Commit 21f5a15e authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Herbert Xu

crypto: safexcel/des - switch to new verification routines

Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 894b68d8
...@@ -220,7 +220,6 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key, ...@@ -220,7 +220,6 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
struct safexcel_crypto_priv *priv = ctx->priv; struct safexcel_crypto_priv *priv = ctx->priv;
struct crypto_authenc_keys keys; struct crypto_authenc_keys keys;
struct crypto_aes_ctx aes; struct crypto_aes_ctx aes;
u32 flags;
int err = -EINVAL; int err = -EINVAL;
if (crypto_authenc_extractkeys(&keys, key, len) != 0) if (crypto_authenc_extractkeys(&keys, key, len) != 0)
...@@ -241,12 +240,7 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key, ...@@ -241,12 +240,7 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
/* Encryption key */ /* Encryption key */
switch (ctx->alg) { switch (ctx->alg) {
case SAFEXCEL_3DES: case SAFEXCEL_3DES:
if (keys.enckeylen != DES3_EDE_KEY_SIZE) err = verify_aead_des3_key(ctfm, keys.enckey, keys.enckeylen);
goto badkey;
flags = crypto_aead_get_flags(ctfm);
err = __des3_verify_key(&flags, keys.enckey);
crypto_aead_set_flags(ctfm, flags);
if (unlikely(err)) if (unlikely(err))
goto badkey_expflags; goto badkey_expflags;
break; break;
...@@ -1192,16 +1186,12 @@ static int safexcel_cbc_des_decrypt(struct skcipher_request *req) ...@@ -1192,16 +1186,12 @@ static int safexcel_cbc_des_decrypt(struct skcipher_request *req)
static int safexcel_des_setkey(struct crypto_skcipher *ctfm, const u8 *key, static int safexcel_des_setkey(struct crypto_skcipher *ctfm, const u8 *key,
unsigned int len) unsigned int len)
{ {
struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm); struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm);
struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
u32 tmp[DES_EXPKEY_WORDS];
int ret; int ret;
ret = des_ekey(tmp, key); ret = verify_skcipher_des_key(ctfm, key);
if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { if (ret)
tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; return ret;
return -EINVAL;
}
/* if context exits and key changed, need to invalidate it */ /* if context exits and key changed, need to invalidate it */
if (ctx->base.ctxr_dma) if (ctx->base.ctxr_dma)
...@@ -1299,8 +1289,8 @@ static int safexcel_des3_ede_setkey(struct crypto_skcipher *ctfm, ...@@ -1299,8 +1289,8 @@ static int safexcel_des3_ede_setkey(struct crypto_skcipher *ctfm,
struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm); struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm);
int err; int err;
err = des3_verify_key(ctfm, key); err = verify_skcipher_des3_key(ctfm, key);
if (unlikely(err)) if (err)
return err; return err;
/* if context exits and key changed, need to invalidate it */ /* if context exits and key changed, need to invalidate it */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment