tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
[CRYPTO] api: Get rid of flags argument to setkey
Now that the tfm is passed directly to setkey instead of the ctx, we no
longer need to pass the &tfm->crt_flags pointer.
This patch also gets rid of a few unnecessary checks on the key length
for ciphers as the cipher layer guarantees that the key length is within
the bounds specified by the algorithm.
Rather than testing dia_setkey every time, this patch does it only once
during crypto_alloc_tfm. The redundant check from crypto_digest_setkey
is also removed.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+63
-92
+2
-1
arch/i386/crypto/aes.c
+2
-1
arch/i386/crypto/aes.c
···
379
379
}
380
380
381
381
static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
382
-
unsigned int key_len, u32 *flags)
382
+
unsigned int key_len)
383
383
{
384
384
int i;
385
385
u32 ss[8];
386
386
struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
387
387
const __le32 *key = (const __le32 *)in_key;
388
+
u32 *flags = &tfm->crt_flags;
388
389
389
390
/* encryption schedule */
390
391
+2
-1
arch/s390/crypto/aes_s390.c
+2
-1
arch/s390/crypto/aes_s390.c
+8
-5
arch/s390/crypto/des_s390.c
+8
-5
arch/s390/crypto/des_s390.c
···
45
45
};
46
46
47
47
static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
48
-
unsigned int keylen, u32 *flags)
48
+
unsigned int keylen)
49
49
{
50
50
struct crypt_s390_des_ctx *dctx = crypto_tfm_ctx(tfm);
51
+
u32 *flags = &tfm->crt_flags;
51
52
int ret;
52
53
53
54
/* test if key is valid (not a weak key) */
···
168
167
*
169
168
*/
170
169
static int des3_128_setkey(struct crypto_tfm *tfm, const u8 *key,
171
-
unsigned int keylen, u32 *flags)
170
+
unsigned int keylen)
172
171
{
173
172
int i, ret;
174
173
struct crypt_s390_des3_128_ctx *dctx = crypto_tfm_ctx(tfm);
175
-
const u8* temp_key = key;
174
+
const u8 *temp_key = key;
175
+
u32 *flags = &tfm->crt_flags;
176
176
177
177
if (!(memcmp(key, &key[DES_KEY_SIZE], DES_KEY_SIZE))) {
178
178
*flags |= CRYPTO_TFM_RES_BAD_KEY_SCHED;
···
305
303
*
306
304
*/
307
305
static int des3_192_setkey(struct crypto_tfm *tfm, const u8 *key,
308
-
unsigned int keylen, u32 *flags)
306
+
unsigned int keylen)
309
307
{
310
308
int i, ret;
311
309
struct crypt_s390_des3_192_ctx *dctx = crypto_tfm_ctx(tfm);
312
-
const u8* temp_key = key;
310
+
const u8 *temp_key = key;
311
+
u32 *flags = &tfm->crt_flags;
313
312
314
313
if (!(memcmp(key, &key[DES_KEY_SIZE], DES_KEY_SIZE) &&
315
314
memcmp(&key[DES_KEY_SIZE], &key[DES_KEY_SIZE * 2],
+3
-2
arch/x86_64/crypto/aes.c
+3
-2
arch/x86_64/crypto/aes.c
···
228
228
}
229
229
230
230
static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
231
-
unsigned int key_len, u32 *flags)
231
+
unsigned int key_len)
232
232
{
233
233
struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
234
234
const __le32 *key = (const __le32 *)in_key;
235
+
u32 *flags = &tfm->crt_flags;
235
236
u32 i, j, t, u, v, w;
236
237
237
-
if (key_len != 16 && key_len != 24 && key_len != 32) {
238
+
if (key_len % 8) {
238
239
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
239
240
return -EINVAL;
240
241
}
+3
-2
crypto/aes.c
+3
-2
crypto/aes.c
···
249
249
}
250
250
251
251
static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
252
-
unsigned int key_len, u32 *flags)
252
+
unsigned int key_len)
253
253
{
254
254
struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
255
255
const __le32 *key = (const __le32 *)in_key;
256
+
u32 *flags = &tfm->crt_flags;
256
257
u32 i, t, u, v, w;
257
258
258
-
if (key_len != 16 && key_len != 24 && key_len != 32) {
259
+
if (key_len % 8) {
259
260
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
260
261
return -EINVAL;
261
262
}
+2
-1
crypto/anubis.c
+2
-1
crypto/anubis.c
···
461
461
};
462
462
463
463
static int anubis_setkey(struct crypto_tfm *tfm, const u8 *in_key,
464
-
unsigned int key_len, u32 *flags)
464
+
unsigned int key_len)
465
465
{
466
466
struct anubis_ctx *ctx = crypto_tfm_ctx(tfm);
467
467
const __be32 *key = (const __be32 *)in_key;
468
+
u32 *flags = &tfm->crt_flags;
468
469
int N, R, i, r;
469
470
u32 kappa[ANUBIS_MAX_N];
470
471
u32 inter[ANUBIS_MAX_N];
+1
-1
crypto/arc4.c
+1
-1
crypto/arc4.c
+1
-2
crypto/blowfish.c
+1
-2
crypto/blowfish.c
···
399
399
/*
400
400
* Calculates the blowfish S and P boxes for encryption and decryption.
