+Cz8cv+cvZ BTlA== X-Gm-Message-State: APjAAAXd1D5CNChd8aNP8sugUDd6vGwsnfe44R8lLFXueCxE5ZGCPFtz rcF7jwMMGoRca+D/+5COYKwg0i/HMeV3Dg== X-Received: by 2002:a1c:4803:: with SMTP id v3mr6697979wma.49.1561714553578; Fri, 28 Jun 2019 02:35:53 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.52 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:52 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 14/30] crypto: ixp4xx/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:13 +0200 Message-Id: <20190628093529.12281-15-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ixp4xx_crypto.c | 28 +++++++------------- 1 file changed, 9 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ixp4xx_crypto.c b/drivers/crypto/ixp4xx_crypto.c index 3f40be34ac95..16a81e58aaee 100644 --- a/drivers/crypto/ixp4xx_crypto.c +++ b/drivers/crypto/ixp4xx_crypto.c @@ -21,7 +21,7 @@ #include #include -#include +#include #include #include #include @@ -760,10 +760,7 @@ static int setup_cipher(struct crypto_tfm *tfm, int encrypt, } cipher_cfg |= keylen_cfg; } else { - u32 tmp[DES_EXPKEY_WORDS]; - if (des_ekey(tmp, key) == 0) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - } + crypto_des_verify_key(tfm, key, key_len); } /* write cfg word to cryptinfo */ *(u32*)cinfo = cpu_to_be32(cipher_cfg); @@ -855,14 +852,8 @@ static int ablk_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int ablk_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int key_len) { - u32 flags = crypto_ablkcipher_get_flags(tfm); - int err; - - err = __des3_verify_key(&flags, key); - if (unlikely(err)) - crypto_ablkcipher_set_flags(tfm, flags); - - return ablk_setkey(tfm, key, key_len); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key) ?: + ablk_setkey(tfm, key, key_len); } static int ablk_rfc3686_setkey(struct crypto_ablkcipher *tfm, const u8 *key, @@ -1185,7 +1176,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen) { struct ixp_ctx *ctx = crypto_aead_ctx(tfm); - u32 flags = CRYPTO_TFM_RES_BAD_KEY_LEN; struct crypto_authenc_keys keys; int err; @@ -1197,12 +1187,13 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, if (keys.authkeylen > sizeof(ctx->authkey)) goto badkey; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) + if (keys.enckeylen != DES3_EDE_KEY_SIZE) { + crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); goto badkey; + } - flags = crypto_aead_get_flags(tfm); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_aead_tfm(tfm), keys.enckey); + if (err) goto badkey; memcpy(ctx->authkey, keys.authkey, keys.authkeylen); @@ -1213,7 +1204,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, memzero_explicit(&keys, sizeof(keys)); return aead_setup(tfm, crypto_aead_authsize(tfm)); badkey: - crypto_aead_set_flags(tfm, flags); memzero_explicit(&keys, sizeof(keys)); return err; } From patchwork Fri Jun 28 09:35:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168036 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454635ilk; Fri, 28 Jun 2019 02:35:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqyzFgUkzlF/LD+cuIcv3NT1eKzG8FIGVpt4+DBiEkk1ftDl4fxt10HF76C2Mh335B85++Qg X-Received: by 2002:a17:90b:d82:: with SMTP id bg2mr12108071pjb.87.1561714557849; Fri, 28 Jun 2019 02:35:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714557; cv=none; d=google.com; s=arc-20160816; b=hja/PPrdjebp7QtBjOC9xsEqrFgD198hZ+CjSem1o4yimTHTmzCSDYxJk1z1Sv9SLR mtfsPwaymohwdm/zVkmNA/FkNRgZqIvvleOTn6XTobQauSl6Mf2GV34Tk9Ugi06Lm5oA rYlnNs3Qtpai3xy+DG7c8EHHQLTqUPlBxVJLTJ36BZOy8MyuuCWpjmjn5MA6huKRrpxx OCnE1IljzC/48g4NynWYMtXPNnQ87og1h3W+Ej0yMgFEWb5l7kC+fcheoFI7/ckSIC1x D2zspLCVZr8qhx752cg8HQA4Y4GsQU3Br4ubDg54gjFLo9g0saNfnBt6doiHAjiIrtzS qFZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=k/iZYvi+pgbmK6dBlOMIArAvCwNQqEFpOEidZ0EvGck=; b=FZN9A/0uOEp+hX2ve1FYRIqodQGo9Ljn2SWDx1nvN05MflW6FGPZ3NMNWdJ0gXg+Ej Z4VynHpxfvZNr+n6SinT6ceMd5CQ9NMf3OZKySZ13c8yIbCNoJNrgsXB9RXPl4i1HnXM +viJMSGwk02plPcB9hMuG7r4F9IDqGCqB47Z3lFm79o1urL9+657Nc6wvGAGpli0zIWx rutFa1qm3k0vls77Ic3mFmGNkevJh2rcYaMglIuYm8LKsRbCAxcXbR1hZI1bNy3uAYDv 7yu+9r+XNz8wAeLn9TvkcTDqwyfY4NWGDPiZ64HeTEKbB524KJTIXTxMt47TKgLO1oZ3 2pCQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JL6dJcEm; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.57; Fri, 28 Jun 2019 02:35:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JL6dJcEm; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726632AbfF1Jf5 (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:57 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:54305 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726681AbfF1Jf4 (ORCPT ); Fri, 28 Jun 2019 05:35:56 -0400 Received: by mail-wm1-f68.google.com with SMTP id g135so8408004wme.4 for ; Fri, 28 Jun 2019 02:35:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=k/iZYvi+pgbmK6dBlOMIArAvCwNQqEFpOEidZ0EvGck=; b=JL6dJcEm7zigYiHSV8iF2rHPxsUkVqGaqOChxW+zU6EEycdZt/Gngzcbkm8P9sz01U g5Bob62H6tLhOjW5BG8DyKQiwUWNxW0gTBbOZf6ESG+mjSptO5+5hIBKzj0Xe8TrtDr8 EfB7OgLI2VxcYiFsP+mDtHKbOwbakqMzG7gFOI5z3XD18Djf7fIbUm7vsSD0/bafQUCI CC0x54fV/VH3EO6qR+V+McmS4EbFraVZcsYKwDwrb2ymumrr3URyieFR7W+SzqGy9Uzu I7AhuiyLgDpOPtoJuORNHlrqnlgc7wzXrEbatUfFUQ862PcQeJf6erFE1DX2xRf4x5Id udSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=k/iZYvi+pgbmK6dBlOMIArAvCwNQqEFpOEidZ0EvGck=; b=nlSI8drrVDBR5bT04r84S5rRpXVszKmJ7tDSgW0Dv5111YGBsdbN6UQ8eUDjZAyVhx +dtN6hpxfPCB7kEidUQaOEHDIF81r+ifdsRTd1dbCDjG2inNgCj24ZAxKPGuyulbVFud 2xVt8P/ZznhoTSSXu023QgPCAyYMoT72iZKhhnSl1ICaYq79OfTax+pjYqYmMdoUfegh Zuskvau8TO+Oh9EsVPY5BelZqGy4I2iGQ5w0F5ZLDw0rCTKzcO1BagSfWtJ4UESBQOPg YiaUNWilqdRBoQwhC8xuqaDxbrqbCuic+uhMgbjo7hSSfE4+A/+WklqykSdYLnRSpM6a VTUA== X-Gm-Message-State: APjAAAUGyFOQAbZyoxCnzpSVaBy7Gzo5/D8KBEncjIJuGWMrHVz+Py4M 1DxpTnjijBbAeJ5r9BvPMluu6KEH7sBD+Q== X-Received: by 2002:a1c:f20c:: with SMTP id s12mr7016092wmc.151.1561714554746; Fri, 28 Jun 2019 02:35:54 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.53 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:53 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 15/30] crypto: cesa/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:14 +0200 Message-Id: <20190628093529.12281-16-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/marvell/cipher.c | 22 +++++++------------- 1 file changed, 7 insertions(+), 15 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/marvell/cipher.c b/drivers/crypto/marvell/cipher.c index 2fd936b19c6d..5182438a957c 100644 --- a/drivers/crypto/marvell/cipher.c +++ b/drivers/crypto/marvell/cipher.c @@ -13,7 +13,7 @@ */ #include -#include +#include #include "cesa.h" @@ -277,19 +277,11 @@ static int mv_cesa_des_setkey(struct crypto_skcipher *cipher, const u8 *key, { struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); struct mv_cesa_des_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - if (len != DES_KEY_SIZE) { - crypto_skcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + int err; - ret = des_ekey(tmp, key); - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; memcpy(ctx->key, key, DES_KEY_SIZE); @@ -302,8 +294,8 @@ static int mv_cesa_des3_ede_setkey(struct crypto_skcipher *cipher, struct mv_cesa_des_ctx *ctx = crypto_skcipher_ctx(cipher); int err; - err = des3_verify_key(cipher, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(cipher), key); + if (err) return err; memcpy(ctx->key, key, DES3_EDE_KEY_SIZE); From patchwork Fri Jun 28 09:35:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168037 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454666ilk; Fri, 28 Jun 2019 02:35:59 -0700 (PDT) X-Google-Smtp-Source: APXvYqwrOCamFtWIMJXK8axdhXxsItajqx9QMl8wY907W+6crvQ+I8V88FWH9KxAPHgQjMax62x5 X-Received: by 2002:a17:90a:24e4:: with SMTP id i91mr12404177pje.9.1561714559177; Fri, 28 Jun 2019 02:35:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714559; cv=none; d=google.com; s=arc-20160816; b=hv3JyrZwinFBpHCYTWOxm+JX56deuJBvh4Sdci38i7PuKwinKfl+0FyvgLu4j1CE5a PV1M2p9SFl6jDNorXJVfTt/0JZBF8QQ3zB8z7JU4mNZGjzY25jaiLFUMgCSgTURtH4Ao K0hIXzrwsCYeMLaMNE7ibzbpEqKS0yuwXCnvYXnRke4/f8JZnXIzB8kDv0DB9MSjVnbB btFG8+ByNgpYlRqpNAwAQGJcB6h8VCSWn6vpcVLYxNetwNhrZtGo7bRY2x1vFo8Hd3EB 14faCzwK3lrkE2w3PNEFxfvAf7KuxOHxEeztp7ngfK9g8IPq+q+ds2Db2v8Jwql+KJIN Oxnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=4e2vCsDLC/D+HtFHHDcivLxV8v5dwxrs/R/yXpuJqQM=; b=RmWa0byI8dJAenTwVxW5HCs1sMvSYv81D9aF6Jpg57dl6X9CcdGQ5l6fajUf8MCJSF dCPB2Wy8KJ0OHjOqbpgHJv895E5mIHAlrTWl8sXx0FF8rvE353rHSqzWI/XCV554fJoG FLOfYHVtFx+QX6reeaJYouwlsa0wzeyOy9anyOW6kB+1fWBUbSJUgiAyt/caBD9pfSCe u1U48e696WGpveVjQWpQD+SxGkxahHOficXFpDnVFlNDfrU30gOvyN0PQZHBtB+hmFfu kbAVuI8iMWpQ5gpUkkMNehRu5leR5P7kB0lStP0gmKa4DuUsJcmlAo5ya3F5w0N6K9xG kZyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=zsRlaaMn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9si1632064pgs.312.2019.06.28.02.35.58; Fri, 28 Jun 2019 02:35:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=zsRlaaMn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726708AbfF1Jf6 (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:58 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:34551 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726702AbfF1Jf6 (ORCPT ); Fri, 28 Jun 2019 05:35:58 -0400 Received: by mail-wm1-f65.google.com with SMTP id w9so8925610wmd.1 for ; Fri, 28 Jun 2019 02:35:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4e2vCsDLC/D+HtFHHDcivLxV8v5dwxrs/R/yXpuJqQM=; b=zsRlaaMn8QpdkCWBEuPLhk91f/IG1UyceM1ZPzL8dPCR81LoV/UJ3YAm8vvgVlk/2g rppWPjoq1L2lXsvvU9rENpkvFap4FryBD2E1R0MyPgFIe+hFXu4R3zQ1b0LIQI/9Xw/E 8Gww3qh3f1v0KcHL+aR5epYfBuAO6hZd8ixwvvXMkcL/tgW9Ivk7HSs/PD2Cu8vQyWBA VSS2/Otkg7TXrOkMbRznuUxeMz9d9RazzpMSBuCIv0WBRGHsXXyU0dJzqO6MaxpVUGlv LgmYMun6Vt3XwhLXBqycdNw7JCnuuPkGMIV3ERbWn1Ej3L43H8Gd7lc9o7DfyiCThWj+ pq2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4e2vCsDLC/D+HtFHHDcivLxV8v5dwxrs/R/yXpuJqQM=; b=hl3VPMYmpEkiFgcVjR9dKjRZfgKnvebcTjaEERS10El1mRGzkm1pJEz8ELC9Me67DW qJId/hkPHNYUvTX/ut9lbp3e3S35PEzwOPf2+ZslD58/+2rRGObfQUuT7QmvPPXFgtXJ pNPQfybXAyw9dxkdZwbN0gxnRanJEDMWis6UGZDfyrGcByLfmUL3ig1R3TV//XgNmaBe ndebzFYf0HfHBsetom+/Kbe3as8LjfEguR+W+FE0kmWi1E1aYCXFsLCT6NSeFz26pr7S kTH42lpJSykEM5d1NuaDLLs0biWQAPNoSmTRUR8Ri8TO2xhVB0FSSibkKH1JK1pLdi2F lvXA== X-Gm-Message-State: APjAAAUvnoLYzwGOfgDtjFqibtZE/2oNYW0+ZxE84x4BCU1RQi4V7Aic 1gd9EEfEWIgwnrZBixEtEAHueuifHqdUrQ== X-Received: by 2002:a1c:c706:: with SMTP id x6mr6466496wmf.162.1561714555772; Fri, 28 Jun 2019 02:35:55 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.54 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:55 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 16/30] crypto: n2/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:15 +0200 Message-Id: <20190628093529.12281-17-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/n2_core.c | 26 ++++++-------------- 1 file changed, 7 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/n2_core.c b/drivers/crypto/n2_core.c index 0d5d3d8eb680..de48512d054c 100644 --- a/drivers/crypto/n2_core.c +++ b/drivers/crypto/n2_core.c @@ -16,7 +16,7 @@ #include #include #include -#include +#include #include #include #include @@ -759,21 +759,13 @@ static int n2_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct n2_cipher_context *ctx = crypto_tfm_ctx(tfm); struct n2_cipher_alg *n2alg = n2_cipher_alg(tfm); - u32 tmp[DES_EXPKEY_WORDS]; int err; - ctx->enc_type = n2alg->enc_type; - - if (keylen != DES_KEY_SIZE) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; - err = des_ekey(tmp, key); - if (err == 0 && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + ctx->enc_type = n2alg->enc_type; ctx->key_len = keylen; memcpy(ctx->key.des, key, keylen); @@ -786,15 +778,11 @@ static int n2_3des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct n2_cipher_context *ctx = crypto_tfm_ctx(tfm); struct n2_cipher_alg *n2alg = n2_cipher_alg(tfm); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(tfm, key); + if (err) return err; - } ctx->enc_type = n2alg->enc_type; From patchwork Fri Jun 28 09:35:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168039 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454739ilk; Fri, 28 Jun 2019 02:36:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqxkNJCUP7tz9RZKf4uHJa3ct/tANs5WoON98denGfd0qkRew06BdehN9vYkRXbMQbkrj3t3 X-Received: by 2002:a17:902:b592:: with SMTP id a18mr10536014pls.278.1561714564607; Fri, 28 Jun 2019 02:36:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714564; cv=none; d=google.com; s=arc-20160816; b=xZt5cJrF/sRx+/2Z5ba56OIQmxh98l0ccSJNLPRqUSFD+XgSLt0KYzMPtp+UsYc+fo +u59uYrDWuBD7jTTAn9Tqy5LcibHy0AsxaJSL5Zu03WsSoIU+STHmc9DwEJd/EkFhzsR fse/rRX7RpLzEjKUmcttn218KwIRySiztdm2WukeoRxHj/4gW6NxFrIEbq4eXXmBBZIQ Zd6mqB03Za9LOZnmFE6IzmwEvJYP06XTPUV52kf1qtLQqNg+ri0yNjQ7dEkeTaJMj4E4 TVzPwzSE9AaFTvYcaneToxKDKJ06EEMjpWlsrAEclIXCBe9z41j04tQTFj/Gxu1UoRgF Ozqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=YLuTTtiKRyCVvfmrDVvWYJE+BPuMYbTux/RG3Fg6dG4=; b=xDXT7XFMC69p6R1IpgiWIYnBonuYbXAKwzlyEsSCGNy7OumofIRH96WEwyAeManzXI jxgLqEDOMiNYuXJ59wNeUjOqME2Ze09bDAB9CEdVEh92NLndffv7hX8+V5SNtUXFOUuu 4Q7XjLQNJXc/do52GyuT04tw7+nsHVfGsvy9xRf9Yp2m2us++QQieHA5pIAbXgaC7VeV n14XRxvyd9eVjjjk14QINj1aSuxOHrWTPUwGyo+rW4G6UiKKRXf+zfTLgU10CLDvsVfJ 7EBrcX/xHMxR4hLGA1q3WOKNWQCho/1Ig06eS2xta7zOLANRpMlSGnWFta4vIYag06ow toGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=T2hnnsKi; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.04; Fri, 28 Jun 2019 02:36:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=T2hnnsKi; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726711AbfF1Jf7 (ORCPT + 3 others); Fri, 28 Jun 2019 05:35:59 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:33740 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726706AbfF1Jf7 (ORCPT ); Fri, 28 Jun 2019 05:35:59 -0400 Received: by mail-wm1-f68.google.com with SMTP id h19so8944790wme.0 for ; Fri, 28 Jun 2019 02:35:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=YLuTTtiKRyCVvfmrDVvWYJE+BPuMYbTux/RG3Fg6dG4=; b=T2hnnsKiFBhVqlqjJQAykzzaY6ENcJmb8BWc4K5qKsV0iFMNrpftCeQfJbkAgSHZLn JUX6rEBxIGIq1+Z3Hnu8DxJRX8xg5t93770g38V/2BqqgtAOi7vG5lgyje8BdFt3MPsZ wFuQxIxzHzf2S6c6KAWn2HkQjRhSYCBEEV5jhh2AQyFYwSjquNRHh5zIRxpqGLvzzUqB luF5t8C/4H/4W/4zzOOmjXz2lKtqIVPuKSvlpm0hND/L1/LODnsw1Hga6uidPfkhb2Z+ DgoFkHfDVugoVXYpUifYUv44RHVzSIYm/E/BO2d0zsS+m7c3HQC+JnVlfsCh0tpv5hye H1ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=YLuTTtiKRyCVvfmrDVvWYJE+BPuMYbTux/RG3Fg6dG4=; b=P4QVmyS2jQimCuYCyvbx4xy/CBbXaBA43/CNw0fxzm8vZBuyEFecIbyZEo+9H5nJjS qAcSvEP+G04ck5VFSpIIzvJodLQbR4Ik2DIP/SyyMmNx4EBTxZNY4cP08cxiBbE0Q7/Z WSknt/M0WmFAjM2RX4oJwCiA5jDMGW/dnLWj+hxIHEoGspMAEd7Fe6gK2L1FVxbvvdNU MQr2/zTULMl3Aypzee2mC/joDsQKho2BtaUYP2ddbj0fqjdlYkaid0ZxFpF6ITP+FHjD M2ZvamOeC8FUM+p4eRf50GEpOMvkMVM//9Y4jOWmV2Lz+wyA8wxY3l1PDCCorHWbqRUu fqGA== X-Gm-Message-State: APjAAAWomsYVkKnaxLmaPEdElAJF/pJuEWkggy8MFIpsEJxRa/0YVA4N HqTErUFoBWAbOmP6uTR6cPCkL2fIddXV0w== X-Received: by 2002:a1c:f61a:: with SMTP id w26mr7002457wmc.75.1561714556674; Fri, 28 Jun 2019 02:35:56 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.55 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:56 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 17/30] crypto: omap/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:16 +0200 Message-Id: <20190628093529.12281-18-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/omap-des.c | 25 ++++++-------------- 1 file changed, 7 insertions(+), 18 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c index 3d82d18ff810..ebbe7b532aa5 100644 --- a/drivers/crypto/omap-des.c +++ b/drivers/crypto/omap-des.c @@ -37,7 +37,7 @@ #include #include #include -#include +#include #include #include @@ -654,20 +654,13 @@ static int omap_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); + int err; pr_debug("enter, keylen: %d\n", keylen); - /* Do we need to test against weak key? */ - if (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - u32 tmp[DES_EXPKEY_WORDS]; - int ret = des_ekey(tmp, key); - - if (!ret) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -679,17 +672,13 @@ static int omap_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; pr_debug("enter, keylen: %d\n", keylen); - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Fri Jun 28 09:35:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168038 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454699ilk; Fri, 28 Jun 2019 02:36:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqzsMgNuKbOhtOo5nE2DxX7TVESgJjT2Zf5DvSGL7WA0qoCaICKYuF92XlPnG2Q+EzSIj0kl X-Received: by 2002:a17:902:4:: with SMTP id 4mr1607577pla.287.1561714561895; Fri, 28 Jun 2019 02:36:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714561; cv=none; d=google.com; s=arc-20160816; b=eo0VhkJyAuO70F+wHosNRXDpZlKEODMoMLggwSfDEbHLUTjK7mCPsTYMGB+OwnFKx/ f1mfVG1vUf5PguIpcqlRZplRhHBn0gqTiDF4L51ZukZ5X8D16TagPzXsZU2nUa3h0dls mYVsF9Mam3OffuSFN9Te4pcQKKR5MmnRhnY8rUYyc2aTL6RvVuVR7B9Fnd2Fzs1n5Goi YJCQUM5tsZ+AA95PDRB6//BxDmtYV7jOq/aqUnT/j+dlzilEkKApGCC6DgM1O1ztlySE k+SvMI3pVvOqrslI7cyaXIB5hr7wGhXQy/N3v6EbkPmL3WpMD75IED3CqTRWjenv0rUn 2KTA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=vSQKZ3bzm1shSM3hwnkO5Kh0qutNPZoosKVcwtVkCKc=; b=CUE+QBS8xYjh3cf+4eYZKU+m8G/MN4oH1Ieg0ARvlaZ0+7sjNV3rlGYvjMWWNkIz2+ HKccQgp4HO9O8161WI+syaCc4VRWoGPkSLaleI2+PD8oLNb6c808h1yJd18C2KyWz4Jg KxesFFg8ucM9l2RBfJc4+gSISNrtHeWp/L8GbHiJn7ICAZBcUKl0eiSYp1rwgpqUJEbi eBdvjlh7C4U6tmvUxRO5Z6sZjbCzKLHYw2codqJnJdg2vaELG/DuWD3+vI5JM4+qCbpX yTohprL9pvbF4WctOhF/QAnu0NBF+1Ob2cWzI+2/NS/+6OWHSNzq9+4COoxOgnbcjfIg 1S5Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dwApxGdI; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.01; Fri, 28 Jun 2019 02:36:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dwApxGdI; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726731AbfF1JgA (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:00 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:35036 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726702AbfF1JgA (ORCPT ); Fri, 28 Jun 2019 05:36:00 -0400 Received: by mail-wr1-f68.google.com with SMTP id f15so5565180wrp.2 for ; Fri, 28 Jun 2019 02:35:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=vSQKZ3bzm1shSM3hwnkO5Kh0qutNPZoosKVcwtVkCKc=; b=dwApxGdIMeRWCQPnK9QMIwCVpxtwWcg/gyJWUQD24kAEAMRDsc23dI2iINEl5dD3nD qV2ROnFp5P+K1P5ns8vVwI3D5zTa2QWBTNipvG0HI4jVKVY6G6GVAzx0NvOLNR8TcJ/S bExIGNBzUa4Zd8jiHvC0MHrcpF5JahsYnW9nwNP2Lyx1iN/EsSTxPJ3sQKRm9hPX8/YK YwqChbnrOEDPrFBRiCl4vlp4Z0IQECc9KGMrZLQa2CUR1eMxkpRRtmCxz+wtYyCp8tp6 yUJnSDCF24fT7Xot4Afjqv/FmW3f3//bsaXIcxLzUZMmTTHzAHYtUkXXwTSBuql40dvk gEsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vSQKZ3bzm1shSM3hwnkO5Kh0qutNPZoosKVcwtVkCKc=; b=b0DRPZ9Jiow/lhYgNI+EpdSd3p677q15dpbu+jVpSl4aQiLsvqVHIwVKViCk99WWOX 6/cTb7GG5PSr576SDsyw1So5+JqRCdXs5wu/0241jlXNJfBExPpnb+IBsxuvtxWlhJlH zTCpVvzaI4/hBpR5OaZmNT7VHbxs3BcDrZddweEAbOmDjxiVrLuBYiThcMIeto4HDj00 grgMv168K5HMyBR3vttz9uG4wzj5QyySX3/Uul509v5Swt+fUgb1rxwoTIxwcZO20CYS 4DqD2c9efwLjMFBvH/K3Hjhp9OqA1I5L+6gMNi64OQ02zRbZmqOXVCmk8KGBqC4IOqMq GIJg== X-Gm-Message-State: APjAAAWuzWdPsY7bM680PiS/BzPQSzq5aK3/TJT6KEI9RKCg0mchNHuF nsaOp6ZeF0qZrq4n3ucm3Hm2DQhKnOMzEQ== X-Received: by 2002:adf:ec12:: with SMTP id x18mr7038797wrn.145.1561714557693; Fri, 28 Jun 2019 02:35:57 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.56 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:57 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 18/30] crypto: picoxcell/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:17 +0200 Message-Id: <20190628093529.12281-19-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/picoxcell_crypto.c | 21 +++++++------------- 1 file changed, 7 insertions(+), 14 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/picoxcell_crypto.c b/drivers/crypto/picoxcell_crypto.c index 05b89e703903..842b413cbe60 100644 --- a/drivers/crypto/picoxcell_crypto.c +++ b/drivers/crypto/picoxcell_crypto.c @@ -19,7 +19,7 @@ #include #include #include -#include +#include #include #include #include @@ -751,14 +751,11 @@ static int spacc_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - if (unlikely(!des_ekey(tmp, key)) && - (crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; memcpy(ctx->key, key, len); ctx->key_len = len; @@ -774,15 +771,11 @@ static int spacc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len) { struct spacc_ablk_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } memcpy(ctx->key, key, len); ctx->key_len = len; From patchwork Fri Jun 28 09:35:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168048 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454763ilk; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) X-Google-Smtp-Source: APXvYqzvYDLeLbaniNFKKQAne6/lMpXB7NSWca2XQyCOmBQFUHGhqp05kXB1Q8Q1bxDJG4Dm7sdv X-Received: by 2002:a17:90a:3210:: with SMTP id k16mr11535780pjb.13.1561714566043; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714566; cv=none; d=google.com; s=arc-20160816; b=AOuj6ENFGcDL+vrwixO5mS2dogC0mvZb6q93TGOJvE3njMFf1b+pMu6pOA7rTJ1VPp QfQS9mIHmqhazseIvRpjGCvpziPpAfkT2oCXZ/5JpHApy0mYifxrboL6cSAW0Dmjahml dFeI6fZU+mngk+SW2P/FBflJ2JdUJE/x1N83pTdP5Xnyap3zalCcQxfPXevS8cjNJldk 84cZ1aekSlJ2yRzomz0il+Wae5B4q+ibqwVhGdh3nO5JgDMP3BMKoX2i5QQ7wsQkdHdY yGyCHiup6c1vdSBdislQsbgInNz31oG7lIHnLWg8qf0GStvWBNwwVPVQhYMGWPP4n1fP 0+aQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=K222XYBP17tSu5k19NnMFnfodyv8IVdo2b46vWib5MQ=; b=gJ97U2tniqDYQdYSDxxl701dqwI7SdQ8LLQjLwk0xmvfbB+w9YTQcAk0qcki37QpV5 WhMP9Sq3ChR1SZt+124jKBext6M6eeuqW5BL4k4YAQgp48hFsFKntnFra6O0X8Qc+EOd YUnbKpS8qTPspjh8BZbPeiNsFQ46OqsxiAvjAhLXr/iyv5A5dV4d202Oi/qE/BCbD6k0 WPD9tChRzpsZwOaqX/QJ64/cEU5DhEYnaWebAZHUJcDxmNULVt9bXhBEd7crBPiS5W58 XxLgl40N/8Zp6xHgN6FqF6jJt+PCseTa4fBUKItyh80/93JjgfxU9SFJtHkqIxARrhDX ci6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=cX4JGEFX; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.05; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=cX4JGEFX; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726603AbfF1JgE (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:04 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:35557 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726706AbfF1JgB (ORCPT ); Fri, 28 Jun 2019 05:36:01 -0400 Received: by mail-wm1-f67.google.com with SMTP id c6so8334933wml.0 for ; Fri, 28 Jun 2019 02:35:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=K222XYBP17tSu5k19NnMFnfodyv8IVdo2b46vWib5MQ=; b=cX4JGEFXO5VmJM2e5FpHXtbXwUVXAEsK/csLWR+EqZoubHgnfh7BAMiw7xAOU54xj3 abheNFTjuHtphO6hpRH+XLstLP0MWJlS2DwliWghS+beVeH6pNwtT44wragY4VqlK4aL wA0Wh2WojWF/C3Q9bKrP3lDz3x/IPMc7o2lcXlxMGnOaxKY+HKiSqIYSifzmFOyUekES O8+LwTu+DB+2M5U7PDoPiV4YZxrz+OLVyaYcH2KZGk8w2JgTPyx63wme7eZ4DmJ/R6kQ gD6H6ulB7A+kFc++VxdMqtR3UjXVWt5hi1VNeknvzKAcaehWAXtLmhRNW9z802yK+6hC DiEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=K222XYBP17tSu5k19NnMFnfodyv8IVdo2b46vWib5MQ=; b=si5MWVNu7RIYigFEKJAamn/CwJshti1wuG5JJIlc+W6IQacQbeou48vKGaJylVPfAM Kb8GJcvvr53gyVUaHDoyT1BU52iPVDRodKaXj3s2zOdobuRskj7EnVl6mJYcnsW1XzTR QXefxqSTDB3jmoo1rY5/XayDCiSa0YnEQj1txWyvnTu0oZQeF8pcg0XjH0OJj0JWFDD5 Mtg3QAbmPa7UxDImluez7PoiGKeRoo9gT1Kq8osCT44cUp18i9Xs+/vtipVTnD2ILSHN IMOPEzyz0oB2o986wMTPm4R9KVSE2uip7hqcFONJ8RyiKvLIYWjSJztFPm+jv+5qY6Dl OwFA== X-Gm-Message-State: APjAAAU09onZaYFToo1/+YLPvxGNAYD/wvtsWhWNj5dD9Uob2OImI4ZU 5qsoOJk5XZg9yLKuYWizNFR2r5I7aN9AuA== X-Received: by 2002:a1c:a654:: with SMTP id p81mr6210556wme.36.1561714558596; Fri, 28 Jun 2019 02:35:58 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.57 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:58 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 19/30] crypto: qce/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:18 +0200 Message-Id: <20190628093529.12281-20-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/qce/ablkcipher.c | 55 ++++++++++---------- 1 file changed, 27 insertions(+), 28 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/qce/ablkcipher.c b/drivers/crypto/qce/ablkcipher.c index 8d3493855a70..d9e067885a0e 100644 --- a/drivers/crypto/qce/ablkcipher.c +++ b/drivers/crypto/qce/ablkcipher.c @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include #include "cipher.h" @@ -162,27 +162,17 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(ablk); struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - unsigned long flags = to_cipher_tmpl(tfm)->alg_flags; int ret; if (!key || !keylen) return -EINVAL; - if (IS_AES(flags)) { - switch (keylen) { - case AES_KEYSIZE_128: - case AES_KEYSIZE_256: - break; - default: - goto fallback; - } - } else if (IS_DES(flags)) { - u32 tmp[DES_EXPKEY_WORDS]; - - ret = des_ekey(tmp, key); - if (!ret && (crypto_ablkcipher_get_flags(ablk) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) - goto weakkey; + switch (keylen) { + case AES_KEYSIZE_128: + case AES_KEYSIZE_256: + break; + default: + goto fallback; } ctx->enc_keylen = keylen; @@ -193,24 +183,32 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, if (!ret) ctx->enc_keylen = keylen; return ret; -weakkey: - crypto_ablkcipher_set_flags(ablk, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; +} + +static int qce_des_setkey(struct crypto_ablkcipher *ablk, const u8 *key, + unsigned int keylen) +{ + struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk); + int err; + + err = crypto_des_verify_key(crypto_ablkcipher_tfm(ablk), key); + if (err) + return err; + + ctx->enc_keylen = keylen; + memcpy(ctx->enc_key, key, keylen); + return 0; } static int qce_des3_setkey(struct crypto_ablkcipher *ablk, const u8 *key, unsigned int keylen) { struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(ablk); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(ablk, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(ablk), key); + if (err) return err; - } ctx->enc_keylen = keylen; memcpy(ctx->enc_key, key, keylen); @@ -382,8 +380,9 @@ static int qce_ablkcipher_register_one(const struct qce_ablkcipher_def *def, alg->cra_ablkcipher.ivsize = def->ivsize; alg->cra_ablkcipher.min_keysize = def->min_keysize; alg->cra_ablkcipher.max_keysize = def->max_keysize; - alg->cra_ablkcipher.setkey = IS_3DES(def->flags) ? - qce_des3_setkey : qce_ablkcipher_setkey; + alg->cra_ablkcipher.setkey = IS_3DES(def->flags) ? qce_des3_setkey : + IS_DES(def->flags) ? qce_des_setkey : + qce_ablkcipher_setkey; alg->cra_ablkcipher.encrypt = qce_ablkcipher_encrypt; alg->cra_ablkcipher.decrypt = qce_ablkcipher_decrypt; From patchwork Fri Jun 28 09:35:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168040 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454752ilk; Fri, 28 Jun 2019 02:36:05 -0700 (PDT) X-Google-Smtp-Source: APXvYqyjkSmt0Y1zfWKwpsQ+YHISAUsy9Z3is6o6RjYrfAvGH4XkBhwikhOEKoeL8WEZ8euX6YCm X-Received: by 2002:a63:f817:: with SMTP id n23mr8427672pgh.35.1561714565177; Fri, 28 Jun 2019 02:36:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714565; cv=none; d=google.com; s=arc-20160816; b=zgl/1sEEaLmLkBajqkMrGhXv63G3agd/bud/pt2ODesRq03Tnj4gGmDWQ51MrneD/s 6GYJ8n6hqKbhhRyp8d714Q1urJ7hEVIwjySMO1vaeu27h31fGOZkpYGmIP3T9k/1cCL2 jDNT2boTQ8H2KzzStx1DOfK8FF3xhidMyljozjLfNgJHQJt1wxF4pn1n9HqHY/6BK8jD bQSEKC05U6Nqz4Jz4DfUs13LhSeFDwNIzXCjksqaLSpgh1U1/HxWd6ciBVHjMToe7HIB xZKLN2xP871CtbCPIkbVeYXfCHHOOa9DLfBtH9/PtGnRmJ4I33n5Rl0wAaXBJwa1IXll KTiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=BBtjv0mX3l20qT+8X4zS6U3CU75NGBuRJ4htuDc2CpI=; b=h6T46RnOtAYC6XIEW+hKNr8qP83akydXyGa4mP2vqDfw5+ZsU34JE0bEpdk2GEhUrV Wo74XXU5H64Ry3c7EmcWqKnRQfa6iYyC9+L5P9Jq14XpU/LHWxlHOBbrtI2sQmxnAHKX s3WOiuIoKRf1NDaV//JbMVHvsIlnHxLOCqpFWRnMnDSzf/VGNH3lq0lS3O05gspMWALX NcKH13f4WTKuyFg4oz0CUGc0OWiF4RS1T5F/pslPRF6XRBz6fXvI7mO7eD56l3x+acPa Cc6QCY7rvYgGFykvRnhwayMlRcMANdqz4hxXmHQ5yJglQL5xXht9LlPOPbXTmMZ/AZXX AZ6w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UEN4T0zi; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.04; Fri, 28 Jun 2019 02:36:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=UEN4T0zi; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726734AbfF1JgE (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:04 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:38530 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726702AbfF1JgB (ORCPT ); Fri, 28 Jun 2019 05:36:01 -0400 Received: by mail-wr1-f67.google.com with SMTP id d18so5546955wrs.5 for ; Fri, 28 Jun 2019 02:36:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=BBtjv0mX3l20qT+8X4zS6U3CU75NGBuRJ4htuDc2CpI=; b=UEN4T0ziMKU+6EBQ1exK9Y/LYpmLXGHDfemNF5GTYMVK0DIj95tqV792DMmD/Q4RrM ccYCHnkD0uN7vsl4Hl1CCTc1DG9M3dyxKcvD+oNZxjlBuApAXaw2Xc9A1FRfYVIgIwYB 4lrQgksi0s7df3SS4If/6llVVFnrjNXK203MboD/+LQWm5OacGxH63J3Bkiag1E9DF19 0CLvQ5HBjPI4M8/gGFKtrPZGys8JwYtfe1uFN72kiYKWcckjCjJ4nZEnyR2xrhi9vCOu UlE5wdd3niYvOsQxcWzGAQFbj3JoxzV8FV7qGg7TpQasGmT07GdysgR1T7U1Aknl62Pp mmRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=BBtjv0mX3l20qT+8X4zS6U3CU75NGBuRJ4htuDc2CpI=; b=PLDMY9i3ONE8FhIShtKp8W8+ObGjpDbuX2uXi7t7T+w5Uv0ZxeMngxLvz1AgkeBCjn pYrbks52oE67tmV1+d9hHkq5oQRSPLYgUsUVBHJAwSuLJvoFJ4eKEZ0rXhTzpy0W2bJA NKuIpu1KVCXZdbc88yXl/NW/3mzQZhsH6QNM/tILHoA9c6PcJlzUAcH6xbMQ18PsTH4L S7wgcHuKSJbyHzeNSnIgrWt11rN8eauFotZF7VG82ls9Cz/PXoIc4XOepF961CmdCXb6 LTrjA5bPVYsa3k2tQP/d4MPd2TPHWN1fnravrj9JtopIk+2E0xlIxNDLi2NXf1SY3cGI qZPA== X-Gm-Message-State: APjAAAWaNYVcatW3VJTlENHjUrHEQgJCexmTsRhLy6kAvV4NYPrW28Tj YZoFMETZaNPxUKQjN9Vt+mGWIK5NuYGdgw== X-Received: by 2002:adf:a55b:: with SMTP id j27mr477097wrb.154.1561714560007; Fri, 28 Jun 2019 02:36:00 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.35.58 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:35:59 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 20/30] crypto: rk3288/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:19 +0200 Message-Id: <20190628093529.12281-21-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/rockchip/rk3288_crypto.h | 2 +- drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 21 +++++++------------- 2 files changed, 8 insertions(+), 15 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/rockchip/rk3288_crypto.h b/drivers/crypto/rockchip/rk3288_crypto.h index 54ee5b3ed9db..18e2b3f29336 100644 --- a/drivers/crypto/rockchip/rk3288_crypto.h +++ b/drivers/crypto/rockchip/rk3288_crypto.h @@ -3,7 +3,7 @@ #define __RK3288_CRYPTO_H__ #include -#include +#include #include #include #include diff --git a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c index 313759521a0f..ef9f192339c7 100644 --- a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c +++ b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c @@ -49,15 +49,12 @@ static int rk_aes_setkey(struct crypto_ablkcipher *cipher, static int rk_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); - struct rk_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(cipher); + int err; - if (!des_ekey(tmp, key) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; ctx->keylen = keylen; memcpy_toio(ctx->dev->reg + RK_CRYPTO_TDES_KEY1_0, key, keylen); @@ -68,15 +65,11 @@ static int rk_tdes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } ctx->keylen = keylen; memcpy_toio(ctx->dev->reg + RK_CRYPTO_TDES_KEY1_0, key, keylen); From patchwork Fri Jun 28 09:35:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168041 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454757ilk; Fri, 28 Jun 2019 02:36:05 -0700 (PDT) X-Google-Smtp-Source: APXvYqw/oTgizzCW5aJsx68wEDxoo+KK3JP5M2XCvl/6fNtcwg7mgA6uH3A9p9STc8XGXN+iWJx/ X-Received: by 2002:a17:90a:ba93:: with SMTP id t19mr11740902pjr.139.1561714565579; Fri, 28 Jun 2019 02:36:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714565; cv=none; d=google.com; s=arc-20160816; b=AmJMFKgBxLGdgbztmY0ph8XJjHZJYJ7gXS7vFtHFlYk+EVNDr8sDSf8GYDHGkQre2Z VF8Jr/C+C4GF2BYQtz1FOZEdDvzWQGfY+SCl3uglABCbmUvQSMYL3h+zDpMYrzfaiar4 kj3dtBdvQfgNg0T6RIFRwuaHNAu8jjvhfhPElBe14bcLLHRBS+ZVRAB9T25bUASyYRKp 1KEK5nT3xAhc+mxuX+tjmgbDKFV/LFY7guotc+DNhACqK6nY9xpNZmlfcy6LPO0NtbUX CsOHF84qWfD7rIrduamgflTu5PwCbIXLlejcULFzHOghSCYFCigVmSipGH9izZYwT8Bh /kUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=vwaL2yVe7/AKlyXh+T/GXc8ok7UKbj/+xTW1NBqnpb4=; b=tLwMekXhIDUwWlMncyIisSGH+Cp5mm3867ybPXOXASMtgiRDogQL3m/oy5b2KMK1hg dbMUz91qRqkCnAkP1psAoTQxOny4k/wERD9DhpO0iAniDttl2texMCMsNWnt6bFi+7y0 ZzMofeGLTI63ZBWKT+cdhOS7QGLcciSot3XzlOVNnACQ6+y5Byz/+Ty+PcmwkYkDMGV5 iDFP4EHx3CF8CjHtFrRAh0OqWcx84Rvd3Hx+XAU/bmMt7LBezDKzS7JsWF0H/O3c/LSZ dwUSV686y4kQ6r0QIzg4G7Y5lNbufNKLHA+XjFu7aXkkV+06t8l9FGK9a8zsBAl68lQi cSig== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=u0YiHDiQ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.05; Fri, 28 Jun 2019 02:36:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=u0YiHDiQ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726702AbfF1JgE (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:04 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:37838 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726603AbfF1JgD (ORCPT ); Fri, 28 Jun 2019 05:36:03 -0400 Received: by mail-wm1-f67.google.com with SMTP id f17so8303872wme.2 for ; Fri, 28 Jun 2019 02:36:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=vwaL2yVe7/AKlyXh+T/GXc8ok7UKbj/+xTW1NBqnpb4=; b=u0YiHDiQaaomNI6u1pcoD8swbgBPyeG6v1G34oq7OgmUZlCuiPro/PemYVF+Utpch3 nSREYEzQOTRdmYEWeZQPtYj1E8TccrqCQTX9kb6KGPcVZuTAEWlansinybtY6M7ORmPc BIH3CORthIIpx4pif9qHJHOwHgA0pK5QMfawy5+zaCAifQY3ykDPZBwyEvYjZ37kn/U5 Y8gMuW4OwcBYXU11T9P0l9llcLN3HEUarzAAHEvQ9QAqoA+pWFdWLA6GZIP8Zzsj4BBJ 9VYZuvGTWBTB+saiZ49w7eTJN+0DdolF0D9x4FYLDSOczLBMXcznCLIs8kIcb83pRqt+ kzkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vwaL2yVe7/AKlyXh+T/GXc8ok7UKbj/+xTW1NBqnpb4=; b=NyXlYe9XZFBy6c9DiEnz9dnm6b+aZaERdFyZk7vVlLQUHnV5RuXAgHulubEql+ZrIs Bsa2oMlN/HmVOfV0dumd+FYC78pqeQqTMOZS1SeXA0n60TKp6DcDwCi/YPofcCpkrjOK SuU4yxJX0MjM4eazjbLtvVOb1DkAsyjMDRzI0CO2pIAPAIErBSc2tLbTIkOwkdFAOgHR 9ylA3D/UVwmE10vXBuIcFz86rXMI7JurcEbvA66rFNWk7Ayucoc5i8js4tuq1w4zmyvg M+is6luoOg/YgNctM5q/7GZaqWaVbqBbc4v3ixa3pAO4oGAJ97NcItawz3SW4DogUGE2 vs+Q== X-Gm-Message-State: APjAAAWkkUFKByPrtPJMGndmfQGCkpeMEpPWb9onGETu+4hGlQGEdJ8+ bLFbzf3k0x3bcvmUT8Fv1kar7+CyXNdGiQ== X-Received: by 2002:a1c:a6d1:: with SMTP id p200mr6774382wme.169.1561714561074; Fri, 28 Jun 2019 02:36:01 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.00 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:00 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 21/30] crypto: stm32/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:20 +0200 Message-Id: <20190628093529.12281-22-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/stm32/stm32-cryp.c | 30 ++++---------------- 1 file changed, 5 insertions(+), 25 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c index cddcc97875b2..377d7f9ad470 100644 --- a/drivers/crypto/stm32/stm32-cryp.c +++ b/drivers/crypto/stm32/stm32-cryp.c @@ -15,7 +15,7 @@ #include #include -#include +#include #include #include #include @@ -767,35 +767,15 @@ static int stm32_cryp_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int stm32_cryp_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - - if (keylen != DES_KEY_SIZE) - return -EINVAL; - - if ((crypto_ablkcipher_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - unlikely(!des_ekey(tmp, key))) { - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } - - return stm32_cryp_setkey(tfm, key, keylen); + return crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key) ?: + stm32_cryp_setkey(tfm, key, keylen); } static int stm32_cryp_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 flags; - int err; - - flags = crypto_ablkcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(tfm, flags); - return err; - } - - return stm32_cryp_setkey(tfm, key, keylen); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key) ?: + stm32_cryp_setkey(tfm, key, keylen); } static int stm32_cryp_aes_aead_setkey(struct crypto_aead *tfm, const u8 *key, From patchwork Fri Jun 28 09:35:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168042 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454772ilk; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) X-Google-Smtp-Source: APXvYqzACXOoPBv3u6B0+GLyUqLb4ElmFxBZ+jHbgSdpXWCahuTER4w/PwoX32Yqw+Lj98BYF+kW X-Received: by 2002:a17:902:424:: with SMTP id 33mr10377121ple.151.1561714566324; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714566; cv=none; d=google.com; s=arc-20160816; b=sYD5giXNp5M7HpffA0DvGoAnZ8ukoesfuPemzC79ozgPB+aj9L9N2PkJZToSNHFQcc zSNGhBtsbSIkLiWqOaZX37zMf9E1l8KdXTXEmv1mmnrRgYgf6ebkQ7rD/gLJp+a2bxbn BIqwNc3IppPF2LagvwzlYRqVlKagpz0xfCPfs8U3zQvDm0fNOOlnZvP3Tb/aPxCpoD53 8hAtb8+uFs3ExFcxZbwzHQLH7cz+hgR+9anini0x1mdmq6cf/3+dxgDQvn63Xiw/oX2E OslvKrws1EEt9FsUxZtHBzHrFaIzwl8hQrG3k5mbMnEfHgSzrUIcZD/ccVTTvdW/kWZw 7hTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=rVlh1Yczl6sEDbe95/BJ5uyaoNfIyJkGyJuhu4iyLn8=; b=Xh3oDjtXTvFx7Aio6Wqc8m9nvKk32JwTGA9Djti5v+mC6gnmh3Ra0W1ICq799SDASe uBdIJTQ0d2tGsXoaIYKC1ewQ8zauUbqhw4k/C629aEaD83MQ6pbeXcl/NIC57feDLaie fV8khmtsYBqgwDqnw0BSOFNG7ScMZrnR1PaBOWpL2/tynHMPVxaptLDmXRG3RyLQYrz5 s0d3ODp8aJUUmQSpFv9LTwVQ1jA4ChiEgSoua81sT8aBmzJsRwem9UlWll89zWCGE+r4 EjhS26bxmZomWlRdfROlq3kNlyZU86NmN3jgnbCTEZnbhI/QdKTfuhn2Ns6G0zFUgI/1 aKzQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LEoOcOlV; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.06; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LEoOcOlV; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726706AbfF1JgF (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:05 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:53618 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726707AbfF1JgE (ORCPT ); Fri, 28 Jun 2019 05:36:04 -0400 Received: by mail-wm1-f67.google.com with SMTP id x15so8414954wmj.3 for ; Fri, 28 Jun 2019 02:36:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=rVlh1Yczl6sEDbe95/BJ5uyaoNfIyJkGyJuhu4iyLn8=; b=LEoOcOlV3MBIF5uJSvChY6dqUdWsQ2mTxr/mCy7kEUfroHNmwHpI8Z+TXC3QqNCFtI ZnUoqIOanuaJVV95EZAMi+obJzNe838yU5c9wF+dVmzJq6c1y9QZA+/Mz3DBydxf68zN k16Ch/qNAoLxjQkWrGP+IoKWEMrN6sfcLa5zbfobGm30VF3L8pin+y6YXqb7GQSVKvG6 +2YeacTP6P/OEk7u44SDrCfo815IB5RLVgujd+eHsx1E19aG03sECCpe962skvDq7AS9 2Rpxdc/Eg8mK5kKTvhZU736uCytrZb7XR/9QgXzSwOkmKbdETL/8K8ZwhktC1FsLv1OC rPIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rVlh1Yczl6sEDbe95/BJ5uyaoNfIyJkGyJuhu4iyLn8=; b=JTPkgYc4Er+3O60LRLzBfPmOBKHZs/yrX6IPg0QyIIq/s2fABePQU5pejaSdIMAtPw scP6/owj5/idnCDYXjKEC29dzPMMf2HGEPUR+JeNsEvKo5bpjPpIAV3GKNiAbwcmaC9F 8YS9VQfZZiYsYYofU5awyBh11XMKNibNgqFxFo9rkgyokPVpvYCMXPGWhy55aSnp+tHG dHQY6C2hnX2mpKYg/6dX8u12BuE2osbuYZCgi4qlgoH4EVsCE8e0X4Jdc13Y8bQ1E2HL nVFgH/4ZakXO5uMrFSrkSFxJFkkdcT82zIQN+aIZTkbrNhUQJJ44EJY8gDTSQTJQxFgY F0tA== X-Gm-Message-State: APjAAAVY0gLLw2t46Ob+JLR2E7B5EPgPzsG2rjlSDRWhE+w+ZNF2bbuj 7cZ6av846wm8CHlycUrYmYeUpvQgK0nhcQ== X-Received: by 2002:a7b:ce8a:: with SMTP id q10mr6140646wmj.109.1561714562029; Fri, 28 Jun 2019 02:36:02 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.01 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:01 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 22/30] crypto: sun4i/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:21 +0200 Message-Id: <20190628093529.12281-23-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 26 +++++--------------- drivers/crypto/sunxi-ss/sun4i-ss.h | 2 +- 2 files changed, 7 insertions(+), 21 deletions(-) -- 2.20.1 Acked-by: Corentin Labbe Tested-by: Corentin Labbe diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c index b060a0810934..a1942850913e 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c +++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c @@ -533,25 +533,11 @@ int sun4i_ss_des_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { struct sun4i_tfm_ctx *op = crypto_skcipher_ctx(tfm); - struct sun4i_ss_ctx *ss = op->ss; - u32 flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - if (unlikely(keylen != DES_KEY_SIZE)) { - dev_err(ss->dev, "Invalid keylen %u\n", keylen); - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - flags = crypto_skcipher_get_flags(tfm); + int err; - ret = des_ekey(tmp, key); - if (unlikely(!ret) && (flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - dev_dbg(ss->dev, "Weak key %u\n", keylen); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_skcipher_tfm(tfm), key); + if (err) + return err; op->keylen = keylen; memcpy(op->key, key, keylen); @@ -569,8 +555,8 @@ int sun4i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key, struct sun4i_tfm_ctx *op = crypto_skcipher_ctx(tfm); int err; - err = des3_verify_key(tfm, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key); + if (err) return err; op->keylen = keylen; diff --git a/drivers/crypto/sunxi-ss/sun4i-ss.h b/drivers/crypto/sunxi-ss/sun4i-ss.h index 8c4ec9e93565..3c62624d8faa 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss.h +++ b/drivers/crypto/sunxi-ss/sun4i-ss.h @@ -30,7 +30,7 @@ #include #include #include -#include +#include #include #include From patchwork Fri Jun 28 09:35:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168043 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454784ilk; Fri, 28 Jun 2019 02:36:07 -0700 (PDT) X-Google-Smtp-Source: APXvYqySQmfw0F/G1VZ/rc0rBHJS7ylasEn0iny7svhfaqiaWA0QVxntdzfd6hW4P4HIHIHgNxeO X-Received: by 2002:a63:3710:: with SMTP id e16mr8233872pga.391.1561714566844; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714566; cv=none; d=google.com; s=arc-20160816; b=awxd/I5jIFtkVOnSDDUcXAXNl+lPPn2zC84kzySkn2jSiwFGwOiiUpVHt//0wMijG2 NnJBLGalI2b/c7zv/QPp2RLpz4rqnTAXAyDYkas7vNzMiNhPA7c4F/zW/hWK6Rnd8MNb OgFoo7raBXKvxAcCRy10r3bn7SU4PvQdbRuX0cCaki3mzs549SZFLl9C3sv8uAwboJVC 6fNcAGsgR919OByW6+j3hVPcGAG0YMaEhy+t5rho4WE0AbBcz2uQWryWhuii/S5Iwmxt zwrtI0NjjTAIeBQjCNpGTtqqG+rNk5QcSGzlBG5UO1As+tcqq7TCNVVDeM3TaULV2q1G MGOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=UJ/qjCXMkjgSxlng7j9T2B4eqrY2mnAGmeyjbF9pJ4k=; b=n9xkPItyHtfkanGXAXGnrtZ46hQTnXSOm9SoxQFARJAyvaJxV1HmWbWeIUuZMcrWMh UkprNKPyCzY0t4g3MGe9tiLFGOMsSflvYXsJwbWDhYBy71G/A6NMdv9ras3VtgHCZWzD 5u45Qf1wu1uopjUqJK0ev2Bv0/x6kPDcxL4tyYJGOKLKNel4A82UnZe9FzNqFM3UunUU zXvkJ2ZTn2++//z/njozkw4WoHDqqu+qOnExYt876AMOCfBcxJEGK/k5nL5reFlQelXZ hYGwF6RCfGfUWTX6fwWNeaZJeSBwqgJto6cCOZ+PLNCGbzjd0WeFoZG31W68rzT8zLLm oHZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=A9K4xomB; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.06; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=A9K4xomB; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726707AbfF1JgF (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:05 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:35049 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726596AbfF1JgF (ORCPT ); Fri, 28 Jun 2019 05:36:05 -0400 Received: by mail-wr1-f66.google.com with SMTP id f15so5565462wrp.2 for ; Fri, 28 Jun 2019 02:36:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=UJ/qjCXMkjgSxlng7j9T2B4eqrY2mnAGmeyjbF9pJ4k=; b=A9K4xomBg+iTOR/Eq5qF7qW4h9XqJZ3hJ5BM4s4KOsGYaTrEDi+pRLenn+4aFcAAm/ UE744VQAGd4JU3xKoI0oHNL6/fI1mvzTrSdLUiRWlk++FxUN4nLRRP51o3XBu73AsIk4 juaPMakKepZsbyf2gPje2JzVHMiISNDH4jc2cWcjeF4NN7fDLVScOGudzDF2UWeBNQ5L bMg8YjSkrcZrS+OUsXoAqI+EcKvyDwW0dECtH968o1RYZtaaA9aT2WSjyQUraEBfSosL 0loWSiSFVseNOcMyZq6wWbQpDFGICV+chUejx1BKX+bMu2HPo/w1/9pDw26rwPuLCpw5 enfw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=UJ/qjCXMkjgSxlng7j9T2B4eqrY2mnAGmeyjbF9pJ4k=; b=qj1wflr3+plehkd+0Gq+cLSLorP5NhKaFDVQx7JmeXPdNwSKLiS3qH6KO2Z3a2WNyp 5J0bEOD+wG+6klsC5wJf0VdBTbUmGaD7Tec8dh9m3G1KH2DX04ng6sxcBhsAoEUXwRYy I3yxYa8JMptWHG0k9MhOEnjBcWe4WVidBNNzcj3jbtYEqnghZc1Rma4VPKsYbVEXseLH SdtFn7i5LTGfhCdCuUHTdYHUF3IZroxkBYrtdaMOwkUuiaLrKLbZma2rburUwtID8DP0 gIuj9vYWiu6Ts7PKZnW4q3cCHXcE2ScSTI0JWGKtoiwCmTrFrSokd4A2QD6sXd6TqvQP vKiQ== X-Gm-Message-State: APjAAAVve2uSlOd01vkIvn/dUzevfc+vK0xXzxWh6gv5N9QqBeSnGRKk qwxmA3M1cFjlOlAsNSLoT4f1sJKtBSxv5Q== X-Received: by 2002:adf:dec3:: with SMTP id i3mr7056107wrn.74.1561714563008; Fri, 28 Jun 2019 02:36:03 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.02 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:02 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 23/30] crypto: talitos/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:22 +0200 Message-Id: <20190628093529.12281-24-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/talitos.c | 34 ++++---------------- 1 file changed, 7 insertions(+), 27 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index c865f5d5eaba..3ad97e42fafb 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -30,7 +30,7 @@ #include #include -#include +#include #include #include #include @@ -923,12 +923,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(authenc); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(authenc, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey); + if (err) goto out; - } if (ctx->keylen) dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE); @@ -1538,32 +1535,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - - if (unlikely(crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - !des_ekey(tmp, key)) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } - - return ablkcipher_setkey(cipher, key, keylen); + return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + ablkcipher_setkey(cipher, key, keylen); } static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 flags; - int err; - - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); - return err; - } - - return ablkcipher_setkey(cipher, key, keylen); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + ablkcipher_setkey(cipher, key, keylen); } static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher, From patchwork Fri Jun 28 09:35:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168044 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454795ilk; Fri, 28 Jun 2019 02:36:07 -0700 (PDT) X-Google-Smtp-Source: APXvYqyeTofax4hfPUjxYp7QvukO2V33820nDhwLR0Ru5bR2BjgOJLOkR3YshhO+xqOb/4Gvu2yu X-Received: by 2002:a17:902:1003:: with SMTP id b3mr10499707pla.172.1561714567820; Fri, 28 Jun 2019 02:36:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714567; cv=none; d=google.com; s=arc-20160816; b=tuveVBjS4nrPKha5kJa6vjR+DE6l7PYGIL5eGtV5aR5x2b1bDohbj7EAixOXBJ1TOE 4GscMyCxFYZHtb5Vb4kDm1+GmKBDFe0tcvitLheCbdY4WmfMNWplh+5w4+3Pz22MKKkb gk0568JCeA00Xz8i8W1xuCKQREKJES/x+trGxOyCTPKbCR9l5+lCxXdz3mrJE2/39vKD 7t7OG4//EUWNP/irUXummW0183Y6NQtotXvbsiw7aMvzetCdgKhFfcP/kHMSRFMMUIgB gU7Vn+sZ1RV+7gZ+Z+sUobWBqV1sgCQF5bSMwtmyoEFhtDbNKzKFnkEXbZW0oNId45Ti 4RhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=SbP+be0VKCZMV/R80dxJeOXmRejXLpbCq1GzzNrrppI=; b=v+KCvc2Qvdg+JpMTlDNIRFY6nbxIy2h/8L2jImCIyXyIBDfDcX//el2bFNlGguo7/k PsBlMThXHs6ieCLxOlTzR62x01W3/vLDEDe2vsEMSW3zPDsZD22jLQ75VOCW4cRd1578 SehCx6OcHbnmgURREfndmtzbPoO0jVTQZnm5ShliPYcI8yi5G3vLcW/c0IdDGcEpteUP LzqPsSVU2swFrnJ7oD78zMppX7o2Kk2Vln8mq4g2tNDq7mUROF49mgYWWzzzrXk3wnim Y+k59S1XUQVs9BN+4k/qIjGu/9bkJBUWn2KpYmsUbkGM0G1E1oN1Bq9FjSjTTaw9CleR w1/w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ULVnDH3o; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.07; Fri, 28 Jun 2019 02:36:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ULVnDH3o; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726749AbfF1JgG (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:06 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:51079 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726739AbfF1JgG (ORCPT ); Fri, 28 Jun 2019 05:36:06 -0400 Received: by mail-wm1-f66.google.com with SMTP id c66so8418964wmf.0 for ; Fri, 28 Jun 2019 02:36:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=SbP+be0VKCZMV/R80dxJeOXmRejXLpbCq1GzzNrrppI=; b=ULVnDH3o0sPgrwXdSpZyQyQgZnv8qjUaslB9qt2wtEb1qBPDf5+vDLlTMXI8J6uyEB 8A6cpgmQjXNt3wp1JydGw2Q80HYomdNP82/k1slx5pCGDC9JoPFcMiI2hd0leLU3Ua9h zEnlNJHgmbGh0KC8TKKElmovPl1ooGzJ4TqY+lWLy+HoUQJVi6x9IlvSITtryOJMmUyf wPIj0XdFdiodlMd9BahOXwStWb9CQmdCtwPSK5BsniXCq9k72SxrczZxa8WHU286PqkF Czv+Km+ESc7ao/XacT1BVRGuQukonuZi2/ek+sOpepWjeuuVeJcyc4O/NiISyrz15SJt STFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=SbP+be0VKCZMV/R80dxJeOXmRejXLpbCq1GzzNrrppI=; b=sTmdLrSPf6oPjmuODu7g96wgawcJZIMsDuwCv9SSLlgNbo30o2GwvaH9BGlkZNuodg wIbsZTc9moIVVTrhdcqv9+lZCCjyHdsK//UfUf0dYzuV09aZQjKv49c/V6ZpcAmbuuls PzhStAQit3opKw+ewTEUlzbHHf9g6/YugflGq8oJLrdFwDoZ0oOl66c8SnrVnrGYD9du DP72CIE7ulFVk41hMZ5Wutz7QfLIQ1brl6UxC4GSchsATYhc+6W0DwL7wMp53RoR4zi7 nwvXmMPUONzgt4ETHwuXnFxtUTuT8wWS+nA4h7SaLDd46Y5sBEXfU+4MRfzWRmAjRHR9 Vc6w== X-Gm-Message-State: APjAAAW/RtTXzVKGHqQ2trA2ezor0QQ9u1ieIj8rZ2cLLB4Ebm8GVKer la3QiLeHuuXd+cV9dqiRQjVrk8LyWu33Tg== X-Received: by 2002:a1c:f61a:: with SMTP id w26mr7002918wmc.75.1561714564236; Fri, 28 Jun 2019 02:36:04 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.03 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:03 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 24/30] crypto: ux500/des - switch to new verification routines Date: Fri, 28 Jun 2019 11:35:23 +0200 Message-Id: <20190628093529.12281-25-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ux500/cryp/cryp_core.c | 31 +++++--------------- 1 file changed, 7 insertions(+), 24 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ux500/cryp/cryp_core.c b/drivers/crypto/ux500/cryp/cryp_core.c index 7a93cba0877f..4713e534547b 100644 --- a/drivers/crypto/ux500/cryp/cryp_core.c +++ b/drivers/crypto/ux500/cryp/cryp_core.c @@ -29,7 +29,7 @@ #include #include #include -#include +#include #include #include @@ -987,26 +987,13 @@ static int des_ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct cryp_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 *flags = &cipher->base.crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; + int err; pr_debug(DEV_DBG_NAME " [%s]", __func__); - if (keylen != DES_KEY_SIZE) { - *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_BAD_KEY_LEN", - __func__); - return -EINVAL; - } - ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && - (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_WEAK_KEY", - __func__); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -1019,17 +1006,13 @@ static int des3_ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct cryp_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; pr_debug(DEV_DBG_NAME " [%s]", __func__); - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Fri Jun 28 09:35:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168045 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454816ilk; Fri, 28 Jun 2019 02:36:09 -0700 (PDT) X-Google-Smtp-Source: APXvYqy9vUE8TKy3jX+RwLDMe/ydKDmGZK3ZQ45Y10sx3xx0KhHH/PGGMjxYnDJonh9KrddZIPT5 X-Received: by 2002:a63:5903:: with SMTP id n3mr4219817pgb.369.1561714568930; Fri, 28 Jun 2019 02:36:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714568; cv=none; d=google.com; s=arc-20160816; b=ek73xX3IkZol3BDkuh+A1TlDJkPHLhe2H8n4++ecaMosjDgsBBtDU0iFFsS2CrhRXP TGFfGqPO8AyeRGYPPLZFci533BxPuYSOQsGeuv7g2sZD+RCzWv78+ltx8VQpo/uO2lKL sN0iTnmIHTMA5snUYSZXhC279tEFtfkcU1v1GvD9xYmxyKmSjiQFWwe7GBuxOPCEJdVR ocE9MgI0ysA8PG6efil66MFMT7A6YEUlIYW8BKbYB/tdnBdqv7bzUSeVRnD0fPbklp6v CkcjQG/1SVXn6kh4sbVtOrIdTIn3EMmWADWms4zlDZ3+qeZl/3/EvXYofuUnAXCHvsPb if5w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=mVr3GoJIY9k3V5AjmsEshtajgyAmfjEoLBpibvf8QC0=; b=bFhAMwpWSdcBF9Y+oeyOHWallR5/Miw6JzYlV9ZGnY/RHRBox5/al6BQmvRTDquV0u ggs4bnWFMWVbTu87+8RKGAvFPcQfLbm1pe/WdpVBVC4m50XXRs13Tn3uV31+MXozvIwi B4J8+ydvrDlTNp8x1Quog9lLC3/fGotUV7DjnrLQs8bR/thRaqmau7YbVgi5gXgj8bag WpEl/2vfLpGfa9gmF+8gHCd4R0swdj+BdRm8E/omcYvGPpGQUkGNUUXrK6KOvb9wmH02 jH8+VDHQH7sbpbYA10HQLn3sTJIfvH6pVHQ7yXToAni3+Vxg5G6jW2UzpEni741kJSKf dcyg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sAcWFWKu; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.08; Fri, 28 Jun 2019 02:36:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sAcWFWKu; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726750AbfF1JgH (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:07 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:38542 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726596AbfF1JgH (ORCPT ); Fri, 28 Jun 2019 05:36:07 -0400 Received: by mail-wr1-f65.google.com with SMTP id d18so5547289wrs.5 for ; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=mVr3GoJIY9k3V5AjmsEshtajgyAmfjEoLBpibvf8QC0=; b=sAcWFWKuJ7fXkTu+ReSdp0tphDtZM/xbQcgp7XxytaBrAIcivRRo/7vb2svQiAWKjC CEZZ2sB9OhDSbTvMu7nodVbcD3QcqwFLSc4tuX810t3+7dCHyaqiSpP0lOeaH2o+8spW /3/C9nTXaWWsjr40hx/f4CfQ9eM6zLke8QsO2fF/N6RugZe2g/RKgBRUtNY2s/ZAzP8m qzEusQI0dGDS36Zn0i/EXOD30GSDfHf4YV40Sj1053Xc66X+zP85G6TaTtncIIjD0zhp wvFb9CgWk0fpia22L+4/dSEqJsEqgsqta+XEuQhTDTqw53nlMMbht5REGgrmfi44D/RU XehA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=mVr3GoJIY9k3V5AjmsEshtajgyAmfjEoLBpibvf8QC0=; b=bCzTS6le9vQ5nXzJFlBvYWnxbGYjcvVgUsXbrCiPIM187S+aOu5P48msyty/vl7fTT LfJmq9fHbG0i3RIqXmDsevOVn3JrlWFRikex981SITSEDd+9Hh8mN9WlKkhrZvzagolJ /OGOppvEZU91F70BrIMqM6tioSIZWm6lszquhwAWzIb31GJzwy3Ow3Vn6M6ypdxCfNB5 bL6Qi2ZOdG4zg0E7yufcMn6UeGDBzz/in/jNRfWolNvUBW3yGtAne9/UTy0c6pWwxDPj XADFMEuuTE5Es8zygwMYM+8hsr6v+k5D5lJPQ3TNfipNv2oZD3KPrhjvUzzb2zZr2/B7 E+jw== X-Gm-Message-State: APjAAAVpegwAnyCoCc/fgtaFZGBrsTfWN7OUrLk9gmPoylc7bFF3xJoS PmiZ25NNnk/m0C/ssg/azt8baXvUypMnHg== X-Received: by 2002:adf:ea8b:: with SMTP id s11mr598774wrm.100.1561714565259; Fri, 28 Jun 2019 02:36:05 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.04 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:04 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 25/30] crypto: 3des - move verification out of exported routine Date: Fri, 28 Jun 2019 11:35:24 +0200 Message-Id: <20190628093529.12281-26-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In preparation of moving the shared key expansion routine into the DES library, move the verification done by __des3_ede_setkey() into its callers. Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 4 ++++ crypto/des_generic.c | 10 +++++----- 2 files changed, 9 insertions(+), 5 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index 5c610d4ef9fc..0a7da05994df 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -358,6 +358,10 @@ static int des3_ede_x86_setkey(struct crypto_tfm *tfm, const u8 *key, u32 i, j, tmp; int err; + err = crypto_des3_ede_verify_key(tfm, key); + if (err) + return err; + /* Generate encryption context using generic implementation. */ err = __des3_ede_setkey(ctx->enc_expkey, &tfm->crt_flags, key, keylen); if (err < 0) diff --git a/crypto/des_generic.c b/crypto/des_generic.c index c94a303da4dd..271cc689c0cc 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -851,10 +851,6 @@ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, { int err; - err = __des3_verify_key(flags, key); - if (unlikely(err)) - return err; - des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; des_ekey(expkey, key); @@ -867,8 +863,12 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; u32 *expkey = dctx->expkey; + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (err) + return err; return __des3_ede_setkey(expkey, flags, key, keylen); } From patchwork Fri Jun 28 09:35:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168046 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454832ilk; Fri, 28 Jun 2019 02:36:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqzqJiDOy6YnJLgkTXI4XHmlHJCXtYIHwduGmCtM1abb/5nqLoZOVlqdYMnyIBib39O9jO/K X-Received: by 2002:a17:902:424:: with SMTP id 33mr10377432ple.151.1561714570136; Fri, 28 Jun 2019 02:36:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714570; cv=none; d=google.com; s=arc-20160816; b=J/hKvrNIRdSBMRyCKVpjjX7fD06+hZAYYenRGID9Esld/c00philH0h+bvXF5YqpVO 8ZMMgBxtxSZLGL0jjVLd1HnCsRSuOmUTQMRJhm2oEhug1qvVNep9sYf0E3O4f0MJxeIZ 2+8Im6D1wBfy8Csmppavis4Qcks/82b9vKevaVIzjXtyxBy/RDr3HbStN/TrFkafYB/9 vGZnleaQT9L5a+GGVUP1Nvcy/UxTw77gLm8UZKKgsXr8OF5VKjOZA5PmkLnlHdvKqpB6 1xKA7YjsshjXB+C9nLKoVr+P6Flj/Rvv7tUI4KuMbs367nWdTemllQq5KA/N0zynWLth 8kqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=NmkC2KIDpX85a6WX2iWqRoRVytxrVcBjIr85ISClbeix52xNsqlj0a69bSDDXIFhdr Xpo7V/Nji7361Tgx3F4ZsIogBLSJEBwvErG6WlZCYCgPMgiwElwDPDbYajkF0pgoRNDz XgWtBj3077sz0/1V35LmGrgrww+ep8eLocMZ6ESFJCmeASqWxfgZeIPjXTkiALLWBrXd jdq3GM1itmKn39KleM2sXctxkwyOwlk5/xzGvXWV+aoL5+wZc2bhZ0kfzWdyUp8tEy9d GoefqLjRvALZmqk1eon3a1O/XhBgXNlfYH46Nj3PnrbtVRTvXWaeUuzfkJ2t0L5myzFb WBUQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=R99wdz+l; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1637805pgh.116.2019.06.28.02.36.09; Fri, 28 Jun 2019 02:36:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=R99wdz+l; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726752AbfF1JgJ (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:09 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:33750 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726739AbfF1JgJ (ORCPT ); Fri, 28 Jun 2019 05:36:09 -0400 Received: by mail-wm1-f65.google.com with SMTP id h19so8945066wme.0 for ; Fri, 28 Jun 2019 02:36:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=R99wdz+loj1jCCpsahOFYH1v1p70KWDmPGBsVi0AwcVVfSwbMDhdaxhIeIdokvbMv5 66koERHSLQPo+V+rA6dT0QD5hF0zr1nShxLeHqzp+OFucrD8+BGUnZIzlMaPyGfMJ66P p5KoQ02ZMJqGwAIUkwpj4yN4ZcG+5iPOqG14Nam+iYSs0HlGU56ok6CoCFNY6opzNlPQ rnud2xdn0TUNGWsNHDTg9mZKJ76bjqzkzt1A1hHBYqxqE7kUA9N43+TJW6l8k1IjKEn2 XnsU5sfpzd7PQWvNCNvxI3rlvPQmaG0PCkU4/JVZUcmiv9fN42m+UB/knQpTylqZtHRS xsAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=inBN1uPJQn5GfNZ/wapulZVKUuF393hEhyviW2skJTfdaTYFdNzXU3kGb3iwzi2gTf h65Zf2UgsEG3ijGybZSW4d5gm2AX5bxuaWtQx8kvdPxU8fGiNoPj4EK3PUEHJN3/2a+/ vDUZQ8bje1jPw33cu+yg1mrepqmAQOqQlniUhq0+Nm9QgYkoMoBnsTCZZ3liwdeNwzam 55eaDC9uXhNeFa9FgyuVOwM+4W7rFvDEzVDD3ARNDDmPRyAfb1tEoL/xZ0lPvZb2iomR FX6MS3wIPYanoYBhvxsywfgRuXXoxTA7o/hfbREO2HWJUdQD6Bbuj56Ku5+MvaLtsmXk sjEQ== X-Gm-Message-State: APjAAAVX+6SEFeq/oX0BaivfLfLYzS6Ner/kHJCkKZCEFFW3+tAQMk09 LIsd/K2O1PZj87j2HObEFFlFtsIBb4l0oA== X-Received: by 2002:a1c:4b1a:: with SMTP id y26mr6562300wma.105.1561714566492; Fri, 28 Jun 2019 02:36:06 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.05 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:05 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 26/30] crypto: des - remove unused function Date: Fri, 28 Jun 2019 11:35:25 +0200 Message-Id: <20190628093529.12281-27-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Remove the old DES3 verification functions that are no longer used. Signed-off-by: Ard Biesheuvel --- include/crypto/des.h | 41 -------------------- 1 file changed, 41 deletions(-) -- 2.20.1 diff --git a/include/crypto/des.h b/include/crypto/des.h index 72c7c8e5a5a7..31b04ba835b1 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -19,47 +19,6 @@ #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE -static inline int __des3_verify_key(u32 *flags, const u8 *key) -{ - int err = -EINVAL; - u32 K[6]; - - memcpy(K, key, DES3_EDE_KEY_SIZE); - - if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || - !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (fips_enabled || - (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) - goto bad; - - if (unlikely(!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) - goto bad; - - err = 0; - -out: - memzero_explicit(K, DES3_EDE_KEY_SIZE); - - return err; - -bad: - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - goto out; -} - -static inline int des3_verify_key(struct crypto_skcipher *tfm, const u8 *key) -{ - u32 flags; - int err; - - flags = crypto_skcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - crypto_skcipher_set_flags(tfm, flags); - return err; -} - -extern unsigned long des_ekey(u32 *pe, const u8 *k); - extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen); From patchwork Fri Jun 28 09:35:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168049 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454929ilk; Fri, 28 Jun 2019 02:36:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqzn5guKgRCGwU36T6DL4q8nM4KrYsUc0MMTsxIDEdRfG3k8pKbYbt/zzoGLpqIKXw7uz5Gs X-Received: by 2002:a63:6507:: with SMTP id z7mr7938945pgb.186.1561714576898; Fri, 28 Jun 2019 02:36:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714576; cv=none; d=google.com; s=arc-20160816; b=C6vnSFAl49nxWofwVZ63x/jqTkG3IIuBcCGsn0iYwZCYEzLJQ3eoEAgCR5GBl5V0aM ub9rX8hqEytSXeZfK8VdWnbMijpeBApRdDvdYInWsce2Gi6JlGEUAZEy5QZnfCfthNIf lg+MvTWjMvbakYdB61XR0sll49KMGpd/KeLrQLVl/eGQ2MPFFOdr4LWXgBVUEIjuAkfI 8GRI22mAPFgrX9RCmmk/MGs3ZuU/rOwEDB6hckBNhE5JMBpr+DVNGzxzBo3FEa+siAvv VVePT8C6sL/T7WYvntvrbjwKgC9iyAj6QpCi+hRjCyF5VFqfAxr2cFHGy+Hd2wJSA9Tu jerg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=38qBpsU06VuH/HyVM1QWfitdAcbBf9jqOZ/BhBU3rAs=; b=OQDmiWhlAVctszDWi4knOqb0m0rwIzgm/KXOORQLFZNUkzwDI8K1/2MuihX7V8a8RE oCBUCKTggalJU4ZK+CxvIt9oLq94WEXOKreDl7ri8qM/+NbkP8WEv28lSHaLzFSkpf/L 2ne/S31T3Xq3NJ2edhzMZ/6SH/ua1oezvyHljSjKKtN/skidh59ESv4t1nT+msEs/I5L LgXfBwAdRzxNMOZlCs7CjsMIlDEFs7cIiBMR2jratvJjstmGsWrdkdY/x6K2SXdildsJ 9LpnKix+WFIu207dpMbCK4hSDHbPYndDOiJ9Ah2HxnhwZW8W1KEsyibCb5iKWYcEtrjq BoQQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=CAZLnMFV; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j7si2015771pfi.10.2019.06.28.02.36.16; Fri, 28 Jun 2019 02:36:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=CAZLnMFV; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726774AbfF1JgP (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:15 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:33196 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726766AbfF1JgO (ORCPT ); Fri, 28 Jun 2019 05:36:14 -0400 Received: by mail-wr1-f67.google.com with SMTP id n9so5580786wru.0 for ; Fri, 28 Jun 2019 02:36:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=38qBpsU06VuH/HyVM1QWfitdAcbBf9jqOZ/BhBU3rAs=; b=CAZLnMFV5Hn73rpyTIe68MKaromPYT5Zs8PUs6Yy4Xln7t6j7lLiGK7E6teuGXcIR6 kbtpT0FfS4zwcC+FAEPrUVaFa11qfJ5w9uh1SHjV1SDarb2JfHUxfYYXuDOdVbDX16r9 GVvm/qz+FQbA8aJ8wIHuTFK6faJHsgedywFPTMJfoHcm1pQbBugUrzLrhU44Gu2oUym+ 6b4/EKI1eqKgwVkVZzzw9VqP/dsxHM2XPeqjAVBSXPTZ7RRDC7Mlezg1OcYoNJRnlL6e lIDjHm2WEG5EnZrFgKjniMDjwXyjMlRFtXssIExBam9qSm2B7c8vllsmphRrEWO4gdqA iHLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=38qBpsU06VuH/HyVM1QWfitdAcbBf9jqOZ/BhBU3rAs=; b=Z6oovnA8P/bOtkV3PL6vlIcxYXppn18MdZy76MaSbhAkIOpV3lOddCXDX4VQ/BI05E 9KbQaov0amPlIR/mnpg32VuuQhLoN2/XfAEU2NRY6bdGHoaUFPg3+OcLFVizbYF2oSfi O8MaROWYmTJzz8rYdvb2fnYKv5S6jwLTVEZLnHBdjnfZNUJas7qlOJw5ht5G3vHsl2sM gmZr3DTqmU4aXk4u+DMeY+sN0eeoeVq8UY2K6MrYhm/a4FRRHqSKN5cyin07uw1EJpqr kdlZ4/aLGpl5MutGR2ulgoiuCzgaeHsLUOBBR+K7w2wLVg6lmSaFfsgAOnGeA5MKlXdF 9xrA== X-Gm-Message-State: APjAAAU+SY7PfTOEoWl/W8dWO15i+C8VENt46n/RpGb8T8Jm8m95+Zj6 +69jJhqT5fdYvkXZUXN0a7upTGAVwIfo5g== X-Received: by 2002:a5d:67cd:: with SMTP id n13mr7144959wrw.138.1561714567693; Fri, 28 Jun 2019 02:36:07 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.06 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:06 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 27/30] crypto: des - split off DES library from generic DES cipher driver Date: Fri, 28 Jun 2019 11:35:26 +0200 Message-Id: <20190628093529.12281-28-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Another one for the cipher museum: split off DES core processing into a separate module so other drivers (mostly for crypto accelerators) can reuse the code without pulling in the generic DES cipher itself. This will also permit the cipher interface to be made private to the crypto API itself once we move the only user in the kernel (CIFS) to this library interface. The resulting code is an attempt at walking the fine line between sanity and the peculiarities of the existing API (which is already used as a library interface to some extent). For instance, des_ekey() is already widely used by drivers, and so the newly introduced key expansion routine for triple-DES is called des3_ede_ekey(), and returns a 1 on success and 0 if a weak key is encountered. Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 2 +- crypto/Kconfig | 8 +- crypto/des_generic.c | 917 +------------------- drivers/crypto/Kconfig | 28 +- drivers/crypto/caam/Kconfig | 2 +- drivers/crypto/cavium/nitrox/Kconfig | 2 +- drivers/crypto/inside-secure/safexcel_cipher.c | 2 +- drivers/crypto/stm32/Kconfig | 2 +- drivers/crypto/ux500/Kconfig | 2 +- include/crypto/des.h | 43 +- include/crypto/internal/des.h | 68 +- lib/crypto/Makefile | 3 + lib/crypto/des.c | 902 +++++++++++++++++++ 13 files changed, 1052 insertions(+), 929 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index 0a7da05994df..dfee4cec9452 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -21,7 +21,7 @@ */ #include -#include +#include #include #include #include diff --git a/crypto/Kconfig b/crypto/Kconfig index e801450bcb1c..ba0c0ab62ee4 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1426,9 +1426,13 @@ config CRYPTO_CAST6_AVX_X86_64 This module provides the Cast6 cipher algorithm that processes eight blocks parallel using the AVX instruction set. +config CRYPTO_LIB_DES + tristate + config CRYPTO_DES tristate "DES and Triple DES EDE cipher algorithms" select CRYPTO_ALGAPI + select CRYPTO_LIB_DES help DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). @@ -1436,7 +1440,7 @@ config CRYPTO_DES_SPARC64 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" depends on SPARC64 select CRYPTO_ALGAPI - select CRYPTO_DES + select CRYPTO_LIB_DES help DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), optimized using SPARC64 crypto opcodes. @@ -1445,7 +1449,7 @@ config CRYPTO_DES3_EDE_X86_64 tristate "Triple DES EDE cipher algorithm (x86-64)" depends on X86 && 64BIT select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help Triple DES EDE (FIPS 46-3) algorithm. diff --git a/crypto/des_generic.c b/crypto/des_generic.c index 271cc689c0cc..8669423886aa 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -18,832 +18,42 @@ #include #include #include -#include -#include - -#define ROL(x, r) ((x) = rol32((x), (r))) -#define ROR(x, r) ((x) = ror32((x), (r))) - -struct des_ctx { - u32 expkey[DES_EXPKEY_WORDS]; -}; - -struct des3_ede_ctx { - u32 expkey[DES3_EDE_EXPKEY_WORDS]; -}; - -/* Lookup tables for key expansion */ - -static const u8 pc1[256] = { - 0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14, - 0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54, - 0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16, - 0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56, - 0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c, - 0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c, - 0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e, - 0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e, - 0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34, - 0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74, - 0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36, - 0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76, - 0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c, - 0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c, - 0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e, - 0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e, - 0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94, - 0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4, - 0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96, - 0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6, - 0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c, - 0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc, - 0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e, - 0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde, - 0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4, - 0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4, - 0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6, - 0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6, - 0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc, - 0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc, - 0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe, - 0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe -}; - -static const u8 rs[256] = { - 0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82, - 0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86, - 0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a, - 0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e, - 0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92, - 0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96, - 0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a, - 0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e, - 0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2, - 0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6, - 0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa, - 0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae, - 0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2, - 0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6, - 0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba, - 0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe, - 0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2, - 0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6, - 0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca, - 0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce, - 0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2, - 0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6, - 0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda, - 0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde, - 0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2, - 0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6, - 0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea, - 0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee, - 0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2, - 0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6, - 0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa, - 0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe -}; - -static const u32 pc2[1024] = { - 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00040000, 0x00000000, 0x04000000, 0x00100000, - 0x00400000, 0x00000008, 0x00000800, 0x40000000, - 0x00440000, 0x00000008, 0x04000800, 0x40100000, - 0x00000400, 0x00000020, 0x08000000, 0x00000100, - 0x00040400, 0x00000020, 0x0c000000, 0x00100100, - 0x00400400, 0x00000028, 0x08000800, 0x40000100, - 0x00440400, 0x00000028, 0x0c000800, 0x40100100, - 0x80000000, 0x00000010, 0x00000000, 0x00800000, - 0x80040000, 0x00000010, 0x04000000, 0x00900000, - 0x80400000, 0x00000018, 0x00000800, 0x40800000, - 0x80440000, 0x00000018, 0x04000800, 0x40900000, - 0x80000400, 0x00000030, 0x08000000, 0x00800100, - 0x80040400, 0x00000030, 0x0c000000, 0x00900100, - 0x80400400, 0x00000038, 0x08000800, 0x40800100, - 0x80440400, 0x00000038, 0x0c000800, 0x40900100, - 0x10000000, 0x00000000, 0x00200000, 0x00001000, - 0x10040000, 0x00000000, 0x04200000, 0x00101000, - 0x10400000, 0x00000008, 0x00200800, 0x40001000, - 0x10440000, 0x00000008, 0x04200800, 0x40101000, - 0x10000400, 0x00000020, 0x08200000, 0x00001100, - 0x10040400, 0x00000020, 0x0c200000, 0x00101100, - 0x10400400, 0x00000028, 0x08200800, 0x40001100, - 0x10440400, 0x00000028, 0x0c200800, 0x40101100, - 0x90000000, 0x00000010, 0x00200000, 0x00801000, - 0x90040000, 0x00000010, 0x04200000, 0x00901000, - 0x90400000, 0x00000018, 0x00200800, 0x40801000, - 0x90440000, 0x00000018, 0x04200800, 0x40901000, - 0x90000400, 0x00000030, 0x08200000, 0x00801100, - 0x90040400, 0x00000030, 0x0c200000, 0x00901100, - 0x90400400, 0x00000038, 0x08200800, 0x40801100, - 0x90440400, 0x00000038, 0x0c200800, 0x40901100, - 0x00000200, 0x00080000, 0x00000000, 0x00000004, - 0x00040200, 0x00080000, 0x04000000, 0x00100004, - 0x00400200, 0x00080008, 0x00000800, 0x40000004, - 0x00440200, 0x00080008, 0x04000800, 0x40100004, - 0x00000600, 0x00080020, 0x08000000, 0x00000104, - 0x00040600, 0x00080020, 0x0c000000, 0x00100104, - 0x00400600, 0x00080028, 0x08000800, 0x40000104, - 0x00440600, 0x00080028, 0x0c000800, 0x40100104, - 0x80000200, 0x00080010, 0x00000000, 0x00800004, - 0x80040200, 0x00080010, 0x04000000, 0x00900004, - 0x80400200, 0x00080018, 0x00000800, 0x40800004, - 0x80440200, 0x00080018, 0x04000800, 0x40900004, - 0x80000600, 0x00080030, 0x08000000, 0x00800104, - 0x80040600, 0x00080030, 0x0c000000, 0x00900104, - 0x80400600, 0x00080038, 0x08000800, 0x40800104, - 0x80440600, 0x00080038, 0x0c000800, 0x40900104, - 0x10000200, 0x00080000, 0x00200000, 0x00001004, - 0x10040200, 0x00080000, 0x04200000, 0x00101004, - 0x10400200, 0x00080008, 0x00200800, 0x40001004, - 0x10440200, 0x00080008, 0x04200800, 0x40101004, - 0x10000600, 0x00080020, 0x08200000, 0x00001104, - 0x10040600, 0x00080020, 0x0c200000, 0x00101104, - 0x10400600, 0x00080028, 0x08200800, 0x40001104, - 0x10440600, 0x00080028, 0x0c200800, 0x40101104, - 0x90000200, 0x00080010, 0x00200000, 0x00801004, - 0x90040200, 0x00080010, 0x04200000, 0x00901004, - 0x90400200, 0x00080018, 0x00200800, 0x40801004, - 0x90440200, 0x00080018, 0x04200800, 0x40901004, - 0x90000600, 0x00080030, 0x08200000, 0x00801104, - 0x90040600, 0x00080030, 0x0c200000, 0x00901104, - 0x90400600, 0x00080038, 0x08200800, 0x40801104, - 0x90440600, 0x00080038, 0x0c200800, 0x40901104, - 0x00000002, 0x00002000, 0x20000000, 0x00000001, - 0x00040002, 0x00002000, 0x24000000, 0x00100001, - 0x00400002, 0x00002008, 0x20000800, 0x40000001, - 0x00440002, 0x00002008, 0x24000800, 0x40100001, - 0x00000402, 0x00002020, 0x28000000, 0x00000101, - 0x00040402, 0x00002020, 0x2c000000, 0x00100101, - 0x00400402, 0x00002028, 0x28000800, 0x40000101, - 0x00440402, 0x00002028, 0x2c000800, 0x40100101, - 0x80000002, 0x00002010, 0x20000000, 0x00800001, - 0x80040002, 0x00002010, 0x24000000, 0x00900001, - 0x80400002, 0x00002018, 0x20000800, 0x40800001, - 0x80440002, 0x00002018, 0x24000800, 0x40900001, - 0x80000402, 0x00002030, 0x28000000, 0x00800101, - 0x80040402, 0x00002030, 0x2c000000, 0x00900101, - 0x80400402, 0x00002038, 0x28000800, 0x40800101, - 0x80440402, 0x00002038, 0x2c000800, 0x40900101, - 0x10000002, 0x00002000, 0x20200000, 0x00001001, - 0x10040002, 0x00002000, 0x24200000, 0x00101001, - 0x10400002, 0x00002008, 0x20200800, 0x40001001, - 0x10440002, 0x00002008, 0x24200800, 0x40101001, - 0x10000402, 0x00002020, 0x28200000, 0x00001101, - 0x10040402, 0x00002020, 0x2c200000, 0x00101101, - 0x10400402, 0x00002028, 0x28200800, 0x40001101, - 0x10440402, 0x00002028, 0x2c200800, 0x40101101, - 0x90000002, 0x00002010, 0x20200000, 0x00801001, - 0x90040002, 0x00002010, 0x24200000, 0x00901001, - 0x90400002, 0x00002018, 0x20200800, 0x40801001, - 0x90440002, 0x00002018, 0x24200800, 0x40901001, - 0x90000402, 0x00002030, 0x28200000, 0x00801101, - 0x90040402, 0x00002030, 0x2c200000, 0x00901101, - 0x90400402, 0x00002038, 0x28200800, 0x40801101, - 0x90440402, 0x00002038, 0x2c200800, 0x40901101, - 0x00000202, 0x00082000, 0x20000000, 0x00000005, - 0x00040202, 0x00082000, 0x24000000, 0x00100005, - 0x00400202, 0x00082008, 0x20000800, 0x40000005, - 0x00440202, 0x00082008, 0x24000800, 0x40100005, - 0x00000602, 0x00082020, 0x28000000, 0x00000105, - 0x00040602, 0x00082020, 0x2c000000, 0x00100105, - 0x00400602, 0x00082028, 0x28000800, 0x40000105, - 0x00440602, 0x00082028, 0x2c000800, 0x40100105, - 0x80000202, 0x00082010, 0x20000000, 0x00800005, - 0x80040202, 0x00082010, 0x24000000, 0x00900005, - 0x80400202, 0x00082018, 0x20000800, 0x40800005, - 0x80440202, 0x00082018, 0x24000800, 0x40900005, - 0x80000602, 0x00082030, 0x28000000, 0x00800105, - 0x80040602, 0x00082030, 0x2c000000, 0x00900105, - 0x80400602, 0x00082038, 0x28000800, 0x40800105, - 0x80440602, 0x00082038, 0x2c000800, 0x40900105, - 0x10000202, 0x00082000, 0x20200000, 0x00001005, - 0x10040202, 0x00082000, 0x24200000, 0x00101005, - 0x10400202, 0x00082008, 0x20200800, 0x40001005, - 0x10440202, 0x00082008, 0x24200800, 0x40101005, - 0x10000602, 0x00082020, 0x28200000, 0x00001105, - 0x10040602, 0x00082020, 0x2c200000, 0x00101105, - 0x10400602, 0x00082028, 0x28200800, 0x40001105, - 0x10440602, 0x00082028, 0x2c200800, 0x40101105, - 0x90000202, 0x00082010, 0x20200000, 0x00801005, - 0x90040202, 0x00082010, 0x24200000, 0x00901005, - 0x90400202, 0x00082018, 0x20200800, 0x40801005, - 0x90440202, 0x00082018, 0x24200800, 0x40901005, - 0x90000602, 