From patchwork Mon Aug 5 17:00:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170577 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4536753ile; Mon, 5 Aug 2019 10:00:58 -0700 (PDT) X-Google-Smtp-Source: APXvYqwk75vWqCEvFQW2qE7cz9LTTEnf5IGJksfXkpTlmi9Mcdurhq79ff96e8YsRgR0EGxVFFyr X-Received: by 2002:a62:e301:: with SMTP id g1mr70882097pfh.119.1565024458675; Mon, 05 Aug 2019 10:00:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024458; cv=none; d=google.com; s=arc-20160816; b=gqhqLP5mAXlINBjeq1jcxoa4SDiwgvk1I0DUKwrHmKdjIxf52qGa/VXwjySg0juX5G 3smf/75fPSmxkyaxvIDRcp06hDUnkA0nOEXlEOeUSDTN+KyVP/O+rehal1EQqxVtALSl xaYfN/BHCg2LlCmTaTNh746w9dSOLX55AaN88fODyX0F60qJsw8sNkbtq+TxVIADQ3vU fIZxDtOTHB8bgmKa1J/znBhBs0lJur/gmZPZD4Mr8a7BAqjzPEi8rIJdFzkNQ2QJsfR3 CjUPmoYKocKM0MAYkuz+ZvvRK9AaCbIs/NChLf4htjOZ3owu/WeZx8noipRVePzGbIEw 3Aqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=hSDBYKF708e7z4RH+WD+TNa+d9tldjOVBDmu19DDFN8=; b=VLsCnaKTMTluAPlaPTxU1+aQnc93OVyUzZXcjyrSPTq+QAYgFQnRpd9yOqF1oFZcbZ jM2yyDYRK/MFJWP0BAElQuaKVorml/ReYAtUVV2ZUxKa4OdC/XVD7LSIISHb3gXjluhm c37vBKCYKtUlzR44yI4mhH+tZ9Pd906reVr91xltF95N8aJwaX66J1n55iXmV9iRUQxU KB1umk8VjF9yOsZc/qbnxfTmmrYShGM/lNM8cYkZ179ShFUQCExJSx6HSRbVx2Vi3tSR JAW2uNnfC/2YiYeAJxiNYlieTvmKxXdXqRzs6YxUkma9aSfhDNpx7ZR6TGHk+w/TX6Uf O3Og== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=m6Yb3zCN; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c10si44634073pgw.174.2019.08.05.10.00.58; Mon, 05 Aug 2019 10:00:58 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=m6Yb3zCN; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727328AbfHERA6 (ORCPT + 3 others); Mon, 5 Aug 2019 13:00:58 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:55457 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726693AbfHERA5 (ORCPT ); Mon, 5 Aug 2019 13:00:57 -0400 Received: by mail-wm1-f67.google.com with SMTP id a15so75447277wmj.5 for ; Mon, 05 Aug 2019 10:00:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=hSDBYKF708e7z4RH+WD+TNa+d9tldjOVBDmu19DDFN8=; b=m6Yb3zCNoVTrTSaM6L9mYp1v08xefp+vqvxrs//Ue6rmrU6JrZAB8DwQT4Ml2f1rA2 a67K/MvM/VyZWwmJ/HzxWaYhxodMc25uLwe/Jfmn6Jajvub/XjorxjoSkJpCs3SdpXCX qaJrgC9zC1h4VDlNl8MV+HxBOJfsBuYaCWizcWcAgghyjhmqlW/dl4QSOPvfM3uNHtwl J+n71fwrz6lWy6cZHZnMbu2tsfBxgVQDDTL07/DbUKbagGIAeogjr/ZQ1J0fQPscjxbH gLZkLnyIdRg+Go6SNI5Qbq3vQFK0pjMfunOzcn7fxIIAo/16bRzihmbBiPX2A6+k0kuu Vntw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=hSDBYKF708e7z4RH+WD+TNa+d9tldjOVBDmu19DDFN8=; b=ChPp7RFg80BKiDxrwBidG2/ccrJVESzoYL1wOKqKqZGsJfEWWMRegTLB+ssUVhe6g4 OqwuE+GKEpBD+ERFM2Cnb/PA4GfsJ/yp7sNHm4rsd1jAQXMM0Sf+oRKXjPiXpvSgcLAo ml2igfa52hN5T4dSbdnq2epXXje+3jU9hFsDAJ1cVyBJzqggrnAtWblyBmkOgj324hOr btIeiqwm0MR+7b1MwG30J74uR1/eWBOA/U3IYWXcsdRhet8/ogMxXMC8C0lYhh1Rvbzo WrA8bbfgf7fe6Kb7Pqn2vSWN5VyuzgFYM/Tn6PHLbLumuixPiOF8ANiKLqySSMUI6CCt p2sQ== X-Gm-Message-State: APjAAAWU2H38GMoq9sz3m+xMsBaNd8Bu32NRPdwLwyQwTgWSKsOb+kHL OERcROpfcstcAa9eYOmGkZLR6D+fuytj+w== X-Received: by 2002:a1c:4d05:: with SMTP id o5mr19268112wmh.63.1565024454701; Mon, 05 Aug 2019 10:00:54 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.00.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:00:54 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 01/30] crypto: des/3des_ede - add new helpers to verify keys Date: Mon, 5 Aug 2019 20:00:08 +0300 Message-Id: <20190805170037.31330-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The recently added helper routine to perform key strength validation of triple DES keys is slightly inadequate, since it comes in two versions, neither of which are highly useful for anything other than skciphers (and many drivers still use the older blkcipher interfaces). So let's add a new helper and, considering that this is a helper function that is only intended to be used by crypto code itself, put it in a new des.h header under crypto/internal. While at it, implement a similar helper for single DES, so that we can start replacing the pattern of calling des_ekey() into a temp buffer that occurs in many drivers in drivers/crypto. Signed-off-by: Ard Biesheuvel --- crypto/des_generic.c | 13 --- include/crypto/internal/des.h | 95 ++++++++++++++++++++ 2 files changed, 95 insertions(+), 13 deletions(-) -- 2.17.1 diff --git a/crypto/des_generic.c b/crypto/des_generic.c index dc085514408a..c4d8ecda4ddf 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -841,19 +841,6 @@ static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) d[1] = cpu_to_le32(L); } -/* - * RFC2451: - * - * For DES-EDE3, there is no known need to reject weak or - * complementation keys. Any weakness is obviated by the use of - * multiple keys. - * - * However, if the first two or last two independent 64-bit keys are - * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the - * same as DES. Implementers MUST reject keys that exhibit this - * property. - * - */ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h new file mode 100644 index 000000000000..aad576bad8ad --- /dev/null +++ b/include/crypto/internal/des.h @@ -0,0 +1,95 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * DES & Triple DES EDE key verification helpers + */ + +#ifndef __CRYPTO_INTERNAL_DES_H +#define __CRYPTO_INTERNAL_DES_H + +#include +#include +#include + +/** + * crypto_des_verify_key - Check whether a DES is weak + * @tfm: the crypto algo + * @key: the key buffer + * + * Returns -EINVAL if the key is weak and the crypto TFM does not permit weak + * keys. Otherwise, 0 is returned. + * + * It is the job of the caller to ensure that the size of the key equals + * DES_KEY_SIZE. + */ +static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) +{ + u32 tmp[DES_EXPKEY_WORDS]; + int err = 0; + + if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) + return 0; + + if (!des_ekey(tmp, key)) { + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + err = -EINVAL; + } + + memzero_explicit(tmp, sizeof(tmp)); + return err; +} + +/* + * RFC2451: + * + * For DES-EDE3, there is no known need to reject weak or + * complementation keys. Any weakness is obviated by the use of + * multiple keys. + * + * However, if the first two or last two independent 64-bit keys are + * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the + * same as DES. Implementers MUST reject keys that exhibit this + * property. + * + */ + +/** + * crypto_des3_ede_verify_key - Check whether a DES3-EDE is weak + * @tfm: the crypto algo + * @key: the key buffer + * + * Returns -EINVAL if the key is weak and the crypto TFM does not permit weak + * keys or when running in FIPS mode. Otherwise, 0 is returned. Note that some + * keys are rejected in FIPS mode even if weak keys are permitted by the TFM + * flags. + * + * It is the job of the caller to ensure that the size of the key equals + * DES3_EDE_KEY_SIZE. + */ +static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, + const u8 *key) +{ + int err = -EINVAL; + u32 K[6]; + + memcpy(K, key, DES3_EDE_KEY_SIZE); + + if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || + !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && + (fips_enabled || (crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) + goto bad; + + if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) + goto bad; + + err = 0; +out: + memzero_explicit(K, DES3_EDE_KEY_SIZE); + return err; + +bad: + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + goto out; +} + +#endif /* __CRYPTO_INTERNAL_DES_H */ From patchwork Mon Aug 5 17:00:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170578 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4536879ile; Mon, 5 Aug 2019 10:01:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqx0goi/k5JPVEQOtyC08chUFWk0k8t/4giCywmP7Dyu/4kcypTFgVqAoiSPoFSfjsaMQf7J X-Received: by 2002:a17:90a:8d0d:: with SMTP id c13mr18451063pjo.137.1565024464485; Mon, 05 Aug 2019 10:01:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024464; cv=none; d=google.com; s=arc-20160816; b=kVBfBJB0GYUHLLh4fxdWvVQVxUFS5ChQ81za9SkuOvb50W25IIj+bvBVJ6QB74rO6T o2zzLtvdW32l1mjpaiGLRgPJD6ufUUytbhTcftmvboXCgHuHF2WULq9kMAcRHw4ypZRv AhikcPH41O6mpyF91fZAeytGyHY2Gvt8Tvp1Fa0Dg4gbIR9yU70Q3XBXMWzV3W2/mlwp PEeYOkF8lo+Ej3WFE7FQFwv3oxlRhpRTy9V325kybqBUefs278jZSz8z2EPZmyTHGzwo gxswhIFZsmtVsvnEE7PO+w4+BFByAmIEgjYLxHqBms7ZMTnZuBPUT+teKkcKjrFSB5kL MFKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=e7IS2nH8ZNOjec7mEagc+LEP/YCyqMciJcqRs9vNQlw=; b=0cKRegYQ4Ow7zcAWIClerOR3tVr1AN89kroH3Q4mLYJ3JOs80Vv7Bh5Zj5tSOdZkzK jWVfOM5UP2IbaG8RkyYjKpCUm3WrJYX4RzTjvB3faVn7r0bN9Jwn5dJeXxvHQeL6R0tf AU7tXdv1QzHUwcVGE+YllQtDGL0xAV2yaIVVcdL1H36W1KrDrlaxiA9IYu6x6ShEzeng klmm4CM3Fn7/8eQ7jaSell1LI2Rw9AHcwcmW/y+Ew7k7zysBIeRIXLs5ICRmxGAY1+bE SSCvinODWP34ql7D/LCEptE1IlyLTVMbcgNTcNymW/bD2f3v5NRYe+DRpnuLAP3PsfnY jkGA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=fcqCksm5; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c10si44634073pgw.174.2019.08.05.10.01.04; Mon, 05 Aug 2019 10:01:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=fcqCksm5; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728818AbfHERBD (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:03 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:55484 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726693AbfHERBD (ORCPT ); Mon, 5 Aug 2019 13:01:03 -0400 Received: by mail-wm1-f65.google.com with SMTP id a15so75447699wmj.5 for ; Mon, 05 Aug 2019 10:01:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=e7IS2nH8ZNOjec7mEagc+LEP/YCyqMciJcqRs9vNQlw=; b=fcqCksm5lit9oi2/1OGPdFzBlMKwMgaId+mPF4mn7jmbMZZ81XpK/Vj9npWbiHcoDm NI05MRlDY1wllLzna8Tm/PVR/ZH6sV0hnSZnvciuaJkKZgBMFblz5s0pcBG113tFV4/g kDfquONsAy297yDZ0GlzAKIpW9q+lWPvpZybeaCGDd1O2Z7rQjJ5TU/AuS01XAYEHWVc KlHahEgTgM8BsgQyTpab8S3Tf3QUJ+6ofoOKzXiPPq0a2OXrmDe2kMxbfrtWfsWKnLET 5T0PtRjVouAOEewJ+prPwoO6XIKd07uyUvNDMd8zcIn/4tnx9PUKC+Gilc7+aI2JrNoR pPVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=e7IS2nH8ZNOjec7mEagc+LEP/YCyqMciJcqRs9vNQlw=; b=F/3yh8mVBAXyPg1buEbOLyRX/igMZunXuEk1DVveSsBSm+QohtdGigR43Z0VtfW8HE 5+ger/+1fRcLnfpkfMzfm7OLng1FuDZwTesXQEMo9/9WJGRikxhtfNzKfgZ9UTIEVWW+ EaRRo1hrAJ8Xplc6p0xxHI24E1/W9WI1aMlQEYYXayc8AKd6JC5RjQiO/NulKn1XvlsA 6ntNY9ZzAt4QsZtaOX8VRf+HL8IQnOnGurxFYWGvunKKDQ6+zWd+FA3I4XLHdqHCknsg p5h8OBbgTtduR7z68Vql4L/epg6HzbW2M8AW6hfxsKiwq4w9BGu07bp3+i9w7hUIrvsd STEw== X-Gm-Message-State: APjAAAVMPNDrYywARCf2U3++q+eZGWtTpnXjrLsTmSH7jwo2wPw36UuG hShrV+PzbQBC+J/Bk+34dKxy8CW3VntKtA== X-Received: by 2002:a7b:c38c:: with SMTP id s12mr18953783wmj.71.1565024461266; Mon, 05 Aug 2019 10:01:01 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.00.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:00 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 02/30] crypto: s390/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:09 +0300 Message-Id: <20190805170037.31330-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Acked-by: Harald Freudenberger Signed-off-by: Ard Biesheuvel --- arch/s390/crypto/des_s390.c | 25 +++++++++----------- 1 file changed, 11 insertions(+), 14 deletions(-) -- 2.17.1 diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c index 374b42fc7637..f56a84751fdb 100644 --- a/arch/s390/crypto/des_s390.c +++ b/arch/s390/crypto/des_s390.c @@ -16,7 +16,7 @@ #include #include #include -#include +#include #include #define DES3_KEY_SIZE (3 * DES_KEY_SIZE) @@ -35,27 +35,24 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - /* check for weak keys */ - if (!des_ekey(tmp, key) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; memcpy(ctx->key, key, key_len); return 0; } -static void des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); cpacf_km(CPACF_KM_DEA, ctx->key, out, in, DES_BLOCK_SIZE); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); @@ -76,8 +73,8 @@ static struct crypto_alg des_alg = { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_setkey, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt, + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt, } } }; @@ -227,8 +224,8 @@ static int des3_setkey(struct crypto_tfm *tfm, const u8 *key, struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); int err; - err = __des3_verify_key(&tfm->crt_flags, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(tfm, key); + if (err) return err; memcpy(ctx->key, key, key_len); From patchwork Mon Aug 5 17:00:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170579 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4536951ile; Mon, 5 Aug 2019 10:01:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqz5zeuih7XatlbYw+1tJrBhYzQ3oin+xhfSe0cql574upfnayA6m3n/Vi328zzhn7aRg7/T X-Received: by 2002:a17:90a:246f:: with SMTP id h102mr18889525pje.126.1565024468892; Mon, 05 Aug 2019 10:01:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024468; cv=none; d=google.com; s=arc-20160816; b=IT9FySwSNq8hPnBLsXMpZ92iMq8c4n2Z4cZdVQ+mK6a6Z0FHXsQ8BWnR8xN8Y5AVHk stKji5tqvCwQ61gQ5o9d/xHpJrIanTQTVug8oftB5218Huz/0WH4Iykf9U+POjH9u9aQ OFwevKGEjQmaUDemqSJgpsp10yYtb/8M6owdGCQPJyN1OXjP7EeBPZnzblWbwRoCruyX /XfE1CIlRSaV86/KmUXTvvpj3xEgfU+l9NlWSVfyZeWqZUAie3/JNo8i/0S/0AMMb0L9 OeWz9ym/IDoOtfQFiqfiwpR+zmrMreTewI0oXoM5958Vv3Pb176jBA9byCC4WljaFM0P lN+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=0olW9Dc75sxTuyqPpnPJsPbpEsG79ZHgzibe3D5v6gk=; b=o54eMF1hMNhdxXRgbZwP8QLLmV5Hpo7Gd1ZkUMWN1jcYQm6IR0n88+xDyZBewnCLk2 wV10Kh8v39tOH2lPsDe83H4lzktBX27jIO1j7des6Cnb1RMaYA3HAU72M0hePuS4pt6O 5uy7s/HBCofLSJo7dHeqYmND9iTaTgr8HYbUnmDXFuuOVgmOTnVgcow12peChwUp1DxE Hm7KyYhlVqu/JqPoGcpFSeeblIrZPugu/OA2WPCcvgFkW92KTmk3w5Nd5v6hKHkBTNyo XoPKQ35bPIEXwNrCY+AoHDyHZaAxG4G/8vkvdjtmZOrMmRNkBPQecztg3jsTqqveR1VU NfQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bG96f0ys; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c10si44634073pgw.174.2019.08.05.10.01.08; Mon, 05 Aug 2019 10:01:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bG96f0ys; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728851AbfHERBI (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:08 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:35644 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726693AbfHERBI (ORCPT ); Mon, 5 Aug 2019 13:01:08 -0400 Received: by mail-wr1-f67.google.com with SMTP id y4so85151490wrm.2 for ; Mon, 05 Aug 2019 10:01:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=0olW9Dc75sxTuyqPpnPJsPbpEsG79ZHgzibe3D5v6gk=; b=bG96f0ysp5ezYCORy9z9sQml6o3D8NnAXnTpohUhhQ6nwnHPzBFueMTmQAEhKTYFVr 8dSm7+w+X9HAwampfTXpvmR0uLHeIgFPtQQTJ6nfDlfNOTUeKrRs4syxZ9l7ChmfeW8Z 1+30/JloBeE1AOiZnUg8GSkUiYkQDCG3ZEVDDRD0pG4olB52DkVG0e45SFQjCGrcE0Wo F3OzVmrsptANayy9MnJCvglzrs+/g2qTBrmWa59k+rW+E73f/pPL9o10ZrVOIgyWDqaA Mq0wTw9mvugH8l5eWjxoVOlTEGA/ZxP/lBD6C+QJJ/tYXMdwf5PIiKxD3vFnMZk2jI6T mAyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=0olW9Dc75sxTuyqPpnPJsPbpEsG79ZHgzibe3D5v6gk=; b=KMT383WniQUyV9Ku6G3xPA46kVXO0JBSvYS6inWt8GniFfiBvfDjGDxO+vbH7MON+8 pXWT4Qt8m1wCb9ecSs54NJDvVwuGaCkhwJOpnKWzOmpl2eG9hpviVPJzBdGlJKEKxCNW RlfdH8Rn4NKnEVSeiYOIeiMcbmLmjcagrO9yW9u2KU1ffdJuJUJZsZ28dl/r2sx7eFzr zB99W2dRjiQncGn9Uzn2gBhGqrGLnPb/pYMn2bvaOH0zzv7NCN80uy1pqikgRR+yfnBW 6ER1UC9NcP7PpkKPixCZOA2KfK/oXAgXFMXlId8OnVYB+xPs6yRDxGEc0EwaCI1IFjJa SM4w== X-Gm-Message-State: APjAAAXzL4aaH2oPLUkTHMs+P1Vivh7QyWesuElQdPd9VgRq0LdUViiE JdSJX5dE67qqCUH8Gu/UTrPYOAqL9ylHbg== X-Received: by 2002:adf:e343:: with SMTP id n3mr125254624wrj.103.1565024464805; Mon, 05 Aug 2019 10:01:04 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:04 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 03/30] crypto: sparc/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:10 +0300 Message-Id: <20190805170037.31330-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/sparc/crypto/des_glue.c | 37 +++++++++----------- 1 file changed, 16 insertions(+), 21 deletions(-) -- 2.17.1 diff --git a/arch/sparc/crypto/des_glue.c b/arch/sparc/crypto/des_glue.c index 281448f72c90..5b631dc31497 100644 --- a/arch/sparc/crypto/des_glue.c +++ b/arch/sparc/crypto/des_glue.c @@ -12,7 +12,7 @@ #include #include #include -#include +#include #include #include @@ -45,19 +45,15 @@ static int des_set_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des_sparc64_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; + int err; /* Even though we have special instructions for key expansion, - * we call des_ekey() so that we don't have to write our own + * we call des_verify_key() so that we don't have to write our own * weak key detection code. */ - ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; des_sparc64_key_expand((const u32 *) key, &dctx->encrypt_expkey[0]); encrypt_to_decrypt(&dctx->decrypt_expkey[0], &dctx->encrypt_expkey[0]); @@ -68,7 +64,7 @@ static int des_set_key(struct crypto_tfm *tfm, const u8 *key, extern void des_sparc64_crypt(const u64 *key, const u64 *input, u64 *output); -static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->encrypt_expkey; @@ -76,7 +72,7 @@ static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des_sparc64_crypt(K, (const u64 *) src, (u64 *) dst); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->decrypt_expkey; @@ -202,14 +198,13 @@ static int des3_ede_set_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_sparc64_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; u64 k1[DES_EXPKEY_WORDS / 2]; u64 k2[DES_EXPKEY_WORDS / 2]; u64 k3[DES_EXPKEY_WORDS / 2]; int err; - err = __des3_verify_key(flags, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(tfm, key); + if (err) return err; des_sparc64_key_expand((const u32 *)key, k1); @@ -235,7 +230,7 @@ static int des3_ede_set_key(struct crypto_tfm *tfm, const u8 *key, extern void des3_ede_sparc64_crypt(const u64 *key, const u64 *input, u64 *output); -static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des3_ede_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->encrypt_expkey; @@ -243,7 +238,7 @@ static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des3_ede_sparc64_crypt(K, (const u64 *) src, (u64 *) dst); } -static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des3_ede_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->decrypt_expkey; @@ -390,8 +385,8 @@ static struct crypto_alg algs[] = { { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_set_key, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt } } }, { @@ -447,8 +442,8 @@ static struct crypto_alg algs[] = { { .cia_min_keysize = DES3_EDE_KEY_SIZE, .cia_max_keysize = DES3_EDE_KEY_SIZE, .cia_setkey = des3_ede_set_key, - .cia_encrypt = des3_ede_encrypt, - .cia_decrypt = des3_ede_decrypt + .cia_encrypt = crypto_des3_ede_encrypt, + .cia_decrypt = crypto_des3_ede_decrypt } } }, { From patchwork Mon Aug 5 17:00:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170580 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537036ile; Mon, 5 Aug 2019 10:01:12 -0700 (PDT) X-Google-Smtp-Source: APXvYqwjVSNRy6Aw/KLj9Z2s4BqIC+/yxKBl1qUfjOYdtWj4ANWUSDGgSX1egGrpAOuubYAok1KZ X-Received: by 2002:a62:3283:: with SMTP id y125mr75285414pfy.83.1565024472239; Mon, 05 Aug 2019 10:01:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024472; cv=none; d=google.com; s=arc-20160816; b=suwDO0QjHI9XklFJIcpEHogWROAbCYY7XXLgqws4cGd2XkUdEY0ll4590k5wdpUPzE 7g5o9fAR6ZjZiab0E2E521uaMt1StfZICPypV+MmVPV28etQR+KxmLWEvsYXVfaisvTx AZvjRr4SiknmSauqTn1MlR0NRZ+szzUqD0sIPiRqpwDWRep5YX+eaU1nTBgTS2oAXqZe l8XyjR9dSWt4ByPWR0Q/hpPxksFqYtRdpNBmOSb9nN5hKfpSIxwcOboAlWardh09e5KL E0MH++a2XtEZpd99poAgJ7U4FY0FGk+OLjCZWjiRW8RCAXeCZwaOxD/CXa/J0P7O6uSX oTSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=UaFeIJVkdrrw/rHVyeG7FW2dacd7QIWLt424KK353nA=; b=tv12fL94l0CCOe+0PqW+BkzbNrj0Tt5Rx6Z98VLuChaxf478mik8K46r0ED3EYi+oo