crypto: clarify name of WEAK_KEY request flag

+2 -2

arch/s390/crypto/des_s390.c

··· 38 38 39 39 /* check for weak keys */ 40 40 if (!des_ekey(tmp, key) && 41 - (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 41 + (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 42 42 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 43 43 return -EINVAL; 44 44 } ··· 228 228 if (!(crypto_memneq(key, &key[DES_KEY_SIZE], DES_KEY_SIZE) && 229 229 crypto_memneq(&key[DES_KEY_SIZE], &key[DES_KEY_SIZE * 2], 230 230 DES_KEY_SIZE)) && 231 - (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 231 + (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 232 232 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 233 233 return -EINVAL; 234 234 }

+2 -2

arch/sparc/crypto/des_glue.c

··· 53 53 * weak key detection code. 54 54 */ 55 55 ret = des_ekey(tmp, key); 56 - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 56 + if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 57 57 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 58 58 return -EINVAL; 59 59 } ··· 209 209 210 210 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || 211 211 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && 212 - (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 212 + (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 213 213 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 214 214 return -EINVAL; 215 215 }

+2 -2

crypto/des_generic.c

··· 789 789 /* Expand to tmp */ 790 790 ret = des_ekey(tmp, key); 791 791 792 - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 792 + if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 793 793 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 794 794 return -EINVAL; 795 795 } ··· 866 866 867 867 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || 868 868 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && 869 - (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 869 + (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 870 870 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 871 871 return -EINVAL; 872 872 }

+7 -7

crypto/testmgr.c

··· 706 706 707 707 crypto_aead_clear_flags(tfm, ~0); 708 708 if (template[i].wk) 709 - crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); 709 + crypto_aead_set_flags(tfm, 710 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 710 711 711 712 if (template[i].klen > MAX_KEYLEN) { 712 713 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", ··· 821 820 822 821 crypto_aead_clear_flags(tfm, ~0); 823 822 if (template[i].wk) 824 - crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); 823 + crypto_aead_set_flags(tfm, 824 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 825 825 if (template[i].klen > MAX_KEYLEN) { 826 826 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", 827 827 d, j, algo, template[i].klen, MAX_KEYLEN); ··· 1080 1078 1081 1079 crypto_cipher_clear_flags(tfm, ~0); 1082 1080 if (template[i].wk) 1083 - crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); 1081 + crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 1084 1082 1085 1083 ret = crypto_cipher_setkey(tfm, template[i].key, 1086 1084 template[i].klen); ··· 1196 1194 1197 1195 crypto_skcipher_clear_flags(tfm, ~0); 1198 1196 if (template[i].wk) 1199 - crypto_skcipher_set_flags(tfm, 1200 - CRYPTO_TFM_REQ_WEAK_KEY); 1197 + crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 1201 1198 1202 1199 ret = crypto_skcipher_setkey(tfm, template[i].key, 1203 1200 template[i].klen); ··· 1266 1265 j++; 1267 1266 crypto_skcipher_clear_flags(tfm, ~0); 1268 1267 if (template[i].wk) 1269 - crypto_skcipher_set_flags(tfm, 1270 - CRYPTO_TFM_REQ_WEAK_KEY); 1268 + crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 1271 1269 1272 1270 ret = crypto_skcipher_setkey(tfm, template[i].key, 1273 1271 template[i].klen);

+2 -2

crypto/testmgr.h

··· 50 50 * @ctext: Pointer to ciphertext 51 51 * @len: Length of @ptext and @ctext in bytes 52 52 * @fail: If set to one, the test need to fail 53 - * @wk: Does the test need CRYPTO_TFM_REQ_WEAK_KEY 53 + * @wk: Does the test need CRYPTO_TFM_REQ_FORBID_WEAK_KEYS? 54 54 * ( e.g. test needs to fail due to a weak key ) 55 55 * @np: numbers of SG to distribute data in (from 1 to MAX_TAP) 56 56 * @tap: How to distribute data in @np SGs ··· 91 91 * @anp: Numbers of SG to distribute assoc data in 92 92 * @fail: setkey() failure expected? 93 93 * @novrfy: Decryption verification failure expected? 94 - * @wk: Does the test need CRYPTO_TFM_REQ_WEAK_KEY? 94 + * @wk: Does the test need CRYPTO_TFM_REQ_FORBID_WEAK_KEYS? 95 95 * (e.g. setkey() needs to fail due to a weak key) 96 96 * @klen: Length of @key in bytes 97 97 * @plen: Length of @ptext in bytes

+1 -1

drivers/crypto/atmel-tdes.c

··· 785 785 } 786 786 787 787 err = des_ekey(tmp, key); 788 - if (err == 0 && (ctfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 788 + if (err == 0 && (ctfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 789 789 ctfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 790 790 return -EINVAL; 791 791 }

+2 -2

drivers/crypto/bcm/cipher.c

··· 1818 1818 if (keylen == DES_KEY_SIZE) { 1819 1819 if (des_ekey(tmp, key) == 0) { 1820 1820 if (crypto_ablkcipher_get_flags(cipher) & 1821 - CRYPTO_TFM_REQ_WEAK_KEY) { 1821 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { 1822 1822 u32 flags = CRYPTO_TFM_RES_WEAK_KEY; 1823 1823 1824 1824 crypto_ablkcipher_set_flags(cipher, flags); ··· 2872 2872 2873 2873 if (des_ekey(tmp, keys.enckey) == 0) { 2874 2874 if (crypto_aead_get_flags(cipher) & 2875 - CRYPTO_TFM_REQ_WEAK_KEY) { 2875 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { 2876 2876 crypto_aead_set_flags(cipher, flags); 2877 2877 return -EINVAL; 2878 2878 }

+1 -1

drivers/crypto/ccp/ccp-crypto-des3.c

··· 57 57 58 58 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || 59 59 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && 60 - (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 60 + (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 61 61 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 62 62 return -EINVAL; 63 63 }

+2 -1

drivers/crypto/ccree/cc_cipher.c

··· 352 352 dev_dbg(dev, "weak 3DES key"); 353 353 return -EINVAL; 354 354 } else if (!des_ekey(tmp, key) && 355 - (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_WEAK_KEY)) { 355 + (crypto_tfm_get_flags(tfm) & 356 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 356 357 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 357 358 dev_dbg(dev, "weak DES key"); 358 359 return -EINVAL;

+2 -1

drivers/crypto/hifn_795x.c

··· 1961 1961 u32 tmp[DES_EXPKEY_WORDS]; 1962 1962 int ret = des_ekey(tmp, key); 1963 1963 1964 - if (unlikely(ret == 0) && (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 1964 + if (unlikely(ret == 0) && 1965 + (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 1965 1966 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 1966 1967 return -EINVAL; 1967 1968 }

+1 -1

drivers/crypto/inside-secure/safexcel_cipher.c

··· 940 940 } 941 941 942 942 ret = des_ekey(tmp, key); 943 - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 943 + if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 944 944 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 945 945 return -EINVAL; 946 946 }

+2 -2

drivers/crypto/ixp4xx_crypto.c

··· 847 847 goto out; 848 848 849 849 if (*flags & CRYPTO_TFM_RES_WEAK_KEY) { 850 - if (*flags & CRYPTO_TFM_REQ_WEAK_KEY) { 850 + if (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { 851 851 ret = -EINVAL; 852 852 } else { 853 853 *flags &= ~CRYPTO_TFM_RES_WEAK_KEY; ··· 1125 1125 goto out; 1126 1126 1127 1127 if (*flags & CRYPTO_TFM_RES_WEAK_KEY) { 1128 - if (*flags & CRYPTO_TFM_REQ_WEAK_KEY) { 1128 + if (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { 1129 1129 ret = -EINVAL; 1130 1130 goto out; 1131 1131 } else {

+1 -1

drivers/crypto/marvell/cipher.c

··· 286 286 } 287 287 288 288 ret = des_ekey(tmp, key); 289 - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 289 + if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 290 290 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 291 291 return -EINVAL; 292 292 }

+1 -1

drivers/crypto/n2_core.c

··· 772 772 } 773 773 774 774 err = des_ekey(tmp, key); 775 - if (err == 0 && (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 775 + if (err == 0 && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 776 776 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 777 777 return -EINVAL; 778 778 }

+1 -1

drivers/crypto/omap-des.c

··· 662 662 pr_debug("enter, keylen: %d\n", keylen); 663 663 664 664 /* Do we need to test against weak key? */ 665 - if (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY) { 665 + if (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { 666 666 u32 tmp[DES_EXPKEY_WORDS]; 667 667 int ret = des_ekey(tmp, key); 668 668

+2 -1

drivers/crypto/picoxcell_crypto.c

··· 759 759 } 760 760 761 761 if (unlikely(!des_ekey(tmp, key)) && 762 - (crypto_ablkcipher_get_flags(cipher) & CRYPTO_TFM_REQ_WEAK_KEY)) { 762 + (crypto_ablkcipher_get_flags(cipher) & 763 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 763 764 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 764 765 return -EINVAL; 765 766 }

+2 -2

drivers/crypto/qce/ablkcipher.c

··· 180 180 u32 tmp[DES_EXPKEY_WORDS]; 181 181 182 182 ret = des_ekey(tmp, key); 183 - if (!ret && crypto_ablkcipher_get_flags(ablk) & 184 - CRYPTO_TFM_REQ_WEAK_KEY) 183 + if (!ret && (crypto_ablkcipher_get_flags(ablk) & 184 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) 185 185 goto weakkey; 186 186 } 187 187

+1 -1

drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c

··· 60 60 61 61 if (keylen == DES_KEY_SIZE) { 62 62 if (!des_ekey(tmp, key) && 63 - (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 63 + (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 64 64 tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; 65 65 return -EINVAL; 66 66 }

