crypto: ccree/des - switch to new verification routines

tjh.dev / kernel

fork atom

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

fork atom

crypto: ccree/des - switch to new verification routines

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Ard Biesheuvel and committed by

Herbert Xu 6 years ago 00cd6b23 b5250416

+8 -31

2 changed files

expand all

drivers

crypto

ccree

cc_aead.c

cc_cipher.c

+4 -20

drivers/crypto/ccree/cc_aead.c

··· 6 6 #include <crypto/algapi.h> 7 7 #include <crypto/internal/aead.h> 8 8 #include <crypto/authenc.h> 9 - #include <crypto/des.h> 9 + #include <crypto/internal/des.h> 10 10 #include <linux/rtnetlink.h> 11 11 #include "cc_driver.h" 12 12 #include "cc_buffer_mgr.h" ··· 649 649 unsigned int keylen) 650 650 { 651 651 struct crypto_authenc_keys keys; 652 - u32 flags; 653 652 int err; 654 653 655 654 err = crypto_authenc_extractkeys(&keys, key, keylen); 656 655 if (unlikely(err)) 657 - goto badkey; 656 + return err; 658 657 659 - err = -EINVAL; 660 - if (keys.enckeylen != DES3_EDE_KEY_SIZE) 661 - goto badkey; 658 + err = verify_aead_des3_key(aead, keys.enckey, keys.enckeylen) ?: 659 + cc_aead_setkey(aead, key, keylen); 662 660 663 - flags = crypto_aead_get_flags(aead); 664 - err = __des3_verify_key(&flags, keys.enckey); 665 - if (unlikely(err)) { 666 - crypto_aead_set_flags(aead, flags); 667 - goto out; 668 - } 669 - 670 - err = cc_aead_setkey(aead, key, keylen); 671 - 672 - out: 673 661 memzero_explicit(&keys, sizeof(keys)); 674 662 return err; 675 - 676 - badkey: 677 - crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); 678 - goto out; 679 663 } 680 664 681 665 static int cc_rfc4309_ccm_setkey(struct crypto_aead *tfm, const u8 *key,

+4 -11

drivers/crypto/ccree/cc_cipher.c

··· 5 5 #include <linux/module.h> 6 6 #include <crypto/algapi.h> 7 7 #include <crypto/internal/skcipher.h> 8 - #include <crypto/des.h> 8 + #include <crypto/internal/des.h> 9 9 #include <crypto/xts.h> 10 10 #include <crypto/sm4.h> 11 11 #include <crypto/scatterwalk.h> ··· 411 411 * HW does the expansion on its own. 412 412 */ 413 413 if (ctx_p->flow_mode == S_DIN_to_DES) { 414 - u32 tmp[DES3_EDE_EXPKEY_WORDS]; 415 - if (keylen == DES3_EDE_KEY_SIZE && 416 - __des3_ede_setkey(tmp, &tfm->crt_flags, key, 417 - DES3_EDE_KEY_SIZE)) { 418 - dev_dbg(dev, "weak 3DES key"); 419 - return -EINVAL; 420 - } else if (!des_ekey(tmp, key) && 421 - (crypto_tfm_get_flags(tfm) & 422 - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 423 - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 414 + if ((keylen == DES3_EDE_KEY_SIZE && 415 + verify_skcipher_des3_key(sktfm, key)) || 416 + verify_skcipher_des_key(sktfm, key)) { 424 417 dev_dbg(dev, "weak DES key"); 425 418 return -EINVAL; 426 419 }