osW6Rnx/SQg18yqmDmZF6+BdAZJ+Zrtw5k7PXOnzEWbc2UVDTS2ARyknJE5ZhA5QcfRN aULBIgwXv+aRbA9v5UUMYy2P+V59IveKaQkwjlWkH47IfzBFgXByloUQ0C+7NHy98Wi/ fjwlM+W6L/ULFYIMcsyVWxTNPTMNVILCYM8NpwxF8UkYXrqLAQ1pux5Qd90sneP7wgbe Etp3IT4a483dvpk5XDkVCO0zvnuKp/LBvzlOUrq4HeIwvIGixajgHfoSQlBB6g6zphIK 81dw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="qh5/u+tN"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c10si44634073pgw.174.2019.08.05.10.01.12; Mon, 05 Aug 2019 10:01:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="qh5/u+tN"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728886AbfHERBL (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:11 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:39216 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726693AbfHERBL (ORCPT ); Mon, 5 Aug 2019 13:01:11 -0400 Received: by mail-wm1-f66.google.com with SMTP id u25so63356272wmc.4 for ; Mon, 05 Aug 2019 10:01:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=UaFeIJVkdrrw/rHVyeG7FW2dacd7QIWLt424KK353nA=; b=qh5/u+tNP38v3vR8pSIfog3UhGhSUVTn37qlhEudFCxYh8pYPh9cSJHMdyyDXQn/3y sL00KeVt5Gxttqo9et3o6kIUFJ2zw0D8eo/vYD7u8+TSXzc/FOxxOgwwmi48fL3ww7tW wcpTErW8rO7yo9ttQsYNpsFckceMFUBHHP5H/8gdHmw3i3fAkEWreKW+djB1WUk+U+VN sN6AioHkfubYfxHeOn8dfMDUpW+fjx566bxQb9HGMdyRtxl8k4fPqLHfSow1tExq2kJz qiks3keC/0NN94jQAmx9dzS55Yy771rmreQ0Vml8LyC7GenTWb+TG2CuQbxJFnnReaF/ BKnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=UaFeIJVkdrrw/rHVyeG7FW2dacd7QIWLt424KK353nA=; b=paAcuPMtViM9T+xOuUw+HuzDpjiqLgl6dIaqquO9DyQx6Yvoe7TgeCen65CUONBWmG G5nMlIrMVNkdSEnIb+Kvx66lrI/O0GMogSadq+vGXWooDmLI2ThA4ZSCeSKb5djhAt5B +QyRxdX19q9zQokMo7/R+IxHJHjwHirQ/HcxUhSPm2Tf4ldY3MZUuZ4bsIOhu0OuF9O+ mQFaRAChWuCMmBwWzZzBtk6YYByX5pH4wh0haklfnu+kR0imlSt5yg0SXMa6ZNETnhpN ++HMYe4mOSOaGvi0aGMHyYK6cnHErARSGit7EQz/oMfrF6I245bzMu2d/3vYZgUqUDuN +O3Q== X-Gm-Message-State: APjAAAWQvp7VaP+0dNyi1LnMMj56lq1cHlaZ/tJ6yZGWtPwQX/2Efudk 7EmampcLm28GfQDNoS3Pdne2lmp4Q+7Mtw== X-Received: by 2002:a7b:c251:: with SMTP id b17mr20120586wmj.143.1565024468705; Mon, 05 Aug 2019 10:01:08 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:08 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 04/30] crypto: atmel/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:11 +0300 Message-Id: <20190805170037.31330-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/atmel-tdes.c | 28 +++++--------------- 1 file changed, 7 insertions(+), 21 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/atmel-tdes.c b/drivers/crypto/atmel-tdes.c index fa76620281e8..4e1d9ca3a347 100644 --- a/drivers/crypto/atmel-tdes.c +++ b/drivers/crypto/atmel-tdes.c @@ -33,7 +33,7 @@ #include #include #include -#include +#include #include #include #include @@ -773,22 +773,12 @@ static void atmel_tdes_dma_cleanup(struct atmel_tdes_dev *dd) static int atmel_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - int err; - struct crypto_tfm *ctfm = crypto_ablkcipher_tfm(tfm); - struct atmel_tdes_ctx *ctx = crypto_ablkcipher_ctx(tfm); + int err; - if (keylen != DES_KEY_SIZE) { - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - err = des_ekey(tmp, key); - if (err == 0 && (ctfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - ctfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (err) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -800,15 +790,11 @@ static int atmel_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { struct atmel_tdes_ctx *ctx = crypto_ablkcipher_ctx(tfm); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(tfm, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (err) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Mon Aug 5 17:00:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170581 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537152ile; Mon, 5 Aug 2019 10:01:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqydrdF06vZdKJPwXD+teDKJ2+0zQ+8HrQcYqjAfwLrfv/BUUd74WTVFUK03j2qi1b6AwtsD X-Received: by 2002:aa7:8651:: with SMTP id a17mr73332733pfo.138.1565024477242; Mon, 05 Aug 2019 10:01:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024477; cv=none; d=google.com; s=arc-20160816; b=nH16jHTzgfvW+sbRGJZLmbolbSmlP+DM7j0OdAoBMLkDDz91Xqgu7LJlEk0qH8GAwi jd9CPsFsGtLx3/JHhKe+maCveEfFkpYzbZSgUbN71sWD9g6hMsk4FtFZVW6AqjVBAYN1 NDIpF9x3Trnat2Phu+GbehymfM9xEJUVfuCZOJGg3ovRo4fA3qWNHMk/xukOPPFtZ0fv IHWS78OZXTpeMc+CknQZ+z3y4E0iPKyxZ98/+vDHtbcx2MxDidOf8+pye7ufxNZTYOnI tokiQbanVtdoGwl1AZ3HRmOgJnilbiooxibfPutQnTS4Do9SULnp+t7SxcVJZuHOoU0+ 1g1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=1skf/16VMTsy4/8YdQYg+FGNGjDWW/YmRxDC16RubmA=; b=iCzfeNagWCMOQSIFb65mLgHcKIQd23mnLn0UYRrWrPKFt5wUM7pOHYBVAa7cYZEM8H 37TQ7d8WC56cOKxWYZyi9TNBxrOResHTK7E+9DwOCiGDm3Orsxg8VMMtk3xTz5KZc+kH UXCrXMn6CMNDQmTCPU8kdHNLEE4+BwxNLqDyGJUfJCt37jhqfWmEP+cN6rJwnT/OFDMN kRCEY1XgT7yMkLewOLChi/BJpea7PNzJhAb+qcMuG7595mBChwjmCgHMFDAxwkjYzaFS YnI+CdlAxDvezA/BD8OFJFnpVe4cO/HtIg6pmKSXhynBqQwFjUecZtotc7Mhrtv1bg5t paYQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=jrdksNqW; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c10si44634073pgw.174.2019.08.05.10.01.17; Mon, 05 Aug 2019 10:01:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=jrdksNqW; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728843AbfHERBQ (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:16 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:36940 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726693AbfHERBQ (ORCPT ); Mon, 5 Aug 2019 13:01:16 -0400 Received: by mail-wr1-f65.google.com with SMTP id n9so60059897wrr.4 for ; Mon, 05 Aug 2019 10:01:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=1skf/16VMTsy4/8YdQYg+FGNGjDWW/YmRxDC16RubmA=; b=jrdksNqWvQXJFmtLTjlY+Ah3a6ZQgkAyKDhX4zTNj6E7M6FuA1+Af4185U26SUtcX6 G70XmCtYkzl2/hfktrgQyC8t+H4sMjDK1iIzzipjX2fBnhI41vgPQzp1a5PreJsjfgjN yjarnirAeNqRGc8nvsMQCt3tegZ+E1rp3X/hCxGuSZTiWN2z0QFRqzmmJP7FMDyvUKAN 6P9lpIpTtaMNbmCcP60kfMCyM7Vxik/LKDxKLJEW9/bMHhQYuCkxMfjgwvA0dfBg0LcB y2YT/Sg9zxlyGBssB8v7uKD29nudN2/gCYNMU/gZD66DF+lj6oGuogjzzb5QISA/Dgx8 twKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=1skf/16VMTsy4/8YdQYg+FGNGjDWW/YmRxDC16RubmA=; b=ILQ/GCjhVY/4SNXTUz0gY0gTNwHk3BS9YmOf1tHUw/OnUOEvJSaXUfaPOA/PjKwzlB f5VJprxaQb0GLhRRfr6MtqpsPbZbXdIjPlkw7ck0Uw/Jn4ldQCSj13G+8yYGk8Dv4uPs W6c+CoBZ728H1VhsZtqtLgxUJJkBxdSzQzwyPjPu1WVFkFMzCqAopnmKhhy0ugtg+D/x X3/vz2iuHXmIYDIIUDfSm8+Qae0kuq9vTAONp27R403onc6kVl2DUn/h/mC1kGn19ugA cRhU4d8yjf5pHtz1pn4v6Q3sZ4c8Arhw1kgvgKeZp8KoP+sBdzx/vLEEr+mrNpTjiQKS N5XQ== X-Gm-Message-State: APjAAAX67MJKN8JIWkF2qX61z3rJbcSEy29SKaH6QkXDkoRXw8Rp7z3k MJV3HbrmX0PxwhTgtszOiKdTAHOo33uR7w== X-Received: by 2002:adf:f3c1:: with SMTP id g1mr26896670wrp.203.1565024473011; Mon, 05 Aug 2019 10:01:13 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:12 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 05/30] crypto: bcm/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:12 +0300 Message-Id: <20190805170037.31330-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/bcm/cipher.c | 82 +++++--------------- 1 file changed, 20 insertions(+), 62 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/bcm/cipher.c b/drivers/crypto/bcm/cipher.c index 1c23e452700b..064c6433b417 100644 --- a/drivers/crypto/bcm/cipher.c +++ b/drivers/crypto/bcm/cipher.c @@ -24,7 +24,7 @@ #include #include #include -#include +#include #include #include #include @@ -1802,24 +1802,13 @@ static int des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher); - u32 tmp[DES_EXPKEY_WORDS]; - - if (keylen == DES_KEY_SIZE) { - if (des_ekey(tmp, key) == 0) { - if (crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - u32 flags = CRYPTO_TFM_RES_WEAK_KEY; + int err; - crypto_ablkcipher_set_flags(cipher, flags); - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; - ctx->cipher_type = CIPHER_TYPE_DES; - } else { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + ctx->cipher_type = CIPHER_TYPE_DES; return 0; } @@ -1827,23 +1816,13 @@ static int threedes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher); + int err; - if (keylen == (DES_KEY_SIZE * 3)) { - u32 flags; - int ret; - - flags = crypto_ablkcipher_get_flags(cipher); - ret = __des3_verify_key(&flags, key); - if (unlikely(ret)) { - crypto_ablkcipher_set_flags(cipher, flags); - return ret; - } + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; - ctx->cipher_type = CIPHER_TYPE_3DES; - } else { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + ctx->cipher_type = CIPHER_TYPE_3DES; return 0; } @@ -2868,40 +2847,19 @@ static int aead_authenc_setkey(struct crypto_aead *cipher, switch (ctx->alg->cipher_info.alg) { case CIPHER_ALG_DES: - if (ctx->enckeylen == DES_KEY_SIZE) { - u32 tmp[DES_EXPKEY_WORDS]; - u32 flags = CRYPTO_TFM_RES_WEAK_KEY; - - if (des_ekey(tmp, keys.enckey) == 0) { - if (crypto_aead_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - crypto_aead_set_flags(cipher, flags); - return -EINVAL; - } - } + if (keys.enckeylen != DES_KEY_SIZE || + crypto_des_verify_key(crypto_aead_tfm(cipher), keys.enckey)) + return -EINVAL; - ctx->cipher_type = CIPHER_TYPE_DES; - } else { - goto badkey; - } + ctx->cipher_type = CIPHER_TYPE_DES; break; case CIPHER_ALG_3DES: - if (ctx->enckeylen == (DES_KEY_SIZE * 3)) { - u32 flags; - - flags = crypto_aead_get_flags(cipher); - ret = __des3_verify_key(&flags, keys.enckey); - if (unlikely(ret)) { - crypto_aead_set_flags(cipher, flags); - return ret; - } - - ctx->cipher_type = CIPHER_TYPE_3DES; - } else { - crypto_aead_set_flags(cipher, - CRYPTO_TFM_RES_BAD_KEY_LEN); + if (keys.enckeylen != DES3_EDE_KEY_SIZE || + crypto_des3_ede_verify_key(crypto_aead_tfm(cipher), + keys.enckey)) return -EINVAL; - } + + ctx->cipher_type = CIPHER_TYPE_3DES; break; case CIPHER_ALG_AES: switch (ctx->enckeylen) { From patchwork Mon Aug 5 17:00:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170582 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537233ile; Mon, 5 Aug 2019 10:01:21 -0700 (PDT) X-Google-Smtp-Source: APXvYqxm2rTwbtEStTQqWdvVYeMeJKrsZchJeMdjXcR0OrB3Rn6yhAEBJIYvD1HleGyDcmOcB6KA X-Received: by 2002:a65:64c6:: with SMTP id t6mr140237246pgv.323.1565024481195; Mon, 05 Aug 2019 10:01:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024481; cv=none; d=google.com; s=arc-20160816; b=J7jxOuklGtKd7xIaVn1AJB1dsrOYFWdLH61+Ru/uxA9n1KgESBxo0SyhAmjxiWJe1+ YaN/Rv77k7+U+PY7REvyXDtM3lmLQtGfVlJq8PbGGYFUT4XQl8VzrStw6pfHPEKNjS4v ZhL3G5IJXnNbBNFclLwREV8q5lwhWGTTrTYhST3mEtQiLs1NvipsqE3Y0nJu4mkPPSc+ N3Kebk8Na5jAZpmVVevA76/G1mGAcbmPQgKgJo42UqycH655NiunVU+lOkzcrzRt7zTG izV4dZROAuhfwrAe1qtJQmWdNULj2vVNfAf4LFZtQhgsGD/CmkWRKMbbZBWELA52qWjC V9dA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=aIqb06WnXywRgFtmsJq9WcxVFMYjcVLwHYMd8Hx3xAQ=; b=Y8PrGmKpRV6ojm7ixdcWl1QbMTbO+ZY3g4ulJClQitGgsZhCf5xOOuLbdWSC9Tex/u ZUcSKxhYOqpxuhXC1/Pr82Xj18coP/fXxPo5y8xT0Xl2kAVYxL9jOUMSVEdyqtYzbFFD ahTd2dl0q7LkpSmQmq2tQDPpTth8UbWpFIfth0Vo9FVLc75MjoUO77BMiKTR6fk/1dtB e4C56BA86RCiyi1NG+C69k6Mf/LTElbZY0pcEWeFjAEi7esONsCkLNXkj9KjPil/s+kh YgWLz9s2RWMFulwDr2BALyRuyTjdHGFVD639HJMW+h2Lo3v+fdwPYUj/Kfj3nWvkduX6 Ai7g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=AhBzHp5W; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c10si44634073pgw.174.2019.08.05.10.01.21; Mon, 05 Aug 2019 10:01:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=AhBzHp5W; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726693AbfHERBU (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:20 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:43140 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728837AbfHERBU (ORCPT ); Mon, 5 Aug 2019 13:01:20 -0400 Received: by mail-wr1-f68.google.com with SMTP id p13so10569775wru.10 for ; Mon, 05 Aug 2019 10:01:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=aIqb06WnXywRgFtmsJq9WcxVFMYjcVLwHYMd8Hx3xAQ=; b=AhBzHp5W+qL03ZU5fpGSbBLYOjrH/keJ/5u+CdncRrvMuvD+uGH3KTTj/ZYYcYApdo VtpqjQmuMIiT48AT4InUpBjQwABJXggb9igeRxtogjeAw1AcJSUsbW0D6kznPf5nzS62 urKv7tWY0xQI9PTVggr3EYmtcfR8rzktx6pa/FzXsoGh5U0gudBlTX3jNYqwDSw/NLdg cTa88B5WmnLilUCbM0KrEtLyNFgxuqWw9+kDLwlcRdqKHGetL3RMt0RlCv/JryJM2/0T wx+QEtot2NxHvrTIkOkKI+J+m8NTgPVYVmTr5I6EzfBq0PBCrYrV/JojWGJN68WuUwQb 4KIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aIqb06WnXywRgFtmsJq9WcxVFMYjcVLwHYMd8Hx3xAQ=; b=KLtD59danDIjwSurv+PQmapUC1mVbHliMxdq9Dr8Je9G9aN/b1EKqSoMAYXs9QHgFn A8RTKk9h4m9vwCPGhd5X1Jwf+ap2QfBdLM16JgOxefL5j+S4Plk1dD/OImxV6jZr5AY0 KzhnGluwItu1WLvRUWAVM+pbfJinINnM+nvUEsJ80a/e8S0n+GTKFAOO2W4c2tVWclbK dsQUWJT3arj/WDFeHNR9OHr4bUjZbqJ6VywRYHI9f1j14GqqzdDbECTMurZklVtUkrUM DJ9rekqxvJ4Sy2TIIeYNphRlqMv0WU8NBDTE/wu+iJ09OrXIpGGFvSS9729lM2fjxRAT W9MA== X-Gm-Message-State: APjAAAUFtXqfTw8O3mFfIIiGG7LXpUuKT9MNG18LaCogn07vBfxxK5/a cPE7X8FkpTda3A9S4V0csB0gW748E0wuNw== X-Received: by 2002:adf:e343:: with SMTP id n3mr125255358wrj.103.1565024477186; Mon, 05 Aug 2019 10:01:17 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:16 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 06/30] crypto: caam/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:13 +0300 Message-Id: <20190805170037.31330-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Tested-by: Horia Geantă Signed-off-by: Ard Biesheuvel --- drivers/crypto/caam/caamalg.c | 38 +++++++------------- drivers/crypto/caam/caamalg_qi.c | 13 ++----- drivers/crypto/caam/caamalg_qi2.c | 13 ++----- drivers/crypto/caam/compat.h | 2 +- 4 files changed, 19 insertions(+), 47 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 43f18253e5b6..9a9a55263b17 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -633,7 +633,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -644,14 +643,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); - goto out; - } - - err = aead_setkey(aead, key, keylen); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: + aead_setkey(aead, key, keylen); out: memzero_explicit(&keys, sizeof(keys)); @@ -785,22 +778,15 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES3_EDE_EXPKEY_WORDS]; - struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); - - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) { - return -EINVAL; - } - - if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(skcipher, - CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + return crypto_des_verify_key(crypto_skcipher_tfm(skcipher), key) ?: + skcipher_setkey(skcipher, key, keylen); +} - return skcipher_setkey(skcipher, key, keylen); +static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, + const u8 *key, unsigned int keylen) +{ + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?: + skcipher_setkey(skcipher, key, keylen); } static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, @@ -1899,7 +1885,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "cbc-3des-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, @@ -2018,7 +2004,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "ecb-des3-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c index 32f0f8a72067..b3868c996af8 100644 --- a/drivers/crypto/caam/caamalg_qi.c +++ b/drivers/crypto/caam/caamalg_qi.c @@ -296,7 +296,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -307,14 +306,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); - goto out; - } - - err = aead_setkey(aead, key, keylen); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: + aead_setkey(aead, key, keylen); out: memzero_explicit(&keys, sizeof(keys)); @@ -697,7 +690,7 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?: skcipher_setkey(skcipher, key, keylen); } diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c index a78a36dfa7b9..66a11ef7fd96 100644 --- a/drivers/crypto/caam/caamalg_qi2.c +++ b/drivers/crypto/caam/caamalg_qi2.c @@ -330,7 +330,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -341,14 +340,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); - goto out; - } - - err = aead_setkey(aead, key, keylen); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: + aead_setkey(aead, key, keylen); out: memzero_explicit(&keys, sizeof(keys)); @@ -1000,7 +993,7 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key) ?: skcipher_setkey(skcipher, key, keylen); } diff --git a/drivers/crypto/caam/compat.h b/drivers/crypto/caam/compat.h index 8639b2df0371..60e2a54c19f1 100644 --- a/drivers/crypto/caam/compat.h +++ b/drivers/crypto/caam/compat.h @@ -32,7 +32,7 @@ #include #include #include -#include +#include #include #include #include From patchwork Mon Aug 5 17:00:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170583 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537376ile; Mon, 5 Aug 2019 10:01:27 -0700 (PDT) X-Google-Smtp-Source: APXvYqwyzukctMf9dkK+5IDNAkrKGtMO3PlIMENsWzdVbB67kGXDDXqN2a8iZD2mdBRLUmJSLZ0U X-Received: by 2002:a17:902:6ac6:: with SMTP id i6mr146082202plt.233.1565024487468; Mon, 05 Aug 2019 10:01:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024487; cv=none; d=google.com; s=arc-20160816; b=U/XcXkxcTOe2GESa6+B8wbhAF0z8gqKlBWOe7WHT6uJK4c9NelAGNNM6cuVlDhEIxm TerDDPQsPymUv6CDYlUGnig26OXrvzZr0Bx/OqG1/QSkJZPHa0JPU92Sfo7KpYDQf+zM IfGXAGT4vPOqcpLkASfUfjL1IqPOAL5U54x+nuons6U4/9XxOplDAzrYcIqmIVDVlOoc RuwGIZfael8aySUKVQ+SAcv/IomsH1YcE5YocBuX4w5oAoPU172aoF0lr6kssAOxYmVE ek4YC2GWImFTcSk2eYqxR3dkgeRJpcXXzF6Er3gSgZFIJg9nxpMydIM5y7YczEoY2rdp xI+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=d/q+PwBQn82PwNRadEPbRZlT98TrFpoVZO1F6BU3qYI=; b=M2W2oYn3b7urkYCZGVhbUOcw3W5uU2KWeEsCF0qgZta6shb+Gz4IlsIHEtbHWVbXt5 qV76c1/DTJG1itWPwkH6aSrrQmYwS34wr80EatPaLjfW2ajJONO0hd+BavvwVuKzywFH NUYD34GDmGENsav3a92u1ttoMgNI7rmcpsU7AzElry3waF7AeAoflOj69J+qrZkS7V5h Od0UQWoW9B0+1RkbCumU0G5tnfqp+k1FgL+alZc1NeRGy9eXl1TcOb0hB85OrMhTnqxA 4Zi25yx6UItN/ue+b/yPGTk2w6gpqLv8m7Re1LvIVUMizhv+Mz113WjFVTAh6v1gYK5N 94OA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=NFTi5Ft8; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b61si41087117plb.401.2019.08.05.10.01.27; Mon, 05 Aug 2019 10:01:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=NFTi5Ft8; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728797AbfHERB0 (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:26 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:39240 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728935AbfHERBZ (ORCPT ); Mon, 5 Aug 2019 13:01:25 -0400 Received: by mail-wm1-f66.google.com with SMTP id u25so63356959wmc.4 for ; Mon, 05 Aug 2019 10:01:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=d/q+PwBQn82PwNRadEPbRZlT98TrFpoVZO1F6BU3qYI=; b=NFTi5Ft8w1d17W5i86cJTf0YRanGNjWsoNOMmVrybgokPa+SItmv6eq2nCPL124cKQ 3gTnlpdPjlgvoDE1xCg2mCUdEAZSTN9XPlnvjWd5+CTWIDfi1BdztBRWNVkssUJ2fgvk bPS6idypXkSrTtZg5oRzCGUVzp6B8EOo6G4ZJn2IK4T3GpYbbhWN9KvTEGS9amD+M6Lc 9x9B3llP3bOzJF2zhK0EFfzUjxC9zH44+JiL9mlMbDhK0vhRyWlUrdRDPpFTw0WW9h6G xgI+ZqFN88XF1zz5R9V26adZ8KwkI8yCPkgAO0f+2REPzNEFgMiLIyCzqB0nCh5S/j+B npMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=d/q+PwBQn82PwNRadEPbRZlT98TrFpoVZO1F6BU3qYI=; b=mRPrsv9xrGe5yDoyamvnepgfvKSxVFdFte+UU5wpNrs+raLuA9StqFZTyY6+quPDmF VxHAmRxzwJ4FRnhT5cSD9weMRje0oMF8tBA32JzWUBJv9z/SdpVUm1wTbqAbT94yLaqM rAe0Cp3N7ZEy2LwB+qw9Z3NY5qGFjCtZhPoyzmShqKJXfp3ZXgsAyBAR5yQJkOZgCZCt lpuG7f5XHH9oGFKi3ux+ZLpdd0KLG8G+3ahssXyahXtxGaNm/LTLyc8mrA/bykKkWJV3 6Keg78P0lzcXTJ/oHvGre0wn6G+UBoyXY8hFyXfYe5YJty1IaWtalqL4JkMGI1Pnk+D5 7jAQ== X-Gm-Message-State: APjAAAUWxr0bqXLY9EPWXpg4MrR338L6f+7LVQjnvtl8b2iSXqJrr4Jc FDxPMo1qA9RXdBiqZPopa0RqlnJetrSqwg== X-Received: by 2002:a1c:5f87:: with SMTP id t129mr20675862wmb.150.1565024482968; Mon, 05 Aug 2019 10:01:22 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:22 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 07/30] crypto: cpt/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:14 +0300 Message-Id: <20190805170037.31330-8-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/cavium/cpt/cptvf_algs.c | 26 ++++---------------- 1 file changed, 5 insertions(+), 21 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/cavium/cpt/cptvf_algs.c b/drivers/crypto/cavium/cpt/cptvf_algs.c index ff3cb1f8f2b6..aa349d95cc2c 100644 --- a/drivers/crypto/cavium/cpt/cptvf_algs.c +++ b/drivers/crypto/cavium/cpt/cptvf_algs.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include #include @@ -322,31 +322,15 @@ static int cvm_cfb_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, static int cvm_cbc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, u32 keylen) { - u32 flags = crypto_ablkcipher_get_flags(cipher); - int err; - - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); - return err; - } - - return cvm_setkey(cipher, key, keylen, DES3_CBC); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + cvm_setkey(cipher, key, keylen, DES3_CBC); } static int cvm_ecb_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, u32 keylen) { - u32 flags = crypto_ablkcipher_get_flags(cipher); - int err; - - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); - return err; - } - - return cvm_setkey(cipher, key, keylen, DES3_ECB); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + cvm_setkey(cipher, key, keylen, DES3_ECB); } static int cvm_enc_dec_init(struct crypto_tfm *tfm) From patchwork Mon Aug 5 17:00:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170584 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537482ile; Mon, 5 Aug 2019 10:01:31 -0700 (PDT) X-Google-Smtp-Source: APXvYqyvI0tjQBGcvP/OA7h17YuAEFoOqrYR9mGEPEmii5p+56KTsYwl5uqqrvxj+PYGEinhcX6v X-Received: by 2002:a62:7a8a:: with SMTP id v132mr73791636pfc.103.1565024491101; Mon, 05 Aug 2019 10:01:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024491; cv=none; d=google.com; s=arc-20160816; b=xDXMZgh6s+t4r1JJnR+6060g4CwjGB3pRuHBBOjRG6i8VH85l54Fd9XqoJidmqR8OV qzcfSoY4UDS9AuUEPUeXCjUJ6N/qLgcU28c/UF/8zmx35bU7O2RTm8kkGVb24Cvj1pcs wgCNZQBo81j6iFQydA9BAHc7uHO0kThce1iB4cXkgpom/3lUs/IupPw5VEMKgBMRygpp DXIxJoc7SV5my3mjUwB3bAtPyGDTo4SHpQc4YqJ3L1toSUFCHsbx/h9O25i8Dt2tYdRM gy6O1sFTzpuUNClt2Zukydk6dYeTnW+O8X9VgkrIdgB6w6gZV2UQ+8rNZNwpj77EclTH 4qyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=6M1f+n+9jHNDiBKrjrAwxjEkDG8P40fV2Q/ea83mMEM=; b=ZAfeWvEvVbH12u+tC3sYuz10O5oYfI3xjOCg81MjHVCp3gF2NejGfwmMplefd8tBal IL/5khPeQf7UEdpW0uTzTqKsEouTWLPUdfM9Z60cavTZzlhOHl62CZ93GahrPwj1m1KE kVnjAJevlg/U/90SbUN7qpwsNFHZGu22iOw3HoULs7xs+6w24dkLexpai+SBPTueIH9G uBVhBjK0PBoSV5YqNCR6BHv1VN3xUZ4B+Yo7JnW4sN59Ek4Tig309JQogI0a/0Ymy3/m 84bsx/xNB6Av237RcnKHy3Nec3mUZJt/sA0487McOTCCZa8nck9paA2bbNQMu2vo7946 IcFg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=St6WmCG8; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b61si41087117plb.401.2019.08.05.10.01.30; Mon, 05 Aug 2019 10:01:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=St6WmCG8; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728935AbfHERBa (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:30 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:39434 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728871AbfHERBa (ORCPT ); Mon, 5 Aug 2019 13:01:30 -0400 Received: by mail-wr1-f65.google.com with SMTP id x4so31968925wrt.6 for ; Mon, 05 Aug 2019 10:01:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=6M1f+n+9jHNDiBKrjrAwxjEkDG8P40fV2Q/ea83mMEM=; b=St6WmCG8nefGsebP0J3JjPh6ZBzWEmpmsFI+67FPfEnJ+5CfilnvMYeZ2UmDjAF95N O+iubhzS8tRaqeo2qtMiYaZLAal4NsZwS3PoDmCtXZQHZ+gvZqwy8bzI0q0tNt7eUuEw wvsZqMbpoQX4DNJau1vWoHI3kwbyELbUQFq2cG1LUzeUzo0KY4BbMAeKW2dk9/RLzQHv f5VoQw++HjJ7zzY+WuX6r+d67wmyyrkFEb2dN5EOv1T4Ixy+l1AjOH94T3BzMbTn5OGx sYddTvDGJbA8lu8L2OIutNT0Np9mhTE8HZQrHNHTL4Se5d51Thi0K/csyOv8rKAeRD3D KvwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=6M1f+n+9jHNDiBKrjrAwxjEkDG8P40fV2Q/ea83mMEM=; b=SpNr4xsEviGn71V7ZXEX5khkR84BCJif5Fzd7ADb2hjt5wagGw9VqUrPZ0DpoPYrT5 VBiOquHWLKIETCZjLbQUm6bopLdh5O/xwQoTN6EgLdbMKz42WecEc/NtnR+UhrHiw+81 jFqExHVE/H39RmSwryFnywavpG7n/G/cN1OLctToWMljKkeyquL9X2lodc/IPZzVUmwB oXBkGmn5RB3aSqico/FF8XNXyfp5uyJmoPUO75/RDtXYhL886iPo4Yz7PheqfPC3aQHs fd1ghceB/6osqm46WQ2B/rHRygC1xXJm0m+JtoD/++Kfqr/roJa2teFrDx8om36NOHPX 3T1w== X-Gm-Message-State: APjAAAUp0EblvEu0Qoi3MiGiq6NOZgwWst/kvYciqUpxc2KbF+yon6Ve w2v7okBBTmnPJmbyaZkfgaVM10tzEYqFWA== X-Received: by 2002:adf:e883:: with SMTP id d3mr78057279wrm.330.1565024487991; Mon, 05 Aug 2019 10:01:27 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:27 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 08/30] crypto: nitrox/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:15 +0300 Message-Id: <20190805170037.31330-9-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/cavium/nitrox/nitrox_skcipher.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c index 7e4a5e69085e..9d3bd1b589e0 100644 --- a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c +++ b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include "nitrox_dev.h" @@ -257,7 +257,7 @@ static int nitrox_aes_decrypt(struct skcipher_request *skreq) static int nitrox_3des_setkey(struct crypto_skcipher *cipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(cipher, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(cipher), key) ?: nitrox_skcipher_setkey(cipher, 0, key, keylen); } From patchwork Mon Aug 5 17:00:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170585 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537605ile; Mon, 5 Aug 2019 10:01:37 -0700 (PDT) X-Google-Smtp-Source: APXvYqwDxNV/jJFSEF7abH3jKOw9mTzo/0KZxajneK8WPreC2lcXHQ5aEfbyr+08J1Yc7UDKbu4y X-Received: by 2002:a17:90a:214e:: with SMTP id a72mr19762509pje.0.1565024497354; Mon, 05 Aug 2019 10:01:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024497; cv=none; d=google.com; s=arc-20160816; b=A7OHdtAdzhgoOFXOjMBM0VQ7E+25hoNGYhQr50hD2LNQCnNxAxOlZU1M50wnIgs5IF LSx3+kpSzNIMijALONi4osuyZJ4IZeiD5Ho4ORVg/wxJYRT8gPIeJ2akFNrtaPWTwPZJ 3Q1ayBdvy4hp75dSsk7R1bCz2+4mYfm9gGJp97V+g4NtgQeOGYwslvlQdKW+Glx4wWr0 0YPbkIDMSLlSjrNUgJpxpHneDRZ4dBKymYQgRj/r3ORXVD3Z1mX21m/VafO9g8VDeMGY /qVALQ7/u+lmmuVh0DBu2fZq3+gthiR+ZU5+rrlweDphavjYpeCFATTkPiiGFITqHQnk 5kNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=XCfq0cibkHau/c01ce7pT9k2NNgLItL6s6kRL+GZ0sg=; b=Zf/JpZlM7jxq2CFfBiWu6mqsu6M5pSFZksmc5YaYcvzC+wdfbCJPUzXOI7jQd+67k7 scWYAGl9BrfYI5Zvof78Y3WK1ALa7as5F6CROQSe10hwE2d0w3IGOHGZnrtHWVIveqAU z0zBMJovkZL+8zAddz7LTQNhW3N6Xphf0z2aXf5/XkpEnknPvPbRjIZaovu+p9RKChUS HsYjSHctK6WBjZR/edeln4VVPu+lfBV8TvG+8GR8JWL6MHXCBbJpO9vgeC4tEw8vfNsx dEaIKG/U+ezMeyK21bYZ0VCzFfSE2mBHugAG3y0jkIk3dsAfRWEf8ZME6BsIcbKyGE4/ Bkzg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZxWYPB0J; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b61si41087117plb.401.2019.08.05.10.01.37; Mon, 05 Aug 2019 10:01:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZxWYPB0J; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729469AbfHERBg (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:36 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:36738 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728871AbfHERBg (ORCPT ); Mon, 5 Aug 2019 13:01:36 -0400 Received: by mail-wm1-f65.google.com with SMTP id g67so69612330wme.1 for ; Mon, 05 Aug 2019 10:01:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=XCfq0cibkHau/c01ce7pT9k2NNgLItL6s6kRL+GZ0sg=; b=ZxWYPB0JbZ63jNF90t31kYWxWInvUzFns9iIdrBnjJ9VOvQ8O0i3pjYdJ08edr3C4r gkPcBsr7ZSmbb48Sd5i8Jf12Cg7lHXMPZgVaM2uW4lMFplB3jvxWSV3ZZQtZxO4Nlc6R FlkWEeDKxYt1iU9FXHlp6hCT0pvCJ9XATk6kYVM0NJ1VE/afZRGvU4RHZmXyVRzSimZV j7s/fCJJ3brDJeLzdcwt/tEc5raoavH4s1gKBTgp46IbIGrQ8yr49kyJpjd9N34VUjjJ dLiIm2kQ8ztoGzytlBLsXsIZOaEQg0PDHwdF/BiBJv+e3Xj5IEesR8Nx1Jr7rcmbbDKc wv2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=XCfq0cibkHau/c01ce7pT9k2NNgLItL6s6kRL+GZ0sg=; b=Zo+VxpOqL6DvOlpLBhGn0vW7ydKGhgCQLb4phSaVb0KgEi6xPvJRDOgXm12zAYKYiv McHzMPbgUAuLjiU8C3e/l+4JMCE+w3lfQHN++JRvQyPTNsU3eeLX+V0KvUeL1/cffe4f myQ52DLm+O9qv3itzbkv1+Q3y+TmGrY27JXac8ZChuPZKXSNKd+LDeJ6CT3so4Kt005W o3wv5UgzcZ3MwQ/9oZaTCpONjMdFr3PF9masRAL2E3avP82vFssx761IZLP4Dk32tu/D lI7Q4/uAcoe0cL2Oegh5uvGtlxVTKemkXnfThiWNDoPdFD3YHtDMdgiM3+Rg0XIEmExr L51A== X-Gm-Message-State: APjAAAUH+CCmubH+03uS96p+UrGub8Wgj4p6qZ62B6ycCCj8nA90DQzC o+ldDZURujRBJa57HW6AIhy/dLJSPzTP/g== X-Received: by 2002:a7b:c7cb:: with SMTP id z11mr17844972wmk.24.1565024494514; Mon, 05 Aug 2019 10:01:34 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:33 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 09/30] crypto: ccp/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:16 +0300 Message-Id: <20190805170037.31330-10-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccp/ccp-crypto-des3.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/ccp/ccp-crypto-des3.c b/drivers/crypto/ccp/ccp-crypto-des3.c index 5f05f834c7cd..cbcdf1b5971f 100644 --- a/drivers/crypto/ccp/ccp-crypto-des3.c +++ b/drivers/crypto/ccp/ccp-crypto-des3.c @@ -14,7 +14,7 @@ #include #include #include -#include +#include #include "ccp-crypto.h" @@ -39,11 +39,10 @@ static int ccp_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ablkcipher_tfm(tfm)); struct ccp_crypto_ablkcipher_alg *alg = ccp_crypto_ablkcipher_alg(crypto_ablkcipher_tfm(tfm)); - u32 *flags = &tfm->base.crt_flags; int err; - err = __des3_verify_key(flags, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (err) return err; /* It's not clear that there is any support for a keysize of 112. From patchwork Mon Aug 5 17:00:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170586 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537701ile; Mon, 5 Aug 2019 10:01:41 -0700 (PDT) X-Google-Smtp-Source: APXvYqyjTiMJiRjMPX16Ee4aOEaKF6AVqdlOc2RdTo8WswVdeTUppgJMl0Hlyr7W3Q04lNPDVqii X-Received: by 2002:a17:90a:d817:: with SMTP id a23mr18724886pjv.54.1565024501651; Mon, 05 Aug 2019 10:01:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024501; cv=none; d=google.com; s=arc-20160816; b=g0N5Q7xH+zEYZGlaXnURir5QMqJfvn0BqzFRPpOogrTdEEvS2zheOPvvXVtnGOrNAn 3vTocb5tpMD12uVWWGr9Zl24Wgc9XvqAQBAcN5VoTpokfQk/hs4UOVMBuTbftM8+5Q9R RbGtipM3wWAojpPpy4MZl+XUvx7YPywccSLn2uHSlMpTionwOfWoM5pomLK4h52syEYA IcO7L416I7emjoqGt10mXPxD10X9A5EEsFF1oTI4Ke8WPPwLl+YTusttGCnTGimSgUBv bun5hzkM363vx9G4U+X63ZnfEfUodqHFfJ/X+RvAmXUSCNLLsjbAr+H4LGRmEcG7n3cl X+og== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=PGua0WZIt91UEgeBUrdKZnsCkK+MXLAWZjIqwFsnjF4=; b=sDe6xQnZpOF9qpUTYh+IAx/2CMY2vpYWuOe7xHl2JM4JEBpmJvgfn3ar3IpagQX4ia 5E0AjxlQv/FRbvTFB6KuXmhPV2zJAHwgBsfTEhXtgqxbxtEOzZvN2fkpmlrSxteC4zji 2rKNJ/rHjxGSqgFddJIHIZs29dAur42PxAEl8dMnolZZGdiFp/+HdhOJjoPN9wWLQvdz l5fvtMAWG+5QiVvOyCaowj2KmBY1QD2PITyqL+ZIH8GaFkYu/RF4mLqxW+ZNuMgYdMDf t+VPWxagJElOfFx9/KMY4ltSFZCc2VOrHS7W5TZe0ZObomeeYRi5ThkWlkm5LGGN/UJA cv7g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=wdbtv22K; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b61si41087117plb.401.2019.08.05.10.01.41; Mon, 05 Aug 2019 10:01:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=wdbtv22K; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729482AbfHERBl (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:41 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:38244 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728871AbfHERBk (ORCPT ); Mon, 5 Aug 2019 13:01:40 -0400 Received: by mail-wr1-f67.google.com with SMTP id g17so85135994wrr.5 for ; Mon, 05 Aug 2019 10:01:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=PGua0WZIt91UEgeBUrdKZnsCkK+MXLAWZjIqwFsnjF4=; b=wdbtv22KbeZBxZoKdr9HCc1T4iV7TtabLPlVtd9NuzdQTNsrbnpSzZyUfz10PchUgE v1bhneT37HR+ItLZVXLpv61YLUpat4dKmUjxbaMdiNTsSA05yxOi3odA7Xy7h4IGpCpL nXopI1SPPJtWucbwMoLS5KvBJw/oYpViAvj2uEV4DAqLtB5IE0oKYVo6Bayf6LwPVnE1 3c+0gl/wRQtnDzPxJTy0LCcJuwCODM3pTFH6tahmSUttWRP0arKjGHhhJK/8o7DqEcvf Bnd1s6kyzlZj+XH17YA58eyPKDh9Dt3Pe+M8PPxj0hhnkl+NJefhSgHmCK7n0yYqjjC2 +Ikg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=PGua0WZIt91UEgeBUrdKZnsCkK+MXLAWZjIqwFsnjF4=; b=I0iB3lmf4KoHGhAo4uOAIGGuM9AvrR7sJrWxoTrN2GrLUg8zXEAbBw3hWgdIvyy2oE Dj7/yNfmjxQQmG6L0e2HWz+G9yDO1EolBRZesNmZ1fF/kh1xSozGaTxvMkH2pHIYoDGt UOvl1XDPpL8m+OLQpFvEWLSabIqMktsPt2uv6813gKlOagazDr5am0gmyUMl0oGPihaG 89Rg+v2DNREohG5SINpZnM2r76K9RwOtOvkhfoyh7n8Zp0cBgfjjcK7e8LxrXsSq1jvk kOT7KrweWPIquuHTirs9ce20Rhwa3mfzHlctCMeIyC0nuadObUpu65vmUr30aehbuo2I b+/Q== X-Gm-Message-State: APjAAAXnHGOWObf/QqMQ+96e9rxzwV20Gq8hul+nmxjdoI3anKxZJNa/ AO9QysID1MDMJ5/HmPWiSeTAS0YhQZ6fgg== X-Received: by 2002:a5d:65c5:: with SMTP id e5mr25461123wrw.266.1565024498098; Mon, 05 Aug 2019 10:01:38 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:37 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 10/30] crypto: ccree/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:17 +0300 Message-Id: <20190805170037.31330-11-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccree/cc_aead.c | 13 +++---------- drivers/crypto/ccree/cc_cipher.c | 15 ++++----------- 2 files changed, 7 insertions(+), 21 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c index ce302adc76c7..8174ff1d93d6 100644 --- a/drivers/crypto/ccree/cc_aead.c +++ b/drivers/crypto/ccree/cc_aead.c @@ -6,7 +6,7 @@ #include #include #include -#include +#include #include #include "cc_driver.h" #include "cc_buffer_mgr.h" @@ -648,7 +648,6 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -659,14 +658,8 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); - goto out; - } - - err = cc_aead_setkey(aead, key, keylen); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: + cc_aead_setkey(aead, key, keylen); out: memzero_explicit(&keys, sizeof(keys)); diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index 5b58226ea24d..dc30f5aeca10 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -5,7 +5,7 @@ #include #include #include -#include +#include #include #include #include @@ -411,16 +411,9 @@ static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key, * HW does the expansion on its own. */ if (ctx_p->flow_mode == S_DIN_to_DES) { - u32 tmp[DES3_EDE_EXPKEY_WORDS]; - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, - DES3_EDE_KEY_SIZE)) { - dev_dbg(dev, "weak 3DES key"); - return -EINVAL; - } else if (!des_ekey(tmp, key) && - (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; + if ((keylen == DES3_EDE_KEY_SIZE && + crypto_des3_ede_verify_key(tfm, key)) || + crypto_des_verify_key(tfm, key)) { dev_dbg(dev, "weak DES key"); return -EINVAL; } From patchwork Mon Aug 5 17:00:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170587 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537747ile; Mon, 5 Aug 2019 10:01:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqzQj78LjljSyAzq0lGQy7mUG817GQbxienk4Qjpp0C79ZoUqTadDFl+pM1LwV47hAmkgdo5 X-Received: by 2002:a17:90a:9301:: with SMTP id p1mr19005756pjo.22.1565024504233; Mon, 05 Aug 2019 10:01:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024504; cv=none; d=google.com; s=arc-20160816; b=Xt/u2e3Ri5396rB70DTcKzd13vcQbniotK4iz9UvAowxZP02HmawtKva6XdhbflVvd Wn4rzd5fJipQSZ655xjH0HhT1KudECY3tjYYV9/y4Mv7tV4EFOsUGpy7ZsZzE97Sqy3y zngPqnNgC8KZHYtWcL00zsuIldyQLqTDCsiepIt1DgQC7B4iWy9A2O8cKanV3NxzMb1r latRG5zmzixZCmjJ4UEi4lw2oPjkOIDexHVS0g+jsmZBvLVpkdhEX3OxXV6qa4tUKZmt xbtqBXZiiSD/S3oLmNIgYCOIIn1oFYu4NeH1FWJPt1wHIncgn+1HleVAJLoNh8jVJdv9 pwOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=4lxZDOC1Y58KLeO9JczYkAO5RiRWd4BeTfNyToHmZ4o=; b=hfKxU3dFworFWcE4ReMcl/cqZqkMBZe9EJ+MAXcomam6Owu0SHjJiEzmjS9WDx9w2O vd5mfGbc4PK+m1F9jvBDAolphSCpMa7os6GvjdEd/NxJKEAH2/Cf2d16RrSRlyWZCBbP nU0Uozz8Vqs/gtvmPjEq1iA6nwkOnynBqH/LuIYzUzjtIF7imQPajiPwltQFKofAnKA1 /X6ahojj0Bge3EdaLm0CWnV2TDD8N+Knu/kQsvXFxePqpsDPMnNEtERh5IC3z7zq35D1 ppqKnClOBqjqpsru4PqgiVpcKgvFvu09LRXcaQaZZFK2f+Gb7LgEvChEKuP3dPST7Y1D 3YVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="ZO6ze/ol"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b61si41087117plb.401.2019.08.05.10.01.44; Mon, 05 Aug 2019 10:01:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="ZO6ze/ol"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729483AbfHERBn (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:43 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:38249 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728871AbfHERBn (ORCPT ); Mon, 5 Aug 2019 13:01:43 -0400 Received: by mail-wm1-f66.google.com with SMTP id s15so52370665wmj.3 for ; Mon, 05 Aug 2019 10:01:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=4lxZDOC1Y58KLeO9JczYkAO5RiRWd4BeTfNyToHmZ4o=; b=ZO6ze/ol/eQ0vv70bom72+XEPx6eeRUUYDjetdlgBhcUNj0oe85LMq/bpFH2wyRdDJ hz1z26e/Yo8TyS2iVqtJAaEPeXEYFhFHSKI0JHLGLJNnNIwgOu/vyiwLTMDo77/lctFF j7TaDAghiPZx/MKL4Ro/odSUY9CIewLAu+RtPVr2qLsyadHkbHqNF13w8GMvS8HoPe0p FmMWa2vIIKolwK5ywRHDxOwQinvjz6vAqKfAewIm73AEOzAFju00eqBPrl5WvpnxcGMj buc1QCY+OY8fql43nbXOALWRQqt2Pfkq96qGGas1bV7ip+ZkwG+lLrUcp+jhMLbaGKQo k6ew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=4lxZDOC1Y58KLeO9JczYkAO5RiRWd4BeTfNyToHmZ4o=; b=EjtTqXS+0qQG7yHFKuRLFf7MQbjHlKnxWmIYygkv4dwNZo6TDZKi2VvtsDum8HdB9S vJOX+38RDQIwQfktll1BSNFUAWTj8rhgOWnEe6p8Gt9SB0NNf+UO+fcw0hae3RZCqNaz CSUZkobnLF+kbs4QB0f3YKeQa3OBeNNcX5LcKsWeYfskesZSq3AOteK1YhVKsInJiUP3 S9HDbaVvwKOSsh8mjpPA2EatzgUoD6y3cyEU+GBZfScpAH4Sz7S95uDr1AUveJp93w/i WCDsjkO6MPT1LjnmdxRmQSPDPJuvd5d8PkBscjiLEmW7TCRoQsdJe4eJVeLgQ8vvol1e keiA== X-Gm-Message-State: APjAAAVOpRLuvBBf06zMIjcVaaOJTHGQVlBcbAUbN8RZFdEosj9eYYt7 9hBokuzC887AvphABUnrAL1+aRliFERl1Q== X-Received: by 2002:a1c:7c08:: with SMTP id x8mr19555680wmc.19.1565024501264; Mon, 05 Aug 2019 10:01:41 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:40 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 11/30] crypto: hifn/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:18 +0300 Message-Id: <20190805170037.31330-12-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/hifn_795x.c | 29 +++++--------------- 1 file changed, 7 insertions(+), 22 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c index 5c3f02e4aece..7cb750c34e37 100644 --- a/drivers/crypto/hifn_795x.c +++ b/drivers/crypto/hifn_795x.c @@ -21,7 +21,7 @@ #include #include -#include +#include static char hifn_pll_ref[sizeof("extNNN")] = "ext"; module_param_string(hifn_pll_ref, hifn_pll_ref, sizeof(hifn_pll_ref), 0444); @@ -1942,22 +1942,11 @@ static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct hifn_context *ctx = crypto_tfm_ctx(tfm); struct hifn_device *dev = ctx->dev; + int err; - if (len > HIFN_MAX_CRYPT_KEY_LENGTH) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -1; - } - - if (len == HIFN_DES_KEY_LENGTH) { - u32 tmp[DES_EXPKEY_WORDS]; - int ret = des_ekey(tmp, key); - - if (unlikely(ret == 0) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; dev->flags &= ~HIFN_FLAG_OLD_KEY; @@ -1972,15 +1961,11 @@ static int hifn_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, { struct hifn_context *ctx = crypto_ablkcipher_ctx(cipher); struct hifn_device *dev = ctx->dev; - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } dev->flags &= ~HIFN_FLAG_OLD_KEY; From patchwork Mon Aug 5 17:00:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170588 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537863ile; Mon, 5 Aug 2019 10:01:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqz4Ydl+11x+7879aQ5A/fwNvlMh1XvxYg42Nc2K2XJ7E6dRnpcyCHZY24s1KwHuJTMjfNxl X-Received: by 2002:a62:584:: with SMTP id 126mr74442394pff.73.1565024510013; Mon, 05 Aug 2019 10:01:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024510; cv=none; d=google.com; s=arc-20160816; b=JQ2YVCsf1BGKNvowAMRj7WPMPoQ55tVEpBDjfiz7xh0j52JjLJXhp41EhL+ctYs1GS LLVuwAcZVFM6Dj4/rcjS4MQxkxOzVdYXN/dEQZoQ3GWjkS/9GF+MYdTI+urlhmzjj/oA AgTHWINLMygFaj6I1o0RLEasWfxlcCHV1AAOKew36O/H2l1rX1sTWaAVdxWhuxbEGY7O +XDwmQ1syWll+R31ngkzuZkeAzFNvji9+APQFwWnxOVFjyY7qYYG2hAvVgXdcGQ8By6f EK0i5T5yHRn1pQyMnEAYPTegaZUmu57sm4MqyL6EEYr/P0pqsa9E970Xyi8mQstMg547 TMPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=iZePgyWlwagKGC4cLYF5LyS9ZbP+9Htyh4OOtwgxfUY=; b=zGjMRz3yHALi2n435AnryCpwrfSXp6AdUeTSbMkhHktOAwa48ZDQD3io68JwNi3vov qLO4KpwQhBKhV+xCieSgbtXXxYftMit1eIqjvSxS/GJg4r01kQt6HIaJweux5MriGUKv lnZurKVm5lKKqKYHpan3lTFcFPTYvOtEAEWexcE0TwOmIQkFae4vnGEm8xI4ETtiVJhZ jkXKX6QhGUTCpoJvytO6+hW0moNeo5BA9tdemdnxJEPI5f0Ophlp8gLogXFnuQwdv+oc 83gTNorh9QIFkrhou0CMfJEZzUWD4Q0u3NWTVA9h8U9UUnMYMGlC9IkjOz7avV/vevZc BlTg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=yZuVlaQX; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w10si41995852plq.403.2019.08.05.10.01.49; Mon, 05 Aug 2019 10:01:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=yZuVlaQX; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729788AbfHERBt (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:49 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:39283 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728871AbfHERBr (ORCPT ); Mon, 5 Aug 2019 13:01:47 -0400 Received: by mail-wm1-f66.google.com with SMTP id u25so63358038wmc.4 for ; Mon, 05 Aug 2019 10:01:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=iZePgyWlwagKGC4cLYF5LyS9ZbP+9Htyh4OOtwgxfUY=; b=yZuVlaQXLmVsGGsrTvzOj+3iYDHS/MpO9DXST0pfKu/a8BJMF95uQJz0EQa+28t/mH mdtqkXqDXwwLphYrt9QGOxggqn0hHp+dbe2r0qrKBPpY9xAXlW/OemWYywo/gxRp6iTf anV0Ju9q0/SZ23Et50GrEJXg1JVmvJsl8w4Tx5jKHUbDAqaE/hPiLxdecWPcjNrgcCrf 90SwuX+Qh3OG9Psn6IhmdWpuvxxeCkctCAKXmPvDaIbA+Y7lhyZz+ZX/eBCyKREFpXqM 1Ruv3JevhsqBQOx5OkO3t7A+fsJQTjcOTx7bSRfqz92XzduwTqn1AZMwFO7kQG+NcbaW IwvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=iZePgyWlwagKGC4cLYF5LyS9ZbP+9Htyh4OOtwgxfUY=; b=dqbJCfHEtgUQF7ZBAOEgIHL6hxW/OZvi761+t536W8YJ6q8oJq3Z/QsUhMMMiOwDvi G6TEgQOwNnO+O+1arn7HB6yaIdHoNbvID0shrXOb7HjDcTvVfONGI3MttzGCyA60YeSD uVlxd0gKQ8iiUBVbqm64zJOJK9+kxdSJSLJRlH5SJ3wX2GemHp1gKMqucP5kOU6afotH bnLn6ssAApSusDUCMUyC9WDpj1TvcBBIKIVl8YFFbdxXpdKE+l5rZV4W8jOG6NaJRexO 1SoznMYyJrRXoBnzOQalzKT7eptMgUwr5bbVG2RsniTazJw8xl/pvJV2JmYQM+nkf/MD m4lA== X-Gm-Message-State: APjAAAWK0s7nTCLAu8avmRftjEeZPDkGOX6/ACI3hpXzjePvXGEBI9zj I9BqXf5xoGmNxSk9VwKsdJMctJuJwIxJ9A== X-Received: by 2002:a7b:cc0c:: with SMTP id f12mr19232885wmh.100.1565024505234; Mon, 05 Aug 2019 10:01:45 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:44 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 12/30] crypto: hisilicon/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:19 +0300 Message-Id: <20190805170037.31330-13-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/hisilicon/sec/sec_algs.