crypto: qce/des - switch to new verification routines
authorArd Biesheuvel <ard.biesheuvel@linaro.org>
Thu, 15 Aug 2019 09:01:01 +0000 (12:01 +0300)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 22 Aug 2019 04:57:32 +0000 (14:57 +1000)
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/qce/ablkcipher.c

index a976210ba41cfbac30190be9b48c251b83140b28..7a98bf5cc9672ab26e7a3e0048aced98a844febf 100644 (file)
@@ -7,7 +7,7 @@
 #include <linux/interrupt.h>
 #include <linux/types.h>
 #include <crypto/aes.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
 #include <crypto/internal/skcipher.h>
 
 #include "cipher.h"
@@ -154,27 +154,17 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key,
 {
        struct crypto_tfm *tfm = crypto_ablkcipher_tfm(ablk);
        struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
-       unsigned long flags = to_cipher_tmpl(tfm)->alg_flags;
        int ret;
 
        if (!key || !keylen)
                return -EINVAL;
 
-       if (IS_AES(flags)) {
-               switch (keylen) {
-               case AES_KEYSIZE_128:
-               case AES_KEYSIZE_256:
-                       break;
-               default:
-                       goto fallback;
-               }
-       } else if (IS_DES(flags)) {
-               u32 tmp[DES_EXPKEY_WORDS];
-
-               ret = des_ekey(tmp, key);
-               if (!ret && (crypto_ablkcipher_get_flags(ablk) &
-                            CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))
-                       goto weakkey;
+       switch (keylen) {
+       case AES_KEYSIZE_128:
+       case AES_KEYSIZE_256:
+               break;
+       default:
+               goto fallback;
        }
 
        ctx->enc_keylen = keylen;
@@ -185,24 +175,32 @@ fallback:
        if (!ret)
                ctx->enc_keylen = keylen;
        return ret;
-weakkey:
-       crypto_ablkcipher_set_flags(ablk, CRYPTO_TFM_RES_WEAK_KEY);
-       return -EINVAL;
+}
+
+static int qce_des_setkey(struct crypto_ablkcipher *ablk, const u8 *key,
+                         unsigned int keylen)
+{
+       struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk);
+       int err;
+
+       err = verify_ablkcipher_des_key(ablk, key);
+       if (err)
+               return err;
+
+       ctx->enc_keylen = keylen;
+       memcpy(ctx->enc_key, key, keylen);
+       return 0;
 }
 
 static int qce_des3_setkey(struct crypto_ablkcipher *ablk, const u8 *key,
                           unsigned int keylen)
 {
        struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk);
-       u32 flags;
        int err;
 
-       flags = crypto_ablkcipher_get_flags(ablk);
-       err = __des3_verify_key(&flags, key);
-       if (unlikely(err)) {
-               crypto_ablkcipher_set_flags(ablk, flags);
+       err = verify_ablkcipher_des3_key(ablk, key);
+       if (err)
                return err;
-       }
 
        ctx->enc_keylen = keylen;
        memcpy(ctx->enc_key, key, keylen);
@@ -374,8 +372,9 @@ static int qce_ablkcipher_register_one(const struct qce_ablkcipher_def *def,
        alg->cra_ablkcipher.ivsize = def->ivsize;
        alg->cra_ablkcipher.min_keysize = def->min_keysize;
        alg->cra_ablkcipher.max_keysize = def->max_keysize;
-       alg->cra_ablkcipher.setkey = IS_3DES(def->flags) ?
-                                    qce_des3_setkey : qce_ablkcipher_setkey;
+       alg->cra_ablkcipher.setkey = IS_3DES(def->flags) ? qce_des3_setkey :
+                                    IS_DES(def->flags) ? qce_des_setkey :
+                                    qce_ablkcipher_setkey;
        alg->cra_ablkcipher.encrypt = qce_ablkcipher_encrypt;
        alg->cra_ablkcipher.decrypt = qce_ablkcipher_decrypt;