From patchwork Thu Jun 27 12:02:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167939 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249486ilk; Thu, 27 Jun 2019 05:03:39 -0700 (PDT) X-Google-Smtp-Source: APXvYqzzIk5ZSJTVqafx0OwJrRfkanRbD1xYjkXj9vQQWsv4uHwRRwWAoO3ipl/EP6Y9wqlqxRMx X-Received: by 2002:a65:524b:: with SMTP id q11mr3393103pgp.384.1561637018898; Thu, 27 Jun 2019 05:03:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637018; cv=none; d=google.com; s=arc-20160816; b=UVxTibS9hB0ayztOQYJYOFW4AcHs+o5Et7wVz7ObOeQprVXx/XIcJqJLt4otx/plFB si/VqVWmHhhLQXXd51CRNXQRjUFzQiLxKpvB0IwBzW1+WbZVlTsCFYLm3thR2EpQK2c6 EhfIpcop0VkzQL+wKZZskTrOHCUx2ejtg+L/mytWM5lL6jrTc7cRZvbrWHIirt3Os9OF U8K+jfZITFOqF2BKetCAeI5SNxb03yP4RZ4McHWlc/KQ+oIxDlLBnzr12eK5CY2nZU9n F9DuM++EbvbrJkaZ1E2dmT8oKcj8SlKdRRdSe6ZXEf0NeN3cZNlgvJHn9tdw03dLQwfu PtYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=hai0Lu7faBG5mSfDAFgpAWqlovJTaNKDb9Ui/f2YGWE=; b=RdnjWUxoqFTvGKSZI+clfEcJrsSuPwc8EeOWBA7Fd8ivHQW0SSe+qDcLsW9/8GbylH x9gUsaSVmzF275JyJZmYyTs3FTiZphmbisYcB6OXwmYQbfQ6emPPMlYd0xB64FeGvMAJ jd2shTAdRnmxxGRHt/CD76KuLXLmmgsURmvzTD+RGFmd2vkH71W8i3hzNgr2eC1cAyJM 6/Hi3f3OHooNKK+Cp6Ramdom/cvcuV3lSsvD6ToLpV0NZPZ44Ng82frZbwEyL22jtgC9 hFnh8YELNmF08+9sIrDgQKcjmMU8YLpH/BlNyBtOsXq5ZAXauc6NuMc9Shj1oef5OXyU qbbg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bdL1sSFI; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.38; Thu, 27 Jun 2019 05:03:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bdL1sSFI; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726697AbfF0MDf (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:35 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:36993 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726542AbfF0MDf (ORCPT ); Thu, 27 Jun 2019 08:03:35 -0400 Received: by mail-wm1-f66.google.com with SMTP id f17so5403704wme.2 for ; Thu, 27 Jun 2019 05:03:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hai0Lu7faBG5mSfDAFgpAWqlovJTaNKDb9Ui/f2YGWE=; b=bdL1sSFIqH//pFaPnXFtH7QkVxPCKTCvt2xQDfSDQYMSH2A9wKAEQ/RK7mS6kRwZWb VgIY8WNsnjWrpJHYpMOCI3CaCtK2+JEzblkJ9DQ7z6EvHMmi8sLLHi3UDGiiuWAzhw35 tWAH6wVvK9PXHAE4xr02xQOXjA6tpd1B2lo/hjNQl8n7/sxtLfrAMl5ovdgswV3M6fH5 rTCUQvY1lD0FjUYZkq/611L6kjmwhRV0rQvuNCMivAHijD/Ag76PiFyjIUTjaA9JDvr6 YsAeNy5PIl+JjtQmFbumiMu2ymVeQRzKI1rRmXBY2aHb1KtcVHuq0kEhHatWHBQpa7Ei Qh2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hai0Lu7faBG5mSfDAFgpAWqlovJTaNKDb9Ui/f2YGWE=; b=FM5Wumy+3S5g3sqRCc9aG15ujA/4CHiII8AQLbg2HrL9UmctP040Udv295KeGHIFWo OKUaGsz+lVOfzsf7oFSjLKfSppNDdix3uUlYb3L2zaOIf+EQjZHwUVItMNx29ifSgpZ0 VH9b90kc3VwdaC6BHaY+OoH5yD8ouui846DCYqn7GOxCzvyod+Pkl0BIRCseZB7HFlpx 3bMyZ3yeBz437C+Ujmg3C4DOPIqfxaGZH/hxxIxqOsYmeYtvnqWeMKxA0Q/Af8DYQ/rJ 6bvEMf3TT4NKZ1Pn3Ks+l3DvcSrdOJ7Pbct12TTOttaoLYVo7Ozzqp0rWGxuCNGGz3VJ rRcA== X-Gm-Message-State: APjAAAUSt3OFE8q8SSA1L/yuNo98WRvxpQa1EzofcBRbQV4oAf5fU1/R OL2rMzAhJmmPsZjsY6JO7jtDshWPav1Gig== X-Received: by 2002:a1c:b604:: with SMTP id g4mr3095567wmf.111.1561637012557; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.31 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:31 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 06/30] crypto: caam/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:50 +0200 Message-Id: <20190627120314.7197-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/caam/caamalg.c | 39 ++++++++++---------- drivers/crypto/caam/caamalg_qi.c | 17 +++++---- drivers/crypto/caam/caamalg_qi2.c | 17 +++++---- drivers/crypto/caam/compat.h | 2 +- 4 files changed, 38 insertions(+), 37 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 43f18253e5b6..bc054c119cdf 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -633,7 +633,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -644,12 +643,9 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); @@ -785,20 +781,23 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES3_EDE_EXPKEY_WORDS]; - struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); + int err; - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) { - return -EINVAL; - } + err = crypto_des_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; - if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(skcipher, - CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + return skcipher_setkey(skcipher, key, keylen); +} + +static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, + const u8 *key, unsigned int keylen) +{ + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; return skcipher_setkey(skcipher, key, keylen); } @@ -1899,7 +1898,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "cbc-3des-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, @@ -2018,7 +2017,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "ecb-des3-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c index 32f0f8a72067..3e29d4ba14e0 100644 --- a/drivers/crypto/caam/caamalg_qi.c +++ b/drivers/crypto/caam/caamalg_qi.c @@ -296,7 +296,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -307,12 +306,9 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); @@ -697,8 +693,13 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: - skcipher_setkey(skcipher, key, keylen); + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; + + return skcipher_setkey(skcipher, key, keylen); } static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c index 06bf32c32cbd..edf619f33b44 100644 --- a/drivers/crypto/caam/caamalg_qi2.c +++ b/drivers/crypto/caam/caamalg_qi2.c @@ -329,7 +329,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -340,12 +339,9 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); @@ -999,8 +995,13 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: - skcipher_setkey(skcipher, key, keylen); + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; + + return skcipher_setkey(skcipher, key, keylen); } static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, diff --git a/drivers/crypto/caam/compat.h b/drivers/crypto/caam/compat.h index 8639b2df0371..60e2a54c19f1 100644 --- a/drivers/crypto/caam/compat.h +++ b/drivers/crypto/caam/compat.h @@ -32,7 +32,7 @@ #include #include #include -#include +#include #include #include #include