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/hisilicon/sec/sec_algs.c b/drivers/crypto/hisilicon/sec/sec_algs.c index 02768af0dccd..4a9fae297b0f 100644 --- a/drivers/crypto/hisilicon/sec/sec_algs.c +++ b/drivers/crypto/hisilicon/sec/sec_algs.c @@ -9,7 +9,7 @@ #include #include -#include +#include #include #include #include @@ -347,25 +347,21 @@ static int sec_alg_skcipher_setkey_aes_xts(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_des_ecb(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - if (keylen != DES_KEY_SIZE) - return -EINVAL; - - return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_ECB_64); + return crypto_des_verify_key(crypto_skcipher_tfm(tfm), key) ?: + sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_ECB_64); } static int sec_alg_skcipher_setkey_des_cbc(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - if (keylen != DES_KEY_SIZE) - return -EINVAL; - - return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_CBC_64); + return crypto_des_verify_key(crypto_skcipher_tfm(tfm), key) ?: + sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_CBC_64); } static int sec_alg_skcipher_setkey_3des_ecb(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(tfm, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key) ?: sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_3DES_ECB_192_3KEY); } @@ -373,7 +369,7 @@ static int sec_alg_skcipher_setkey_3des_ecb(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_3des_cbc(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(tfm, key)) ?: + return crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key) ?: sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_3DES_CBC_192_3KEY); } From patchwork Mon Aug 5 17:00:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170589 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537886ile; Mon, 5 Aug 2019 10:01:51 -0700 (PDT) X-Google-Smtp-Source: APXvYqyUutdq9XdpB9JPcQYHVq93HzOiTUog5JOM/bCzC87qTpBGaL9Icp/HdFYeIelNm71yZ7d6 X-Received: by 2002:a63:5648:: with SMTP id g8mr20697101pgm.81.1565024510900; Mon, 05 Aug 2019 10:01:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024510; cv=none; d=google.com; s=arc-20160816; b=BNqHMtjvxi0Wf5VE+f1OYuBP6/RioOFtlc+f99j2rHKTgKrZRRP/s+XMZju8m2o31h bpoqhZgn3Ag/UC2rZeWzEFJkEuHDjdt8JGGow6yYblKOp6Qpcu2yg0hKHLvzlg11W4rI Wgejc4pYiq1/7zGFJw6h+akH2PshTTakWq0tlRbctI0ZYOxVdnGvZSz39RKUdGEQIzSU h0QPptaHtWAVX8Z2Wau1AbPoZeHEMeoc/wgbszs1GrzkA9UCk/fJSiwyNKMM2V7YMHhF GHpkp0HcUEHB5p7gcP9vX2W7udA+s949RHxRxFDIpS8iB0ou06TfJflCgH9g4PEyXCvy SfbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=ebKJGCN9vei2NZ41HobpihwjzZEEneemyNbb+2I2Vi4=; b=qMxOYJ+31OIdQ1mtsRqRw8YuDD7K52hqwKwST5W+dMEf8ClsLc8xGpgBMyJOXeAbua mAjYd1JoWScmE6VfcXbdYDOmah1nN2pp2anbHRKJZlsmLtmFf55QF7uZmktcDCutpgmf VIBOYhlPZJMiG/x553knVLWEf53e3Y11QbhoL0SVBbiDCvhFZZHfQaAgjaz/RYDzmzVN pFM8A7VZypT1TXv2QZnSQP7OTrKbAxuxJbkU8w6bPGtzI/P3jKLXWU/eE+V6IapCPgZy kDOo2QfDZV+aPTA0+DzKWVV6gOT4jedASfxUGbcl87bF7xNGPGqbmBKJmXKWu5Hu0OF6 07sw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hE16ffik; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w10si41995852plq.403.2019.08.05.10.01.50; Mon, 05 Aug 2019 10:01:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hE16ffik; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728871AbfHERBu (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:50 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:51817 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERBt (ORCPT ); Mon, 5 Aug 2019 13:01:49 -0400 Received: by mail-wm1-f67.google.com with SMTP id 207so75474062wma.1 for ; Mon, 05 Aug 2019 10:01:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ebKJGCN9vei2NZ41HobpihwjzZEEneemyNbb+2I2Vi4=; b=hE16ffikpFg5KluY4EIhjXP1l87Zw8OlUUUbZDkhnOyQeav0oqhK63QK8ewWaXCsHG 41P4UCw1fNC5kYtkMuJf932qYoefI47AoA6jo1uoZDVleFuCjq1KD/aA/0ZmyayNev3s DS7HXI8GI4BWldcx04nZr0p78/fLsF1BBak3K83zpyAQX0H32vKxuOCwugbc8e6a5vaF SP6r2nwOEj1j+9uZ/JzsRrjtLSCTiIa6ispJS1K8VYf7KTIKz+7QGdNWQxX09/hWAMhd fAbovueVdmYMm8lshk2ES/LXaFBjKChNqeUnfaiHO4MLkCPwUaunBv1GV1R3OgR7sY7C F3Bw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ebKJGCN9vei2NZ41HobpihwjzZEEneemyNbb+2I2Vi4=; b=CYcUUtzJzG/qzCpLONxrdYdoF5K7jqu66O5YFTMfVnAqtzkVlOFydbjdLiW178dJiW HqEChVNsrqO/UPtP4dHFzCP94UAHv9SEVJQe8cTzGc+Z2RYVKiyJgYVoajnbwTYKKF6n ZLlKo6M2EiZgFzCquG3lt6NoRl+PgnKQduT6fFDOwsyNPOEEpUWniwaYHo0pCfInD8bO 8Jl7sKAA7bCCTAQzqTN9K127yfOsNCPj+5Rrbm9IyTvxIWrmCh+maicw56WgCc8x8DdW asC90GbDK8zdwxCNRyUiuu6vj5IviAVq9/PJYqnUXDQRQPwWoz6SyAz2QsE9wb7FIniS C03A== X-Gm-Message-State: APjAAAUV1rNU86Yju+iwSX4H36ve+PuRDxfagalMiYAV2r3FZez9RYdF nsVBn1J7Z0ynhs6w1iMDZQkRSakP72ydYQ== X-Received: by 2002:a1c:5f87:: with SMTP id t129mr20677270wmb.150.1565024508294; Mon, 05 Aug 2019 10:01:48 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:47 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 13/30] crypto: safexcel/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:20 +0300 Message-Id: <20190805170037.31330-14-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/inside-secure/safexcel_cipher.c | 27 ++++++-------------- 1 file changed, 8 insertions(+), 19 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index 477e0ec35f45..b49e7587ba07 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -219,7 +219,6 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key, struct safexcel_crypto_priv *priv = ctx->priv; struct crypto_authenc_keys keys; struct crypto_aes_ctx aes; - u32 flags; int err = -EINVAL; if (crypto_authenc_extractkeys(&keys, key, len) != 0) @@ -238,12 +237,10 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key, /* Encryption key */ switch (ctx->alg) { case SAFEXCEL_3DES: - if (keys.enckeylen != 24) + if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(ctfm); - err = __des3_verify_key(&flags, keys.enckey); - crypto_aead_set_flags(ctfm, flags); - + err = crypto_des3_ede_verify_key(crypto_aead_tfm(ctfm), + keys.enckey); if (unlikely(err)) goto badkey_expflags; break; @@ -1191,19 +1188,11 @@ static int safexcel_des_setkey(struct crypto_skcipher *ctfm, const u8 *key, { struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm); struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; int ret; - if (len != DES_KEY_SIZE) { - crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - ret = des_ekey(tmp, key); - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + ret = crypto_des_verify_key(tfm, key); + if (ret) + return ret; /* if context exits and key changed, need to invalidate it */ if (ctx->base.ctxr_dma) @@ -1301,8 +1290,8 @@ static int safexcel_des3_ede_setkey(struct crypto_skcipher *ctfm, struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm); int err; - err = des3_verify_key(ctfm, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(ctfm), key); + if (err) return err; /* if context exits and key changed, need to invalidate it */ From patchwork Mon Aug 5 17:00:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170590 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4537958ile; Mon, 5 Aug 2019 10:01:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqz44wc3qpOecws4Xc/uuDcoIfT+B1zmqVcv8Kv3+HvaCTwmBltDuW3l7nz2cGh8Q32Lszua X-Received: by 2002:a17:90a:374a:: with SMTP id u68mr19058292pjb.4.1565024514640; Mon, 05 Aug 2019 10:01:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024514; cv=none; d=google.com; s=arc-20160816; b=jP05UhDJYx/kDdglWFqzCU25WFS03dZO2qOwgiYBk14RP0/sx0rp8SjMifzxmQraRz 0n1LvycNr2qa+cML7J79/TPFnneDCeEYC5svmhKO0c6V2s8fHG7hLnptfLABsQpBlsg2 pIJ43oW+RATpyAs/AlwV0ZYq0s3fjJfDNmu+x7SvLOicOzRQuH6lm1GTWzOuG2wKemlE M48Uk3cQb3SpCF3vOhXeJix8nLDu3THcGwprS6z30DJcKHNducu2DIoQQrtGMvPamAek U5WFcMPbz1KIyntO+/mLcEBqDelpD78n6g/9LccdEe/GgxGBR8munPR3gCc0dbwL59Ma gm3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=HxDFvWt3ENFa7ihAescSzZPGut8ewm6FCVY9y62ZOIM=; b=ISkyeVBphDB4NTBL2zqCKfvvrZ3CmTj+hnHmgtjZpPUB2N/kXwo/KMZckcQiWNT4zV F5a/Lir2ayBvocNd10tH2DHSbQ+/ZebMb5vywk0Z4dCvb+oqKW5ObgcW8CKlIDmZ4GAG Bm0q/DsYMtZpth7IIsM7YSFePzFKQT8/NIDLmf/yIlaa1OjpDj2g/hBMxUu2VNPn8d/O vGbLd1Udjj3YHMipS9PwgJQK4pV3szQo3lDoLmV5xvPDg7515+ZTejNbMCWzBocpxPBt O+ARzummmL2PUrT6VjQj3Yahp9M7F27YJP9QQF3qQqHnEjW4MWX9dZ0nAwOELtblNMWn waEg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=unGbFAsL; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w10si41995852plq.403.2019.08.05.10.01.54; Mon, 05 Aug 2019 10:01:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=unGbFAsL; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729818AbfHERBy (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:54 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:51826 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729765AbfHERBx (ORCPT ); Mon, 5 Aug 2019 13:01:53 -0400 Received: by mail-wm1-f68.google.com with SMTP id 207so75474189wma.1 for ; Mon, 05 Aug 2019 10:01:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HxDFvWt3ENFa7ihAescSzZPGut8ewm6FCVY9y62ZOIM=; b=unGbFAsLk108V04tov9lOxG8yXySP3JkDWYvyvReB7oiwev5ujlcxO7enHCDq3G61K NwKe+LhPMmp+Cvs8DajN/kWA/DRtn2dic5ZmXo4oxxjh2WZoKiZdNPuOR61I2q91nBHq Wi5erpP3Ok6IYvGdBKJBsSdsdY2EvjLX5Dd9p6UJMXnf3/84N7L6eDBwcfpWVaEWUZrd AKnb00/57/+3AdbJ1c7lItY+g0NYS3AYsAaU36DjWNu4ORK+uG5Zl6JhTHY83M9rl64t fAVe7NXilIMF98OFeDwNqTAwarqixHmZEX/43WM8Mxm96QTI5YppQ1dlNpxmsp5HKdR9 eKIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HxDFvWt3ENFa7ihAescSzZPGut8ewm6FCVY9y62ZOIM=; b=CRIhas4bYc1L+HkLYhLy7uISZWtpwI1nbDScK/Ovc+aI9PtPM3cRBTwgHA7PGOkZ+D OZwmXeNzB8pQhtmuK0JBpz53hgxbUKycfQzbaSxyyttanV8fXUXjTPy8KSG7oP0J7xGQ jNkkY0EI21Dea/V/qZKZH2e2CruCPz8uVYE3k7fJNjHY/4dBoyVTy2ogt9PpIMBgPoHU hIZSN0PtxBX3ZAsUkgL5ZcRDzoC2b0WlfGwWiX/h0mRYpz95MBPTxjAnZ9dQ1gSE3iBH RVhrV/7lIIwlP6VdDcTp4BSveVh/FI0V30OaxRCUKj9zZselOTyvVv5bWm9FF2XtEDeQ 6xsQ== X-Gm-Message-State: APjAAAWr6Ltooe1JHTgsmz1EGYhM+NowUtvKIKCv4Ezhzc/kVKqcVnet zNqfBnrO78uMC+b07tnLNKGxSXP401iaUQ== X-Received: by 2002:a1c:a8d7:: with SMTP id r206mr19757735wme.47.1565024510809; Mon, 05 Aug 2019 10:01:50 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:50 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 14/30] crypto: ixp4xx/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:21 +0300 Message-Id: <20190805170037.31330-15-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ixp4xx_crypto.c | 28 +++++++------------- 1 file changed, 9 insertions(+), 19 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/ixp4xx_crypto.c b/drivers/crypto/ixp4xx_crypto.c index acedafe3fa98..d3d683107050 100644 --- a/drivers/crypto/ixp4xx_crypto.c +++ b/drivers/crypto/ixp4xx_crypto.c @@ -17,7 +17,7 @@ #include #include -#include +#include #include #include #include @@ -756,10 +756,7 @@ static int setup_cipher(struct crypto_tfm *tfm, int encrypt, } cipher_cfg |= keylen_cfg; } else { - u32 tmp[DES_EXPKEY_WORDS]; - if (des_ekey(tmp, key) == 0) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - } + crypto_des_verify_key(tfm, key, key_len); } /* write cfg word to cryptinfo */ *(u32*)cinfo = cpu_to_be32(cipher_cfg); @@ -851,14 +848,8 @@ static int ablk_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int ablk_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int key_len) { - u32 flags = crypto_ablkcipher_get_flags(tfm); - int err; - - err = __des3_verify_key(&flags, key); - if (unlikely(err)) - crypto_ablkcipher_set_flags(tfm, flags); - - return ablk_setkey(tfm, key, key_len); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key) ?: + ablk_setkey(tfm, key, key_len); } static int ablk_rfc3686_setkey(struct crypto_ablkcipher *tfm, const u8 *key, @@ -1181,7 +1172,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen) { struct ixp_ctx *ctx = crypto_aead_ctx(tfm); - u32 flags = CRYPTO_TFM_RES_BAD_KEY_LEN; struct crypto_authenc_keys keys; int err; @@ -1193,12 +1183,13 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, if (keys.authkeylen > sizeof(ctx->authkey)) goto badkey; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) + if (keys.enckeylen != DES3_EDE_KEY_SIZE) { + crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); goto badkey; + } - flags = crypto_aead_get_flags(tfm); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_aead_tfm(tfm), keys.enckey); + if (err) goto badkey; memcpy(ctx->authkey, keys.authkey, keys.authkeylen); @@ -1209,7 +1200,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, memzero_explicit(&keys, sizeof(keys)); return aead_setup(tfm, crypto_aead_authsize(tfm)); badkey: - crypto_aead_set_flags(tfm, flags); memzero_explicit(&keys, sizeof(keys)); return err; } From patchwork Mon Aug 5 17:00:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170591 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538006ile; Mon, 5 Aug 2019 10:01:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqy2t0N49lBo49QDkCx53n9oezcO0FLe6AmHK2F2Zy1qTJanA+xHVqWATmcvBVdG2lYP1+KC X-Received: by 2002:a63:4846:: with SMTP id x6mr101790149pgk.332.1565024517203; Mon, 05 Aug 2019 10:01:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024517; cv=none; d=google.com; s=arc-20160816; b=qavwBU/r3PyN28RnLwAzQxbtjvowfndVz8oxI4zRQwj3bGWxur7hidSsAxeqyFkKiG pVqU80GsQ2tpDFAWa81kKtpMoRmNbLwAGxylMqxCJFLddOTHeSHrarpGyKHiAmAxXmxz 3htcM0FIQXeB+D1qnDhON+nguYDk3AiJsyR9NwEk2Sz/ApmDf9l2LLeTfoq2IuQJVRGr XE5///Y9aZtTnV94nbBbuySht8Gr5tQrn4cr2SXWsXwh9QKqgNQglpHIgB6DdQYCrRzQ +S8OzU6StiyqfULim5Tzxs1qyqNSxmqNFdF8UGNsbx7sIjdyvaAnKtPYdH+2jQWHcJFN 6uqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=WC3A3IO1SDn1jU7zjFN6JA5UEhD6hCSAXMtuWmVsFZY=; b=Ay/DFXhaLS8Kcxvc39mpseenUraVp0d9yv5guFB5zLwDuDs72Au4vG+kzCl/nAOEKc 5y/Coee/FEF2aTYOlcr+zcD9vBq+W7Nw1oYnbQeYiF6sAt5rt0/WnatQ8yv0fhVSLD8B a7tcGHt37g0ud2zQAv78QTXoBxH/NtTkjOJS1qr+C1Wb90MDX+q6TBcEGZOI3V9RYgv6 +4+dcK6s6IzA+pNNh1V9YoBrMfgXLxuJC5Fdx0e0NwMvUDEFlO3vxFpGaHXsDiGr0DgB vjIt84N2/sGKdZYig0k3XocbAhqaF0ELL7vMnnGIdypPmVHW8AlWI7fpQq4y51siWtRw NTdQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=o7vVTgzE; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.01.57; Mon, 05 Aug 2019 10:01:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=o7vVTgzE; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729882AbfHERBz (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:55 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:51046 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERBy (ORCPT ); Mon, 5 Aug 2019 13:01:54 -0400 Received: by mail-wm1-f68.google.com with SMTP id v15so75463953wml.0 for ; Mon, 05 Aug 2019 10:01:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=WC3A3IO1SDn1jU7zjFN6JA5UEhD6hCSAXMtuWmVsFZY=; b=o7vVTgzE/5LzN9VPuGrusL6KDb9nCeJKy46BD4YaR9yg/sO5wleM46K0KM27h/ZN8J E+C6u+dKuesfWdHwVw8+RFxI4BWuDRMIDgHAckN2KhKirdxGFE9q0heB4KL2AV5wkhUp ISItX1KD6C31qJ0DZ2wdFqsQbuCbMR19iMFxnw3tPyEhipRmYvLlLR11BhDZTZ7/F9k5 LXiS9/pmIvk9zP71NYwZtNOOJ8L7cUwqbrszmMLIujJSICBaP333cxJvFuDLNDEbL9k2 pWZYGDhOHSwIJZIDB5T8z09nteJyzkGnVO+w+iKowiUzElXs8AqJOHjCg1JJw8K4TPkp Tmsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=WC3A3IO1SDn1jU7zjFN6JA5UEhD6hCSAXMtuWmVsFZY=; b=IhY1zlIezYOblfmRvvTe5pR5lCgvSCJCopf1mQmDgJJF9iM9e73IqrsgnjW+NMht8/ A5z9n/qNi/Qr0VOa2vDsGteGpTygUHe5Nkvj0wcek4I8PrnCJQbNu8ZGpGxBlwQfNSGs 5Dnt551fbwUuaPYkmScb2yec25w4ElpkF517hgKgOluv64fzg2U5f+Vl9njEc9LXDQsq R8ga1XswJa+XnVOizWPn3nQAnSrMXq18zJvScSBzpvY9Wa6BhhDeqQAcyYcGwtU2E7Ee wof1YlPSrRj3cDviudDOGQM5jEMBCMlmAasM+LvtEzlIc9goTO/6We+5jO8rXKMZcFPv GSaQ== X-Gm-Message-State: APjAAAWdUTD3PmHIK54b3VlvX7+r0AKYKImIRuN2rdltjOJh02mreSB0 N5ZrfCHkDqbYF2pl641y4wn2ubMPKKEj/Q== X-Received: by 2002:a7b:c745:: with SMTP id w5mr19156972wmk.21.1565024512948; Mon, 05 Aug 2019 10:01:52 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:52 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 15/30] crypto: cesa/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:22 +0300 Message-Id: <20190805170037.31330-16-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/marvell/cipher.c | 22 +++++++------------- 1 file changed, 7 insertions(+), 15 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/marvell/cipher.c b/drivers/crypto/marvell/cipher.c index fa1997e70b63..6e9c390314d7 100644 --- a/drivers/crypto/marvell/cipher.c +++ b/drivers/crypto/marvell/cipher.c @@ -10,7 +10,7 @@ */ #include -#include +#include #include "cesa.h" @@ -274,19 +274,11 @@ static int mv_cesa_des_setkey(struct crypto_skcipher *cipher, const u8 *key, { struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); struct mv_cesa_des_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - if (len != DES_KEY_SIZE) { - crypto_skcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + int err; - ret = des_ekey(tmp, key); - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; memcpy(ctx->key, key, DES_KEY_SIZE); @@ -299,8 +291,8 @@ static int mv_cesa_des3_ede_setkey(struct crypto_skcipher *cipher, struct mv_cesa_des_ctx *ctx = crypto_skcipher_ctx(cipher); int err; - err = des3_verify_key(cipher, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(cipher), key); + if (err) return err; memcpy(ctx->key, key, DES3_EDE_KEY_SIZE); From patchwork Mon Aug 5 17:00:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170592 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538052ile; Mon, 5 Aug 2019 10:02:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqzPSeHSTqqmKcs85BSOyCpAkYxy0U5AovQen8DoiB3uqLHpEhAorCmWN+2uAvr3SY0H1zdw X-Received: by 2002:a17:90a:3548:: with SMTP id q66mr19320227pjb.17.1565024520128; Mon, 05 Aug 2019 10:02:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024520; cv=none; d=google.com; s=arc-20160816; b=j17OzIc9v/m1RQd61aCgO2bMWryV9gvFvsRMj3qg74doiAnLQPBmSXPw0FOYoQo/ZP XegbUiJ4qFZTM9FJdGVU1IC/NcHxSvPuz+yh3C7r5WZRuekejI/4WN3R7uGaj1pXi/6l kE3n0rjwJFmZG9SvuPUZwVDdW9EIivGw/mvNU8McqgGcZ1xEIhehmZNo/7vdn/2hn8pV 8+LuOjlGgeP38C9CHTnQlnELu0vxMxeT05EOwRElpGXxk03XILQbVCNIzvROeN5yU1+2 cHBdH7Ak/D11JNK13Tvb9n0epS2OGHNrZmYz7HT40ge+k3hMgaUDjHiQ1COAJLB6MbMI 9iCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=l75t/dMwz3Dca4AbndWnCxvkr19XiVvwzyPSZ/AWGvQ=; b=KFhejpICK5VtmsllYlj5crLJGFQGhzuFjIFTqVpsFT4dbv6cHPxp6o3Qypda/3S05v NkbqjVxFz49YJpmev9Mr5YWeCPErsQtBmaRn9jtL30HyqtKqjNR+Hqx+138TbmaW1YDJ Z+HOPotqo/uNCify+dCe0Wvpl7Ks+egbwHGLrhexijmUWEGfKEeGLF+gN1aLbBjR7OHA z8SV00XX9tHocvOcaAcTZK0l1cduXjiOTkbygEuGI/FoVCHXZAn2XsJMJKhv1e+Imkpb tni2r3lyUjblL10gC4j1tRKQBN26t8nuZZrHOoR6zxGWHLr2oHFUEfdRptHdAY9IiKET bZWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="wdhJ4M/x"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.01.59; Mon, 05 Aug 2019 10:02:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="wdhJ4M/x"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729282AbfHERB7 (ORCPT + 3 others); Mon, 5 Aug 2019 13:01:59 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:38281 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERB5 (ORCPT ); Mon, 5 Aug 2019 13:01:57 -0400 Received: by mail-wm1-f65.google.com with SMTP id s15so52371407wmj.3 for ; Mon, 05 Aug 2019 10:01:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=l75t/dMwz3Dca4AbndWnCxvkr19XiVvwzyPSZ/AWGvQ=; b=wdhJ4M/xV309R2I1BFf4/mRxDKTvOSlu8QUOhnv6Dmto7U3n8JCQ6m/++Dc/ERZW6t DlquOvzZ5ZCeJhfAwxo33KAz+WBpV/iC+nWuFPx9AeUC9d/qYVdcozIOrsoxW5XyrdtG 1YVNxvylN8qpOy997nyAeOIJro6jVFWNQ1WR7N8tVg9ZLAK3n+3BlwfDrF6FEuXssAZL bDfVhI/h5xB627NsZl1xG3dSWw4iGTqRn1UJUa7eO1j2N9wLAyy+b8k5RVIBJAGHsL9L drI849vdYaTaUjOB3rqYbtyV5g9AkbrPJy9LJj2D307aYyEpOBArX7iTgMP5pFwu/urQ RUHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=l75t/dMwz3Dca4AbndWnCxvkr19XiVvwzyPSZ/AWGvQ=; b=fx+SE5dDg/80XWMQ7hq3VUfi6z50Ff83Epy62lH2eGTfdCTwweqI6E/DPxAYzYCzMm RHLMGxDrVD8C5RPxWtB3S0nDi1KJXsX57r4XWBtB6HVKQMCwtFH4VczdlD0KMB6mArDF A6vSViEQ1u5Z1Lm0PktQRVcvch+MP9XkfEtglAobJhi3kGAYm5uYOKGj287co5lLqad+ /gqaznueGrHlLEVRZ/K0/h+pSIcb6pwS9q/nlBeLonV32X5C3KuqhlFkA7fTlobDrOUW ESCiqCb4ZD/NEodRAcSKJGy+z2sB+LS/9bjs2CYfzWoGLWO909apGIVblyThuARmPH8D 0JOA== X-Gm-Message-State: APjAAAVJ/ofSFBbDXpyIonBbi84SYW7Arpy+s82WhJr+lC8Jf/mccIMl LrmLQx4SSxhiv2ZN5pobnAwgDJ9bX1/R9A== X-Received: by 2002:a05:600c:114f:: with SMTP id z15mr19376097wmz.131.1565024515571; Mon, 05 Aug 2019 10:01:55 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:54 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 16/30] crypto: n2/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:23 +0300 Message-Id: <20190805170037.31330-17-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/n2_core.c | 26 ++++++-------------- 1 file changed, 7 insertions(+), 19 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/n2_core.c b/drivers/crypto/n2_core.c index 760e72a5893b..bad1719a902f 100644 --- a/drivers/crypto/n2_core.c +++ b/drivers/crypto/n2_core.c @@ -17,7 +17,7 @@ #include #include #include -#include +#include #include #include #include @@ -760,21 +760,13 @@ static int n2_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct n2_cipher_context *ctx = crypto_tfm_ctx(tfm); struct n2_cipher_alg *n2alg = n2_cipher_alg(tfm); - u32 tmp[DES_EXPKEY_WORDS]; int err; - ctx->enc_type = n2alg->enc_type; - - if (keylen != DES_KEY_SIZE) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; - err = des_ekey(tmp, key); - if (err == 0 && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + ctx->enc_type = n2alg->enc_type; ctx->key_len = keylen; memcpy(ctx->key.des, key, keylen); @@ -787,15 +779,11 @@ static int n2_3des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct n2_cipher_context *ctx = crypto_tfm_ctx(tfm); struct n2_cipher_alg *n2alg = n2_cipher_alg(tfm); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(tfm, key); + if (err) return err; - } ctx->enc_type = n2alg->enc_type; From patchwork Mon Aug 5 17:00:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170593 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538080ile; Mon, 5 Aug 2019 10:02:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqxXHtinTR9PrPqN2Wc56W8K5bPhzPuOsYZi5BfWCDUp+w29ejcbmavK+AjI/6sgfKsgNXLt X-Received: by 2002:aa7:8705:: with SMTP id b5mr22020201pfo.27.1565024521501; Mon, 05 Aug 2019 10:02:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024521; cv=none; d=google.com; s=arc-20160816; b=I9resRbYGLx1379Nb0XHuQEqRa6Z6hh6waPC730d4hJpA/l/9KT6jOOr8PYOC96gUi lL8h4T2urIaGTx9cKPoLM9PqKWbRJvGJNYwYqfVdb6fy1pETKCXptTtxwdcejSHLDfef sb3NjfNdNDonPwU6X03At0Q7m6yeOgOFCJ8Rw6LQm8uUjJ50B26a8BoZSYBXyqbNoTvn nhbvszzcBVzwCn1kgxaS5eqCbSCbCOirGIvhXn4jjhAgm8zy8t17ncWfa2snVFvMNQ+A dm7H51v1NmZW0TxvZNvPMFqyZVKIn5pFkyDjpg/Y3CqlO62tAnZsRXaRoOZBPNva1s2+ M8mQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=mk8wWsjsHAhHiLD84ZLING84UraoNcUF63sVSd0BFbI=; b=KpMgvhAaPKrxgqvC2AWdMS7uhu/alpev77uX6PdL2XFxIS5rUN3YtyPvlWpIVStUEE GBTJbaV790ThEV3Lvz3aFN55OkilkSNiWe22wljq19T9tHPelsDLD6G9S27qcNkSIHI9 mIzwA2use8Bp0ZFrREBIthhIK72LhwDh/ZuEw3QDFLJ7DjYaEvJMszzOcp5bCxdCzJDb MAzTlcQIjWDA91KNrDgqZg9OvimeLb6stEEOqQ7o8ekkfBf04Kqn9DKk+S1XsgLEpYvg XJQG9AFruSw7bMPIq6KcdxdsQFWIVANY+HEWSwHjf2wa6S/p/EloH+ULzjzem3aqKswZ w6Yg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="GdZzZn/k"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.01; Mon, 05 Aug 2019 10:02:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="GdZzZn/k"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729464AbfHERCA (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:00 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:35966 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729885AbfHERCA (ORCPT ); Mon, 5 Aug 2019 13:02:00 -0400 Received: by mail-wr1-f67.google.com with SMTP id n4so85218296wrs.3 for ; Mon, 05 Aug 2019 10:01:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=mk8wWsjsHAhHiLD84ZLING84UraoNcUF63sVSd0BFbI=; b=GdZzZn/kmB5ZSZ4TnSiqk4trK397lVrXHNt2HLMWCThh06LLATjNHeA1WcH7UtAuV6 G1d/DgS3tJpuqKZP4PHFYZk9JymYY0Pq0PPPSP2FNZaUWcQAwOq15I/avRuXG5XuSfuo 05fLHehXPl6hp5cKR3s6+BqNH5/joG5NjS4zvVHqLbT7erco3mufz7+wwwqiEuXMitEh J3p46Z4NSBsRueZ8xNSXwOzloAE+MWs2ow8VlWmObKdz+pHSC3gLNdWm3SmpAg6y5Dhe lukGgYQlXjM39XGc3s5x+IhIYVyHAmxJ1TsAlfXVDcen21R1xoRd4qoPeuwe4BUmsMtb LJXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=mk8wWsjsHAhHiLD84ZLING84UraoNcUF63sVSd0BFbI=; b=FpMHEDJY74Chg5QpFpqWu1WiE4YudedYLVed3+tSHnp5E412/iD/sIeJvUh/bzSP6b pmfYc0519kTMJ/nebeHhTkCyE7OPgqUA9wKfmNS6WS8d3j+xm6aLQkhbCg1pHoE/Knxl HGNUoCDl+v+/Abj2+bZMb/jMupZQYQf/mOg+0NP9hHWxwZKFmTG27OMAPJPEYXCixqvm VMq+zXqy6G6rnzgPxVWu3WI4BqXufh1VqDTttDLGhsHBeAXOPWo7GjeqJfRUgIDNezJb 4jaKDSdWBo7808VJ6LuSTd+usKoJFIXVM4FvQLaSlDwk4wu6GMSi4ly9RAX3vlXd5hJZ r4+Q== X-Gm-Message-State: APjAAAXhgxtooIdJppr+3PUHzKheAIDO5BxH9BRR96Ef+ptHh2apNmrR Ul5/sUduY6S7AbIn9ZaRcfdGgx48LnnDQA== X-Received: by 2002:a5d:6182:: with SMTP id j2mr113606511wru.275.1565024518051; Mon, 05 Aug 2019 10:01:58 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:57 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 17/30] crypto: omap/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:24 +0300 Message-Id: <20190805170037.31330-18-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/omap-des.c | 25 ++++++-------------- 1 file changed, 7 insertions(+), 18 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c index 1ee69a979677..6af0de9f03fa 100644 --- a/drivers/crypto/omap-des.c +++ b/drivers/crypto/omap-des.c @@ -33,7 +33,7 @@ #include #include #include -#include +#include #include #include @@ -650,20 +650,13 @@ static int omap_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); + int err; pr_debug("enter, keylen: %d\n", keylen); - /* Do we need to test against weak key? */ - if (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - u32 tmp[DES_EXPKEY_WORDS]; - int ret = des_ekey(tmp, key); - - if (!ret) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -675,17 +668,13 @@ static int omap_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; pr_debug("enter, keylen: %d\n", keylen); - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Mon Aug 5 17:00:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170594 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538107ile; Mon, 5 Aug 2019 10:02:03 -0700 (PDT) X-Google-Smtp-Source: APXvYqybun33bMkJoCcmNDQcHPrNqUdQsgn1+X8YTRZNl6EN/tiMqqc7BhngPRs6U5zg/wZl5snT X-Received: by 2002:a17:90a:8d09:: with SMTP id c9mr19351296pjo.131.1565024523206; Mon, 05 Aug 2019 10:02:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024523; cv=none; d=google.com; s=arc-20160816; b=ywjt0MIfFS48/fkeF7Pw9WUM1MWVOPxg+4xg1Nm+edZJ+QJnIcgxi9cJnjE5Kar3rY nc9+lrGBW9leMhv4v4XsgSSb5Fhv6Ja/6eF2N4l4LTFw9g5Z42UhGhZCKlPFZxqb+r7d tdVEImjEnom3Var0FvE0LHw4d6PHRyPz93EWCJLFy0ee+Gur39K0IX73TrIZ/INrttGQ 0BGy3y2ZH7Gg1Ef6lsR1lC4gr3JMvc7tbP7ttN57ESHG5IholRiSBQ1cdlxHhTjWNhHw /0h1tnWEpylsfM44ri3jePVZw8q5IrBDYyXiBKbprbHbjy/ruxDdSaoSPecbwy5yAuSu Mu5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=W3vNwIhXLNgACliJVrtBW/D/smBMFzEqLx93l3SRBW8=; b=NFZJqoPmAvxrxZAwHxgSL0wkQAq3PLJ/XEHgBSEREkl730qEBUKm++/fMY5gGk5zxT pVuF1dG9r6EjCqJeyDl9i9tkZtlxd8ONhmW7DE9SbZGkzR88+OS74OZCADSxa1mee0IL ELNH5QlEtaiyV4K3j/8kFhS6Jn+BgcgoiGgxYHTmVbpM8D5/cP49SS5Ez2Y1z9Lf6tOM RRVr8s7RlcvDl8eLDIlfaSXcl5w72KS/AI6m6ytUYRPc7k+hA1sdRT7/my6AzuRpZsvS g+Va8F2cfyQgyEGutOg5uB3A4eNtTI8SGu9WuUWeuuq9B7O7BO4JobylQPFNPGY4RKdE IZGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LENfMPKn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.02; Mon, 05 Aug 2019 10:02:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LENfMPKn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729816AbfHERCC (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:02 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:38295 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERCC (ORCPT ); Mon, 5 Aug 2019 13:02:02 -0400 Received: by mail-wr1-f68.google.com with SMTP id g17so85137151wrr.5 for ; Mon, 05 Aug 2019 10:02:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=W3vNwIhXLNgACliJVrtBW/D/smBMFzEqLx93l3SRBW8=; b=LENfMPKnLiGaYd4uovNDK8IU6dHZqoS1OXh9EqeQDSFX2BozB0USGjFjVeohaxgP0y 664koh/5D5iIESznW2xnaAEBPJ05O7M6C3XLZFfMG2VeWE4lXfnkwLFegdhU0xTATdrx TzKZOpanLBQcc33HZpVZetTCws1KsQ/FE4MV2nJNSlFs4I8gArIJARMNj8O8jnFaF5L8 n2SUwzk5eokZEfzo8kOcA9RbsqVOXP+tfzktJXZ6yUn/+8yyDXWTUYPBQB9VqSQ919bm VGzT1d7irRZLjVdAO+gxYslWjA+k+PLJRvf36WA4aGq77m8vzbz51P0lLLWjeR6nUzQj ymcQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=W3vNwIhXLNgACliJVrtBW/D/smBMFzEqLx93l3SRBW8=; b=EpNMo2+nVY0AH5FN2Ztgi4Zz+i0KDPb9k88N8A9SKFCuYj2nWx13XyP7M39zqHTWus O1zN1uZjJgd2kEkECdj+zg8ywxTf7glesJvdB8v91qFU+EFnVE827wuxUkDVva3vLXbU aC1QyxWGrwYr3IVsTwe1H0IYz88jtu+MLLv6clXgHNDN8gVIvfHQFNs1Pt+M/xQxPNOT 0iJsXx6yZEosNHlJLdznj1U+DVCY9oa+D+wmYZTzfqcuzmxwMMVvxt8t0W68UeCLYxuq CmFtAsIYNRngwcabN8oQnefnXF1FMPR/d29qV3MX+IbQoKJxvxqw0FKs7dj3Jy4Jfaqq lx7A== X-Gm-Message-State: APjAAAVo+Hy1uSHbVN67HctE7S6U/vito0sDAGI70VlwhQ2m2tuksfLB qinCBbTY9lHgBR+onnaFMSuqIk6Snxc+Ww== X-Received: by 2002:a05:6000:42:: with SMTP id k2mr41127827wrx.80.1565024520249; Mon, 05 Aug 2019 10:02:00 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.01.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:01:59 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 18/30] crypto: picoxcell/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:25 +0300 Message-Id: <20190805170037.31330-19-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/picoxcell_crypto.c | 21 +++++++------------- 1 file changed, 7 insertions(+), 14 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/picoxcell_crypto.c b/drivers/crypto/picoxcell_crypto.c index b985cb85c9bc..c43c0b183f02 100644 --- a/drivers/crypto/picoxcell_crypto.c +++ b/drivers/crypto/picoxcell_crypto.c @@ -6,7 +6,7 @@ #include #include #include -#include +#include #include #include #include @@ -738,14 +738,11 @@ static int spacc_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - if (unlikely(!des_ekey(tmp, key)) && - (crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (err) + return err; memcpy(ctx->key, key, len); ctx->key_len = len; @@ -761,15 +758,11 @@ static int spacc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len) { struct spacc_ablk_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } memcpy(ctx->key, key, len); ctx->key_len = len; From patchwork Mon Aug 5 17:00:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170595 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538175ile; Mon, 5 Aug 2019 10:02:05 -0700 (PDT) X-Google-Smtp-Source: APXvYqwcL5F3FZMAiEexf8JIOCn74fzGVexXvEU8V0DTgkNueTpCT0FReuwPF7fsMLWnFdmS+8dT X-Received: by 2002:aa7:9407:: with SMTP id x7mr76622368pfo.163.1565024525803; Mon, 05 Aug 2019 10:02:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024525; cv=none; d=google.com; s=arc-20160816; b=QLuJUm8DbKeUqiseEScIfyq8BqmsiK3fmvHFw7z0cg3jmtaVau/GUgzMQLA9sW8P+P vAPpnzmOdXzyKY7Wa9I9QN7RIAnHTMu+HYEFGK+LFaxZBwv/aUuZTXrb5pzgsdGHRvAA pn7pE8mSmOn4lPfPDGXtGw2rs2FLB6eklrC/ihNdfhBQHNOs1x+ZWiVcoTuCoU1Mq5wR Q9ZcwEfATST2XjA8X4Pw9spWrQQX023b8N46bTtfNsuzoKIahPQueBC88oKTVQSs/DHP GVs+3z1JA97jhVxTg7xP+IOiTSWEQIBf0Hf3ikqIjix0Wk2gNDzQa9Leald9jQ1qMIDU g6hA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=r7ls2DjxpPhpnSXgla0/xrMuG6IDqfz30uB5D7zV4eg=; b=lmB8HdqaESVJDUImIeHXblYBiZNTMzQnFakTdpeWR9Z8ej3zY0hsIBgm3wtP/sDwZP 0NVqT/q74DJXSaS+m6+2OFaluaHmAkxIM5jC5mr/gJikaUOlNqFclL17povPP94ySDgF gkgFu1Miml5qx/GKXjEQFZ83VAQAagzfinLfoK3WJUmE9sYC11KTR62aFdZR14g2N/Sj q1et3c+/op4NpVq3mwq3zzGFmuXn5ij2fhK3bFJH+jOJIyCA0/Q5tnrRyYwR+nYsoPne tcyyDq8Kf6t6QASPWKZjNF+nv5fdaSO6f4z/Ocxnm04H37eCdsdapWhdbD0VuJPdyDmQ 1heg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bUrIic1R; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.05; Mon, 05 Aug 2019 10:02:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bUrIic1R; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729885AbfHERCF (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:05 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:53215 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERCE (ORCPT ); Mon, 5 Aug 2019 13:02:04 -0400 Received: by mail-wm1-f65.google.com with SMTP id s3so75433441wms.2 for ; Mon, 05 Aug 2019 10:02:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=r7ls2DjxpPhpnSXgla0/xrMuG6IDqfz30uB5D7zV4eg=; b=bUrIic1R02Ou6MH2xLxKoZIHEo0CSPuBtMlSUf1eAa5cnjOmkc4XqMq9wcU61nNLJi aw27qNyfsf5VhUCJIPmNVEVgdyzP5DMMRk4YNR4/xuDPgGk3stuGHkEQGtlYA60EvaGi P1oHlxG2cqDUG32pG2Or6HCG3vR2wrIGLk88vEqwVwqRxiddQzLqMm4nHVPTGLntqOY2 sUBhWNjeNQJjFSlG6qc4B8UgXJQbZRPV+5LL6SsemnGW1Xep1yqLHI++CeTq1NEE75ZH Yp/rE/hRt5KT9qVJEt8lkpTPFeaCbhpM7ndu9HUxJwdZD/Yv9te3ABRDpMCKBbAuct0R 0oow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=r7ls2DjxpPhpnSXgla0/xrMuG6IDqfz30uB5D7zV4eg=; b=AS2xLpPi0kRVMJ4sNvu41BbkCJJmy8srcmHvawrnhBVBPV1jo2ZKKnxL6X5YaPsJtv WXXvpwt0HIp9cFO//p/6P7fEpvkVO9gS7hXG6MVPgua8LtVxUJlk6hCh9OkAaWahueQx Kv6eNd966BoMgIEcnizFG5GpT4MhVEMH6upBwwE4cU+Yup++T2XAG2Zwn8rAjCBNeozE udM2SQm6D89RBQzx5cRauOnrRToTI849MOmFIi+aIRKd/hOgK6wkZ4Y9rKKCndUVdkTP LCZtVzxS0uOTi63hE7d8d07D6P3hxxD7Oa07vlOeIXV+k7Pwgvox3G2z7Mr54LugVtM2 GQVw== X-Gm-Message-State: APjAAAVtegkTNSVct0OQzphE0IkKLMnXhFp0/8tsicAUc287ZxrnUkMk KAvi3EFzk91rJ3ZhISj7NIASJVIhnjEU5w== X-Received: by 2002:a1c:e109:: with SMTP id y9mr18615191wmg.35.1565024522647; Mon, 05 Aug 2019 10:02:02 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:01 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 19/30] crypto: qce/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:26 +0300 Message-Id: <20190805170037.31330-20-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/qce/ablkcipher.c | 55 ++++++++++---------- 1 file changed, 27 insertions(+), 28 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/qce/ablkcipher.c b/drivers/crypto/qce/ablkcipher.c index a976210ba41c..f78f47a18a3e 100644 --- a/drivers/crypto/qce/ablkcipher.c +++ b/drivers/crypto/qce/ablkcipher.