401
401
*/
402
-
static int bf_setkey(struct crypto_tfm *tfm, const u8 *key,
403
-
unsigned int keylen, u32 *flags)
402
+
static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
404
403
{
405
404
struct bf_ctx *ctx = crypto_tfm_ctx(tfm);
406
405
u32 *P = ctx->p;
+1
-7
crypto/cast5.c
+1
-7
crypto/cast5.c
···
769
769
}
770
770
771
771
772
-
static int cast5_setkey(struct crypto_tfm *tfm, const u8 *key,
773
-
unsigned key_len, u32 *flags)
772
+
static int cast5_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned key_len)
774
773
{
775
774
struct cast5_ctx *c = crypto_tfm_ctx(tfm);
776
775
int i;
···
777
778
u32 z[4];
778
779
u32 k[16];
779
780
__be32 p_key[4];
780
-
781
-
if (key_len < 5 || key_len > 16) {
782
-
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
783
-
return -EINVAL;
784
-
}
785
781
786
782
c->rr = key_len <= 10 ? 1 : 0;
787
783
+3
-2
crypto/cast6.c
+3
-2
crypto/cast6.c
···
382
382
}
383
383
384
384
static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key,
385
-
unsigned key_len, u32 *flags)
385
+
unsigned key_len)
386
386
{
387
387
int i;
388
388
u32 key[8];
389
389
__be32 p_key[8]; /* padded key */
390
390
struct cast6_ctx *c = crypto_tfm_ctx(tfm);
391
+
u32 *flags = &tfm->crt_flags;
391
392
392
-
if (key_len < 16 || key_len > 32 || key_len % 4 != 0) {
393
+
if (key_len % 4 != 0) {
393
394
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
394
395
return -EINVAL;
395
396
}
+2
-2
crypto/cipher.c
+2
-2
crypto/cipher.c
···
264
264
{
265
265
struct cipher_alg *cia = &tfm->__crt_alg->cra_cipher;
266
266
267
+
tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
267
268
if (keylen < cia->cia_min_keysize || keylen > cia->cia_max_keysize) {
268
269
tfm->crt_flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
269
270
return -EINVAL;
270
271
} else
271
-
return cia->cia_setkey(tfm, key, keylen,
272
-
&tfm->crt_flags);
272
+
return cia->cia_setkey(tfm, key, keylen);
273
273
}
274
274
275
275
static int ecb_encrypt(struct crypto_tfm *tfm,
+2
-3
crypto/crc32c.c
+2
-3
crypto/crc32c.c
···
44
44
* the seed.
45
45
*/
46
46
static int chksum_setkey(struct crypto_tfm *tfm, const u8 *key,
47
-
unsigned int keylen, u32 *flags)
47
+
unsigned int keylen)
48
48
{
49
49
struct chksum_ctx *mctx = crypto_tfm_ctx(tfm);
50
50
51
51
if (keylen != sizeof(mctx->crc)) {
52
-
if (flags)
53
-
*flags = CRYPTO_TFM_RES_BAD_KEY_LEN;
52
+
tfm->crt_flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
54
53
return -EINVAL;
55
54
}
56
55
mctx->key = le32_to_cpu(*(__le32 *)key);
+1
-1
crypto/crypto_null.c
+1
-1
crypto/crypto_null.c
+4
-2
crypto/des.c
+4
-2
crypto/des.c
···
784
784
}
785
785
786
786
static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
787
-
unsigned int keylen, u32 *flags)
787
+
unsigned int keylen)
788
788
{
789
789
struct des_ctx *dctx = crypto_tfm_ctx(tfm);
790
+
u32 *flags = &tfm->crt_flags;
790
791
u32 tmp[DES_EXPKEY_WORDS];
791
792
int ret;
792
793
···
865
864
*
866
865
*/
867
866
static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key,
868
-
unsigned int keylen, u32 *flags)
867
+
unsigned int keylen)
869
868
{
870
869
const u32 *K = (const u32 *)key;
871
870
struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
872
871
u32 *expkey = dctx->expkey;
872
+
u32 *flags = &tfm->crt_flags;
873
873
874
874
if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
875
875
!((K[2] ^ K[4]) | (K[3] ^ K[5]))))
+10
-5
crypto/digest.c
+10
-5
crypto/digest.c
···
76
76
tfm->__crt_alg->cra_digest.dia_final(tfm, out);
77
77
}
78
78
79
+
static int nosetkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
80
+
{
81
+
tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
82
+
