From patchwork Sat Jun 22 00:30:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167435 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376639ilk; Fri, 21 Jun 2019 17:31:58 -0700 (PDT) X-Google-Smtp-Source: APXvYqwPeF1bF7kEVyKD4iQKwCWgu2WdbW1waS4Cqufx9opoY/c81pb6HK2D35nbuoiPj6gB4EPR X-Received: by 2002:a63:3710:: with SMTP id e16mr20954290pga.391.1561163517940; Fri, 21 Jun 2019 17:31:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163517; cv=none; d=google.com; s=arc-20160816; b=vUVTT6GxBfDNwCaFY2x4VLJY5Lk4n+bzgT+dc24Hf4l0j0LLN6aP8cxXeyxQUvgSoL 8UI6LUyU3iaQjOxKi/f3Os0txHroVJddWMGd/WrVoEBeQdrTi01rjujKfjwfjVZoB5DJ X0ag07AvmY2s2yI6ftty+mqtbhtBi1GbL6tBRQStbZ+QyXrqT3I5vf6ZGxmkJpqPUBWY WN8OxYN7jgMPNhHVc9LKGwfzLKvGhGI2SwUoDEW0pSsP9IHcaj4tYhps69JG9jvBcVQy jbqRvnETXk4lZYC8fUc84mvvEBeGIprvCO65H9EO36NTLMLaqYG5G9x3XYoMrH3MFNgY 7BAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Sw/4V5sz4cIIWmh9i5YRPfjfh8aZfarMIo8BE1tJa7w=; b=gaKgdcOjoOBrFL5JDhEGgpH1W0W2bmB6HSIdKg4HcoeKxyatr956Rm/+K7Caqn9K7d fprV2xIBM/8+y8cX8JmwOgkvoOXCmx1FYcWgQAH90/fxzGrPsxC6ZZf+jBM+uIFji26E SEYNiVayepzwfGBs/F5NJR48fzDAaNNJIVTG0fxTN6QPz78yFVCGxRfTdlYaXjmvGafU 2IoM/X9xdXvsdd87PDKhpIhZqTwsRBMYUIBpheBezN5dhinRb6wRDx3Ivw3s8ve+qEYt 3OXIjQJGWE2QiPT3/u6ctKlAK9Ia7uIr/N6NUC7UwzzQro+7uoSCuWZPJXLWOz5Uy47j mtFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="BMYJq+/N"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.57; Fri, 21 Jun 2019 17:31:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="BMYJq+/N"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726192AbfFVAb5 (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:57 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:55786 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAb4 (ORCPT ); Fri, 21 Jun 2019 20:31:56 -0400 Received: by mail-wm1-f66.google.com with SMTP id a15so7712190wmj.5 for ; Fri, 21 Jun 2019 17:31:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Sw/4V5sz4cIIWmh9i5YRPfjfh8aZfarMIo8BE1tJa7w=; b=BMYJq+/N9GxpN65F8iED9JT99dekl5Go9ylqrT1O++r1GZDncutoa6nDMEicIpw7a1 9fx9MeEOt3jd+Fd0WzzRs9FwU5brKRGEwu1Y1DLfR5gq7D9KeCPKOs/oV9SeUQJIXZjh 1AjE00EopH8Y+JpcKdJM3g9SSB0y7ZrWdWdrR3nMnBZ45h32f3NyUcqfIlTShUvXJRme LO9VrvsngCefYf2XhIedQVxu0C7CgdKRtitkpjmARgw9A7oJOZ5RpFJAQxvKKx22VOmQ 633V4nr1I2RMtoMzLWD1CIxQh4NMoHIho86SqowuB+WS9k7daQoibRYt+R8GMulRAJ0U sF2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Sw/4V5sz4cIIWmh9i5YRPfjfh8aZfarMIo8BE1tJa7w=; b=k17d6Fqrc0iy7oKFhTh5+h8kvxuu275bbh7dMHHy33ynESxZ0lM4IRjSRW3Wjd/n5g PsTO2pgfKnB/3EUzTTfPcY7gBamB0hVq/mPTDLxr+2JOA6dhW7Bp4KsQ8+Uj/YwSLl8P Pe13zHmeLVv7UGR4ODjj/uEpgFlnVoux6qCeprvINh7C35Drs6Y41NQu2bXw1xN6ILf0 sfSLAzdCyH5LT4JVOqjKPkl72uORsqzvDliJWNhoH6PFJEIwY+59dmK1E7CfgrnfsJuc D5Zug2nt866N0KeODLO3u2V0VhCfXIKkKkjp2YY52280LMuwu75JovRazontEfqcjUzx QKlA== X-Gm-Message-State: APjAAAWtm1dRwOBE/ci4Hf8Oguby4NJ8KXQ1JAfVxSILwRThE6d4QakL Yt3eD6oW4X7ghLgoZKX6hU+ebZElblbfT8mR X-Received: by 2002:a7b:cd15:: with SMTP id f21mr5259669wmj.99.1561163514784; Fri, 21 Jun 2019 17:31:54 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:54 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 10/30] crypto: ccree/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:52 +0200 Message-Id: <20190622003112.31033-11-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccree/cc_aead.c | 15 ++++----------- drivers/crypto/ccree/cc_cipher.c | 12 +++--------- 2 files changed, 7 insertions(+), 20 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c index 7aa4cbe19a86..254f5be1f49f 100644 --- a/drivers/crypto/ccree/cc_aead.c +++ b/drivers/crypto/ccree/cc_aead.c @@ -6,7 +6,7 @@ #include #include #include -#include +#include #include #include "cc_driver.h" #include "cc_buffer_mgr.h" @@ -663,23 +663,16 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); if (unlikely(err)) goto badkey; - err = -EINVAL; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) - goto badkey; - - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey, + keys.enckeylen); + if (unlikely(err)) goto out; - } err = cc_aead_setkey(aead, key, keylen); diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index 5b58226ea24d..e4dcfbfef446 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -412,15 +412,9 @@ static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key, */ if (ctx_p->flow_mode == S_DIN_to_DES) { u32 tmp[DES3_EDE_EXPKEY_WORDS]; - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, - DES3_EDE_KEY_SIZE)) { - dev_dbg(dev, "weak 3DES key"); - return -EINVAL; - } else if (!des_ekey(tmp, key) && - (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; + if ((keylen == DES3_EDE_KEY_SIZE && + des3_ede_verify_key(tfm, key, keylen)) || + des_verify_key(tfm, key, keylen)) { dev_dbg(dev, "weak DES key"); return -EINVAL; }