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include "cipher.h" @@ -154,27 +154,17 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(ablk); struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - unsigned long flags = to_cipher_tmpl(tfm)->alg_flags; int ret; if (!key || !keylen) return -EINVAL; - if (IS_AES(flags)) { - switch (keylen) { - case AES_KEYSIZE_128: - case AES_KEYSIZE_256: - break; - default: - goto fallback; - } - } else if (IS_DES(flags)) { - u32 tmp[DES_EXPKEY_WORDS]; - - ret = des_ekey(tmp, key); - if (!ret && (crypto_ablkcipher_get_flags(ablk) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) - goto weakkey; + switch (keylen) { + case AES_KEYSIZE_128: + case AES_KEYSIZE_256: + break; + default: + goto fallback; } ctx->enc_keylen = keylen; @@ -185,24 +175,32 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, if (!ret) ctx->enc_keylen = keylen; return ret; -weakkey: - crypto_ablkcipher_set_flags(ablk, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; +} + +static int qce_des_setkey(struct crypto_ablkcipher *ablk, const u8 *key, + unsigned int keylen) +{ + struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk); + int err; + + err = crypto_des_verify_key(crypto_ablkcipher_tfm(ablk), key); + if (err) + return err; + + ctx->enc_keylen = keylen; + memcpy(ctx->enc_key, key, keylen); + return 0; } static int qce_des3_setkey(struct crypto_ablkcipher *ablk, const u8 *key, unsigned int keylen) { struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(ablk); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(ablk, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(ablk), key); + if (err) return err; - } ctx->enc_keylen = keylen; memcpy(ctx->enc_key, key, keylen); @@ -374,8 +372,9 @@ static int qce_ablkcipher_register_one(const struct qce_ablkcipher_def *def, alg->cra_ablkcipher.ivsize = def->ivsize; alg->cra_ablkcipher.min_keysize = def->min_keysize; alg->cra_ablkcipher.max_keysize = def->max_keysize; - alg->cra_ablkcipher.setkey = IS_3DES(def->flags) ? - qce_des3_setkey : qce_ablkcipher_setkey; + alg->cra_ablkcipher.setkey = IS_3DES(def->flags) ? qce_des3_setkey : + IS_DES(def->flags) ? qce_des_setkey : + qce_ablkcipher_setkey; alg->cra_ablkcipher.encrypt = qce_ablkcipher_encrypt; alg->cra_ablkcipher.decrypt = qce_ablkcipher_decrypt; From patchwork Mon Aug 5 17:00:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170596 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538239ile; Mon, 5 Aug 2019 10:02:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqxIPkr9Q3MzS7kF9HIQh+x8fJJ8vtWoq/b4Zzoc+LSgEOsfxu+EvzRuXq+vA3T8QYxIz/bd X-Received: by 2002:a17:902:2f:: with SMTP id 44mr147799606pla.5.1565024528586; Mon, 05 Aug 2019 10:02:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024528; cv=none; d=google.com; s=arc-20160816; b=dR8diuHahAdnHXx07C9NszhTB6B14V4+oP0K6danbNZIQZJfmPxEWqutY5/einAqzf hQ51flUMbHBA3FqHtyPzDUwR8RIECdecvRBwLd+8hnTAsTjvOpKiSxw2YQPK6bwxDQ+b /JC4SGm0qQ3MUVXRY9ZY12Rd6J8CtXpDLFM3cTs455drzuQZpf8Ajt6Kv4zk7JAKiNOf 9ktj4FdumHkeK2CxnmT1OYCRyG9XjcmOt65cgInZQXOf18kfHMlGPrPAhdsk/xB3k+DZ iJfHYVbszFAxe1Yo0Ed4AFCuEiLQbJU+jUPjUqeQGLuhZS19QJgnUcWLSUwJZM2EWKUc OYiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=wfAyMSI+isugVytbOn9ACte5k7G1Dq3BijffxGwub4E=; b=HRyGlvTHvRVM0xKq6INLC1iZw22B2zp7X6Q+t48VcLQw7lbWfNrPPZcMj9YcJXNUx9 3r7QMu+g2hE3AEy8X9jCIvKC5FwT5omr9IBYagYsXOF599DFrge1NZIKlVHca+XMNPUd BjyNn22PYxQXic47MZM6ayl7J/0Y/lfyKD35qssf0pt++Bi6IqwF9Q0/RisbrQElEZP7 SozDl7RieLCxBCfoziRYpRirD4IRRUd0YLtn9vGSWlCrVdU7qnGy+5JP1qp8444c25ZT vkUsJAEUtvhmgxuEO3OozcA8bGDYz/5JZdco5eiovx3u4iQjvgol/1AihrkuZmCOMRTo XjLA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Ts7v1viZ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.08; Mon, 05 Aug 2019 10:02:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Ts7v1viZ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729894AbfHERCI (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:08 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:39334 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERCH (ORCPT ); Mon, 5 Aug 2019 13:02:07 -0400 Received: by mail-wm1-f68.google.com with SMTP id u25so63359138wmc.4 for ; Mon, 05 Aug 2019 10:02:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=wfAyMSI+isugVytbOn9ACte5k7G1Dq3BijffxGwub4E=; b=Ts7v1viZxWFV0xstSX05mcvYZM/jVEHylW+yNIedZVv8Up56sI/xkesfTrKWtdnWvg LRZHulRy/K0KI7zZ/OtiZcWjdxtimzKtFfJFQHekltcErF1w+zTn+BEz9plQrQsJ2r8O vo6jIsjziYhPBJXHPqSDdSFcVyfv76S0mGhyxBU+eddUI6VRZRfzjWU2A1fw6jpeAB3r IUqJ2zpMOz6Ssgz/tkGMX9b4eci57MMGDNkzFlRce5MpgmI0WlmwTlPwsySYfJOXlKtp F30UpMbK1bxe63oh4Fpwv2/EfU/YPkWoJzHwo94zAQJqHbJqu2u8ZmZN5zYa5bDq9m45 BD1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=wfAyMSI+isugVytbOn9ACte5k7G1Dq3BijffxGwub4E=; b=khvBW8PuaOytXJanNeMnOSva21blFRaQXcx5uN4Vt1USft9lKDNG0CnrMotvunL+sM J+G7p7GuOBjQb4omUU788Bw8pXW9C6W2ElFyokvIot7w2buGBGDPm8JRh0C3rTprwDpr YsxLvOEU3AHx/4X4uC4TnIfTJvXLLfei+p80OTRxCyjt9LsuIbs17pZqqnH3JD8Xc9En sy8XHfxzA/Budz7Q3LVaMcT1ZgdgWHwkkKxkin8ueSMqDxOlmkgrNeXSRjTaoMVmhkBy Ici64MMQqPdxthS41YdRCMd1nWOw7DJSEKXqeDpE7OJyss8tfe5W9S5tfe/CCFqTnaTu WGUQ== X-Gm-Message-State: APjAAAV+nYINglTmrl24hYpeNdrcNNoBfXXh0rwH0jQzHvdJFRcFjvtp 0pj4EfFJnv+7Mngjb7xUJNCazPfR1P69/A== X-Received: by 2002:a7b:c745:: with SMTP id w5mr19157602wmk.21.1565024525494; Mon, 05 Aug 2019 10:02:05 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:04 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 20/30] crypto: rk3288/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:27 +0300 Message-Id: <20190805170037.31330-21-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/rockchip/rk3288_crypto.h | 2 +- drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 21 +++++++------------- 2 files changed, 8 insertions(+), 15 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/rockchip/rk3288_crypto.h b/drivers/crypto/rockchip/rk3288_crypto.h index 54ee5b3ed9db..18e2b3f29336 100644 --- a/drivers/crypto/rockchip/rk3288_crypto.h +++ b/drivers/crypto/rockchip/rk3288_crypto.h @@ -3,7 +3,7 @@ #define __RK3288_CRYPTO_H__ #include -#include +#include #include #include #include diff --git a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c index 96078aaa2098..ec84c2374b90 100644 --- a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c +++ b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c @@ -46,15 +46,12 @@ static int rk_aes_setkey(struct crypto_ablkcipher *cipher, static int rk_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); - struct rk_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(cipher); + int err; - if (!des_ekey(tmp, key) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; ctx->keylen = keylen; memcpy_toio(ctx->dev->reg + RK_CRYPTO_TDES_KEY1_0, key, keylen); @@ -65,15 +62,11 @@ static int rk_tdes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } ctx->keylen = keylen; memcpy_toio(ctx->dev->reg + RK_CRYPTO_TDES_KEY1_0, key, keylen); From patchwork Mon Aug 5 17:00:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170597 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538297ile; Mon, 5 Aug 2019 10:02:11 -0700 (PDT) X-Google-Smtp-Source: APXvYqxjjotTudhcJPR+IM29bBJVoCHbcQnm51+rU8WXUaIV0mGqg+RucRcm1GeLhCT9cODoDKfc X-Received: by 2002:a17:90a:b115:: with SMTP id z21mr18880025pjq.64.1565024531224; Mon, 05 Aug 2019 10:02:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024531; cv=none; d=google.com; s=arc-20160816; b=J+RQmjY5hIAlMDXPg1tuX+GXsxCMhMIQ7ren3WbbWjvDAMDHkj5is1X+lqWuyWv5jh kIx8nTz0wciAvNREKWWFMz5XRnBhQNtWUswS0bErqat/e42TteArf+cAFo5ePxGvlguI Hi0hF2iI66RCdtjkg5YdD0cietfDS6abFKwrcHXUq3+paCPKOGgKG7LOg5xo+8CrkBig OFgrFxrfIiJ19m8/NLv0tgFGETidkblRhDqiRsQIRINRQPq20bWJFQC+yMYYdxTAk81S T+lB1gRSUJNZQSr6UplHabxOR0H7kKFgHt8jy2z6cNHTxzzElYp3Hd27h/MRur+ZmQsI dJ7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=9oZqlT+Ip3tp7/dloqkra7bobLN3ro1GYng6jmL31Tk=; b=p7RbiR4xeuvqoX/VeFEMIBlSzqohvr6ahUnRIHmhoWTDLaPYjypfN31ldCrF7Ovo7t KIU+kP6SuCqRJvvJ+zHuMw6GFi+cM3SVJLROGrCSaEYItioMhmDCEX0McgOXgn/6y3/K kiQSA1zayQ7wiuqt4hYCve0hzKbLnRWBTqqmajaIbZkBRbFhTIuzyp+X1JNp867DsXlk PiMIWDmJF39XkHFRTQRR+3xydTXJbW34xXTXo//Uo/zX9PY7/PC+0hI/o81ajTBjmULX bawesWX+5wnEGpMz1C0rC/e9enspaIIOe6RHqAKfWQmTexOiEyLXksV0+Jj1Qdad+eLQ iWYQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=X1UdoxMP; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.11; Mon, 05 Aug 2019 10:02:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=X1UdoxMP; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729901AbfHERCK (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:10 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:39339 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERCK (ORCPT ); Mon, 5 Aug 2019 13:02:10 -0400 Received: by mail-wm1-f66.google.com with SMTP id u25so63359296wmc.4 for ; Mon, 05 Aug 2019 10:02:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=9oZqlT+Ip3tp7/dloqkra7bobLN3ro1GYng6jmL31Tk=; b=X1UdoxMP1PP7LGTgUczoAeG0wCY3NO6KnJO8Z67dvA4HZCTI1G2Tiv/dk7bhcssspG NY8nhJTVfzG8FM9WKP9ZO/r1nKm1pzdlCb1k+uZ/yeebtohCL5e16MQ2TDY0DB82DZJc RLNMBij2B38h/eau5N5tUDvdNGJr+ZeQyngGtnZvWJGtCpmR7UnuNBApPhU6IrSGOd2s sAftOqM6iX7TrO4T9vAmYb3DaImdtibk5g6lsDUhAtGc2xFjI/ihnsHCo6wWSbPNNn1u iBK8MnMGLf5C13mcZKduTL6R96ksXSCfiAbH5J6j8wy3j3Ef4aYJOwMoPSOlJhvRrYGQ qCrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=9oZqlT+Ip3tp7/dloqkra7bobLN3ro1GYng6jmL31Tk=; b=BOPnYhIhiDleC7srpTyHEPnberPWXQB0cqPJ1K6+NFb4kYFtagKCCLWDZuEoBR+mMc TWcvJPEtYMxF36K1/l1glbgOb03KjJYYVPkmAZg64tKXTnxKyDPTeSDF7ahz5atVon8t C9KGjm+0UiPsDPujqt0rDzNrgVlSLD2xB0B75AJRfIkyIV6LCz4eLvpMI5SFGKFZdI97 tVuuwAsNnk/3HB42iqFZOvAtHMyWtqVizdTa7wdVOZ5ONbQX2A2eIY9MiotrIHh5S4hm 0G3NU4D3+LfmYBTfMIV57bCS8PmwdDrR+NmqytPVZZWW3WHkFBHWVHPyX9fzKpesDD3/ NJgA== X-Gm-Message-State: APjAAAVIh4mNNTGwyzkVcQf2YnS6cEvZUAtgILJ7wxrfsOYnz25PLnUE xledb/Hoooy4arR2SUNXCqRNzeUNGwV64A== X-Received: by 2002:a7b:c7cb:: with SMTP id z11mr17846582wmk.24.1565024528609; Mon, 05 Aug 2019 10:02:08 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:07 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 21/30] crypto: stm32/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:28 +0300 Message-Id: <20190805170037.31330-22-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/stm32/stm32-cryp.c | 30 ++++---------------- 1 file changed, 5 insertions(+), 25 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c index 98ae02826e8f..a704b1d38436 100644 --- a/drivers/crypto/stm32/stm32-cryp.c +++ b/drivers/crypto/stm32/stm32-cryp.c @@ -15,7 +15,7 @@ #include #include -#include +#include #include #include #include @@ -767,35 +767,15 @@ static int stm32_cryp_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int stm32_cryp_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - - if (keylen != DES_KEY_SIZE) - return -EINVAL; - - if ((crypto_ablkcipher_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - unlikely(!des_ekey(tmp, key))) { - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } - - return stm32_cryp_setkey(tfm, key, keylen); + return crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key) ?: + stm32_cryp_setkey(tfm, key, keylen); } static int stm32_cryp_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 flags; - int err; - - flags = crypto_ablkcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(tfm, flags); - return err; - } - - return stm32_cryp_setkey(tfm, key, keylen); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key) ?: + stm32_cryp_setkey(tfm, key, keylen); } static int stm32_cryp_aes_aead_setkey(struct crypto_aead *tfm, const u8 *key, From patchwork Mon Aug 5 17:00:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170598 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538371ile; Mon, 5 Aug 2019 10:02:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqxh0h8eaJJ1JMQs+S1dZtat5zniljVcjyWCE/CuGp55w/Jh9Sg8MY6wlZ335jN3bfQ0LSmN X-Received: by 2002:a17:90a:8d09:: with SMTP id c9mr19352229pjo.131.1565024534434; Mon, 05 Aug 2019 10:02:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024534; cv=none; d=google.com; s=arc-20160816; b=WB8El/65QYC6oXH4onH+i6bKG+E5/CqTNkpwpdyGBOEAGj2Tmjp8+BZvEgHCJbAo4h Yd6rFTNLx1TbUDxEK1tdWoL4hKRCIsY/uFHnOABMFpOy5Pkv93O0Yza72jh1P2X9E4FA DdO7padt/pZscvPSdlvxU0g6KqN37X7V3bId36bBTCnR4am2WDWUB5m7Cus6bqo4405p cZlA7XSN6TJGCFCjdAYp/frAR8uBTa630SXbdGoBxmd/FdMexcATATrRGQQx1G0Kz3VF oGeKyaay+tODbqScNzqN/Wk7A28oG04YeU0rATb14NP9CORk36CLDZ4yT15mzv790sjf 32og== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=NxKnA7gsQLuCY7H7UCMT6enaWZhoSvhIsSc6hz2ZNrs=; b=tTjAB3R6pPkUJ2WVxor8pKYVDPiDSVLgAXG6FOwCCO1EC0n/tsCzQ/m2ppbpfuqb+b DoqpODfgc0HfMifJVQ7bUUSdAJdtd3tllr6gTPCpXPqIG54Zjmm89xTuLaNkKx64OHcn HpZzX7tJlkjeU5wI++4V2Krj2X77yethahTF42U1W0eLBfmK5s0qzMKJbBb9eCAGd/kw JBCL1vWmNaxJHeb7j+VHeVIiN6ICjt0y7YqEyi8mX/tBd2mn+0v8q9cldrTNFEhes3+Z 7C6pTGUwwv5O5zOAl1S02awzvYEP7oj0Fj8v7J0gWjZLLkvA4y+QoyNWw6FuZZ0PXjBB GVAg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MpFng02s; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.14; Mon, 05 Aug 2019 10:02:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MpFng02s; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729902AbfHERCN (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:13 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:34948 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERCN (ORCPT ); Mon, 5 Aug 2019 13:02:13 -0400 Received: by mail-wm1-f65.google.com with SMTP id l2so73683078wmg.0 for ; Mon, 05 Aug 2019 10:02:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=NxKnA7gsQLuCY7H7UCMT6enaWZhoSvhIsSc6hz2ZNrs=; b=MpFng02sBM6hGzSgB7Y5yMNXl4UkHWRQzNsRSmyvKzTzvUnC4j+hlkP6nSe5Wan7im 7kipmhit65iJfi7tOXsDVEJkaoDnvXOy6GdOKWviYXEdG84K0yEx+E3T4gRKXVhTgRzw Yr6fOFimUwXXJSDg/KCX3v1HE++SxfbHMmWbzbVXuQlNmoGeK0xnlPDqM9lbBHjHkelW xGMCKUEQsjYOuKIX94igrE6QOXqPCb7bpPBsCNYSdyjLlllzmMCSFn5L66LdJfikuy6d S1IPuLGVo2D1aKzr40YQa9PU2JipoQecuhSqJ0W2uY3KGSrfC2i7xI5kia/iCsnNp1Zy TbuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=NxKnA7gsQLuCY7H7UCMT6enaWZhoSvhIsSc6hz2ZNrs=; b=tgVLSosm5suey/diEz/azs1uN7wnEK5sE8nBBjSKHvHZmwVuQmr1/gONZLviDzQHEI OEp1VPLi4f30Qc+HLgSDg5wzzZgdqM1FG0TJ7rxI5hzBDQ8MNxv+YzYfOC8dWM1kJTp2 b5ae1EWiG2Jp9B0Oa+JjE2pVRm4Wuq+F4JWZafjx0g7YP+hSuTJbGd0jNYy8cNnDQTJL Cs/lcXy38PhqFFRzCy/6mFvklELUrl38M93QHI20+7KgqFA5Bnt2sB5HEY5j1oQfqUa3 SSXju24oX25Ot86SC6Opdyemy6anUSnny5WVOrdWn5hr/c82U8+6CMUmuGprCsWrvB0a x01A== X-Gm-Message-State: APjAAAV4L3VjrJ80K6DmHRMJxBZTki5x4+psmbwhRKM+rapdrPxLEjtr XJZ3mLbSlFX08kHhEpLkLn+2SZ9H8QIqUA== X-Received: by 2002:a05:600c:206:: with SMTP id 6mr19470917wmi.91.1565024531061; Mon, 05 Aug 2019 10:02:11 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:10 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 22/30] crypto: sun4i/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:29 +0300 Message-Id: <20190805170037.31330-23-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Acked-by: Corentin Labbe Tested-by: Corentin Labbe Signed-off-by: Ard Biesheuvel --- drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 26 +++++--------------- drivers/crypto/sunxi-ss/sun4i-ss.h | 2 +- 2 files changed, 7 insertions(+), 21 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c index 6f7cbf6c2b55..1f2557809fa5 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c +++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c @@ -542,25 +542,11 @@ int sun4i_ss_des_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { struct sun4i_tfm_ctx *op = crypto_skcipher_ctx(tfm); - struct sun4i_ss_ctx *ss = op->ss; - u32 flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - if (unlikely(keylen != DES_KEY_SIZE)) { - dev_err(ss->dev, "Invalid keylen %u\n", keylen); - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - flags = crypto_skcipher_get_flags(tfm); + int err; - ret = des_ekey(tmp, key); - if (unlikely(!ret) && (flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - dev_dbg(ss->dev, "Weak key %u\n", keylen); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_skcipher_tfm(tfm), key); + if (err) + return err; op->keylen = keylen; memcpy(op->key, key, keylen); @@ -578,8 +564,8 @@ int sun4i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key, struct sun4i_tfm_ctx *op = crypto_skcipher_ctx(tfm); int err; - err = des3_verify_key(tfm, key); - if (unlikely(err)) + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key); + if (err) return err; op->keylen = keylen; diff --git a/drivers/crypto/sunxi-ss/sun4i-ss.h b/drivers/crypto/sunxi-ss/sun4i-ss.h index 8654d48aedc0..35a27a7145f8 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss.h +++ b/drivers/crypto/sunxi-ss/sun4i-ss.h @@ -29,7 +29,7 @@ #include #include #include -#include +#include #include #include From patchwork Mon Aug 5 17:00:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170599 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538441ile; Mon, 5 Aug 2019 10:02:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqyYzu8SxkZGyYa84xI0zxYQfyi9ol4qKV3t5ON+FKcg/zSNZUtuQCqShD+774Z8ukw1yB5w X-Received: by 2002:a17:902:467:: with SMTP id 94mr144076170ple.131.1565024537150; Mon, 05 Aug 2019 10:02:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024537; cv=none; d=google.com; s=arc-20160816; b=u+0Ax25yMBGRzJ2FtCxbmPHeuLM0tkcuG3KDokVXLjIO+6x5wQQyi8ztylz41nIDmU b1ScLjvfybBwu2qPo4PBZ8yXTFHgiZ7CgCNaJMOtwhM/w/7+stzfZjtRw00gLYaA1/kV JTmDIOrZIzYDQz5qrTB5vc8zbl1pJkwofaALh+4gdcY9nZWAWYUM2xT/bDHd2mbnqBDL yIZ3hK8DVZZ/xmH6g+qeyQp1bXf1Xduc2V8SVRbNmSKD1C7hxT8SEQaA3qZQBXx8oXc3 G17rkpTFbn5xGs/rlJ9gPxb1341sbOFY+CUMn7cR935J7HCSKxye2AKPtkCNvV14GiR7 iqiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=VBCngyQGZmU8Cnfx0i/YpoNN6k5U5JO1wOluhtxvAhc=; b=wgx62VoXz9RgJ1o32NaSsvimyuvF2/21SLAC1KYM/IeUISkpZVYgjp9xOFt9p1+qEx rGm+WJIAvPQHJ41t3Z15UlBfKhFOvicDy1yIKCcjwel4rmYOS7VmgDPYd7VqQdeNfxgm pICNSPtEQDcVVz9QsWemeEX5SsA5cBXkrsdAP7aYisg5MLlUTOtpBJRSQhF30+kc5zIH AUrou7Ogmh9dygdCKqKxE2aPPOxUm7SsbBw55pzVFDlpCOa3uypmR7hRXBRhI6SaDOQ9 n4w+ih5CY/UdcLXVTpHM3L6jjHkoysvDa7SbnlrjMqE3EqdvQP7RBEfYfrYwUIRegjWb Ha5g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=OtKu8lUM; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.16; Mon, 05 Aug 2019 10:02:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=OtKu8lUM; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729903AbfHERCQ (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:16 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:39354 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERCQ (ORCPT ); Mon, 5 Aug 2019 13:02:16 -0400 Received: by mail-wm1-f68.google.com with SMTP id u25so63359599wmc.4 for ; Mon, 05 Aug 2019 10:02:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=VBCngyQGZmU8Cnfx0i/YpoNN6k5U5JO1wOluhtxvAhc=; b=OtKu8lUMGyewaxPEAnpt6pmXHYcZq4sAra7l7HBryG2SmyXXxK0f9DqyE5JPozNE0X /lmePcePlMcOusQNBFkOVcJBwG0g+cMi34XlQtU1w5NlrhYsWJPmqOyS3jX+R0sjwp3X PItKSGEfyeUKd3sUCiLDeA4859GS0gED1rhJHV4JGTCynVbnFxToEY/FSnIq9qah7cJ1 zmljdPeK7aCINXecvoLgM2zg6H/ivjYoNXmCaPW5cv+0fCtiG3vWY9YiVVVZQJOq/UIT XivZNX2vW60zl9rkqg/CGVhQkGI4rNbsacsAQ3qEMpY8GhIMzlroKPBCnN2tnkrQXZMV JkDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=VBCngyQGZmU8Cnfx0i/YpoNN6k5U5JO1wOluhtxvAhc=; b=Rt/jRTu6StvFmSp597LHJJX7VBmwzQ/pxGuD+87QuMgKjDK8cw6s8FyId/Po0rZzuf szwgKOefE62UQWgMu61P40A1et1O0LtzA++rgs9Liqi/LsVt0csGMS1w6Yp11/yk/AzY QMVnrvZu5KWbyeyr54BQwRUDlOXmuf5ke8516dDFvxqsXfBmQuY4kaeNU3Dl4HIQv3jS fNH9fy9PdIfF8fZyXS8YlvmPfBQPtZHufIldf3HlmOizpyYPnrmxu7xFE0Sn6ZApACB8 c61Fep0q22SRE/m6kTrxJwrqaCDSnUH9NVY68IxOYsuw56mGXLJDc1bzvR7h7KkbQom5 0Psg== X-Gm-Message-State: APjAAAWg5WuckSTwXksSuRDqbN0/rt3G1oLUmu24VkQTXTVW4ILqNYnI G46J0ktFBGKouhBW48CU1K7WvYrx4AG64A== X-Received: by 2002:a1c:4054:: with SMTP id n81mr19961719wma.78.1565024534111; Mon, 05 Aug 2019 10:02:14 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:13 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 23/30] crypto: talitos/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:30 +0300 Message-Id: <20190805170037.31330-24-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/talitos.c | 34 ++++---------------- 1 file changed, 7 insertions(+), 27 deletions(-) -- 2.17.1 Reviewed-by: Christophe Leroy diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index c9d686a0e805..890cf52007f2 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -30,7 +30,7 @@ #include #include -#include +#include #include #include #include @@ -939,12 +939,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(authenc); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(authenc, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey); + if (err) goto out; - } if (ctx->keylen) dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE); @@ -1517,32 +1514,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - - if (unlikely(crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - !des_ekey(tmp, key)) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } - - return ablkcipher_setkey(cipher, key, keylen); + return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + ablkcipher_setkey(cipher, key, keylen); } static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 flags; - int err; - - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); - return err; - } - - return ablkcipher_setkey(cipher, key, keylen); + return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?: + ablkcipher_setkey(cipher, key, keylen); } static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher, From patchwork Mon Aug 5 17:00:31 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170600 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538470ile; Mon, 5 Aug 2019 10:02:19 -0700 (PDT) X-Google-Smtp-Source: APXvYqyE/C7DyGzPLDmgGtlTJxMIE50rYS+V33UirInfkaaZtzUSmGsbN7mdoct02BJGLWopcqpY X-Received: by 2002:a63:4846:: with SMTP id x6mr101791788pgk.332.1565024539609; Mon, 05 Aug 2019 10:02:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024539; cv=none; d=google.com; s=arc-20160816; b=cyWiH/o3sXo2ldL0irnuFc+RVHFhuOmLFOq1A411rXYAdMOpeMGWc2Uhk1KYRDB/R+ XGNlX63gp8KOZrMrBlUAwhyEUexMbfRfMyzvvHNX9FT4cNtGS+DRL6ugnxCOMcspxgGN lmhpmVpnXa6B+3J3AhBmELVqFw1OmzDh6SC/sYMELSSTYhUzFe6W82zCjiMCSJ5yzyVk 691sbonogExQcSXbhyhvbnBehFvVxkqWFt/oquUvj68p0rpyRcXo2myBdlGZ2YrAJ/Gm WHqdOhg0lTn6S4qFobLy6RUT0tjXzrffPuTE6B1UybMzzZYKuWJU2M8A0r8UGzmPpor2 uWaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=SK3G8mftmBkSyQQ38QCarXxu9hLxdoWAD1b59wF92Zg=; b=rrcDh0omZn8ryM8dYDlqHAU0ZWLduCsi+S9TrQM4NZ4pzksKuwtbOP31vtnqQGJnRF HXFxOlHAgdDTg9nWOOICd4+7eYxUadqtZN1BzEf8FVi1T05uO5DYWqGqh3lPT8doaEys hMN/czsSZX9xKrNhLeGvlQeDLC1I4dHpbWOukdnYR41XsNKMbAGdtLLZVxpTCHTxnOAi /dT6/RmaZNHiWd23geLbec9QtfYHzVNVcgDGfnRMCf3t86ebTbm8IRjWwi60pbctzW2u FreStfrA5ZppKxRsasffGp3PY57LYEvgWABtlLfaZvzZJPFzaI67tC24U/VFI8WWGauJ xgTQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=o4WRoOJ8; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.19; Mon, 05 Aug 2019 10:02:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=o4WRoOJ8; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729198AbfHERCT (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:19 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:41328 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERCS (ORCPT ); Mon, 5 Aug 2019 13:02:18 -0400 Received: by mail-wr1-f68.google.com with SMTP id c2so81915793wrm.8 for ; Mon, 05 Aug 2019 10:02:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=SK3G8mftmBkSyQQ38QCarXxu9hLxdoWAD1b59wF92Zg=; b=o4WRoOJ8Uwn4tZuh2mtviMkMtPpXMeYPQcz9zx4O4FJdwIcf4G7bilSJf91U4KRLJX qP8yzH+dsSxQKK6+OaY9lhngFyWoznx73Svpmo3BX6Fqgnas3qpeuF5cbnVPrt2FzB7c jSg55l5bIr9Yt2nuWYcLIjle4w/lqQjHHrnmQkc1SbaaTB3jjBya2IAU/E7KdpRuMjcU LOtRmy+1q/MearQ326eNUN198w5wR3UXpWgqgOespSLXKiLqvJ915Qy3xXdiXM0uIw0X fQ2SIWNJMce07raJKku08P8h/T7wV2xIZi9jBxIAQBYnZdSxnGhZwBOuURS3yxrqZCK+ FRpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=SK3G8mftmBkSyQQ38QCarXxu9hLxdoWAD1b59wF92Zg=; b=Jlb9MCGit9p3bYAUYVL5eicpx4SF4C+7eu9aDlJmThPUNgWzosgJHDYXtSJral4BGt /oI//6TCwpkfJtDA0JueLDPWb1OqVk2i32tKdqVTMikD7qcXkoaMlULbCJWtWBMXUtz1 9kOGKELxhFdZrLbZp/YltJK1ymsdQShlJQyfhNgvImk6SqK6OugNCKeEsJU75TwGqAT6 UWRCk4iZ6+D7GJHLUonqrSSbtQq7BQdatjM6cDseOjGuThl+04Sume+S8lMNr+Nt+DZr ZskI+zCnPH6a6BLt7a914IcB1RWe/oEUYYzXKlLZo22xN7gsleVoXtLzrD7F4cGRrBoO wvIQ== X-Gm-Message-State: APjAAAXI2Yil/Y6s9lfL0vggaAiEDMXT5LOrLusWSxwgcTfNYhLzGMJo 0TskKhAv8xazyBNTfCiddEJ4ppTz41HweQ== X-Received: by 2002:adf:e343:: with SMTP id n3mr125259033wrj.103.1565024536548; Mon, 05 Aug 2019 10:02:16 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:15 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 24/30] crypto: ux500/des - switch to new verification routines Date: Mon, 5 Aug 2019 20:00:31 +0300 Message-Id: <20190805170037.31330-25-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ux500/cryp/cryp_core.c | 31 +++++--------------- 1 file changed, 7 insertions(+), 24 deletions(-) -- 2.17.1 diff --git a/drivers/crypto/ux500/cryp/cryp_core.c b/drivers/crypto/ux500/cryp/cryp_core.c index b4beb54c0dbe..34fe3f36804c 100644 --- a/drivers/crypto/ux500/cryp/cryp_core.c +++ b/drivers/crypto/ux500/cryp/cryp_core.c @@ -29,7 +29,7 @@ #include #include #include -#include +#include #include #include @@ -987,26 +987,13 @@ static int des_ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct cryp_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 *flags = &cipher->base.crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; + int err; pr_debug(DEV_DBG_NAME " [%s]", __func__); - if (keylen != DES_KEY_SIZE) { - *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_BAD_KEY_LEN", - __func__); - return -EINVAL; - } - ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && - (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_WEAK_KEY", - __func__); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -1019,17 +1006,13 @@ static int des3_ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct cryp_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; pr_debug(DEV_DBG_NAME " [%s]", __func__); - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (err) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Mon Aug 5 17:00:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170601 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538551ile; Mon, 5 Aug 2019 10:02:23 -0700 (PDT) X-Google-Smtp-Source: APXvYqy8GHnzwRARS9nOTntJZ8mLCZQQ44mPQ5ygvoi2CnuoZMb6sat5VIfLT49EH/ol2HBWDvn8 X-Received: by 2002:a63:6f8f:: with SMTP id k137mr83895139pgc.90.1565024543057; Mon, 05 Aug 2019 10:02:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024543; cv=none; d=google.com; s=arc-20160816; b=P2mvbjfPePnRl7zIdeuANNe+7RCKOEAxP3KgvCIB/dvd/cFoJ11y3rZXjHB+LI2RRA pVnfM0HbzkiPjUXTxsLe8nzhhUwejwO6L0JsKAVpO3YlDabeFlbh7fW1j2FZTUL3daob ui0O8hTE7/sR6xM7clY+2aqIxZ+Hu4ccxj74yvUprlJyDMvo/jzxEnzZyMDMbc5N/eMz hKP2d8kloRwiQRDcPDcDUx0b7jBYS/V9SBxnkRtXxwr+nQKSqsgcu3RasR/Azxy95A3Q YE/42Zvl7GxEFR2C24PInQUsCUGtUk4keiERfcyau/agHP2WMA5q4ORy2u6RZeY2uMAX 2UwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=uex6NH3fEHD2Fb4AO2tkVhWWyS7SvDedMCikId0x2XQ=; b=dsV3DqcPfCqSHtZFRY4k+wZmmMxuuBnr3zuTt3ksKb+m/0eZ2Zr94PfpSqexvmBs8s QK7Tz8Ep8bp9wrZWJiXnm0v3ObeH3z5MAp3eOFgwORlYvYCqIe3qsTU6YyMf3qERv4p8 uAnpn2NsrrUaJNu1g9gf0hessgxF4WXeXAXDG74qOCY1Ks+O19JICIUhiOZ8SkNndxcK 9ikKWPj/+CV4yQ7AUhd9AzR9pA0v8Z8iPYuWzAjOMZxlp4mP9lSMx3nyI0p3mPxLbTTs nWft3xueO7Zma4NDIzafo5oTnS4O/YAg/DdbiJS/bpZJLI6YJTjFlbqt/RAQbmY0+2Yq 9z/w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dAejN+5s; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.22; Mon, 05 Aug 2019 10:02:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dAejN+5s; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728870AbfHERCW (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:22 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:33725 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729780AbfHERCV (ORCPT ); Mon, 5 Aug 2019 13:02:21 -0400 Received: by mail-wr1-f65.google.com with SMTP id n9so85263784wru.0 for ; Mon, 05 Aug 2019 10:02:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=uex6NH3fEHD2Fb4AO2tkVhWWyS7SvDedMCikId0x2XQ=; b=dAejN+5sZrwEBwnrbyPfSWqjSePeLrWDFqTl+erYCwebfqu7XJcPIvc2K0oyjsG/wO HL4XfoXuwIKhGuV1snWU57SPMHU4uBeGuyzzDSFDVr/pm1oFx0dEAf0z6z1Cgv8vPBUh n0OY821IrmDfBp6Hy78sXmgeEtzah90DSuMBJG4CT1Cfi6AhIMx23YFQ/OyPAUaUudDO 5XR5HEv7uJGHeuWmR3MYN8bvlVEJPkcWABNCbj/FRjU4O8rDrNxfN14ApvuTq86M20IV rcPiBM93eo2kfJcpAyYpSxNh93oFUTJT6zWLRoXFwrfhxdtD4YsymK+GccKsm4L2jO96 p0pA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=uex6NH3fEHD2Fb4AO2tkVhWWyS7SvDedMCikId0x2XQ=; b=iO2Q1k9Qn+4wjIRtm/FlewCguUiwZZwCERmq+/eeB9c/nh/iKonMtpwp8zGdyFU9p5 +vIa/6p5dhHzXtAIn5jqcaR4wBkZZW9vRyBRX/QvcIrsAz/C/HlpsFH18woLh7beBGUi IQCpyD0Qm9KV7Rly0BsKlMhKYYFHZvkfXBjWSSyj+ZicKvfSSF9tOsIzsQfYaHV5tK9t kw1uJzR/ieEnIGz4TMjH+zvCj5iE47fVhwx9ZPXFqa+MybID0KI0mfjl5j8qLuiBIYtE tAbiWUtKLnxikfXB87ovbzc68Uok+dn3SpG0IP82IHOC+mCJgHyi39C58C/m+GI5ef7v ghJA== X-Gm-Message-State: APjAAAUiPDTH55bSzYfF4XgkCWWZz+lpm2rdVtgFLBAMPcm6uRuFmXFQ o/0TloXYq8KVCecmeT+MgXLQ9J1ZkEUSFg== X-Received: by 2002:adf:8364:: with SMTP id 91mr161962985wrd.13.1565024539552; Mon, 05 Aug 2019 10:02:19 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:18 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 25/30] crypto: 3des - move verification out of exported routine Date: Mon, 5 Aug 2019 20:00:32 +0300 Message-Id: <20190805170037.31330-26-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In preparation of moving the shared key expansion routine into the DES library, move the verification done by __des3_ede_setkey() into its callers. Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 4 ++++ crypto/des_generic.c | 10 +++++----- 2 files changed, 9 insertions(+), 5 deletions(-) -- 2.17.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index 968386c21ef4..ec608babc22b 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -348,6 +348,10 @@ static int des3_ede_x86_setkey(struct crypto_tfm *tfm, const u8 *key, u32 i, j, tmp; int err; + err = crypto_des3_ede_verify_key(tfm, key); + if (err) + return err; + /* Generate encryption context using generic implementation. */ err = __des3_ede_setkey(ctx->enc_expkey, &tfm->crt_flags, key, keylen); if (err < 0) diff --git a/crypto/des_generic.c b/crypto/des_generic.c index c4d8ecda4ddf..2a4484c8803c 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -846,10 +846,6 @@ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, { int err; - err = __des3_verify_key(flags, key); - if (unlikely(err)) - return err; - des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; des_ekey(expkey, key); @@ -862,8 +858,12 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; u32 *expkey = dctx->expkey; + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (err) + return err; return __des3_ede_setkey(expkey, flags, key, keylen); } From patchwork Mon Aug 5 17:00:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170602 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538618ile; Mon, 5 Aug 2019 10:02:25 -0700 (PDT) X-Google-Smtp-Source: APXvYqzynHK+Gl12lqMKp2xRl37akvOptFToUwgUu1XPog3/mM5BjVdGfnrDpbq2h6LxRxXa4dW7 X-Received: by 2002:a63:3006:: with SMTP id w6mr15519794pgw.440.1565024545458; Mon, 05 Aug 2019 10:02:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024545; cv=none; d=google.com; s=arc-20160816; b=I5CC9QGotV2Gw0I5prnQGBTp7DUguvLHOgrl2QxPGpjBWSghlWjRH72o8UZBaXxKwY NtV0D1wczZO6yBPKDWhZu20J83LT2Pw72WnMrlXLz1MHBWfQYLpzpUZ6R4mFyXcNfMlQ qYndZaArviWPnZ+qOckiyspzt11GhjQkq+r6DDZ0E/mUOeorF6DZPDvpullt8z50TjUn YJwPTfSB/RxxAOq6xZ7UDLwKDso3vFFjc6X1fUlzZhJs2yxLkzWzvMRXYTfnB4StpJmn 78xoRstMjgtcANnFwvPuv+2uiKY+n3rI2PYOWv76/PqAQDLMyHNI4vQabvFCdboTTLTn jIXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=pe1t6EIo+yRXqpRd0fashi/U/Hk4eqLBq4nJecNCty0=; b=uQn/eqGIw7GDcZzhZ8bpuN8yV5BgsGcx/HZ6AtUqAP23Y10onPpHXziJPckhW2uxoz LW8I34XhwTLoIJ7JBBWEweDBXVqb4XvJhBAFCiTdCTy4SXpY/hgnWDp9AKn1fQ0ATBKo PfSF8jJVj2xAWcc+rqGeAua2L1osq3TV2iYcUQattqcbHUX4TieVcosLO7/uAi+xVH1i SGjMCbGe6JMyDTUdgSbsFwU4ZGJ1a7fJSa9TMPXTYMl1N+Yr6xplaFlB4ShI71CncMC3 04AWZwNlGnMSY3i9En2KUwnu3E66difkWxj4WUAW6w9GnjIRe9LtFEgxuiB11EbGTUQ8 Sikw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Ox6TXqJQ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si44243069pla.80.2019.08.05.10.02.25; Mon, 05 Aug 2019 10:02:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Ox6TXqJQ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728837AbfHERCY (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:24 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:33731 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729439AbfHERCY (ORCPT ); Mon, 5 Aug 2019 13:02:24 -0400 Received: by mail-wr1-f68.google.com with SMTP id n9so85263888wru.0 for ; Mon, 05 Aug 2019 10:02:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=pe1t6EIo+yRXqpRd0fashi/U/Hk4eqLBq4nJecNCty0=; b=Ox6TXqJQFVqWJDT+hz6MGFOkPVyUXtopQ03D4JvexUQ4hxtOUMIVAGUKDxkaE+GxqI lEu1aYMazq0OB5bSnSaxvg9H2BitqLDHZiSNUOFvHa800ebBBHsPQ80ejqUzFfLc4Ho/ Y83QDq5XM1BA/lIY9nC3Oi/5Qt+0dEb9X8SKOPFxoVhzx2kAE0/OMtOJaZzxu3uxAnua 91bhw4EMDM4T/7JFMCiS2PfwW9aWigaRNI+T7wLYmwP8p1E9RjtO62VRE6fKdbmPpFIK qO0oVVtqylpXUuOjCzjIngvy0ATXzxDNTnO/QLwG8RsNO52nBkO1G9T4spjBsZB+4f1y 0wcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=pe1t6EIo+yRXqpRd0fashi/U/Hk4eqLBq4nJecNCty0=; b=GFYsBPT1VgKNXWYv87yOzxwuTB6343zYc2nch5izVU91oJnG4NuCvH88NEECVhDr16 W/EvnXUBIlY/uDDLTvNhYJ6/89jkGAS6nQEp+zWE+bI4qU4wFUPpSFuVeCPdLqQyy66Q Kn8z6Foy9XMNGGvkKlWahR6/lbBJSY9AK9Bx/ITV093ez8A6bFtpSiU65IGhiLvm5FMd j1NaWbPmZ2yBDtSuZ1JhkGJNs/EIJcJShaS04kvfNsr7xI6RdHysHzF8QJ6rGbYOxRov jYA1z+mwin2n7dLGLn47M70ODUURWuvwNzxu7EONzercwt8S19rFzrXzP6FZPtcHQRUK lB3w== X-Gm-Message-State: APjAAAX9gwV4ELLtBUuY33CaseOEfnXcVNFTIfl2S8TAxYqC0KEcCJ+y NmtTWLUHCWqc0hTBbGuS0PBybK2blm5AmA== X-Received: by 2002:adf:b60c:: with SMTP id f12mr129771122wre.231.1565024542003; Mon, 05 Aug 2019 10:02:22 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:21 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 26/30] crypto: des - remove unused function Date: Mon, 5 Aug 2019 20:00:33 +0300 Message-Id: <20190805170037.31330-27-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Remove the old DES3 verification functions that are no longer used. Signed-off-by: Ard Biesheuvel --- include/crypto/des.h | 41 -------------------- 1 file changed, 41 deletions(-) -- 2.17.1 diff --git a/include/crypto/des.h b/include/crypto/des.h index 72c7c8e5a5a7..31b04ba835b1 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -19,47 +19,6 @@ #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE -static inline int __des3_verify_key(u32 *flags, const u8 *key) -{ - int err = -EINVAL; - u32 K[6]; - - memcpy(K, key, DES3_EDE_KEY_SIZE); - - if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || - !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (fips_enabled || - (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) - goto bad; - - if (unlikely(!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) - goto bad; - - err = 0; - -out: - memzero_explicit(K, DES3_EDE_KEY_SIZE); - - return err; - -bad: - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - goto out; -} - -static inline int des3_verify_key(struct crypto_skcipher *tfm, const u8 *key) -{ - u32 flags; - int err; - - flags = crypto_skcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - crypto_skcipher_set_flags(tfm, flags); - return err; -} - -extern unsigned long des_ekey(u32 *pe, const u8 *k); - extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen); From patchwork Mon Aug 5 17:00:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170607 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538855ile; Mon, 5 Aug 2019 10:02:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqx9+LZDEbVE+irYAyalu8AEG3u36dtffQWKZ+t+ecqb/g6PTzKzKPkI31Ltswnv5kw6fauf X-Received: by 2002:a17:902:968c:: with SMTP id n12mr16236807plp.59.1565024556598; Mon, 05 Aug 2019 10:02:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024556; cv=none; d=google.com; s=arc-20160816; b=SKZE1eWKDbUN4hq4RBxNUlNi1/D8ou7ix/aGRwXHQQKRuaQj3jIlikEpeL1vZb3trT dTMSSXJjU6q19VibhrWh7uQlwN1pm9CBrda5bihxil1TTHJz7YGXGirdntuNWUmVQ7Tg ZmJ4TGTs7bWw+S3O1U8J6MLuSGEwB35cvcaii5m01D6pd9dLjU6YComzjKkktpnlYMh0 hVmcXnmkeIQ60Bs5qbqY1vBePQCfQ8vJovXj+8GNG5zDHsCw+9n0RGa17txXWd4mC7L7 wqZCuDTYaXnVod7ngTs1GSlqNKA5FWXeILfbtxsr7QLGUgOpRHIQfM9c/78Zxue3534T hBKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=xnWrz0km9D1W45iE2lk+tVo/87VmRHO8CoCeiVyC+1A=; b=V04XQLP7hllVQqYBL+0Y/tzHpZloNNPTJ2kT/AglT/NhQ4Art6yqrOGDOFk9Tl3lXr TgNmqfQ8T+IEbMP8SYiab1G3D1HdnwLmFuGe2rViYX4XmEuCHLwyAwAVfJeinxGekS7v LbCpoxsvTC/h08TDNIWoLN2oFyk5gP/j7K2xpyeHO2+1ixSbzfx2ef6HM3kROpIZjwTI 180TPLNv4wPXL33MVEM6yom+elCJA7hlAIoMop1LWq9Hc25uUb74QxPWzy7lbwfPwW7d /rk0v9jFcdUZet1LKhReOgwnEf0vu10xuJTbjv45J9gNkvJVq4jqw3AMUjjjM+2w3Yql ptlA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gS55waUd; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l63si46181371pfl.41.2019.08.05.10.02.36; Mon, 05 Aug 2019 10:02:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gS55waUd; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729919AbfHERCe (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:34 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:43291 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729914AbfHERCd (ORCPT ); Mon, 5 Aug 2019 13:02:33 -0400 Received: by mail-wr1-f66.google.com with SMTP id p13so10573546wru.10 for ; Mon, 05 Aug 2019 10:02:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=xnWrz0km9D1W45iE2lk+tVo/87VmRHO8CoCeiVyC+1A=; b=gS55waUdHgtxRcl7jY6a3ksQV3TUFpnsKKQsdkSP1fE5UISdc2R1siddJAfa8FHAe4 pKWSiiW1OdoGRaHiJk9aEgGQqlu03d/yqGpm93z6RKGKhbcOlGhJb/Tk7CbS3vYBFr0q c6MrvjOZ4fF9QEM4t+T+RQYJzRBRH6eCkgzynx2KQfkKltLJFtD4+ThbiGFK5TWyL4ok w7qyUwK/PggtsYUG3gA5hLimNwgKF1tyuhK8AhmAkHKOREHviHhBvDn5gAlHZwtcphgY oasXC0qfsgvvzZjyCG3HxIEtKg94ZwNb9ZdwxQnf/QxTmuEEJtZc3nW++26vwDo56Fm4 //mQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=xnWrz0km9D1W45iE2lk+tVo/87VmRHO8CoCeiVyC+1A=; b=FQ4VP4+a8RMUXOIxD1Jz6WMYnjD0lrp7cyGOZPxHQbJXbe2sN4O2tBzFXth8cEHhB+ 1ft8lyhJdM2E50aHyuoQ+r77XCKLig2b7TRgIKvyxCnos3nF3uys22oomdaaopWRxlNe nui/TAVkFzEhaeUJo3GqU6+5E9vEN1RGPYQqcgNlFrO93uQGzAv1qAJ5tdC7hv5F2Aoy j9mJvQtwxaHfMddM4AL60neEL8xLEk+QUIprMTc+YTWrbWoi4vs9fw5TIXkKKlDizmPb lN6Pw2tM+luwzVn15p0EqHejH2pHtIPkar4f471WzyS3haobwEGp18fXlV4kbICiaM85 SWYw== X-Gm-Message-State: APjAAAX7pYMbzE59W3GFrtY/wmE5vD347TsKJi2chYbqr8eGOsazfLlE to/Vwx0iD/BWot2leo7XknackwFfwg7jXQ== X-Received: by 2002:a5d:6949:: with SMTP id r9mr154624659wrw.73.1565024546783; Mon, 05 Aug 2019 10:02:26 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:26 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 27/30] crypto: des - split off DES library from generic DES cipher driver Date: Mon, 5 Aug 2019 20:00:34 +0300 Message-Id: <20190805170037.31330-28-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Another one for the cipher museum: split off DES core processing into a separate module so other drivers (mostly for crypto accelerators) can reuse the code without pulling in the generic DES cipher itself. This will also permit the cipher interface to be made private to the crypto API itself once we move the only user in the kernel (CIFS) to this library interface. Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 2 +- crypto/Kconfig | 8 +- crypto/des_generic.c | 917 +------------------- drivers/crypto/Kconfig | 28 +- drivers/crypto/caam/Kconfig | 2 +- drivers/crypto/cavium/nitrox/Kconfig | 2 +- drivers/crypto/inside-secure/safexcel_cipher.c | 2 +- drivers/crypto/stm32/Kconfig | 2 +- drivers/crypto/ux500/Kconfig | 2 +- include/crypto/des.h | 43 +- include/crypto/internal/des.h | 67 +- lib/crypto/Makefile | 3 + lib/crypto/des.c | 902 +++++++++++++++++++ 13 files changed, 1052 insertions(+), 928 deletions(-) -- 2.17.