0x00082030, 0x28200000, 0x00801105, - 0x90040602, 0x00082030, 0x2c200000, 0x00901105, - 0x90400602, 0x00082038, 0x28200800, 0x40801105, - 0x90440602, 0x00082038, 0x2c200800, 0x40901105, - - 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00000000, 0x00000008, 0x00080000, 0x10000000, - 0x02000000, 0x00000000, 0x00000080, 0x00001000, - 0x02000000, 0x00000008, 0x00080080, 0x10001000, - 0x00004000, 0x00000000, 0x00000040, 0x00040000, - 0x00004000, 0x00000008, 0x00080040, 0x10040000, - 0x02004000, 0x00000000, 0x000000c0, 0x00041000, - 0x02004000, 0x00000008, 0x000800c0, 0x10041000, - 0x00020000, 0x00008000, 0x08000000, 0x00200000, - 0x00020000, 0x00008008, 0x08080000, 0x10200000, - 0x02020000, 0x00008000, 0x08000080, 0x00201000, - 0x02020000, 0x00008008, 0x08080080, 0x10201000, - 0x00024000, 0x00008000, 0x08000040, 0x00240000, - 0x00024000, 0x00008008, 0x08080040, 0x10240000, - 0x02024000, 0x00008000, 0x080000c0, 0x00241000, - 0x02024000, 0x00008008, 0x080800c0, 0x10241000, - 0x00000000, 0x01000000, 0x00002000, 0x00000020, - 0x00000000, 0x01000008, 0x00082000, 0x10000020, - 0x02000000, 0x01000000, 0x00002080, 0x00001020, - 0x02000000, 0x01000008, 0x00082080, 0x10001020, - 0x00004000, 0x01000000, 0x00002040, 0x00040020, - 0x00004000, 0x01000008, 0x00082040, 0x10040020, - 0x02004000, 0x01000000, 0x000020c0, 0x00041020, - 0x02004000, 0x01000008, 0x000820c0, 0x10041020, - 0x00020000, 0x01008000, 0x08002000, 0x00200020, - 0x00020000, 0x01008008, 0x08082000, 0x10200020, - 0x02020000, 0x01008000, 0x08002080, 0x00201020, - 0x02020000, 0x01008008, 0x08082080, 0x10201020, - 0x00024000, 0x01008000, 0x08002040, 0x00240020, - 0x00024000, 0x01008008, 0x08082040, 0x10240020, - 0x02024000, 0x01008000, 0x080020c0, 0x00241020, - 0x02024000, 0x01008008, 0x080820c0, 0x10241020, - 0x00000400, 0x04000000, 0x00100000, 0x00000004, - 0x00000400, 0x04000008, 0x00180000, 0x10000004, - 0x02000400, 0x04000000, 0x00100080, 0x00001004, - 0x02000400, 0x04000008, 0x00180080, 0x10001004, - 0x00004400, 0x04000000, 0x00100040, 0x00040004, - 0x00004400, 0x04000008, 0x00180040, 0x10040004, - 0x02004400, 0x04000000, 0x001000c0, 0x00041004, - 0x02004400, 0x04000008, 0x001800c0, 0x10041004, - 0x00020400, 0x04008000, 0x08100000, 0x00200004, - 0x00020400, 0x04008008, 0x08180000, 0x10200004, - 0x02020400, 0x04008000, 0x08100080, 0x00201004, - 0x02020400, 0x04008008, 0x08180080, 0x10201004, - 0x00024400, 0x04008000, 0x08100040, 0x00240004, - 0x00024400, 0x04008008, 0x08180040, 0x10240004, - 0x02024400, 0x04008000, 0x081000c0, 0x00241004, - 0x02024400, 0x04008008, 0x081800c0, 0x10241004, - 0x00000400, 0x05000000, 0x00102000, 0x00000024, - 0x00000400, 0x05000008, 0x00182000, 0x10000024, - 0x02000400, 0x05000000, 0x00102080, 0x00001024, - 0x02000400, 0x05000008, 0x00182080, 0x10001024, - 0x00004400, 0x05000000, 0x00102040, 0x00040024, - 0x00004400, 0x05000008, 0x00182040, 0x10040024, - 0x02004400, 0x05000000, 0x001020c0, 0x00041024, - 0x02004400, 0x05000008, 0x001820c0, 0x10041024, - 0x00020400, 0x05008000, 0x08102000, 0x00200024, - 0x00020400, 0x05008008, 0x08182000, 0x10200024, - 0x02020400, 0x05008000, 0x08102080, 0x00201024, - 0x02020400, 0x05008008, 0x08182080, 0x10201024, - 0x00024400, 0x05008000, 0x08102040, 0x00240024, - 0x00024400, 0x05008008, 0x08182040, 0x10240024, - 0x02024400, 0x05008000, 0x081020c0, 0x00241024, - 0x02024400, 0x05008008, 0x081820c0, 0x10241024, - 0x00000800, 0x00010000, 0x20000000, 0x00000010, - 0x00000800, 0x00010008, 0x20080000, 0x10000010, - 0x02000800, 0x00010000, 0x20000080, 0x00001010, - 0x02000800, 0x00010008, 0x20080080, 0x10001010, - 0x00004800, 0x00010000, 0x20000040, 0x00040010, - 0x00004800, 0x00010008, 0x20080040, 0x10040010, - 0x02004800, 0x00010000, 0x200000c0, 0x00041010, - 0x02004800, 0x00010008, 0x200800c0, 0x10041010, - 0x00020800, 0x00018000, 0x28000000, 0x00200010, - 0x00020800, 0x00018008, 0x28080000, 0x10200010, - 0x02020800, 0x00018000, 0x28000080, 0x00201010, - 0x02020800, 0x00018008, 0x28080080, 0x10201010, - 0x00024800, 0x00018000, 0x28000040, 0x00240010, - 0x00024800, 0x00018008, 0x28080040, 0x10240010, - 0x02024800, 0x00018000, 0x280000c0, 0x00241010, - 0x02024800, 0x00018008, 0x280800c0, 0x10241010, - 0x00000800, 0x01010000, 0x20002000, 0x00000030, - 0x00000800, 0x01010008, 0x20082000, 0x10000030, - 0x02000800, 0x01010000, 0x20002080, 0x00001030, - 0x02000800, 0x01010008, 0x20082080, 0x10001030, - 0x00004800, 0x01010000, 0x20002040, 0x00040030, - 0x00004800, 0x01010008, 0x20082040, 0x10040030, - 0x02004800, 0x01010000, 0x200020c0, 0x00041030, - 0x02004800, 0x01010008, 0x200820c0, 0x10041030, - 0x00020800, 0x01018000, 0x28002000, 0x00200030, - 0x00020800, 0x01018008, 0x28082000, 0x10200030, - 0x02020800, 0x01018000, 0x28002080, 0x00201030, - 0x02020800, 0x01018008, 0x28082080, 0x10201030, - 0x00024800, 0x01018000, 0x28002040, 0x00240030, - 0x00024800, 0x01018008, 0x28082040, 0x10240030, - 0x02024800, 0x01018000, 0x280020c0, 0x00241030, - 0x02024800, 0x01018008, 0x280820c0, 0x10241030, - 0x00000c00, 0x04010000, 0x20100000, 0x00000014, - 0x00000c00, 0x04010008, 0x20180000, 0x10000014, - 0x02000c00, 0x04010000, 0x20100080, 0x00001014, - 0x02000c00, 0x04010008, 0x20180080, 0x10001014, - 0x00004c00, 0x04010000, 0x20100040, 0x00040014, - 0x00004c00, 0x04010008, 0x20180040, 0x10040014, - 0x02004c00, 0x04010000, 0x201000c0, 0x00041014, - 0x02004c00, 0x04010008, 0x201800c0, 0x10041014, - 0x00020c00, 0x04018000, 0x28100000, 0x00200014, - 0x00020c00, 0x04018008, 0x28180000, 0x10200014, - 0x02020c00, 0x04018000, 0x28100080, 0x00201014, - 0x02020c00, 0x04018008, 0x28180080, 0x10201014, - 0x00024c00, 0x04018000, 0x28100040, 0x00240014, - 0x00024c00, 0x04018008, 0x28180040, 0x10240014, - 0x02024c00, 0x04018000, 0x281000c0, 0x00241014, - 0x02024c00, 0x04018008, 0x281800c0, 0x10241014, - 0x00000c00, 0x05010000, 0x20102000, 0x00000034, - 0x00000c00, 0x05010008, 0x20182000, 0x10000034, - 0x02000c00, 0x05010000, 0x20102080, 0x00001034, - 0x02000c00, 0x05010008, 0x20182080, 0x10001034, - 0x00004c00, 0x05010000, 0x20102040, 0x00040034, - 0x00004c00, 0x05010008, 0x20182040, 0x10040034, - 0x02004c00, 0x05010000, 0x201020c0, 0x00041034, - 0x02004c00, 0x05010008, 0x201820c0, 0x10041034, - 0x00020c00, 0x05018000, 0x28102000, 0x00200034, - 0x00020c00, 0x05018008, 0x28182000, 0x10200034, - 0x02020c00, 0x05018000, 0x28102080, 0x00201034, - 0x02020c00, 0x05018008, 0x28182080, 0x10201034, - 0x00024c00, 0x05018000, 0x28102040, 0x00240034, - 0x00024c00, 0x05018008, 0x28182040, 0x10240034, - 0x02024c00, 0x05018000, 0x281020c0, 0x00241034, - 0x02024c00, 0x05018008, 0x281820c0, 0x10241034 -}; - -/* S-box lookup tables */ - -static const u32 S1[64] = { - 0x01010400, 0x00000000, 0x00010000, 0x01010404, - 0x01010004, 0x00010404, 0x00000004, 0x00010000, - 0x00000400, 0x01010400, 0x01010404, 0x00000400, - 0x01000404, 0x01010004, 0x01000000, 0x00000004, - 0x00000404, 0x01000400, 0x01000400, 0x00010400, - 0x00010400, 0x01010000, 0x01010000, 0x01000404, - 0x00010004, 0x01000004, 0x01000004, 0x00010004, - 0x00000000, 0x00000404, 0x00010404, 0x01000000, - 0x00010000, 0x01010404, 0x00000004, 0x01010000, - 0x01010400, 0x01000000, 0x01000000, 0x00000400, - 0x01010004, 0x00010000, 0x00010400, 0x01000004, - 0x00000400, 0x00000004, 0x01000404, 0x00010404, - 0x01010404, 0x00010004, 0x01010000, 0x01000404, - 0x01000004, 0x00000404, 0x00010404, 0x01010400, - 0x00000404, 0x01000400, 0x01000400, 0x00000000, - 0x00010004, 0x00010400, 0x00000000, 0x01010004 -}; - -static const u32 S2[64] = { - 0x80108020, 0x80008000, 0x00008000, 0x00108020, - 0x00100000, 0x00000020, 0x80100020, 0x80008020, - 0x80000020, 0x80108020, 0x80108000, 0x80000000, - 0x80008000, 0x00100000, 0x00000020, 0x80100020, - 0x00108000, 0x00100020, 0x80008020, 0x00000000, - 0x80000000, 0x00008000, 0x00108020, 0x80100000, - 0x00100020, 0x80000020, 0x00000000, 0x00108000, - 0x00008020, 0x80108000, 0x80100000, 0x00008020, - 0x00000000, 0x00108020, 0x80100020, 0x00100000, - 0x80008020, 0x80100000, 0x80108000, 0x00008000, - 0x80100000, 0x80008000, 0x00000020, 0x80108020, - 0x00108020, 0x00000020, 0x00008000, 0x80000000, - 0x00008020, 0x80108000, 0x00100000, 0x80000020, - 0x00100020, 0x80008020, 0x80000020, 0x00100020, - 0x00108000, 0x00000000, 0x80008000, 0x00008020, - 0x80000000, 0x80100020, 0x80108020, 0x00108000 -}; - -static const u32 S3[64] = { - 0x00000208, 0x08020200, 0x00000000, 0x08020008, - 0x08000200, 0x00000000, 0x00020208, 0x08000200, - 0x00020008, 0x08000008, 0x08000008, 0x00020000, - 0x08020208, 0x00020008, 0x08020000, 0x00000208, - 0x08000000, 0x00000008, 0x08020200, 0x00000200, - 0x00020200, 0x08020000, 0x08020008, 0x00020208, - 0x08000208, 0x00020200, 0x00020000, 0x08000208, - 0x00000008, 0x08020208, 0x00000200, 0x08000000, - 0x08020200, 0x08000000, 0x00020008, 0x00000208, - 0x00020000, 0x08020200, 0x08000200, 0x00000000, - 0x00000200, 0x00020008, 0x08020208, 0x08000200, - 0x08000008, 0x00000200, 0x00000000, 0x08020008, - 0x08000208, 0x00020000, 0x08000000, 0x08020208, - 0x00000008, 0x00020208, 0x00020200, 0x08000008, - 0x08020000, 0x08000208, 0x00000208, 0x08020000, - 0x00020208, 0x00000008, 0x08020008, 0x00020200 -}; - -static const u32 S4[64] = { - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802080, 0x00800081, 0x00800001, 0x00002001, - 0x00000000, 0x00802000, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00800080, 0x00800001, - 0x00000001, 0x00002000, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002001, 0x00002080, - 0x00800081, 0x00000001, 0x00002080, 0x00800080, - 0x00002000, 0x00802080, 0x00802081, 0x00000081, - 0x00800080, 0x00800001, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00000000, 0x00802000, - 0x00002080, 0x00800080, 0x00800081, 0x00000001, - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802081, 0x00000081, 0x00000001, 0x00002000, - 0x00800001, 0x00002001, 0x00802080, 0x00800081, - 0x00002001, 0x00002080, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002000, 0x00802080 -}; - -static const u32 S5[64] = { - 0x00000100, 0x02080100, 0x02080000, 0x42000100, - 0x00080000, 0x00000100, 0x40000000, 0x02080000, - 0x40080100, 0x00080000, 0x02000100, 0x40080100, - 0x42000100, 0x42080000, 0x00080100, 0x40000000, - 0x02000000, 0x40080000, 0x40080000, 0x00000000, - 0x40000100, 0x42080100, 0x42080100, 0x02000100, - 0x42080000, 0x40000100, 0x00000000, 0x42000000, - 0x02080100, 0x02000000, 0x42000000, 0x00080100, - 0x00080000, 0x42000100, 0x00000100, 0x02000000, - 0x40000000, 0x02080000, 0x42000100, 0x40080100, - 0x02000100, 0x40000000, 0x42080000, 0x02080100, - 0x40080100, 0x00000100, 0x02000000, 0x42080000, - 0x42080100, 0x00080100, 0x42000000, 0x42080100, - 0x02080000, 0x00000000, 0x40080000, 0x42000000, - 0x00080100, 0x02000100, 0x40000100, 0x00080000, - 0x00000000, 0x40080000, 0x02080100, 0x40000100 -}; - -static const u32 S6[64] = { - 0x20000010, 0x20400000, 0x00004000, 0x20404010, - 0x20400000, 0x00000010, 0x20404010, 0x00400000, - 0x20004000, 0x00404010, 0x00400000, 0x20000010, - 0x00400010, 0x20004000, 0x20000000, 0x00004010, - 0x00000000, 0x00400010, 0x20004010, 0x00004000, - 0x00404000, 0x20004010, 0x00000010, 0x20400010, - 0x20400010, 0x00000000, 0x00404010, 0x20404000, - 0x00004010, 0x00404000, 0x20404000, 0x20000000, - 0x20004000, 0x00000010, 0x20400010, 0x00404000, - 0x20404010, 0x00400000, 0x00004010, 0x20000010, - 0x00400000, 0x20004000, 0x20000000, 0x00004010, - 0x20000010, 0x20404010, 0x00404000, 0x20400000, - 0x00404010, 0x20404000, 0x00000000, 0x20400010, - 0x00000010, 0x00004000, 0x20400000, 0x00404010, - 0x00004000, 0x00400010, 0x20004010, 0x00000000, - 0x20404000, 0x20000000, 0x00400010, 0x20004010 -}; - -static const u32 S7[64] = { - 0x00200000, 0x04200002, 0x04000802, 0x00000000, - 0x00000800, 0x04000802, 0x00200802, 0x04200800, - 0x04200802, 0x00200000, 0x00000000, 0x04000002, - 0x00000002, 0x04000000, 0x04200002, 0x00000802, - 0x04000800, 0x00200802, 0x00200002, 0x04000800, - 0x04000002, 0x04200000, 0x04200800, 0x00200002, - 0x04200000, 0x00000800, 0x00000802, 0x04200802, - 0x00200800, 0x00000002, 0x04000000, 0x00200800, - 0x04000000, 0x00200800, 0x00200000, 0x04000802, - 0x04000802, 0x04200002, 0x04200002, 0x00000002, - 0x00200002, 0x04000000, 0x04000800, 0x00200000, - 0x04200800, 0x00000802, 0x00200802, 0x04200800, - 0x00000802, 0x04000002, 0x04200802, 0x04200000, - 0x00200800, 0x00000000, 0x00000002, 0x04200802, - 0x00000000, 0x00200802, 0x04200000, 0x00000800, - 0x04000002, 0x04000800, 0x00000800, 0x00200002 -}; - -static const u32 S8[64] = { - 0x10001040, 0x00001000, 0x00040000, 0x10041040, - 0x10000000, 0x10001040, 0x00000040, 0x10000000, - 0x00040040, 0x10040000, 0x10041040, 0x00041000, - 0x10041000, 0x00041040, 0x00001000, 0x00000040, - 0x10040000, 0x10000040, 0x10001000, 0x00001040, - 0x00041000, 0x00040040, 0x10040040, 0x10041000, - 0x00001040, 0x00000000, 0x00000000, 0x10040040, - 0x10000040, 0x10001000, 0x00041040, 0x00040000, - 0x00041040, 0x00040000, 0x10041000, 0x00001000, - 0x00000040, 0x10040040, 0x00001000, 0x00041040, - 0x10001000, 0x00000040, 0x10000040, 0x10040000, - 0x10040040, 0x10000000, 0x00040000, 0x10001040, - 0x00000000, 0x10041040, 0x00040040, 0x10000040, - 0x10040000, 0x10001000, 0x10001040, 0x00000000, - 0x10041040, 0x00041000, 0x00041000, 0x00001040, - 0x00001040, 0x00040040, 0x10000000, 0x10041000 -}; - -/* Encryption components: IP, FP, and round function */ - -#define IP(L, R, T) \ - ROL(R, 4); \ - T = L; \ - L ^= R; \ - L &= 0xf0f0f0f0; \ - R ^= L; \ - L ^= T; \ - ROL(R, 12); \ - T = L; \ - L ^= R; \ - L &= 0xffff0000; \ - R ^= L; \ - L ^= T; \ - ROR(R, 14); \ - T = L; \ - L ^= R; \ - L &= 0xcccccccc; \ - R ^= L; \ - L ^= T; \ - ROL(R, 6); \ - T = L; \ - L ^= R; \ - L &= 0xff00ff00; \ - R ^= L; \ - L ^= T; \ - ROR(R, 7); \ - T = L; \ - L ^= R; \ - L &= 0xaaaaaaaa; \ - R ^= L; \ - L ^= T; \ - ROL(L, 1); - -#define FP(L, R, T) \ - ROR(L, 1); \ - T = L; \ - L ^= R; \ - L &= 0xaaaaaaaa; \ - R ^= L; \ - L ^= T; \ - ROL(R, 7); \ - T = L; \ - L ^= R; \ - L &= 0xff00ff00; \ - R ^= L; \ - L ^= T; \ - ROR(R, 6); \ - T = L; \ - L ^= R; \ - L &= 0xcccccccc; \ - R ^= L; \ - L ^= T; \ - ROL(R, 14); \ - T = L; \ - L ^= R; \ - L &= 0xffff0000; \ - R ^= L; \ - L ^= T; \ - ROR(R, 12); \ - T = L; \ - L ^= R; \ - L &= 0xf0f0f0f0; \ - R ^= L; \ - L ^= T; \ - ROR(R, 4); - -#define ROUND(L, R, A, B, K, d) \ - B = K[0]; A = K[1]; K += d; \ - B ^= R; A ^= R; \ - B &= 0x3f3f3f3f; ROR(A, 4); \ - L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \ - L ^= S6[0xff & (B >> 8)]; B >>= 16; \ - L ^= S7[0xff & A]; \ - L ^= S5[0xff & (A >> 8)]; A >>= 16; \ - L ^= S4[0xff & B]; \ - L ^= S2[0xff & (B >> 8)]; \ - L ^= S3[0xff & A]; \ - L ^= S1[0xff & (A >> 8)]; - -/* - * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved - * tables of 128 elements. One set is for C_i and the other for D_i, while - * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i. - * - * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i - * or D_i in bits 7-1 (bit 0 being the least significant). - */ - -#define T1(x) pt[2 * (x) + 0] -#define T2(x) pt[2 * (x) + 1] -#define T3(x) pt[2 * (x) + 2] -#define T4(x) pt[2 * (x) + 3] - -#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) - -/* - * Encryption key expansion - * - * RFC2451: Weak key checks SHOULD be performed. - * - * FIPS 74: - * - * Keys having duals are keys which produce all zeros, all ones, or - * alternating zero-one patterns in the C and D registers after Permuted - * Choice 1 has operated on the key. - * - */ -unsigned long des_ekey(u32 *pe, const u8 *k) -{ - /* K&R: long is at least 32 bits */ - unsigned long a, b, c, d, w; - const u32 *pt = pc2; - - d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; - c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; - b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; - a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; - - pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; - pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; - pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); - - /* Check if first half is weak */ - w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); - - /* Skip to next table set */ - pt += 512; - - d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; - c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; - b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; - a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; - - /* Check if second half is weak */ - w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); - - pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; - pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; - pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); - - /* Fixup: 2413 5768 -> 1357 2468 */ - for (d = 0; d < 16; ++d) { - a = pe[2 * d]; - b = pe[2 * d + 1]; - c = a ^ b; - c &= 0xffff0000; - a ^= c; - b ^= c; - ROL(b, 18); - pe[2 * d] = a; - pe[2 * d + 1] = b; - } - - /* Zero if weak key */ - return w; -} -EXPORT_SYMBOL_GPL(des_ekey); - -/* - * Decryption key expansion - * - * No weak key checking is performed, as this is only used by triple DES - * - */ -static void dkey(u32 *pe, const u8 *k) -{ - /* K&R: long is at least 32 bits */ - unsigned long a, b, c, d; - const u32 *pt = pc2; - - d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; - c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; - b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; - a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; - - pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; - pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; - pe[15 * 2] = DES_PC2(b, c, d, a); - - /* Skip to next table set */ - pt += 512; - - d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; - c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; - b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; - a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; - - pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; - pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; - pe[15 * 2 + 1] = DES_PC2(b, c, d, a); - - /* Fixup: 2413 5768 -> 1357 2468 */ - for (d = 0; d < 16; ++d) { - a = pe[2 * d]; - b = pe[2 * d + 1]; - c = a ^ b; - c &= 0xffff0000; - a ^= c; - b ^= c; - ROL(b, 18); - pe[2 * d] = a; - pe[2 * d + 1] = b; - } -} +#include static int des_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - /* Expand to tmp */ - ret = des_ekey(tmp, key); + int err; - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; + err = des_expand_key(dctx, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; } - /* Copy to output */ - memcpy(dctx->expkey, tmp, sizeof(dctx->expkey)); - - return 0; + if (err) { + memzero_explicit(dctx, sizeof(*dctx)); + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + } + return err; } -static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { - struct des_ctx *ctx = crypto_tfm_ctx(tfm); - const u32 *K = ctx->expkey; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); - - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - FP(R, L, A); + const