Commit 3ca20b65 authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Herbert Xu

crypto: ixp4xx/des - switch to new verification routines

Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 21f5a15e
...@@ -17,7 +17,7 @@ ...@@ -17,7 +17,7 @@
#include <linux/module.h> #include <linux/module.h>
#include <crypto/ctr.h> #include <crypto/ctr.h>
#include <crypto/des.h> #include <crypto/internal/des.h>
#include <crypto/aes.h> #include <crypto/aes.h>
#include <crypto/hmac.h> #include <crypto/hmac.h>
#include <crypto/sha.h> #include <crypto/sha.h>
...@@ -756,10 +756,7 @@ static int setup_cipher(struct crypto_tfm *tfm, int encrypt, ...@@ -756,10 +756,7 @@ static int setup_cipher(struct crypto_tfm *tfm, int encrypt,
} }
cipher_cfg |= keylen_cfg; cipher_cfg |= keylen_cfg;
} else { } else {
u32 tmp[DES_EXPKEY_WORDS]; crypto_des_verify_key(tfm, key);
if (des_ekey(tmp, key) == 0) {
*flags |= CRYPTO_TFM_RES_WEAK_KEY;
}
} }
/* write cfg word to cryptinfo */ /* write cfg word to cryptinfo */
*(u32*)cinfo = cpu_to_be32(cipher_cfg); *(u32*)cinfo = cpu_to_be32(cipher_cfg);
...@@ -851,14 +848,8 @@ static int ablk_setkey(struct crypto_ablkcipher *tfm, const u8 *key, ...@@ -851,14 +848,8 @@ static int ablk_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
static int ablk_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int ablk_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
unsigned int key_len) unsigned int key_len)
{ {
u32 flags = crypto_ablkcipher_get_flags(tfm); return verify_ablkcipher_des3_key(tfm, key) ?:
int err; ablk_setkey(tfm, key, key_len);
err = __des3_verify_key(&flags, key);
if (unlikely(err))
crypto_ablkcipher_set_flags(tfm, flags);
return ablk_setkey(tfm, key, key_len);
} }
static int ablk_rfc3686_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int ablk_rfc3686_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
...@@ -1181,7 +1172,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, ...@@ -1181,7 +1172,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key,
unsigned int keylen) unsigned int keylen)
{ {
struct ixp_ctx *ctx = crypto_aead_ctx(tfm); struct ixp_ctx *ctx = crypto_aead_ctx(tfm);
u32 flags = CRYPTO_TFM_RES_BAD_KEY_LEN;
struct crypto_authenc_keys keys; struct crypto_authenc_keys keys;
int err; int err;
...@@ -1193,12 +1183,8 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, ...@@ -1193,12 +1183,8 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key,
if (keys.authkeylen > sizeof(ctx->authkey)) if (keys.authkeylen > sizeof(ctx->authkey))
goto badkey; goto badkey;
if (keys.enckeylen != DES3_EDE_KEY_SIZE) err = verify_aead_des3_key(tfm, keys.enckey, keys.enckeylen);
goto badkey; if (err)
flags = crypto_aead_get_flags(tfm);
err = __des3_verify_key(&flags, keys.enckey);
if (unlikely(err))
goto badkey; goto badkey;
memcpy(ctx->authkey, keys.authkey, keys.authkeylen); memcpy(ctx->authkey, keys.authkey, keys.authkeylen);
...@@ -1209,7 +1195,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, ...@@ -1209,7 +1195,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key,
memzero_explicit(&keys, sizeof(keys)); memzero_explicit(&keys, sizeof(keys));
return aead_setup(tfm, crypto_aead_authsize(tfm)); return aead_setup(tfm, crypto_aead_authsize(tfm));
badkey: badkey:
crypto_aead_set_flags(tfm, flags);
memzero_explicit(&keys, sizeof(keys)); memzero_explicit(&keys, sizeof(keys));
return err; return err;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment