crypto: bcm/des - switch to new verification routines
authorArd Biesheuvel <ard.biesheuvel@linaro.org>
Thu, 15 Aug 2019 09:00:47 +0000 (12:00 +0300)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 22 Aug 2019 04:39:38 +0000 (14:39 +1000)
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/bcm/cipher.c

index 1c23e452700bc067c878e17d243721fd337f1377..f85356a48e7ea0ceb9aa5df83872c7ec8dc8722c 100644 (file)
@@ -24,7 +24,7 @@
 #include <crypto/aead.h>
 #include <crypto/internal/aead.h>
 #include <crypto/aes.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
 #include <crypto/hmac.h>
 #include <crypto/sha.h>
 #include <crypto/md5.h>
@@ -1802,24 +1802,13 @@ static int des_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
                      unsigned int keylen)
 {
        struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher);
-       u32 tmp[DES_EXPKEY_WORDS];
-
-       if (keylen == DES_KEY_SIZE) {
-               if (des_ekey(tmp, key) == 0) {
-                       if (crypto_ablkcipher_get_flags(cipher) &
-                           CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) {
-                               u32 flags = CRYPTO_TFM_RES_WEAK_KEY;
+       int err;
 
-                               crypto_ablkcipher_set_flags(cipher, flags);
-                               return -EINVAL;
-                       }
-               }
+       err = verify_ablkcipher_des_key(cipher, key);
+       if (err)
+               return err;
 
-               ctx->cipher_type = CIPHER_TYPE_DES;
-       } else {
-               crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
-               return -EINVAL;
-       }
+       ctx->cipher_type = CIPHER_TYPE_DES;
        return 0;
 }
 
@@ -1827,23 +1816,13 @@ static int threedes_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
                           unsigned int keylen)
 {
        struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher);
+       int err;
 
-       if (keylen == (DES_KEY_SIZE * 3)) {
-               u32 flags;
-               int ret;
-
-               flags = crypto_ablkcipher_get_flags(cipher);
-               ret = __des3_verify_key(&flags, key);
-               if (unlikely(ret)) {
-                       crypto_ablkcipher_set_flags(cipher, flags);
-                       return ret;
-               }
+       err = verify_ablkcipher_des3_key(cipher, key);
+       if (err)
+               return err;
 
-               ctx->cipher_type = CIPHER_TYPE_3DES;
-       } else {
-               crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
-               return -EINVAL;
-       }
+       ctx->cipher_type = CIPHER_TYPE_3DES;
        return 0;
 }
 
@@ -2868,40 +2847,16 @@ static int aead_authenc_setkey(struct crypto_aead *cipher,
 
        switch (ctx->alg->cipher_info.alg) {
        case CIPHER_ALG_DES:
-               if (ctx->enckeylen == DES_KEY_SIZE) {
-                       u32 tmp[DES_EXPKEY_WORDS];
-                       u32 flags = CRYPTO_TFM_RES_WEAK_KEY;
-
-                       if (des_ekey(tmp, keys.enckey) == 0) {
-                               if (crypto_aead_get_flags(cipher) &
-                                   CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) {
-                                       crypto_aead_set_flags(cipher, flags);
-                                       return -EINVAL;
-                               }
-                       }
+               if (verify_aead_des_key(cipher, keys.enckey, keys.enckeylen))
+                       return -EINVAL;
 
-                       ctx->cipher_type = CIPHER_TYPE_DES;
-               } else {
-                       goto badkey;
-               }
+               ctx->cipher_type = CIPHER_TYPE_DES;
                break;
        case CIPHER_ALG_3DES:
-               if (ctx->enckeylen == (DES_KEY_SIZE * 3)) {
-                       u32 flags;
-
-                       flags = crypto_aead_get_flags(cipher);
-                       ret = __des3_verify_key(&flags, keys.enckey);
-                       if (unlikely(ret)) {
-                               crypto_aead_set_flags(cipher, flags);
-                               return ret;
-                       }
-
-                       ctx->cipher_type = CIPHER_TYPE_3DES;
-               } else {
-                       crypto_aead_set_flags(cipher,
-                                             CRYPTO_TFM_RES_BAD_KEY_LEN);
+               if (verify_aead_des3_key(cipher, keys.enckey, keys.enckeylen))
                        return -EINVAL;
-               }
+
+               ctx->cipher_type = CIPHER_TYPE_3DES;
                break;
        case CIPHER_ALG_AES:
                switch (ctx->enckeylen) {