Commit a628c5a1 authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Herbert Xu
Browse files

crypto: caam/des - switch to new verification routines 



Cc: Horia Geanta <horia.geanta@nxp.com>
Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 05a7238d

drivers/crypto/caam/caamalg.c

+13 −36
Original line number Diff line number Diff line
@@ -628,33 +628,17 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, 
			    unsigned int keylen)

{

	struct crypto_authenc_keys keys;

	u32 flags;

	int err;



	err = crypto_authenc_extractkeys(&keys, key, keylen);

	if (unlikely(err))

		goto badkey;



	err = -EINVAL;

	if (keys.enckeylen != DES3_EDE_KEY_SIZE)

		goto badkey;



	flags = crypto_aead_get_flags(aead);

	err = __des3_verify_key(&flags, keys.enckey);

	if (unlikely(err)) {

		crypto_aead_set_flags(aead, flags);

		goto out;

	}

		return err;



	err = aead_setkey(aead, key, keylen);

	err = verify_aead_des3_key(aead, keys.enckey, keys.enckeylen) ?:

	      aead_setkey(aead, key, keylen);



out:

	memzero_explicit(&keys, sizeof(keys));

	return err;



badkey:

	crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);

	goto out;

}



static int gcm_setkey(struct crypto_aead *aead,
@@ -843,22 +827,15 @@ static int arc4_skcipher_setkey(struct crypto_skcipher *skcipher, 
static int des_skcipher_setkey(struct crypto_skcipher *skcipher,

			       const u8 *key, unsigned int keylen)

{

	u32 tmp[DES3_EDE_EXPKEY_WORDS];

	struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher);



	if (keylen == DES3_EDE_KEY_SIZE &&

	    __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) {

		return -EINVAL;

	}



	if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) &

	    CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {

		crypto_skcipher_set_flags(skcipher,

					  CRYPTO_TFM_RES_WEAK_KEY);

		return -EINVAL;

	return verify_skcipher_des_key(skcipher, key) ?:

	       skcipher_setkey(skcipher, key, keylen, 0);

}



	return skcipher_setkey(skcipher, key, keylen, 0);

static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,

				const u8 *key, unsigned int keylen)

{

	return verify_skcipher_des3_key(skcipher, key) ?:

	       skcipher_setkey(skcipher, key, keylen, 0);

}



static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
@@ -1954,7 +1931,7 @@ static struct caam_skcipher_alg driver_algs[] = { 
				.cra_driver_name = "cbc-3des-caam",

				.cra_blocksize = DES3_EDE_BLOCK_SIZE,

			},

			.setkey = des_skcipher_setkey,

			.setkey = des3_skcipher_setkey,

			.encrypt = skcipher_encrypt,

			.decrypt = skcipher_decrypt,

			.min_keysize = DES3_EDE_KEY_SIZE,
@@ -2073,7 +2050,7 @@ static struct caam_skcipher_alg driver_algs[] = { 
				.cra_driver_name = "ecb-des3-caam",

				.cra_blocksize = DES3_EDE_BLOCK_SIZE,

			},

			.setkey = des_skcipher_setkey,

			.setkey = des3_skcipher_setkey,

			.encrypt = skcipher_encrypt,

			.decrypt = skcipher_decrypt,

			.min_keysize = DES3_EDE_KEY_SIZE,

drivers/crypto/caam/caamalg_qi.c

+6 −30
Original line number Diff line number Diff line
@@ -278,33 +278,17 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, 
			    unsigned int keylen)

{

	struct crypto_authenc_keys keys;

	u32 flags;

	int err;



	err = crypto_authenc_extractkeys(&keys, key, keylen);

	if (unlikely(err))

		goto badkey;



	err = -EINVAL;

	if (keys.enckeylen != DES3_EDE_KEY_SIZE)

		goto badkey;



	flags = crypto_aead_get_flags(aead);

	err = __des3_verify_key(&flags, keys.enckey);

	if (unlikely(err)) {

		crypto_aead_set_flags(aead, flags);

		goto out;

	}

		return err;



	err = aead_setkey(aead, key, keylen);

	err = verify_aead_des3_key(aead, keys.enckey, keys.enckeylen) ?:

	      aead_setkey(aead, key, keylen);



out:

	memzero_explicit(&keys, sizeof(keys));

	return err;



badkey:

	crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);

	goto out;

}



static int gcm_set_sh_desc(struct crypto_aead *aead)
@@ -745,23 +729,15 @@ static int ctr_skcipher_setkey(struct crypto_skcipher *skcipher, 
static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,

				const u8 *key, unsigned int keylen)

{

	return unlikely(des3_verify_key(skcipher, key)) ?:

	return verify_skcipher_des3_key(skcipher, key) ?:

	       skcipher_setkey(skcipher, key, keylen, 0);

}



static int des_skcipher_setkey(struct crypto_skcipher *skcipher,

			       const u8 *key, unsigned int keylen)

{

	u32 tmp[DES_EXPKEY_WORDS];



	if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) &

	    CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {

		crypto_skcipher_set_flags(skcipher,

					  CRYPTO_TFM_RES_WEAK_KEY);

		return -EINVAL;

	}



	return skcipher_setkey(skcipher, key, keylen, 0);

	return verify_skcipher_des_key(skcipher, key) ?:

	       skcipher_setkey(skcipher, key, keylen, 0);

}



static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,

drivers/crypto/caam/caamalg_qi2.c

+11 −25
Original line number Diff line number Diff line
@@ -322,7 +322,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, 
			    unsigned int keylen)

{

	struct crypto_authenc_keys keys;

	u32 flags;

	int err;



	err = crypto_authenc_extractkeys(&keys, key, keylen);
@@ -333,14 +332,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, 
	if (keys.enckeylen != DES3_EDE_KEY_SIZE)

		goto badkey;



	flags = crypto_aead_get_flags(aead);

	err = __des3_verify_key(&flags, keys.enckey);

	if (unlikely(err)) {

		crypto_aead_set_flags(aead, flags);

		goto out;

	}



	err = aead_setkey(aead, key, keylen);

	err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?:

	      aead_setkey(aead, key, keylen);



out:

	memzero_explicit(&keys, sizeof(keys));
@@ -1070,22 +1063,15 @@ static int chacha20_skcipher_setkey(struct crypto_skcipher *skcipher, 
static int des_skcipher_setkey(struct crypto_skcipher *skcipher,

			       const u8 *key, unsigned int keylen)

{

	u32 tmp[DES3_EDE_EXPKEY_WORDS];

	struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher);



	if (keylen == DES3_EDE_KEY_SIZE &&

	    __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) {

		return -EINVAL;

	}



	if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) &

	    CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {

		crypto_skcipher_set_flags(skcipher,

					  CRYPTO_TFM_RES_WEAK_KEY);

		return -EINVAL;

	return verify_skcipher_des_key(skcipher, key) ?:

	       skcipher_setkey(skcipher, key, keylen, 0);

}



	return skcipher_setkey(skcipher, key, keylen, 0);

static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,

			        const u8 *key, unsigned int keylen)

{

	return verify_skcipher_des3_key(skcipher, key) ?:

	       skcipher_setkey(skcipher, key, keylen, 0);

}



static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
@@ -1634,7 +1620,7 @@ static struct caam_skcipher_alg driver_algs[] = { 
				.cra_driver_name = "cbc-3des-caam-qi2",

				.cra_blocksize = DES3_EDE_BLOCK_SIZE,

			},

			.setkey = des_skcipher_setkey,

			.setkey = des3_skcipher_setkey,

			.encrypt = skcipher_encrypt,

			.decrypt = skcipher_decrypt,

			.min_keysize = DES3_EDE_KEY_SIZE,

drivers/crypto/caam/compat.h

+1 −1
Original line number Diff line number Diff line
@@ -32,7 +32,7 @@ 
#include <crypto/null.h>

#include <crypto/aes.h>

#include <crypto/ctr.h>

#include <crypto/des.h>

#include <crypto/internal/des.h>

#include <crypto/gcm.h>

#include <crypto/sha.h>

#include <crypto/md5.h>

CRA Git | Maintained and supported by SUSTech CRA and CCSE