+1 -1

drivers/crypto/sunxi-ss/sun4i-ss-cipher.c

··· 517 517 flags = crypto_skcipher_get_flags(tfm); 518 518 519 519 ret = des_ekey(tmp, key); 520 - if (unlikely(!ret) && (flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 520 + if (unlikely(!ret) && (flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 521 521 crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); 522 522 dev_dbg(ss->dev, "Weak key %u\n", keylen); 523 523 return -EINVAL;

+1 -1

drivers/crypto/talitos.c

··· 1535 1535 } 1536 1536 1537 1537 if (unlikely(crypto_ablkcipher_get_flags(cipher) & 1538 - CRYPTO_TFM_REQ_WEAK_KEY) && 1538 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && 1539 1539 !des_ekey(tmp, key)) { 1540 1540 crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); 1541 1541 return -EINVAL;

+11 -9

drivers/crypto/ux500/cryp/cryp_core.c

··· 1000 1000 } 1001 1001 1002 1002 ret = des_ekey(tmp, key); 1003 - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 1003 + if (unlikely(ret == 0) && 1004 + (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 1004 1005 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 1005 - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_REQ_WEAK_KEY", 1006 - __func__); 1006 + pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_WEAK_KEY", 1007 + __func__); 1007 1008 return -EINVAL; 1008 1009 } 1009 1010 ··· 1035 1034 /* Checking key interdependency for weak key detection. */ 1036 1035 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || 1037 1036 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && 1038 - (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 1037 + (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 1039 1038 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 1040 - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_REQ_WEAK_KEY", 1041 - __func__); 1039 + pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_WEAK_KEY", 1040 + __func__); 1042 1041 return -EINVAL; 1043 1042 } 1044 1043 for (i = 0; i < 3; i++) { 1045 1044 ret = des_ekey(tmp, key + i*DES_KEY_SIZE); 1046 - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 1045 + if (unlikely(ret == 0) && 1046 + (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { 1047 1047 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 1048 - pr_debug(DEV_DBG_NAME " [%s]: " 1049 - "CRYPTO_TFM_REQ_WEAK_KEY", __func__); 1048 + pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_WEAK_KEY", 1049 + __func__); 1050 1050 return -EINVAL; 1051 1051 } 1052 1052 }

+2 -2

fs/crypto/keyinfo.c

··· 47 47 tfm = NULL; 48 48 goto out; 49 49 } 50 - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); 50 + crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 51 51 req = skcipher_request_alloc(tfm, GFP_NOFS); 52 52 if (!req) { 53 53 res = -ENOMEM; ··· 257 257 mode->friendly_name, 258 258 crypto_skcipher_alg(tfm)->base.cra_driver_name); 259 259 } 260 - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); 260 + crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 261 261 err = crypto_skcipher_setkey(tfm, raw_key, mode->keysize); 262 262 if (err) 263 263 goto err_free_tfm;

+3 -2

fs/ecryptfs/crypto.c

··· 610 610 full_alg_name); 611 611 goto out_free; 612 612 } 613 - crypto_skcipher_set_flags(crypt_stat->tfm, CRYPTO_TFM_REQ_WEAK_KEY); 613 + crypto_skcipher_set_flags(crypt_stat->tfm, 614 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 614 615 rc = 0; 615 616 out_free: 616 617 kfree(full_alg_name); ··· 1591 1590 "[%s]; rc = [%d]\n", full_alg_name, rc); 1592 1591 goto out; 1593 1592 } 1594 - crypto_skcipher_set_flags(*key_tfm, CRYPTO_TFM_REQ_WEAK_KEY); 1593 + crypto_skcipher_set_flags(*key_tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 1595 1594 if (*key_size == 0) 1596 1595 *key_size = crypto_skcipher_default_keysize(*key_tfm); 1597 1596 get_random_bytes(dummy_key, *key_size);

+2 -2

include/crypto/xts.h

··· 47 47 } 48 48 49 49 /* ensure that the AES and tweak key are not identical */ 50 - if ((fips_enabled || crypto_skcipher_get_flags(tfm) & 51 - CRYPTO_TFM_REQ_WEAK_KEY) && 50 + if ((fips_enabled || (crypto_skcipher_get_flags(tfm) & 51 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) && 52 52 !crypto_memneq(key, key + (keylen / 2), keylen / 2)) { 53 53 crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); 54 54 return -EINVAL;

+1 -1

include/linux/crypto.h

··· 118 118 #define CRYPTO_TFM_REQ_MASK 0x000fff00 119 119 #define CRYPTO_TFM_RES_MASK 0xfff00000 120 120 121 - #define CRYPTO_TFM_REQ_WEAK_KEY 0x00000100 121 + #define CRYPTO_TFM_REQ_FORBID_WEAK_KEYS 0x00000100 122 122 #define CRYPTO_TFM_REQ_MAY_SLEEP 0x00000200 123 123 #define CRYPTO_TFM_REQ_MAY_BACKLOG 0x00000400 124 124 #define CRYPTO_TFM_RES_WEAK_KEY 0x00100000