struct des_ctx *dctx = crypto_tfm_ctx(tfm); - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des_encrypt(dctx, dst, src); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { - struct des_ctx *ctx = crypto_tfm_ctx(tfm); - const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + const struct des_ctx *dctx = crypto_tfm_ctx(tfm); - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des_decrypt(dctx, dst, src); } int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, @@ -863,76 +73,37 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *expkey = dctx->expkey; int err; - err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); - if (err) - return err; + err = des3_ede_expand_key(dctx, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; + } - return __des3_ede_setkey(expkey, flags, key, keylen); + if (err) { + memzero_explicit(dctx, sizeof(*dctx)); + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + } + return err; } -static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, + const u8 *src) { - struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - const u32 *K = dctx->expkey; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - for (i = 0; i < 8; i++) { - ROUND(R, L, A, B, K, 2); - ROUND(L, R, A, B, K, 2); - } - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des3_ede_encrypt(dctx, dst, src); } -static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, + const u8 *src) { - struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); - - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - for (i = 0; i < 8; i++) { - ROUND(R, L, A, B, K, -2); - ROUND(L, R, A, B, K, -2); - } - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - FP(R, L, A); + const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des3_ede_decrypt(dctx, dst, src); } static struct crypto_alg des_algs[2] = { { @@ -943,13 +114,12 @@ static struct crypto_alg des_algs[2] = { { .cra_blocksize = DES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct des_ctx), .cra_module = THIS_MODULE, - .cra_alignmask = 3, .cra_u = { .cipher = { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_setkey, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt } } + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt } } }, { .cra_name = "des3_ede", .cra_driver_name = "des3_ede-generic", @@ -958,13 +128,12 @@ static struct crypto_alg des_algs[2] = { { .cra_blocksize = DES3_EDE_BLOCK_SIZE, .cra_ctxsize = sizeof(struct des3_ede_ctx), .cra_module = THIS_MODULE, - .cra_alignmask = 3, .cra_u = { .cipher = { .cia_min_keysize = DES3_EDE_KEY_SIZE, .cia_max_keysize = DES3_EDE_KEY_SIZE, .cia_setkey = des3_ede_setkey, - .cia_encrypt = des3_ede_encrypt, - .cia_decrypt = des3_ede_decrypt } } + .cia_encrypt = crypto_des3_ede_encrypt, + .cia_decrypt = crypto_des3_ede_decrypt } } } }; static int __init des_generic_mod_init(void) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 67af688d7d84..ef4d2db69837 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -149,7 +149,7 @@ config CRYPTO_DES_S390 depends on S390 select CRYPTO_ALGAPI select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help This is the s390 hardware accelerated implementation of the DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). @@ -214,7 +214,7 @@ config CRYPTO_DEV_MARVELL_CESA tristate "Marvell's Cryptographic Engine driver" depends on PLAT_ORION || ARCH_MVEBU select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_HASH select SRAM @@ -226,7 +226,7 @@ config CRYPTO_DEV_MARVELL_CESA config CRYPTO_DEV_NIAGARA2 tristate "Niagara2 Stream Processing Unit driver" - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_HASH select CRYPTO_MD5 @@ -243,7 +243,7 @@ config CRYPTO_DEV_NIAGARA2 config CRYPTO_DEV_HIFN_795X tristate "Driver HIFN 795x crypto accelerator chips" - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select HW_RANDOM if CRYPTO_DEV_HIFN_795X_RNG depends on PCI @@ -299,7 +299,7 @@ config CRYPTO_DEV_TALITOS2 config CRYPTO_DEV_IXP4XX tristate "Driver for IXP4xx crypto hardware acceleration" depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER @@ -365,7 +365,7 @@ config CRYPTO_DEV_OMAP_AES config CRYPTO_DEV_OMAP_DES tristate "Support for OMAP DES/3DES hw engine" depends on ARCH_OMAP2PLUS - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_ENGINE help @@ -383,7 +383,7 @@ config CRYPTO_DEV_PICOXCELL select CRYPTO_AES select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_CBC select CRYPTO_ECB select CRYPTO_SEQIV @@ -496,7 +496,7 @@ config CRYPTO_DEV_ATMEL_AES config CRYPTO_DEV_ATMEL_TDES tristate "Support for Atmel DES/TDES hw accelerator" depends on ARCH_AT91 || COMPILE_TEST - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER help Some Atmel processors have DES/TDES hw accelerator. @@ -594,7 +594,7 @@ config CRYPTO_DEV_QCE depends on ARCH_QCOM || COMPILE_TEST depends on HAS_IOMEM select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_ECB select CRYPTO_CBC select CRYPTO_XTS @@ -642,7 +642,7 @@ config CRYPTO_DEV_SUN4I_SS select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER help Some Allwinner SoC have a crypto accelerator named @@ -665,7 +665,7 @@ config CRYPTO_DEV_ROCKCHIP tristate "Rockchip's Cryptographic Engine driver" depends on OF && ARCH_ROCKCHIP select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 @@ -702,7 +702,7 @@ config CRYPTO_DEV_BCM_SPU depends on MAILBOX default m select CRYPTO_AUTHENC - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 @@ -721,7 +721,7 @@ config CRYPTO_DEV_SAFEXCEL select CRYPTO_AES select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_HASH select CRYPTO_HMAC select CRYPTO_MD5 @@ -759,7 +759,7 @@ config CRYPTO_DEV_CCREE default n select CRYPTO_HASH select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_SHA1 diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig index 3720ddabb507..4a358391b6cb 100644 --- a/drivers/crypto/caam/Kconfig +++ b/drivers/crypto/caam/Kconfig @@ -98,7 +98,7 @@ config CRYPTO_DEV_FSL_CAAM_CRYPTO_API select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help Selecting this will offload crypto for users of the scatterlist crypto API (such as the linux native IPSec diff --git a/drivers/crypto/cavium/nitrox/Kconfig b/drivers/crypto/cavium/nitrox/Kconfig index 181a1dfec932..1a6b51563154 100644 --- a/drivers/crypto/cavium/nitrox/Kconfig +++ b/drivers/crypto/cavium/nitrox/Kconfig @@ -5,7 +5,7 @@ config CRYPTO_DEV_NITROX tristate select CRYPTO_BLKCIPHER select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select FW_LOADER config CRYPTO_DEV_NITROX_CNN55XX diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index 7593b99c948c..e3e734729930 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -12,7 +12,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig index 4491e2197d9f..ceeaa10b2829 100644 --- a/drivers/crypto/stm32/Kconfig +++ b/drivers/crypto/stm32/Kconfig @@ -24,7 +24,7 @@ config CRYPTO_DEV_STM32_CRYP depends on ARCH_STM32 select CRYPTO_HASH select CRYPTO_ENGINE - select CRYPTO_DES + select CRYPTO_LIB_DES help This enables support for the CRYP (AES/DES/TDES) hw accelerator which can be found on STMicroelectronics STM32 SOC. diff --git a/drivers/crypto/ux500/Kconfig b/drivers/crypto/ux500/Kconfig index 0e338bf6dfb7..cbb16d6a9aa9 100644 --- a/drivers/crypto/ux500/Kconfig +++ b/drivers/crypto/ux500/Kconfig @@ -9,7 +9,7 @@ config CRYPTO_DEV_UX500_CRYP depends on CRYPTO_DEV_UX500 select CRYPTO_ALGAPI select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help This selects the crypto driver for the UX500_CRYP hardware. It supports AES-ECB, CBC and CTR with keys sizes of 128, 192 and 256 bit sizes. diff --git a/include/crypto/des.h b/include/crypto/des.h index 31b04ba835b1..2c864a4e6707 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -6,10 +6,7 @@ #ifndef __CRYPTO_DES_H #define __CRYPTO_DES_H -#include -#include -#include -#include +#include #define DES_KEY_SIZE 8 #define DES_EXPKEY_WORDS 32 @@ -19,6 +16,44 @@ #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE +struct des_ctx { + u32 expkey[DES_EXPKEY_WORDS]; +}; + +struct des3_ede_ctx { + u32 expkey[DES3_EDE_EXPKEY_WORDS]; +}; + +void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src); +void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src); + +void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src); +void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src); + +/** + * des_expand_key - Expand a DES input key into a key schedule + * @ctx: the key schedule + * @key: buffer containing the input key + * @len: size of the buffer contents + * + * Returns 0 on success, -EINVAL if the input key is rejected and -ENOKEY if + * the key is accepted but has been found to be weak. + */ +int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen); + +/** + * des3_ede_expand_key - Expand a triple DES input key into a key schedule + * @ctx: the key schedule + * @key: buffer containing the input key + * @len: size of the buffer contents + * + * Returns 0 on success, -EINVAL if the input key is rejected and -ENOKEY if + * the key is accepted but has been found to be weak. Note that weak keys will + * be rejected (and -EINVAL will be returned) when running in FIPS mode. + */ +int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, + unsigned int keylen); + extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen); diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h index 53dffa0667ca..33f0bb0fabed 100644 --- a/include/crypto/internal/des.h +++ b/include/crypto/internal/des.h @@ -23,19 +23,21 @@ */ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) { - u32 tmp[DES_EXPKEY_WORDS]; - int err = 0; + struct des_ctx tmp; + int err; - if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) - return 0; + err = des_expand_key(&tmp, key, DES_KEY_SIZE); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; + } - if (!des_ekey(tmp, key)) { + if (err) crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - err = -EINVAL; - } - err = 0; - memzero_explicit(tmp, sizeof(tmp)); + memzero_explicit(&tmp, sizeof(tmp)); return err; } @@ -52,6 +54,28 @@ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) * property. * */ +static inline int des3_ede_verify_key(const u8 *key, unsigned int key_len, + bool check_weak) +{ + int ret = fips_enabled ? -EINVAL : -ENOKEY; + u32 K[6]; + + memcpy(K, key, DES3_EDE_KEY_SIZE); + + if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || + !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && + (fips_enabled || check_weak)) + goto bad; + + if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) + goto bad; + + ret = 0; +bad: + memzero_explicit(K, DES3_EDE_KEY_SIZE); + + return ret; +} /** * crypto_des3_ede_verify_key - Check whether a DES3-EDE is weak @@ -69,28 +93,14 @@ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, const u8 *key) { - int err = -EINVAL; - u32 K[6]; - - memcpy(K, key, DES3_EDE_KEY_SIZE); - - if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || - !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (fips_enabled || (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) - goto bad; - - if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) - goto bad; + int err; - err = 0; -out: - memzero_explicit(K, DES3_EDE_KEY_SIZE); + err = des3_ede_verify_key(key, DES3_EDE_KEY_SIZE, + crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); + if (err) + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); return err; - -bad: - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - goto out; } #endif /* __CRYPTO_INTERNAL_DES_H */ diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index 88195c34932d..b9ea19a1c6ef 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -2,3 +2,6 @@ obj-$(CONFIG_CRYPTO_LIB_ARC4) += libarc4.o libarc4-y := arc4.o + +obj-$(CONFIG_CRYPTO_LIB_DES) += libdes.o +libdes-y := des.o diff --git a/lib/crypto/des.c b/lib/crypto/des.c new file mode 100644 index 000000000000..ef5bb8822aba --- /dev/null +++ b/lib/crypto/des.c @@ -0,0 +1,902 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Cryptographic API. + * + * DES & Triple DES EDE Cipher Algorithms. + * + * Copyright (c) 2005 Dag Arne Osvik + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include + +#define ROL(x, r) ((x) = rol32((x), (r))) +#define ROR(x, r) ((x) = ror32((x), (r))) + +/* Lookup tables for key expansion */ + +static const u8 pc1[256] = { + 0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14, + 0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54, + 0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16, + 0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56, + 0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c, + 0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c, + 0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e, + 0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e, + 0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34, + 0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74, + 0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36, + 0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76, + 0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c, + 0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c, + 0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e, + 0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e, + 0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94, + 0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4, + 0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96, + 0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6, + 0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c, + 0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc, + 0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e, + 0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde, + 0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4, + 0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4, + 0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6, + 0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6, + 0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc, + 0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc, + 0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe, + 0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe +}; + +static const u8 rs[256] = { + 0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82, + 0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86, + 0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a, + 0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e, + 0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92, + 0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96, + 0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a, + 0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e, + 0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2, + 0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6, + 0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa, + 0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae, + 0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2, + 0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6, + 0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba, + 0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe, + 0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2, + 0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6, + 0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca, + 0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce, + 0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2, + 0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6, + 0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda, + 0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde, + 0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2, + 0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6, + 0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea, + 0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee, + 0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2, + 0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6, + 0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa, + 0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe +}; + +static const u32 pc2[1024] = { + 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00040000, 0x00000000, 0x04000000, 0x00100000, + 0x00400000, 0x00000008, 0x00000800, 0x40000000, + 0x00440000, 0x00000008, 0x04000800, 0x40100000, + 0x00000400, 0x00000020, 0x08000000, 0x00000100, + 0x00040400, 0x00000020, 0x0c000000, 0x00100100, + 0x00400400, 0x00000028, 0x08000800, 0x40000100, + 0x00440400, 0x00000028, 0x0c000800, 0x40100100, + 0x80000000, 0x00000010, 0x00000000, 0x00800000, + 0x80040000, 0x00000010, 0x04000000, 0x00900000, + 0x80400000, 0x00000018, 0x00000800, 0x40800000, + 0x80440000, 0x00000018, 0x04000800, 0x40900000, + 0x80000400, 0x00000030, 0x08000000, 0x00800100, + 0x80040400, 0x00000030, 0x0c000000, 0x00900100, + 0x80400400, 0x00000038, 0x08000800, 0x40800100, + 0x80440400, 0x00000038, 0x0c000800, 0x40900100, + 0x10000000, 0x00000000, 0x00200000, 0x00001000, + 0x10040000, 0x00000000, 0x04200000, 0x00101000, + 0x10400000, 0x00000008, 0x00200800, 0x40001000, + 0x10440000, 0x00000008, 0x04200800, 0x40101000, + 0x10000400, 0x00000020, 0x08200000, 0x00001100, + 0x10040400, 0x00000020, 0x0c200000, 0x00101100, + 0x10400400, 0x00000028, 0x08200800, 0x40001100, + 0x10440400, 0x00000028, 0x0c200800, 0x40101100, + 0x90000000, 0x00000010, 0x00200000, 0x00801000, + 0x90040000, 0x00000010, 0x04200000, 0x00901000, + 0x90400000, 0x00000018, 0x00200800, 0x40801000, + 0x90440000, 0x00000018, 0x04200800, 0x40901000, + 0x90000400, 0x00000030, 0x08200000, 0x00801100, + 0x90040400, 0x00000030, 0x0c200000, 0x00901100, + 0x90400400, 0x00000038, 0x08200800, 0x40801100, + 0x90440400, 0x00000038, 0x0c200800, 0x40901100, + 0x00000200, 0x00080000, 0x00000000, 0x00000004, + 0x00040200, 0x00080000, 0x04000000, 0x00100004, + 0x00400200, 0x00080008, 0x00000800, 0x40000004, + 0x00440200, 0x00080008, 0x04000800, 0x40100004, + 0x00000600, 0x00080020, 0x08000000, 0x00000104, + 0x00040600, 0x00080020, 0x0c000000, 0x00100104, + 0x00400600, 0x00080028, 0x08000800, 0x40000104, + 0x00440600, 0x00080028, 0x0c000800, 0x40100104, + 0x80000200, 0x00080010, 0x00000000, 0x00800004, + 0x80040200, 0x00080010, 0x04000000, 0x00900004, + 0x80400200, 0x00080018, 0x00000800, 0x40800004, + 0x80440200, 0x00080018, 0x04000800, 0x40900004, + 0x80000600, 0x00080030, 0x08000000, 0x00800104, + 0x80040600, 0x00080030, 0x0c000000, 0x00900104, + 0x80400600, 0x00080038, 0x08000800, 0x40800104, + 0x80440600, 0x00080038, 0x0c000800, 0x40900104, + 0x10000200, 0x00080000, 0x00200000, 0x00001004, + 0x10040200, 0x00080000, 0x04200000, 0x00101004, + 0x10400200, 0x00080008, 0x00200800, 0x40001004, + 0x10440200, 0x00080008, 0x04200800, 0x40101004, + 0x10000600, 0x00080020, 0x08200000, 0x00001104, + 