tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

crypto: ixp4xx/des - switch to new verification routines

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Ard Biesheuvel and committed by
Herbert Xu 3ca20b65 21f5a15e

+6 -21
+6 -21
drivers/crypto/ixp4xx_crypto.c
··· 17 17 #include <linux/module.h> 18 18 19 19 #include <crypto/ctr.h> 20 - #include <crypto/des.h> 20 + #include <crypto/internal/des.h> 21 21 #include <crypto/aes.h> 22 22 #include <crypto/hmac.h> 23 23 #include <crypto/sha.h> ··· 756 756 } 757 757 cipher_cfg |= keylen_cfg; 758 758 } else { 759 - u32 tmp[DES_EXPKEY_WORDS]; 760 - if (des_ekey(tmp, key) == 0) { 761 - *flags |= CRYPTO_TFM_RES_WEAK_KEY; 762 - } 759 + crypto_des_verify_key(tfm, key); 763 760 } 764 761 /* write cfg word to cryptinfo */ 765 762 *(u32*)cinfo = cpu_to_be32(cipher_cfg); ··· 848 851 static int ablk_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, 849 852 unsigned int key_len) 850 853 { 851 - u32 flags = crypto_ablkcipher_get_flags(tfm); 852 - int err; 853 - 854 - err = __des3_verify_key(&flags, key); 855 - if (unlikely(err)) 856 - crypto_ablkcipher_set_flags(tfm, flags); 857 - 858 - return ablk_setkey(tfm, key, key_len); 854 + return verify_ablkcipher_des3_key(tfm, key) ?: 855 + ablk_setkey(tfm, key, key_len); 859 856 } 860 857 861 858 static int ablk_rfc3686_setkey(struct crypto_ablkcipher *tfm, const u8 *key, ··· 1172 1181 unsigned int keylen) 1173 1182 { 1174 1183 struct ixp_ctx *ctx = crypto_aead_ctx(tfm); 1175 - u32 flags = CRYPTO_TFM_RES_BAD_KEY_LEN; 1176 1184 struct crypto_authenc_keys keys; 1177 1185 int err; 1178 1186 ··· 1183 1193 if (keys.authkeylen > sizeof(ctx->authkey)) 1184 1194 goto badkey; 1185 1195 1186 - if (keys.enckeylen != DES3_EDE_KEY_SIZE) 1187 - goto badkey; 1188 - 1189 - flags = crypto_aead_get_flags(tfm); 1190 - err = __des3_verify_key(&flags, keys.enckey); 1191 - if (unlikely(err)) 1196 + err = verify_aead_des3_key(tfm, keys.enckey, keys.enckeylen); 1197 + if (err) 1192 1198 goto badkey; 1193 1199 1194 1200 memcpy(ctx->authkey, keys.authkey, keys.authkeylen); ··· 1195 1209 memzero_explicit(&keys, sizeof(keys)); 1196 1210 return aead_setup(tfm, crypto_aead_authsize(tfm)); 1197 1211 badkey: 1198 - crypto_aead_set_flags(tfm, flags); 1199 1212 memzero_explicit(&keys, sizeof(keys)); 1200 1213 return err; 1201 1214 }