return -ENOSYS;
83
+
}
84
+
79
85
static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
80
86
{
81
-
u32 flags;
82
-
if (tfm->__crt_alg->cra_digest.dia_setkey == NULL)
83
-
return -ENOSYS;
84
-
return tfm->__crt_alg->cra_digest.dia_setkey(tfm, key, keylen, &flags);
87
+
tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
88
+
return tfm->__crt_alg->cra_digest.dia_setkey(tfm, key, keylen);
85
89
}
86
90
87
91
static void digest(struct crypto_tfm *tfm,
···
104
100
int crypto_init_digest_ops(struct crypto_tfm *tfm)
105
101
{
106
102
struct digest_tfm *ops = &tfm->crt_digest;
103
+
struct digest_alg *dalg = &tfm->__crt_alg->cra_digest;
107
104
108
105
ops->dit_init = init;
109
106
ops->dit_update = update;
110
107
ops->dit_final = final;
111
108
ops->dit_digest = digest;
112
-
ops->dit_setkey = setkey;
109
+
ops->dit_setkey = dalg->dia_setkey ? setkey : nosetkey;
113
110
114
111
return crypto_alloc_hmac_block(tfm);
115
112
}
+1
-7
crypto/khazad.c
+1
-7
crypto/khazad.c
···
755
755
};
756
756
757
757
static int khazad_setkey(struct crypto_tfm *tfm, const u8 *in_key,
758
-
unsigned int key_len, u32 *flags)
758
+
unsigned int key_len)
759
759
{
760
760
struct khazad_ctx *ctx = crypto_tfm_ctx(tfm);
761
761
const __be32 *key = (const __be32 *)in_key;
762
762
int r;
763
763
const u64 *S = T7;
764
764
u64 K2, K1;
765
-
766
-
if (key_len != 16)
767
-
{
768
-
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
769
-
return -EINVAL;
770
-
}
771
765
772
766
/* key is supposed to be 32-bit aligned */
773
767
K2 = ((u64)be32_to_cpu(key[0]) << 32) | be32_to_cpu(key[1]);
+2
-3
crypto/michael_mic.c
+2
-3
crypto/michael_mic.c
···
123
123
124
124
125
125
static int michael_setkey(struct crypto_tfm *tfm, const u8 *key,
126
-
unsigned int keylen, u32 *flags)
126
+
unsigned int keylen)
127
127
{
128
128
struct michael_mic_ctx *mctx = crypto_tfm_ctx(tfm);
129
129
const __le32 *data = (const __le32 *)key;
130
130
131
131
if (keylen != 8) {
132
-
if (flags)
133
-
*flags = CRYPTO_TFM_RES_BAD_KEY_LEN;
132
+
tfm->crt_flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
134
133
return -EINVAL;
135
134
}
136
135
+3
-16
crypto/serpent.c
+3
-16
crypto/serpent.c
···
216
216
217
217
218
218
static int serpent_setkey(struct crypto_tfm *tfm, const u8 *key,
219
-
unsigned int keylen, u32 *flags)
219
+
unsigned int keylen)
220
220
{
221
221
struct serpent_ctx *ctx = crypto_tfm_ctx(tfm);
222
222
u32 *k = ctx->expkey;
223
223
u8 *k8 = (u8 *)k;
224
224
u32 r0,r1,r2,r3,r4;
225
225
int i;
226
-
227
-
if ((keylen < SERPENT_MIN_KEY_SIZE)
228
-
|| (keylen > SERPENT_MAX_KEY_SIZE))
229
-
{
230
-
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
231
-
return -EINVAL;
232
-
}
233
226
234
227
/* Copy key, add padding */
235
228
···
490
497
};
491
498
492
499
static int tnepres_setkey(struct crypto_tfm *tfm, const u8 *key,
493
-
unsigned int keylen, u32 *flags)
500
+
unsigned int keylen)
494
501
{
495
502
u8 rev_key[SERPENT_MAX_KEY_SIZE];
496
503
int i;
497
504
498
-
if ((keylen < SERPENT_MIN_KEY_SIZE)
499
-
|| (keylen > SERPENT_MAX_KEY_SIZE)) {
500
-
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
501
-
return -EINVAL;
502
-
}
503
-
504
505
for (i = 0; i < keylen; ++i)
505
506
rev_key[keylen - i - 1] = key[i];
506
507
507
-
return serpent_setkey(tfm, rev_key, keylen, flags);
508
+
return serpent_setkey(tfm, rev_key, keylen);
508
509
}
509
510
510
511
static void tnepres_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
+1
-4
crypto/tcrypt.c
+1
-4
crypto/tcrypt.c
···
118
118
sg_set_buf(&sg[0], hash_tv[i].plaintext, hash_tv[i].psize);
119
119
120
120
crypto_digest_init(tfm);
121
-
if (tfm->crt_u.digest.dit_setkey) {
122
-