0x10040600, 0x00080020, 0x0c200000, 0x00101104, + 0x10400600, 0x00080028, 0x08200800, 0x40001104, + 0x10440600, 0x00080028, 0x0c200800, 0x40101104, + 0x90000200, 0x00080010, 0x00200000, 0x00801004, + 0x90040200, 0x00080010, 0x04200000, 0x00901004, + 0x90400200, 0x00080018, 0x00200800, 0x40801004, + 0x90440200, 0x00080018, 0x04200800, 0x40901004, + 0x90000600, 0x00080030, 0x08200000, 0x00801104, + 0x90040600, 0x00080030, 0x0c200000, 0x00901104, + 0x90400600, 0x00080038, 0x08200800, 0x40801104, + 0x90440600, 0x00080038, 0x0c200800, 0x40901104, + 0x00000002, 0x00002000, 0x20000000, 0x00000001, + 0x00040002, 0x00002000, 0x24000000, 0x00100001, + 0x00400002, 0x00002008, 0x20000800, 0x40000001, + 0x00440002, 0x00002008, 0x24000800, 0x40100001, + 0x00000402, 0x00002020, 0x28000000, 0x00000101, + 0x00040402, 0x00002020, 0x2c000000, 0x00100101, + 0x00400402, 0x00002028, 0x28000800, 0x40000101, + 0x00440402, 0x00002028, 0x2c000800, 0x40100101, + 0x80000002, 0x00002010, 0x20000000, 0x00800001, + 0x80040002, 0x00002010, 0x24000000, 0x00900001, + 0x80400002, 0x00002018, 0x20000800, 0x40800001, + 0x80440002, 0x00002018, 0x24000800, 0x40900001, + 0x80000402, 0x00002030, 0x28000000, 0x00800101, + 0x80040402, 0x00002030, 0x2c000000, 0x00900101, + 0x80400402, 0x00002038, 0x28000800, 0x40800101, + 0x80440402, 0x00002038, 0x2c000800, 0x40900101, + 0x10000002, 0x00002000, 0x20200000, 0x00001001, + 0x10040002, 0x00002000, 0x24200000, 0x00101001, + 0x10400002, 0x00002008, 0x20200800, 0x40001001, + 0x10440002, 0x00002008, 0x24200800, 0x40101001, + 0x10000402, 0x00002020, 0x28200000, 0x00001101, + 0x10040402, 0x00002020, 0x2c200000, 0x00101101, + 0x10400402, 0x00002028, 0x28200800, 0x40001101, + 0x10440402, 0x00002028, 0x2c200800, 0x40101101, + 0x90000002, 0x00002010, 0x20200000, 0x00801001, + 0x90040002, 0x00002010, 0x24200000, 0x00901001, + 0x90400002, 0x00002018, 0x20200800, 0x40801001, + 0x90440002, 0x00002018, 0x24200800, 0x40901001, + 0x90000402, 0x00002030, 0x28200000, 0x00801101, + 0x90040402, 0x00002030, 0x2c200000, 0x00901101, + 0x90400402, 0x00002038, 0x28200800, 0x40801101, + 0x90440402, 0x00002038, 0x2c200800, 0x40901101, + 0x00000202, 0x00082000, 0x20000000, 0x00000005, + 0x00040202, 0x00082000, 0x24000000, 0x00100005, + 0x00400202, 0x00082008, 0x20000800, 0x40000005, + 0x00440202, 0x00082008, 0x24000800, 0x40100005, + 0x00000602, 0x00082020, 0x28000000, 0x00000105, + 0x00040602, 0x00082020, 0x2c000000, 0x00100105, + 0x00400602, 0x00082028, 0x28000800, 0x40000105, + 0x00440602, 0x00082028, 0x2c000800, 0x40100105, + 0x80000202, 0x00082010, 0x20000000, 0x00800005, + 0x80040202, 0x00082010, 0x24000000, 0x00900005, + 0x80400202, 0x00082018, 0x20000800, 0x40800005, + 0x80440202, 0x00082018, 0x24000800, 0x40900005, + 0x80000602, 0x00082030, 0x28000000, 0x00800105, + 0x80040602, 0x00082030, 0x2c000000, 0x00900105, + 0x80400602, 0x00082038, 0x28000800, 0x40800105, + 0x80440602, 0x00082038, 0x2c000800, 0x40900105, + 0x10000202, 0x00082000, 0x20200000, 0x00001005, + 0x10040202, 0x00082000, 0x24200000, 0x00101005, + 0x10400202, 0x00082008, 0x20200800, 0x40001005, + 0x10440202, 0x00082008, 0x24200800, 0x40101005, + 0x10000602, 0x00082020, 0x28200000, 0x00001105, + 0x10040602, 0x00082020, 0x2c200000, 0x00101105, + 0x10400602, 0x00082028, 0x28200800, 0x40001105, + 0x10440602, 0x00082028, 0x2c200800, 0x40101105, + 0x90000202, 0x00082010, 0x20200000, 0x00801005, + 0x90040202, 0x00082010, 0x24200000, 0x00901005, + 0x90400202, 0x00082018, 0x20200800, 0x40801005, + 0x90440202, 0x00082018, 0x24200800, 0x40901005, + 0x90000602, 0x00082030, 0x28200000, 0x00801105, + 0x90040602, 0x00082030, 0x2c200000, 0x00901105, + 0x90400602, 0x00082038, 0x28200800, 0x40801105, + 0x90440602, 0x00082038, 0x2c200800, 0x40901105, + + 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00000000, 0x00000008, 0x00080000, 0x10000000, + 0x02000000, 0x00000000, 0x00000080, 0x00001000, + 0x02000000, 0x00000008, 0x00080080, 0x10001000, + 0x00004000, 0x00000000, 0x00000040, 0x00040000, + 0x00004000, 0x00000008, 0x00080040, 0x10040000, + 0x02004000, 0x00000000, 0x000000c0, 0x00041000, + 0x02004000, 0x00000008, 0x000800c0, 0x10041000, + 0x00020000, 0x00008000, 0x08000000, 0x00200000, + 0x00020000, 0x00008008, 0x08080000, 0x10200000, + 0x02020000, 0x00008000, 0x08000080, 0x00201000, + 0x02020000, 0x00008008, 0x08080080, 0x10201000, + 0x00024000, 0x00008000, 0x08000040, 0x00240000, + 0x00024000, 0x00008008, 0x08080040, 0x10240000, + 0x02024000, 0x00008000, 0x080000c0, 0x00241000, + 0x02024000, 0x00008008, 0x080800c0, 0x10241000, + 0x00000000, 0x01000000, 0x00002000, 0x00000020, + 0x00000000, 0x01000008, 0x00082000, 0x10000020, + 0x02000000, 0x01000000, 0x00002080, 0x00001020, + 0x02000000, 0x01000008, 0x00082080, 0x10001020, + 0x00004000, 0x01000000, 0x00002040, 0x00040020, + 0x00004000, 0x01000008, 0x00082040, 0x10040020, + 0x02004000, 0x01000000, 0x000020c0, 0x00041020, + 0x02004000, 0x01000008, 0x000820c0, 0x10041020, + 0x00020000, 0x01008000, 0x08002000, 0x00200020, + 0x00020000, 0x01008008, 0x08082000, 0x10200020, + 0x02020000, 0x01008000, 0x08002080, 0x00201020, + 0x02020000, 0x01008008, 0x08082080, 0x10201020, + 0x00024000, 0x01008000, 0x08002040, 0x00240020, + 0x00024000, 0x01008008, 0x08082040, 0x10240020, + 0x02024000, 0x01008000, 0x080020c0, 0x00241020, + 0x02024000, 0x01008008, 0x080820c0, 0x10241020, + 0x00000400, 0x04000000, 0x00100000, 0x00000004, + 0x00000400, 0x04000008, 0x00180000, 0x10000004, + 0x02000400, 0x04000000, 0x00100080, 0x00001004, + 0x02000400, 0x04000008, 0x00180080, 0x10001004, + 0x00004400, 0x04000000, 0x00100040, 0x00040004, + 0x00004400, 0x04000008, 0x00180040, 0x10040004, + 0x02004400, 0x04000000, 0x001000c0, 0x00041004, + 0x02004400, 0x04000008, 0x001800c0, 0x10041004, + 0x00020400, 0x04008000, 0x08100000, 0x00200004, + 0x00020400, 0x04008008, 0x08180000, 0x10200004, + 0x02020400, 0x04008000, 0x08100080, 0x00201004, + 0x02020400, 0x04008008, 0x08180080, 0x10201004, + 0x00024400, 0x04008000, 0x08100040, 0x00240004, + 0x00024400, 0x04008008, 0x08180040, 0x10240004, + 0x02024400, 0x04008000, 0x081000c0, 0x00241004, + 0x02024400, 0x04008008, 0x081800c0, 0x10241004, + 0x00000400, 0x05000000, 0x00102000, 0x00000024, + 0x00000400, 0x05000008, 0x00182000, 0x10000024, + 0x02000400, 0x05000000, 0x00102080, 0x00001024, + 0x02000400, 0x05000008, 0x00182080, 0x10001024, + 0x00004400, 0x05000000, 0x00102040, 0x00040024, + 0x00004400, 0x05000008, 0x00182040, 0x10040024, + 0x02004400, 0x05000000, 0x001020c0, 0x00041024, + 0x02004400, 0x05000008, 0x001820c0, 0x10041024, + 0x00020400, 0x05008000, 0x08102000, 0x00200024, + 0x00020400, 0x05008008, 0x08182000, 0x10200024, + 0x02020400, 0x05008000, 0x08102080, 0x00201024, + 0x02020400, 0x05008008, 0x08182080, 0x10201024, + 0x00024400, 0x05008000, 0x08102040, 0x00240024, + 0x00024400, 0x05008008, 0x08182040, 0x10240024, + 0x02024400, 0x05008000, 0x081020c0, 0x00241024, + 0x02024400, 0x05008008, 0x081820c0, 0x10241024, + 0x00000800, 0x00010000, 0x20000000, 0x00000010, + 0x00000800, 0x00010008, 0x20080000, 0x10000010, + 0x02000800, 0x00010000, 0x20000080, 0x00001010, + 0x02000800, 0x00010008, 0x20080080, 0x10001010, + 0x00004800, 0x00010000, 0x20000040, 0x00040010, + 0x00004800, 0x00010008, 0x20080040, 0x10040010, + 0x02004800, 0x00010000, 0x200000c0, 0x00041010, + 0x02004800, 0x00010008, 0x200800c0, 0x10041010, + 0x00020800, 0x00018000, 0x28000000, 0x00200010, + 0x00020800, 0x00018008, 0x28080000, 0x10200010, + 0x02020800, 0x00018000, 0x28000080, 0x00201010, + 0x02020800, 0x00018008, 0x28080080, 0x10201010, + 0x00024800, 0x00018000, 0x28000040, 0x00240010, + 0x00024800, 0x00018008, 0x28080040, 0x10240010, + 0x02024800, 0x00018000, 0x280000c0, 0x00241010, + 0x02024800, 0x00018008, 0x280800c0, 0x10241010, + 0x00000800, 0x01010000, 0x20002000, 0x00000030, + 0x00000800, 0x01010008, 0x20082000, 0x10000030, + 0x02000800, 0x01010000, 0x20002080, 0x00001030, + 0x02000800, 0x01010008, 0x20082080, 0x10001030, + 0x00004800, 0x01010000, 0x20002040, 0x00040030, + 0x00004800, 0x01010008, 0x20082040, 0x10040030, + 0x02004800, 0x01010000, 0x200020c0, 0x00041030, + 0x02004800, 0x01010008, 0x200820c0, 0x10041030, + 0x00020800, 0x01018000, 0x28002000, 0x00200030, + 0x00020800, 0x01018008, 0x28082000, 0x10200030, + 0x02020800, 0x01018000, 0x28002080, 0x00201030, + 0x02020800, 0x01018008, 0x28082080, 0x10201030, + 0x00024800, 0x01018000, 0x28002040, 0x00240030, + 0x00024800, 0x01018008, 0x28082040, 0x10240030, + 0x02024800, 0x01018000, 0x280020c0, 0x00241030, + 0x02024800, 0x01018008, 0x280820c0, 0x10241030, + 0x00000c00, 0x04010000, 0x20100000, 0x00000014, + 0x00000c00, 0x04010008, 0x20180000, 0x10000014, + 0x02000c00, 0x04010000, 0x20100080, 0x00001014, + 0x02000c00, 0x04010008, 0x20180080, 0x10001014, + 0x00004c00, 0x04010000, 0x20100040, 0x00040014, + 0x00004c00, 0x04010008, 0x20180040, 0x10040014, + 0x02004c00, 0x04010000, 0x201000c0, 0x00041014, + 0x02004c00, 0x04010008, 0x201800c0, 0x10041014, + 0x00020c00, 0x04018000, 0x28100000, 0x00200014, + 0x00020c00, 0x04018008, 0x28180000, 0x10200014, + 0x02020c00, 0x04018000, 0x28100080, 0x00201014, + 0x02020c00, 0x04018008, 0x28180080, 0x10201014, + 0x00024c00, 0x04018000, 0x28100040, 0x00240014, + 0x00024c00, 0x04018008, 0x28180040, 0x10240014, + 0x02024c00, 0x04018000, 0x281000c0, 0x00241014, + 0x02024c00, 0x04018008, 0x281800c0, 0x10241014, + 0x00000c00, 0x05010000, 0x20102000, 0x00000034, + 0x00000c00, 0x05010008, 0x20182000, 0x10000034, + 0x02000c00, 0x05010000, 0x20102080, 0x00001034, + 0x02000c00, 0x05010008, 0x20182080, 0x10001034, + 0x00004c00, 0x05010000, 0x20102040, 0x00040034, + 0x00004c00, 0x05010008, 0x20182040, 0x10040034, + 0x02004c00, 0x05010000, 0x201020c0, 0x00041034, + 0x02004c00, 0x05010008, 0x201820c0, 0x10041034, + 0x00020c00, 0x05018000, 0x28102000, 0x00200034, + 0x00020c00, 0x05018008, 0x28182000, 0x10200034, + 0x02020c00, 0x05018000, 0x28102080, 0x00201034, + 0x02020c00, 0x05018008, 0x28182080, 0x10201034, + 0x00024c00, 0x05018000, 0x28102040, 0x00240034, + 0x00024c00, 0x05018008, 0x28182040, 0x10240034, + 0x02024c00, 0x05018000, 0x281020c0, 0x00241034, + 0x02024c00, 0x05018008, 0x281820c0, 0x10241034 +}; + +/* S-box lookup tables */ + +static const u32 S1[64] = { + 0x01010400, 0x00000000, 0x00010000, 0x01010404, + 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, + 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, + 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, + 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, + 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, + 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, + 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, + 0x00010004, 0x00010400, 0x00000000, 0x01010004 +}; + +static const u32 S2[64] = { + 0x80108020, 0x80008000, 0x00008000, 0x00108020, + 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, + 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, + 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, + 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, + 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, + 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, + 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, + 0x80000000, 0x80100020, 0x80108020, 0x00108000 +}; + +static const u32 S3[64] = { + 0x00000208, 0x08020200, 0x00000000, 0x08020008, + 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, + 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, + 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, + 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, + 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, + 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, + 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, + 0x00020208, 0x00000008, 0x08020008, 0x00020200 +}; + +static const u32 S4[64] = { + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, + 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, + 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002000, 0x00802080 +}; + +static const u32 S5[64] = { + 0x00000100, 0x02080100, 0x02080000, 0x42000100, + 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, + 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, + 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, + 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, + 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, + 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, + 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, + 0x00000000, 0x40080000, 0x02080100, 0x40000100 +}; + +static const u32 S6[64] = { + 0x20000010, 0x20400000, 0x00004000, 0x20404010, + 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, + 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, + 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, + 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, + 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, + 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, + 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, + 0x20404000, 0x20000000, 0x00400010, 0x20004010 +}; + +static const u32 S7[64] = { + 0x00200000, 0x04200002, 0x04000802, 0x00000000, + 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, + 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, + 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, + 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, + 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, + 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, + 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, + 0x04000002, 0x04000800, 0x00000800, 0x00200002 +}; + +static const u32 S8[64] = { + 0x10001040, 0x00001000, 0x00040000, 0x10041040, + 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, + 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, + 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, + 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, + 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, + 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, + 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, + 0x00001040, 0x00040040, 0x10000000, 0x10041000 +}; + +/* Encryption components: IP, FP, and round function */ + +#define IP(L, R, T) \ + ROL(R, 4); \ + T = L; \ + L ^= R; \ + L &= 0xf0f0f0f0; \ + R ^= L; \ + L ^= T; \ + ROL(R, 12); \ + T = L; \ + L ^= R; \ + L &= 0xffff0000; \ + R ^= L; \ + L ^= T; \ + ROR(R, 14); \ + T = L; \ + L ^= R; \ + L &= 0xcccccccc; \ + R ^= L; \ + L ^= T; \ + ROL(R, 6); \ + T = L; \ + L ^= R; \ + L &= 0xff00ff00; \ + R ^= L; \ + L ^= T; \ + ROR(R, 7); \ + T = L; \ + L ^= R; \ + L &= 0xaaaaaaaa; \ + R ^= L; \ + L ^= T; \ + ROL(L, 1); + +#define FP(L, R, T) \ + ROR(L, 1); \ + T = L; \ + L ^= R; \ + L &= 0xaaaaaaaa; \ + R ^= L; \ + L ^= T; \ + ROL(R, 7); \ + T = L; \ + L ^= R; \ + L &= 0xff00ff00; \ + R ^= L; \ + L ^= T; \ + ROR(R, 6); \ + T = L; \ + L ^= R; \ + L &= 0xcccccccc; \ + R ^= L; \ + L ^= T; \ + ROL(R, 14); \ + T = L; \ + L ^= R; \ + L &= 0xffff0000; \ + R ^= L; \ + L ^= T; \ + ROR(R, 12); \ + T = L; \ + L ^= R; \ + L &= 0xf0f0f0f0; \ + R ^= L; \ + L ^= T; \ + ROR(R, 4); + +#define ROUND(L, R, A, B, K, d) \ + B = K[0]; A = K[1]; K += d; \ + B ^= R; A ^= R; \ + B &= 0x3f3f3f3f; ROR(A, 4); \ + L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \ + L ^= S6[0xff & (B >> 8)]; B >>= 16; \ + L ^= S7[0xff & A]; \ + L ^= S5[0xff & (A >> 8)]; A >>= 16; \ + L ^= S4[0xff & B]; \ + L ^= S2[0xff & (B >> 8)]; \ + L ^= S3[0xff & A]; \ + L ^= S1[0xff & (A >> 8)]; + +/* + * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved + * tables of 128 elements. One set is for C_i and the other for D_i, while + * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i. + * + * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i + * or D_i in bits 7-1 (bit 0 being the least significant). + */ + +#define T1(x) pt[2 * (x) + 0] +#define T2(x) pt[2 * (x) + 1] +#define T3(x) pt[2 * (x) + 2] +#define T4(x) pt[2 * (x) + 3] + +#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) + +/* + * Encryption key expansion + * + * RFC2451: Weak key checks SHOULD be performed. + * + * FIPS 74: + * + * Keys having duals are keys which produce all zeros, all ones, or + * alternating zero-one patterns in the C and D registers after Permuted + * Choice 1 has operated on the key. + * + */ +static unsigned long des_ekey(u32 *pe, const u8 *k) +{ + /* K&R: long is at least 32 bits */ + unsigned long a, b, c, d, w; + const u32 *pt = pc2; + + d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; + c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; + b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; + a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; + + pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; + pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; + pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); + + /* Check if first half is weak */ + w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); + + /* Skip to next table set */ + pt += 512; + + d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; + c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; + b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; + a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; + + /* Check if second half is weak */ + w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); + + pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; + pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; + pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); + + /* Fixup: 2413 5768 -> 1357 2468 */ + for (d = 0; d < 16; ++d) { + a = pe[2 * d]; + b = pe[2 * d + 1]; + c = a ^ b; + c &= 0xffff0000; + a ^= c; + b ^= c; + ROL(b, 18); + pe[2 * d] = a; + pe[2 * d + 1] = b; + } + + /* Zero if weak key */ + return w; +} + +int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen) +{ + if (keylen != DES_KEY_SIZE) + return -EINVAL; + + return des_ekey(ctx->expkey, key) ? 0 : -ENOKEY; +} +EXPORT_SYMBOL_GPL(des_expand_key); + +/* + * Decryption key expansion + * + * No weak key checking is performed, as this is only used by triple DES + * + */ +static void dkey(u32 *pe, const u8 *k) +{ + /* K&R: long is at least 32 bits */ + unsigned long a, b, c, d; + const u32 *pt = pc2; + + d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; + c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; + b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; + a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; + + pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; + pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; + pe[15 * 2] = DES_PC2(b, c, d, a); + + /* Skip to next table set */ + pt += 512; + + d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; + c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; + b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; + a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; + + pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; + pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; + pe[15 * 2 + 1] = DES_PC2(b, c, d, a); + + /* Fixup: 2413 5768 -> 1357 2468 */ + for (d = 0; d < 16; ++d) { + a = pe[2 * d]; + b = pe[2 * d + 1]; + c = a ^ b; + c &= 0xffff0000; + a ^= c; + b ^= c; + ROL(b, 18); + pe[2 * d] = a; + pe[2 * d + 1] = b; + } +} + +void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src) +{ + const u32 *K = ctx->expkey; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des_encrypt); + +void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src) +{ + const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des_decrypt); + +int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, + unsigned int keylen) +{ + u32 *pe = ctx->expkey; + int err; + + if (keylen != DES3_EDE_KEY_SIZE) + return -EINVAL; + + err = des3_ede_verify_key(key, keylen, true); + if (err && err != -ENOKEY) + return err; + + des_ekey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + dkey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + des_ekey(pe, key); + + return err; +} +EXPORT_SYMBOL_GPL(des3_ede_expand_key); + +void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src) +{ + const u32 *K = dctx->expkey; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + for (i = 0; i < 8; i++) { + ROUND(R, L, A, B, K, 2); + ROUND(L, R, A, B, K, 2); + } + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des3_ede_encrypt); + +void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src) +{ + const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + for (i = 0; i < 8; i++) { + ROUND(R, L, A, B, K, -2); + ROUND(L, R, A, B, K, -2); + } + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des3_ede_decrypt); + +MODULE_LICENSE("GPL"); From patchwork Fri Jun 28 09:35:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168051 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454899ilk; Fri, 28 Jun 2019 02:36:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqwELje7O07z4zjIg6sgAxwRA1HZgusXxU62zx3Dl+scT94g+NGN6w1E1pDiw62D2Wd023zO X-Received: by 2002:a17:90a:b00b:: with SMTP id x11mr12051128pjq.120.1561714574777; Fri, 28 Jun 2019 02:36:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714574; cv=none; d=google.com; s=arc-20160816; b=xi5f6iOSZLn1OcECAw6Q3exVLNWSgS9DmHGTg2mmf1MhsANE7R76622PnULMm3vDEH si2/rguy8AlblLYOMZqE+JnJm9LlNBsInIe/ucE4BzG1kPrBSJQuu+tJbqYursNp3rIG J6J458dufNDqtTtyANg8AEVXy4TTQlHSyuQi2ZusQZekFDjQEMIQUdkf7uPnXtrnXbDm X131aAN6ReJ5/RLY9X69QAeey//yTrymk/ykgvKlUunHTB3J4745A9DEgKMuuvvzAEB0 17WQ6kGfFx5C8AdKeqs2fVTQ8woeygr9Nm/Ht3+E1lS0XYFN9OiQqLz/7uTFeqRu/soV WKyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=N2BlLzFuQehpzWwGcUqNkw7wuytXhknZeoPcZaYTlhI=; b=XHC9s5DaEajfoSHYVKizf1DVcXKsSlXJ+kGoYI1VQyor5uSyNkO3lYZvdiMw67gJxe 8a5PcUpDd5LPreTcauROYZ3FYM7QzF2e1zRjV375Q0cBu7raAcwBRHNd4NS3SjkXWN3Q +qp32y8dRbWElFDa3WSbtjwdSsIFg4hKiigYHclsbu4/ZPMFedt4OIWsJW5zVtHjncvl p/5AvLe7DNe1sWmWrkwH91c2aVsACE5uKmRxW0HECfFuN+sN512hRParHhZtu2sf6bD4 py61+TH/4SfFLPQFAkIZ0GzUgfJ5wYvXcqxiPuIlx/mzC9GgzoQWaOeSV1ACkliR8Qfr HVWg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sy6VsdaN; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j7si2015771pfi.10.2019.06.28.02.36.14; Fri, 28 Jun 2019 02:36:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sy6VsdaN; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726786AbfF1JgL (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:11 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:33757 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726739AbfF1JgK (ORCPT ); Fri, 28 Jun 2019 05:36:10 -0400 Received: by mail-wm1-f67.google.com with SMTP id h19so8945148wme.0 for ; Fri, 28 Jun 2019 02:36:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=N2BlLzFuQehpzWwGcUqNkw7wuytXhknZeoPcZaYTlhI=; b=sy6VsdaNSyMFgmFJUCxIU6iej6cfiNWWZU0aRTHLOW19zyFo/3tshhtcWuIrSmQcrX H0yK3ltIQywTitvKecqzyA1GIWHZpn2THfGf7PVU477vbyAGBT+GhZb7RGm7opP1rjjY fVzoqtiWw8x25KGC4s5rSwbBc/6R9dIDZpVLMaiL19JmUNj+SV24GwuSFdgFnrIKbyDw X1cUPb5eElJhZMHGE9MH8WWIThCMPIsnX8a0VQHF4uBWWfj0rj2Ia8D8XfDBdqnaFqJY oGWT67cqpFF8QjnXfFaT+Jk5YlV9NqgnDADHyqHLj5SHLL1j0IWdI3WVP3+PapHg3t9B WVaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=N2BlLzFuQehpzWwGcUqNkw7wuytXhknZeoPcZaYTlhI=; b=eeOzZpR5IgDXdpmcDbthRej69mI1gHK5vn51f/fDNlUGjTY9gZlHiJ0OE0MjtmcxVX oNDLkFbePVWKS5rE1MxKmRABSfebuJOZYCV3KENiV3QMUi7/g2NUWMNDQk995ZLycfMd BAmlzCjvFheY5bIG9g4QnV5pEWnfOlmPseXqF8Po9DXwqoqs4n6kqxvhsPlGFkl7LDqo /+lYFCDdOks3yUa18pNRTy7+LpmwhlqVd6ybQllGn1yYbhIPdh7nDqPHhE/2DUDPaHfW HLSSbvfid/2JJCtR23MQZjvqdYH67DiVM9wdPA416BjEmJYMP6gpnB/2hnrLTVHOopcq E1sQ== X-Gm-Message-State: APjAAAXa/KfdQDSRRcB3qnicS9KmABSzOaIX0S6qwEfOqD5mhWV34CEO Oo6wQ9ZOjlLzgearsXJApMTWTMAjtA8BSg== X-Received: by 2002:a1c:a654:: with SMTP id p81mr6211235wme.36.1561714568619; Fri, 28 Jun 2019 02:36:08 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.07 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:08 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 28/30] crypto: x86/des - switch to library interface Date: Fri, 28 Jun 2019 11:35:27 +0200 Message-Id: <20190628093529.12281-29-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 42 +++++++++++--------- 1 file changed, 23 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index dfee4cec9452..cce329b188d1 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -21,7 +21,7 @@ */ #include -#include +#include #include #include #include @@ -29,8 +29,8 @@ #include struct des3_ede_x86_ctx { - u32 enc_expkey[DES3_EDE_EXPKEY_WORDS]; - u32 dec_expkey[DES3_EDE_EXPKEY_WORDS]; + struct des3_ede_ctx enc; + struct des3_ede_ctx dec; }; /* regular block cipher functions */ @@ -44,7 +44,7 @@ asmlinkage void des3_ede_x86_64_crypt_blk_3way(const u32 *expkey, u8 *dst, static inline void des3_ede_enc_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *enc_ctx = ctx->enc_expkey; + u32 *enc_ctx = ctx->enc.expkey; des3_ede_x86_64_crypt_blk(enc_ctx, dst, src); } @@ -52,7 +52,7 @@ static inline void des3_ede_enc_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_dec_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *dec_ctx = ctx->dec_expkey; + u32 *dec_ctx = ctx->dec.expkey; des3_ede_x86_64_crypt_blk(dec_ctx, dst, src); } @@ -60,7 +60,7 @@ static inline void des3_ede_dec_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_enc_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *enc_ctx = ctx->enc_expkey; + u32 *enc_ctx = ctx->enc.expkey; des3_ede_x86_64_crypt_blk_3way(enc_ctx, dst, src); } @@ -68,7 +68,7 @@ static inline void des3_ede_enc_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_dec_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *dec_ctx = ctx->dec_expkey; + u32 *dec_ctx = ctx->dec.expkey; des3_ede_x86_64_crypt_blk_3way(dec_ctx, dst, src); } @@ -132,7 +132,7 @@ static int ecb_encrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct des3_ede_x86_ctx *ctx = crypto_skcipher_ctx(tfm); - return ecb_crypt(req, ctx->enc_expkey); + return ecb_crypt(req, ctx->enc.expkey); } static int ecb_decrypt(struct skcipher_request *req) @@ -140,7 +140,7 @@ static int ecb_decrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct des3_ede_x86_ctx *ctx = crypto_skcipher_ctx(tfm); - return ecb_crypt(req, ctx->dec_expkey); + return ecb_crypt(req, ctx->dec.expkey); } static unsigned int __cbc_encrypt(struct des3_ede_x86_ctx *ctx, @@ -358,24 +358,28 @@ static int des3_ede_x86_setkey(struct crypto_tfm *tfm, const u8 *key, u32 i, j, tmp; int err; - err = crypto_des3_ede_verify_key(tfm, key); - if (err) - return err; + err = des3_ede_expand_key(&ctx->enc, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; + } - /* Generate encryption context using generic implementation. */ - err = __des3_ede_setkey(ctx->enc_expkey, &tfm->crt_flags, key, keylen); - if (err < 0) + if (err) { + memzero_explicit(ctx, sizeof(*ctx)); return err; + } /* Fix encryption context for this implementation and form decryption * context. */ j = DES3_EDE_EXPKEY_WORDS - 2; for (i = 0; i < DES3_EDE_EXPKEY_WORDS; i += 2, j -= 2) { - tmp = ror32(ctx->enc_expkey[i + 1], 4); - ctx->enc_expkey[i + 1] = tmp; + tmp = ror32(ctx->enc.expkey[i + 1], 4); + ctx->enc.expkey[i + 1] = tmp; - ctx->dec_expkey[j + 0] = ctx->enc_expkey[i + 0]; - ctx->dec_expkey[j + 1] = tmp; + ctx->dec.expkey[j + 0] = ctx->enc.expkey[i + 0]; + ctx->dec.expkey[j + 1] = tmp; } return 0; From patchwork Fri Jun 28 09:35:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168047 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454884ilk; Fri, 28 Jun 2019 02:36:13 -0700 (PDT) X-Google-Smtp-Source: APXvYqyV0wg/ZugPi8bpdoYhMEa8U1vJc41tjPsmBe3ISYPnCKohlYKvHQRstzeAJ6NVHoScDLLj X-Received: by 2002:a63:61cb:: with SMTP id v194mr7813473pgb.95.1561714573859; Fri, 28 Jun 2019 02:36:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714573; cv=none; d=google.com; s=arc-20160816; b=i643R5SFcWzbEX3KqLWmCkTn3l91aS4lRvTUF+l4+7k9oqHA5ceiqyJo/YSqzFgkSb vB/8+LxQiYQ/8doj4P/9GrOveDP2n/sA/sWELmiLz90cV9WU0wR/EuvrzmuVqQTUOyoM mCFZ4s0km6YnmEXIJY04uxUCmKCoxBLgrql1sCkyFxJwJJ5TP3MS+mosA76trJx5BILY FpAN0RwnWs6IlroYqibV8UB+nEKFZHtOC2fC0DCO67lOXACcoA9wIFQPp2umGP09yghv gWgdPzGOFEi19MeEhd/1XrGeb41D90yf7VwY0PGb0TGAq3xOsix5HVvflVm2sAZmDcWg wyuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=HMxEFfI7tJ6A3Lxij+jWi/muPaKRgiRph4XGCcI4O/0=; b=CtQt5zfLGpALBfzeouGxxz7eYKMZKS3mB9Md62dEw+mLyagQG0VfhndUlhkxSc3Tkx lyeCFKu6Su2FNcAJOeuhE3Wpi2iJS+NlPQkixsy29MikH2+JRyfNyk2DRbjTh17l3ane fYXoiuqxAJ4cHLGk8S9+sQcqsnHucIirn0FnAv2JjbiROajkK6l/txXxjFQUJpZSrvDk 3kZb9r0Zgb/ITQge0cG4X9l4qeIc/j0i5ykrVUgWeMd9XSLH+2HbLikUoq4aua3Nfaz1 CgE3bHkDWdhF8peoC4MJ65pMF9u6UOX6uTeC6RTkVsko2fcn/LGyf8Q6uwgg7bL2si95 SX7Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hkJMEkt+; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j7si2015771pfi.10.2019.06.28.02.36.13; Fri, 28 Jun 2019 02:36:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hkJMEkt+; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726596AbfF1JgM (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:12 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:55736 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726774AbfF1JgM (ORCPT ); Fri, 28 Jun 2019 05:36:12 -0400 Received: by mail-wm1-f66.google.com with SMTP id a15so8407873wmj.5 for ; Fri, 28 Jun 2019 02:36:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=HMxEFfI7tJ6A3Lxij+jWi/muPaKRgiRph4XGCcI4O/0=; b=hkJMEkt+H6i2GmbO0KSCljhk9WVAf2BXDctigWeQ1kzI9sUe9awEpQyg9L36u4NDYM MrNtMjMo/8jgjhiLzauGPpOFXGbtnEH4X6RAZtvCoHm57z88aOMc/JSic8oYds5TFSx9 RgcSBof/gCpKR6G/+SQEp1SDAVGjIM7Zo2uvuFVGyq5Ui3xfAct9YlZUWOgo2CxzVXb6 YHgVjS1hx4BJlCfjtvmnqvztz5Z5sgWHNOzg0RB0fNcSpoAGVShjLXVArkCVyR05BHnE 1KJzpKItbZe9VrwZuI/8sYRAQ44hoTqQuYDTz+U3BEJZmfR6QSEHlr1L8D090O5meDk+ 59WA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HMxEFfI7tJ6A3Lxij+jWi/muPaKRgiRph4XGCcI4O/0=; b=JpZp68CpvH25cmyqc1J8Dl/GKpaRtJ+FCNT3Dh7UmDEqqtY+kHTqRn+60YXPCgzsB5 lAvW8571DjDsruy2rD3WqVEbQOJ6UExEFg0d2qdt6VuNI9JPPJojdJ90yS/HmJHOvMU7 ZayPZafH1Y1JpGvgFlQad9TlOTSdRxL5xjku7737Of/mUPmvCdnVkmpolSkb8xDi94QM FI79n66s1CC8ddMU4hJEW+S2mAWKYEq2RqISmVG7S2GA2/W589T9xQapArDAgGb0zPsZ Ibm0bQPWPo8iiaDJaBoxKyotbzHToeIyXwEOSOgM8qSQTefxOgZ5ftyyqZRVhgEytFfM NM2w== X-Gm-Message-State: APjAAAWC+eXKxUi3l0UkPfmTKGF65wCe1VNizRE579HFye84LMmLS2Wc jqsoBv/i2lyj0sxtGsB187214OEu0AWQOg== X-Received: by 2002:a1c:f009:: with SMTP id a9mr6285584wmb.32.1561714569805; Fri, 28 Jun 2019 02:36:09 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.08 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:08 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 29/30] crypto: des - remove now unused __des3_ede_setkey() Date: Fri, 28 Jun 2019 11:35:28 +0200 Message-Id: <20190628093529.12281-30-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- crypto/des_generic.c | 13 ------------- include/crypto/des.h | 3 --- 2 files changed, 16 deletions(-) -- 2.20.1 diff --git a/crypto/des_generic.c b/crypto/des_generic.c index 8669423886aa..201caf22b881 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -56,19 +56,6 @@ static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des_decrypt(dctx, dst, src); } -int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, - unsigned int keylen) -{ - int err; - - des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - des_ekey(expkey, key); - - return 0; -} -EXPORT_SYMBOL_GPL(__des3_ede_setkey); - static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/des.h b/include/crypto/des.h index 2c864a4e6707..7812b4331ae4 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -54,7 +54,4 @@ int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen); int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, unsigned int keylen); -extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, - unsigned int keylen); - #endif /* __CRYPTO_DES_H */ From patchwork Fri Jun 28 09:35:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 168050 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp3454889ilk; Fri, 28 Jun 2019 02:36:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqyJ8ZLTuXg5oY3+0iATM0s+6HOwyw2S8vuEnJPXDxr4IzAyQmFWq7J0yG+sFltDepmg5hKs X-Received: by 2002:a17:902:8f87:: with SMTP id z7mr10193545plo.65.1561714574214; Fri, 28 Jun 2019 02:36:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561714574; cv=none; d=google.com; s=arc-20160816; b=Ohqtp/869pbYGMSKHl25AJQ3Z/UnSID8fPcMVmSBUQDzn9GOmlxz6MgjksveI0JJw0 9xZK4iApEX3FU7UD6yJ8DdUgsBxjkKl6NQwKChItn7/uBD9xqfAw8MwlSKHs5fUHMabg iv+SnYlT/99Ew8MwKwS0mu3P6/7/Kc7aa0FFI3AEXvBVO/nCqRzYfFAOAjV6irRSNxS+ ALRy7Vzn7i6s13uR4kvTjJLqWSgt+Kt8UeE0aCq+atVlQQtJc7E3FjXg/ZpzrqluayjS GVWIRBrRrjsjrniUqI4PE2kLPOl0n/EbYoiD0lO0YnfH5zzj75gp5WQmXgyanPv3lchG 5lSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=JECSO/bEpbkseNS0KKB92/HftgO7GU1wpPzeVM070Yw=; b=HBEXuWJ41/uQSrHprTDoOfacpjkHb6mw3V6H42bSGa33CUj8duBUbeUwNzIttMhpPt aY4GcQJ6oncvP5nhTKt0Wy58rMTMM584nyzlvYLA26MyEKvyAeMfJneoxPxeuxa21IUL 7fQt5Ir/EhQJEQ/w4FS6TYFtCu/eVa3Lm0sviie068yxfFMXcA4V7P1uzKr325LQlFLV ENiU62lvKmsnNm2D5PmUSmZpO4MHe/qVbOwmGGY2Bq02Pf4x7EiQQTRN37c4H481B9V8 CnwattLIg8T8n1Y+yVhO1ynDPlCmmHxuUGn0F9AT2zgpDhdZNdIRk1lDmi+5b6z/zx5V qS4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=zlY2AJuc; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j7si2015771pfi.10.2019.06.28.02.36.14; Fri, 28 Jun 2019 02:36:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=zlY2AJuc; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726687AbfF1JgM (ORCPT + 3 others); Fri, 28 Jun 2019 05:36:12 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:33759 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726796AbfF1JgM (ORCPT ); Fri, 28 Jun 2019 05:36:12 -0400 Received: by mail-wm1-f68.google.com with SMTP id h19so8945212wme.0 for ; Fri, 28 Jun 2019 02:36:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=JECSO/bEpbkseNS0KKB92/HftgO7GU1wpPzeVM070Yw=; b=zlY2AJucQbYM/macwfXX7nkWL8+g71mABisTQgAR01ipSHJ5py7TXZCc59woXboj0q SVRpo8+B+ByhLMsma4XJGGPVYmIl0QOd4pDKmxWX458MlzC07SBaLH3Yas+N6ib3BzpT 83od6GJnu0hO3hbQzd9JOX8SEVVYZGqTsDdvsRAMUceCFK5WVs/tQENe/OuNT/Mtk2GK K27x3JPYokGcTJ9fUic3tidzYQtk7ZCQc0bnOIt+kLF9/JmKqlz95A/wQmJh+fvTDOul pwUl42BzDufuoRNh70U3rzvCzT7o82wp1QQyNnTzQAcQm+OR05LI1QZd9/Qtn2YII2dh AT6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=JECSO/bEpbkseNS0KKB92/HftgO7GU1wpPzeVM070Yw=; b=dbLZFLcH79kk6NXEjhe+7wNMexIfLCNPBEO7ARmITeY4rV7uew1r+MSsXAV/dvxAGy 9utubmGlgzVa48ZiVYDaFVIC1rE5nyze7rdCQkkY7iZjzLTzznoMLzcs6iZfPo4qvbsZ hOro7ZZOk0fqCh0M+ZXrBtEdDZuCGKE0B06FPUiNWJ33sIXjXpPJ0/NRcO2kCLSqY75o OFwKmjtX2NERlo514Ao50bocG81w39c7XpQcCTY1p6uawQs5xQSBRrVnjhJz27/i3zNS w1wRO5bdD3PNI6YMtZ3zr2vh950xvGXWHS3jyBlOkF1kS3mR8vUyhap7dNGDaUKZQcdN YovA== X-Gm-Message-State: APjAAAVFsKktS3J+xSppKFTDbDr/KR47zE6b6rCZfuw0HrvIUQeS/mkI HYvxaSa+wOKtwMWJVE1gHdVqxB+Z2xlPhQ== X-Received: by 2002:a7b:c455:: with SMTP id l21mr6763458wmi.114.1561714570778; Fri, 28 Jun 2019 02:36:10 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id m24sm1709910wmi.39.2019.06.28.02.36.09 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 28 Jun 2019 02:36:10 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v3 30/30] fs: cifs: move from the crypto cipher API to the new DES library interface Date: Fri, 28 Jun 2019 11:35:29 +0200 Message-Id: <20190628093529.12281-31-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190628093529.12281-1-ard.biesheuvel@linaro.org> References: <20190628093529.12281-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Some legacy code in the CIFS driver uses single DES to calculate some password hash, and uses the crypto cipher API to do so. Given that there is no point in invoking an accelerated cipher for doing 56-bit symmetric encryption on a single 8-byte block of input, the flexibility of the crypto cipher API does not add much value here, and so we're much better off using a library call into the generic C implementation. Signed-off-by: Ard Biesheuvel --- fs/cifs/Kconfig | 2 +- fs/cifs/cifsfs.c | 1 - fs/cifs/smbencrypt.c | 18 +++++++++--------- 3 files changed, 10 insertions(+), 11 deletions(-) -- 2.20.1 diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index 3da294231dcc..dedab8f79ee8 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig @@ -14,7 +14,7 @@ config CIFS select CRYPTO_CCM select CRYPTO_ECB select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES help This is the client VFS module for the SMB3 family of NAS protocols, (including support for the most recent, most secure dialect SMB3.1.1) diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index e55afaf9e5a3..44f4cc160197 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -1590,7 +1590,6 @@ MODULE_DESCRIPTION ("VFS to access SMB3 servers e.g. Samba, Macs, Azure and Windows (and " "also older servers complying with the SNIA CIFS Specification)"); MODULE_VERSION(CIFS_VERSION); -MODULE_SOFTDEP("pre: des"); MODULE_SOFTDEP("pre: ecb"); MODULE_SOFTDEP("pre: hmac"); MODULE_SOFTDEP("pre: md4"); diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c index a0b80ac651a6..5c55c35f47d6 100644 --- a/fs/cifs/smbencrypt.c +++ b/fs/cifs/smbencrypt.c @@ -23,13 +23,14 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#include #include #include +#include #include #include #include #include +#include #include "cifs_fs_sb.h" #include "cifs_unicode.h" #include "cifspdu.h" @@ -70,19 +71,18 @@ static int smbhash(unsigned char *out, const unsigned char *in, unsigned char *key) { unsigned char key2[8]; - struct crypto_cipher *tfm_des; + struct des_ctx ctx; str_to_key(key, key2); - tfm_des = crypto_alloc_cipher("des", 0, 0); - if (IS_ERR(tfm_des)) { - cifs_dbg(VFS, "could not allocate des crypto API\n"); - return PTR_ERR(tfm_des); + if (fips_enabled) { + cifs_dbg(VFS, "FIPS compliance enabled: DES not permitted\n"); + return -ENOENT; } - crypto_cipher_setkey(tfm_des, key2, 8); - crypto_cipher_encrypt_one(tfm_des, out, in); - crypto_free_cipher(tfm_des); + des_expand_key(&ctx, key2, DES_KEY_SIZE); + des_encrypt(&ctx, out, in); + memzero_explicit(&ctx, sizeof(ctx)); return 0; }