crypto: safexcel/des - switch to new verification routines

tjh.dev / kernel

fork atom

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

fork atom

crypto: safexcel/des - switch to new verification routines

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Ard Biesheuvel and committed by

Herbert Xu 6 years ago 21f5a15e 894b68d8

+7 -17

1 changed file

expand all

drivers

crypto

inside-secure

safexcel_cipher.c

+7 -17

drivers/crypto/inside-secure/safexcel_cipher.c

··· 220 220 struct safexcel_crypto_priv *priv = ctx->priv; 221 221 struct crypto_authenc_keys keys; 222 222 struct crypto_aes_ctx aes; 223 - u32 flags; 224 223 int err = -EINVAL; 225 224 226 225 if (crypto_authenc_extractkeys(&keys, key, len) != 0) ··· 240 241 /* Encryption key */ 241 242 switch (ctx->alg) { 242 243 case SAFEXCEL_3DES: 243 - if (keys.enckeylen != DES3_EDE_KEY_SIZE) 244 - goto badkey; 245 - flags = crypto_aead_get_flags(ctfm); 246 - err = __des3_verify_key(&flags, keys.enckey); 247 - crypto_aead_set_flags(ctfm, flags); 248 - 244 + err = verify_aead_des3_key(ctfm, keys.enckey, keys.enckeylen); 249 245 if (unlikely(err)) 250 246 goto badkey_expflags; 251 247 break; ··· 1186 1192 static int safexcel_des_setkey(struct crypto_skcipher *ctfm, const u8 *key, 1187 1193 unsigned int len) 1188 1194 { 1189 - struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm); 1190 - struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); 1191 - u32 tmp[DES_EXPKEY_WORDS]; 1195 + struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm); 1192 1196 int ret; 1193 1197 1194 - ret = des_ekey(tmp, key); 1195 - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 1196 - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 1197 - return -EINVAL; 1198 - } 1198 + ret = verify_skcipher_des_key(ctfm, key); 1199 + if (ret) 1200 + return ret; 1199 1201 1200 1202 /* if context exits and key changed, need to invalidate it */ 1201 1203 if (ctx->base.ctxr_dma) ··· 1289 1299 struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm); 1290 1300 int err; 1291 1301 1292 - err = des3_verify_key(ctfm, key); 1293 - if (unlikely(err)) 1302 + err = verify_skcipher_des3_key(ctfm, key); 1303 + if (err) 1294 1304 return err; 1295 1305 1296 1306 /* if context exits and key changed, need to invalidate it */