crypto_digest_setkey(tfm, hash_tv[i].key,
123
-
hash_tv[i].ksize);
124
-
}
121
+
crypto_digest_setkey(tfm, hash_tv[i].key, hash_tv[i].ksize);
125
122
crypto_digest_update(tfm, sg, 1);
126
123
crypto_digest_final(tfm, result);
127
124
+2
-14
crypto/tea.c
+2
-14
crypto/tea.c
···
46
46
};
47
47
48
48
static int tea_setkey(struct crypto_tfm *tfm, const u8 *in_key,
49
-
unsigned int key_len, u32 *flags)
49
+
unsigned int key_len)
50
50
{
51
51
struct tea_ctx *ctx = crypto_tfm_ctx(tfm);
52
52
const __le32 *key = (const __le32 *)in_key;
53
-
54
-
if (key_len != 16)
55
-
{
56
-
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
57
-
return -EINVAL;
58
-
}
59
53
60
54
ctx->KEY[0] = le32_to_cpu(key[0]);
61
55
ctx->KEY[1] = le32_to_cpu(key[1]);
···
119
125
}
120
126
121
127
static int xtea_setkey(struct crypto_tfm *tfm, const u8 *in_key,
122
-
unsigned int key_len, u32 *flags)
128
+
unsigned int key_len)
123
129
{
124
130
struct xtea_ctx *ctx = crypto_tfm_ctx(tfm);
125
131
const __le32 *key = (const __le32 *)in_key;
126
-
127
-
if (key_len != 16)
128
-
{
129
-
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
130
-
return -EINVAL;
131
-
}
132
132
133
133
ctx->KEY[0] = le32_to_cpu(key[0]);
134
134
ctx->KEY[1] = le32_to_cpu(key[1]);
+3
-3
crypto/twofish_common.c
+3
-3
crypto/twofish_common.c
···
580
580
ctx->a[(j) + 1] = rol32(y, 9)
581
581
582
582
/* Perform the key setup. */
583
-
int twofish_setkey(struct crypto_tfm *tfm, const u8 *key,
584
-
unsigned int key_len, u32 *flags)
583
+
int twofish_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len)
585
584
{
586
585
587
586
struct twofish_ctx *ctx = crypto_tfm_ctx(tfm);
587
+
u32 *flags = &tfm->crt_flags;
588
588
589
589
int i, j, k;
590
590
···
600
600
u8 tmp;
601
601
602
602
/* Check key length. */
603
-
if (key_len != 16 && key_len != 24 && key_len != 32)
603
+
if (key_len % 8)
604
604
{
605
605
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
606
606
return -EINVAL; /* unsupported key length */
+3
-2
drivers/crypto/padlock-aes.c
+3
-2
drivers/crypto/padlock-aes.c
···
308
308
}
309
309
310
310
static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
311
-
unsigned int key_len, u32 *flags)
311
+
unsigned int key_len)
312
312
{
313
313
struct aes_ctx *ctx = aes_ctx(tfm);
314
314
const __le32 *key = (const __le32 *)in_key;
315
+
u32 *flags = &tfm->crt_flags;
315
316
uint32_t i, t, u, v, w;
316
317
uint32_t P[AES_EXTENDED_KEY_SIZE];
317
318
uint32_t rounds;
318
319
319
-
if (key_len != 16 && key_len != 24 && key_len != 32) {
320
+
if (key_len % 8) {
320
321
*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
321
322
return -EINVAL;
322
323
}
+1
-2
include/crypto/twofish.h
+1
-2
include/crypto/twofish.h
+2
-4
include/linux/crypto.h
+2
-4
include/linux/crypto.h
···
106
106
unsigned int cia_min_keysize;
107
107
unsigned int cia_max_keysize;
108
108
int (*cia_setkey)(struct crypto_tfm *tfm, const u8 *key,
109
-
unsigned int keylen, u32 *flags);
109
+
unsigned int keylen);
110
110
void (*cia_encrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
111
111
void (*cia_decrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
112
112
···
131
131
unsigned int len);
132
132
void (*dia_final)(struct crypto_tfm *tfm, u8 *out);
133
133
int (*dia_setkey)(struct crypto_tfm *tfm, const u8 *key,
134
-
unsigned int keylen, u32 *flags);
134
+
unsigned int keylen);
135
135
};
136
136
137
137
struct compress_alg {
···
397
397
const u8 *key, unsigned int keylen)
398
398
{
399
399
BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_DIGEST);
400
-
if (tfm->crt_digest.dit_setkey == NULL)
401
-
return -ENOSYS;
402
400
return tfm->crt_digest.dit_setkey(tfm, key, keylen);
403
401
}
404
402