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index ec608babc22b..f730a312ce35 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -11,7 +11,7 @@ */ #include -#include +#include #include #include #include diff --git a/crypto/Kconfig b/crypto/Kconfig index 8880c1fc51d8..6e01525edad3 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1301,9 +1301,13 @@ config CRYPTO_CAST6_AVX_X86_64 This module provides the Cast6 cipher algorithm that processes eight blocks parallel using the AVX instruction set. +config CRYPTO_LIB_DES + tristate + config CRYPTO_DES tristate "DES and Triple DES EDE cipher algorithms" select CRYPTO_ALGAPI + select CRYPTO_LIB_DES help DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). @@ -1311,7 +1315,7 @@ config CRYPTO_DES_SPARC64 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" depends on SPARC64 select CRYPTO_ALGAPI - select CRYPTO_DES + select CRYPTO_LIB_DES help DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), optimized using SPARC64 crypto opcodes. @@ -1320,7 +1324,7 @@ config CRYPTO_DES3_EDE_X86_64 tristate "Triple DES EDE cipher algorithm (x86-64)" depends on X86 && 64BIT select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help Triple DES EDE (FIPS 46-3) algorithm. diff --git a/crypto/des_generic.c b/crypto/des_generic.c index 2a4484c8803c..e021a321f584 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -13,832 +13,42 @@ #include #include #include -#include -#include - -#define ROL(x, r) ((x) = rol32((x), (r))) -#define ROR(x, r) ((x) = ror32((x), (r))) - -struct des_ctx { - u32 expkey[DES_EXPKEY_WORDS]; -}; - -struct des3_ede_ctx { - u32 expkey[DES3_EDE_EXPKEY_WORDS]; -}; - -/* Lookup tables for key expansion */ - -static const u8 pc1[256] = { - 0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14, - 0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54, - 0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16, - 0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56, - 0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c, - 0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c, - 0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e, - 0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e, - 0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34, - 0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74, - 0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36, - 0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76, - 0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c, - 0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c, - 0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e, - 0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e, - 0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94, - 0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4, - 0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96, - 0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6, - 0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c, - 0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc, - 0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e, - 0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde, - 0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4, - 0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4, - 0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6, - 0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6, - 0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc, - 0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc, - 0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe, - 0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe -}; - -static const u8 rs[256] = { - 0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82, - 0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86, - 0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a, - 0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e, - 0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92, - 0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96, - 0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a, - 0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e, - 0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2, - 0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6, - 0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa, - 0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae, - 0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2, - 0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6, - 0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba, - 0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe, - 0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2, - 0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6, - 0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca, - 0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce, - 0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2, - 0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6, - 0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda, - 0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde, - 0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2, - 0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6, - 0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea, - 0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee, - 0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2, - 0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6, - 0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa, - 0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe -}; - -static const u32 pc2[1024] = { - 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00040000, 0x00000000, 0x04000000, 0x00100000, - 0x00400000, 0x00000008, 0x00000800, 0x40000000, - 0x00440000, 0x00000008, 0x04000800, 0x40100000, - 0x00000400, 0x00000020, 0x08000000, 0x00000100, - 0x00040400, 0x00000020, 0x0c000000, 0x00100100, - 0x00400400, 0x00000028, 0x08000800, 0x40000100, - 0x00440400, 0x00000028, 0x0c000800, 0x40100100, - 0x80000000, 0x00000010, 0x00000000, 0x00800000, - 0x80040000, 0x00000010, 0x04000000, 0x00900000, - 0x80400000, 0x00000018, 0x00000800, 0x40800000, - 0x80440000, 0x00000018, 0x04000800, 0x40900000, - 0x80000400, 0x00000030, 0x08000000, 0x00800100, - 0x80040400, 0x00000030, 0x0c000000, 0x00900100, - 0x80400400, 0x00000038, 0x08000800, 0x40800100, - 0x80440400, 0x00000038, 0x0c000800, 0x40900100, - 0x10000000, 0x00000000, 0x00200000, 0x00001000, - 0x10040000, 0x00000000, 0x04200000, 0x00101000, - 0x10400000, 0x00000008, 0x00200800, 0x40001000, - 0x10440000, 0x00000008, 0x04200800, 0x40101000, - 0x10000400, 0x00000020, 0x08200000, 0x00001100, - 0x10040400, 0x00000020, 0x0c200000, 0x00101100, - 0x10400400, 0x00000028, 0x08200800, 0x40001100, - 0x10440400, 0x00000028, 0x0c200800, 0x40101100, - 0x90000000, 0x00000010, 0x00200000, 0x00801000, - 0x90040000, 0x00000010, 0x04200000, 0x00901000, - 0x90400000, 0x00000018, 0x00200800, 0x40801000, - 0x90440000, 0x00000018, 0x04200800, 0x40901000, - 0x90000400, 0x00000030, 0x08200000, 0x00801100, - 0x90040400, 0x00000030, 0x0c200000, 0x00901100, - 0x90400400, 0x00000038, 0x08200800, 0x40801100, - 0x90440400, 0x00000038, 0x0c200800, 0x40901100, - 0x00000200, 0x00080000, 0x00000000, 0x00000004, - 0x00040200, 0x00080000, 0x04000000, 0x00100004, - 0x00400200, 0x00080008, 0x00000800, 0x40000004, - 0x00440200, 0x00080008, 0x04000800, 0x40100004, - 0x00000600, 0x00080020, 0x08000000, 0x00000104, - 0x00040600, 0x00080020, 0x0c000000, 0x00100104, - 0x00400600, 0x00080028, 0x08000800, 0x40000104, - 0x00440600, 0x00080028, 0x0c000800, 0x40100104, - 0x80000200, 0x00080010, 0x00000000, 0x00800004, - 0x80040200, 0x00080010, 0x04000000, 0x00900004, - 0x80400200, 0x00080018, 0x00000800, 0x40800004, - 0x80440200, 0x00080018, 0x04000800, 0x40900004, - 0x80000600, 0x00080030, 0x08000000, 0x00800104, - 0x80040600, 0x00080030, 0x0c000000, 0x00900104, - 0x80400600, 0x00080038, 0x08000800, 0x40800104, - 0x80440600, 0x00080038, 0x0c000800, 0x40900104, - 0x10000200, 0x00080000, 0x00200000, 0x00001004, - 0x10040200, 0x00080000, 0x04200000, 0x00101004, - 0x10400200, 0x00080008, 0x00200800, 0x40001004, - 0x10440200, 0x00080008, 0x04200800, 0x40101004, - 0x10000600, 0x00080020, 0x08200000, 0x00001104, - 0x10040600, 0x00080020, 0x0c200000, 0x00101104, - 0x10400600, 0x00080028, 0x08200800, 0x40001104, - 0x10440600, 0x00080028, 0x0c200800, 0x40101104, - 0x90000200, 0x00080010, 0x00200000, 0x00801004, - 0x90040200, 0x00080010, 0x04200000, 0x00901004, - 0x90400200, 0x00080018, 0x00200800, 0x40801004, - 0x90440200, 0x00080018, 0x04200800, 0x40901004, - 0x90000600, 0x00080030, 0x08200000, 0x00801104, - 0x90040600, 0x00080030, 0x0c200000, 0x00901104, - 0x90400600, 0x00080038, 0x08200800, 0x40801104, - 0x90440600, 0x00080038, 0x0c200800, 0x40901104, - 0x00000002, 0x00002000, 0x20000000, 0x00000001, - 0x00040002, 0x00002000, 0x24000000, 0x00100001, - 0x00400002, 0x00002008, 0x20000800, 0x40000001, - 0x00440002, 0x00002008, 0x24000800, 0x40100001, - 0x00000402, 0x00002020, 0x28000000, 0x00000101, - 0x00040402, 0x00002020, 0x2c000000, 0x00100101, - 0x00400402, 0x00002028, 0x28000800, 0x40000101, - 0x00440402, 0x00002028, 0x2c000800, 0x40100101, - 0x80000002, 0x00002010, 0x20000000, 0x00800001, - 0x80040002, 0x00002010, 0x24000000, 0x00900001, - 0x80400002, 0x00002018, 0x20000800, 0x40800001, - 0x80440002, 0x00002018, 0x24000800, 0x40900001, - 0x80000402, 0x00002030, 0x28000000, 0x00800101, - 0x80040402, 0x00002030, 0x2c000000, 0x00900101, - 0x80400402, 0x00002038, 0x28000800, 0x40800101, - 0x80440402, 0x00002038, 0x2c000800, 0x40900101, - 0x10000002, 0x00002000, 0x20200000, 0x00001001, - 0x10040002, 0x00002000, 0x24200000, 0x00101001, - 0x10400002, 0x00002008, 0x20200800, 0x40001001, - 0x10440002, 0x00002008, 0x24200800, 0x40101001, - 0x10000402, 0x00002020, 0x28200000, 0x00001101, - 0x10040402, 0x00002020, 0x2c200000, 0x00101101, - 0x10400402, 0x00002028, 0x28200800, 0x40001101, - 0x10440402, 0x00002028, 0x2c200800, 0x40101101, - 0x90000002, 0x00002010, 0x20200000, 0x00801001, - 0x90040002, 0x00002010, 0x24200000, 0x00901001, - 0x90400002, 0x00002018, 0x20200800, 0x40801001, - 0x90440002, 0x00002018, 0x24200800, 0x40901001, - 0x90000402, 0x00002030, 0x28200000, 0x00801101, - 0x90040402, 0x00002030, 0x2c200000, 0x00901101, - 0x90400402, 0x00002038, 0x28200800, 0x40801101, - 0x90440402, 0x00002038, 0x2c200800, 0x40901101, - 0x00000202, 0x00082000, 0x20000000, 0x00000005, - 0x00040202, 0x00082000, 0x24000000, 0x00100005, - 0x00400202, 0x00082008, 0x20000800, 0x40000005, - 0x00440202, 0x00082008, 0x24000800, 0x40100005, - 0x00000602, 0x00082020, 0x28000000, 0x00000105, - 0x00040602, 0x00082020, 0x2c000000, 0x00100105, - 0x00400602, 0x00082028, 0x28000800, 0x40000105, - 0x00440602, 0x00082028, 0x2c000800, 0x40100105, - 0x80000202, 0x00082010, 0x20000000, 0x00800005, - 0x80040202, 0x00082010, 0x24000000, 0x00900005, - 0x80400202, 0x00082018, 0x20000800, 0x40800005, - 0x80440202, 0x00082018, 0x24000800, 0x40900005, - 0x80000602, 0x00082030, 0x28000000, 0x00800105, - 0x80040602, 0x00082030, 0x2c000000, 0x00900105, - 0x80400602, 0x00082038, 0x28000800, 0x40800105, - 0x80440602, 0x00082038, 0x2c000800, 0x40900105, - 0x10000202, 0x00082000, 0x20200000, 0x00001005, - 0x10040202, 0x00082000, 0x24200000, 0x00101005, - 0x10400202, 0x00082008, 0x20200800, 0x40001005, - 0x10440202, 0x00082008, 0x24200800, 0x40101005, - 0x10000602, 0x00082020, 0x28200000, 0x00001105, - 0x10040602, 0x00082020, 0x2c200000, 0x00101105, - 0x10400602, 0x00082028, 0x28200800, 0x40001105, - 0x10440602, 0x00082028, 0x2c200800, 0x40101105, - 0x90000202, 0x00082010, 0x20200000, 0x00801005, - 0x90040202, 0x00082010, 0x24200000, 0x00901005, - 0x90400202, 0x00082018, 0x20200800, 0x40801005, - 0x90440202, 0x00082018, 0x24200800, 0x40901005, - 0x90000602, 0x00082030, 0x28200000, 0x00801105, - 0x90040602, 0x00082030, 0x2c200000, 0x00901105, - 0x90400602, 0x00082038, 0x28200800, 0x40801105, - 0x90440602, 0x00082038, 0x2c200800, 0x40901105, - - 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00000000, 0x00000008, 0x00080000, 0x10000000, - 0x02000000, 0x00000000, 0x00000080, 0x00001000, - 0x02000000, 0x00000008, 0x00080080, 0x10001000, - 0x00004000, 0x00000000, 0x00000040, 0x00040000, - 0x00004000, 0x00000008, 0x00080040, 0x10040000, - 0x02004000, 0x00000000, 0x000000c0, 0x00041000, - 0x02004000, 0x00000008, 0x000800c0, 0x10041000, - 0x00020000, 0x00008000, 0x08000000, 0x00200000, - 0x00020000, 0x00008008, 0x08080000, 0x10200000, - 0x02020000, 0x00008000, 0x08000080, 0x00201000, - 0x02020000, 0x00008008, 0x08080080, 0x10201000, - 0x00024000, 0x00008000, 0x08000040, 0x00240000, - 0x00024000, 0x00008008, 0x08080040, 0x10240000, - 0x02024000, 0x00008000, 0x080000c0, 0x00241000, - 0x02024000, 0x00008008, 0x080800c0, 0x10241000, - 0x00000000, 0x01000000, 0x00002000, 0x00000020, - 0x00000000, 0x01000008, 0x00082000, 0x10000020, - 0x02000000, 0x01000000, 0x00002080, 0x00001020, - 0x02000000, 0x01000008, 0x00082080, 0x10001020, - 0x00004000, 0x01000000, 0x00002040, 0x00040020, - 0x00004000, 0x01000008, 0x00082040, 0x10040020, - 0x02004000, 0x01000000, 0x000020c0, 0x00041020, - 0x02004000, 0x01000008, 0x000820c0, 0x10041020, - 0x00020000, 0x01008000, 0x08002000, 0x00200020, - 0x00020000, 0x01008008, 0x08082000, 0x10200020, - 0x02020000, 0x01008000, 0x08002080, 0x00201020, - 0x02020000, 0x01008008, 0x08082080, 0x10201020, - 0x00024000, 0x01008000, 0x08002040, 0x00240020, - 0x00024000, 0x01008008, 0x08082040, 0x10240020, - 0x02024000, 0x01008000, 0x080020c0, 0x00241020, - 0x02024000, 0x01008008, 0x080820c0, 0x10241020, - 0x00000400, 0x04000000, 0x00100000, 0x00000004, - 0x00000400, 0x04000008, 0x00180000, 0x10000004, - 0x02000400, 0x04000000, 0x00100080, 0x00001004, - 0x02000400, 0x04000008, 0x00180080, 0x10001004, - 0x00004400, 0x04000000, 0x00100040, 0x00040004, - 0x00004400, 0x04000008, 0x00180040, 0x10040004, - 0x02004400, 0x04000000, 0x001000c0, 0x00041004, - 0x02004400, 0x04000008, 0x001800c0, 0x10041004, - 0x00020400, 0x04008000, 0x08100000, 0x00200004, - 0x00020400, 0x04008008, 0x08180000, 0x10200004, - 0x02020400, 0x04008000, 0x08100080, 0x00201004, - 0x02020400, 0x04008008, 0x08180080, 0x10201004, - 0x00024400, 0x04008000, 0x08100040, 0x00240004, - 0x00024400, 0x04008008, 0x08180040, 0x10240004, - 0x02024400, 0x04008000, 0x081000c0, 0x00241004, - 0x02024400, 0x04008008, 0x081800c0, 0x10241004, - 0x00000400, 0x05000000, 0x00102000, 0x00000024, - 0x00000400, 0x05000008, 0x00182000, 0x10000024, - 0x02000400, 0x05000000, 0x00102080, 0x00001024, - 0x02000400, 0x05000008, 0x00182080, 0x10001024, - 0x00004400, 0x05000000, 0x00102040, 0x00040024, - 0x00004400, 0x05000008, 0x00182040, 0x10040024, - 0x02004400, 0x05000000, 0x001020c0, 0x00041024, - 0x02004400, 0x05000008, 0x001820c0, 0x10041024, - 0x00020400, 0x05008000, 0x08102000, 0x00200024, - 0x00020400, 0x05008008, 0x08182000, 0x10200024, - 0x02020400, 0x05008000, 0x08102080, 0x00201024, - 0x02020400, 0x05008008, 0x08182080, 0x10201024, - 0x00024400, 0x05008000, 0x08102040, 0x00240024, - 0x00024400, 0x05008008, 0x08182040, 0x10240024, - 0x02024400, 0x05008000, 0x081020c0, 0x00241024, - 0x02024400, 0x05008008, 0x081820c0, 0x10241024, - 0x00000800, 0x00010000, 0x20000000, 0x00000010, - 0x00000800, 0x00010008, 0x20080000, 0x10000010, - 0x02000800, 0x00010000, 0x20000080, 0x00001010, - 0x02000800, 0x00010008, 0x20080080, 0x10001010, - 0x00004800, 0x00010000, 0x20000040, 0x00040010, - 0x00004800, 0x00010008, 0x20080040, 0x10040010, - 0x02004800, 0x00010000, 0x200000c0, 0x00041010, - 0x02004800, 0x00010008, 0x200800c0, 0x10041010, - 0x00020800, 0x00018000, 0x28000000, 0x00200010, - 0x00020800, 0x00018008, 0x28080000, 0x10200010, - 0x02020800, 0x00018000, 0x28000080, 0x00201010, - 0x02020800, 0x00018008, 0x28080080, 0x10201010, - 0x00024800, 0x00018000, 0x28000040, 0x00240010, - 0x00024800, 0x00018008, 0x28080040, 0x10240010, - 0x02024800, 0x00018000, 0x280000c0, 0x00241010, - 0x02024800, 0x00018008, 0x280800c0, 0x10241010, - 0x00000800, 0x01010000, 0x20002000, 0x00000030, - 0x00000800, 0x01010008, 0x20082000, 0x10000030, - 0x02000800, 0x01010000, 0x20002080, 0x00001030, - 0x02000800, 0x01010008, 0x20082080, 0x10001030, - 0x00004800, 0x01010000, 0x20002040, 0x00040030, - 0x00004800, 0x01010008, 0x20082040, 0x10040030, - 0x02004800, 0x01010000, 0x200020c0, 0x00041030, - 0x02004800, 0x01010008, 0x200820c0, 0x10041030, - 0x00020800, 0x01018000, 0x28002000, 0x00200030, - 0x00020800, 0x01018008, 0x28082000, 0x10200030, - 0x02020800, 0x01018000, 0x28002080, 0x00201030, - 0x02020800, 0x01018008, 0x28082080, 0x10201030, - 0x00024800, 0x01018000, 0x28002040, 0x00240030, - 0x00024800, 0x01018008, 0x28082040, 0x10240030, - 0x02024800, 0x01018000, 0x280020c0, 0x00241030, - 0x02024800, 0x01018008, 0x280820c0, 0x10241030, - 0x00000c00, 0x04010000, 0x20100000, 0x00000014, - 0x00000c00, 0x04010008, 0x20180000, 0x10000014, - 0x02000c00, 0x04010000, 0x20100080, 0x00001014, - 0x02000c00, 0x04010008, 0x20180080, 0x10001014, - 0x00004c00, 0x04010000, 0x20100040, 0x00040014, - 0x00004c00, 0x04010008, 0x20180040, 0x10040014, - 0x02004c00, 0x04010000, 0x201000c0, 0x00041014, - 0x02004c00, 0x04010008, 0x201800c0, 0x10041014, - 0x00020c00, 0x04018000, 0x28100000, 0x00200014, - 0x00020c00, 0x04018008, 0x28180000, 0x10200014, - 0x02020c00, 0x04018000, 0x28100080, 0x00201014, - 0x02020c00, 0x04018008, 0x28180080, 0x10201014, - 0x00024c00, 0x04018000, 0x28100040, 0x00240014, - 0x00024c00, 0x04018008, 0x28180040, 0x10240014, - 0x02024c00, 0x04018000, 0x281000c0, 0x00241014, - 0x02024c00, 0x04018008, 0x281800c0, 0x10241014, - 0x00000c00, 0x05010000, 0x20102000, 0x00000034, - 0x00000c00, 0x05010008, 0x20182000, 0x10000034, - 0x02000c00, 0x05010000, 0x20102080, 0x00001034, - 0x02000c00, 0x05010008, 0x20182080, 0x10001034, - 0x00004c00, 0x05010000, 0x20102040, 0x00040034, - 0x00004c00, 0x05010008, 0x20182040, 0x10040034, - 0x02004c00, 0x05010000, 0x201020c0, 0x00041034, - 0x02004c00, 0x05010008, 0x201820c0, 0x10041034, - 0x00020c00, 0x05018000, 0x28102000, 0x00200034, - 0x00020c00, 0x05018008, 0x28182000, 0x10200034, - 0x02020c00, 0x05018000, 0x28102080, 0x00201034, - 0x02020c00, 0x05018008, 0x28182080, 0x10201034, - 0x00024c00, 0x05018000, 0x28102040, 0x00240034, - 0x00024c00, 0x05018008, 0x28182040, 0x10240034, - 0x02024c00, 0x05018000, 0x281020c0, 0x00241034, - 0x02024c00, 0x05018008, 0x281820c0, 0x10241034 -}; - -/* S-box lookup tables */ - -static const u32 S1[64] = { - 0x01010400, 0x00000000, 0x00010000, 0x01010404, - 0x01010004, 0x00010404, 0x00000004, 0x00010000, - 0x00000400, 0x01010400, 0x01010404, 0x00000400, - 0x01000404, 0x01010004, 0x01000000, 0x00000004, - 0x00000404, 0x01000400, 0x01000400, 0x00010400, - 0x00010400, 0x01010000, 0x01010000, 0x01000404, - 0x00010004, 0x01000004, 0x01000004, 0x00010004, - 0x00000000, 0x00000404, 0x00010404, 0x01000000, - 0x00010000, 0x01010404, 0x00000004, 0x01010000, - 0x01010400, 0x01000000, 0x01000000, 0x00000400, - 0x01010004, 0x00010000, 0x00010400, 0x01000004, - 0x00000400, 0x00000004, 0x01000404, 0x00010404, - 0x01010404, 0x00010004, 0x01010000, 0x01000404, - 0x01000004, 0x00000404, 0x00010404, 0x01010400, - 0x00000404, 0x01000400, 0x01000400, 0x00000000, - 0x00010004, 0x00010400, 0x00000000, 0x01010004 -}; - -static const u32 S2[64] = { - 0x80108020, 0x80008000, 0x00008000, 0x00108020, - 0x00100000, 0x00000020, 0x80100020, 0x80008020, - 0x80000020, 0x80108020, 0x80108000, 0x80000000, - 0x80008000, 0x00100000, 0x00000020, 0x80100020, - 0x00108000, 0x00100020, 0x80008020, 0x00000000, - 0x80000000, 0x00008000, 0x00108020, 0x80100000, - 0x00100020, 0x80000020, 0x00000000, 0x00108000, - 0x00008020, 0x80108000, 0x80100000, 0x00008020, - 0x00000000, 0x00108020, 0x80100020, 0x00100000, - 0x80008020, 0x80100000, 0x80108000, 0x00008000, - 0x80100000, 0x80008000, 0x00000020, 0x80108020, - 0x00108020, 0x00000020, 0x00008000, 0x80000000, - 0x00008020, 0x80108000, 0x00100000, 0x80000020, - 0x00100020, 0x80008020, 0x80000020, 0x00100020, - 0x00108000, 0x00000000, 0x80008000, 0x00008020, - 0x80000000, 0x80100020, 0x80108020, 0x00108000 -}; - -static const u32 S3[64] = { - 0x00000208, 0x08020200, 0x00000000, 0x08020008, - 0x08000200, 0x00000000, 0x00020208, 0x08000200, - 0x00020008, 0x08000008, 0x08000008, 0x00020000, - 0x08020208, 0x00020008, 0x08020000, 0x00000208, - 0x08000000, 0x00000008, 0x08020200, 0x00000200, - 0x00020200, 0x08020000, 0x08020008, 0x00020208, - 0x08000208, 0x00020200, 0x00020000, 0x08000208, - 0x00000008, 0x08020208, 0x00000200, 0x08000000, - 0x08020200, 0x08000000, 0x00020008, 0x00000208, - 0x00020000, 0x08020200, 0x08000200, 0x00000000, - 0x00000200, 0x00020008, 0x08020208, 0x08000200, - 0x08000008, 0x00000200, 0x00000000, 0x08020008, - 0x08000208, 0x00020000, 0x08000000, 0x08020208, - 0x00000008, 0x00020208, 0x00020200, 0x08000008, - 0x08020000, 0x08000208, 0x00000208, 0x08020000, - 0x00020208, 0x00000008, 0x08020008, 0x00020200 -}; - -static const u32 S4[64] = { - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802080, 0x00800081, 0x00800001, 0x00002001, - 0x00000000, 0x00802000, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00800080, 0x00800001, - 0x00000001, 0x00002000, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002001, 0x00002080, - 0x00800081, 0x00000001, 0x00002080, 0x00800080, - 0x00002000, 0x00802080, 0x00802081, 0x00000081, - 0x00800080, 0x00800001, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00000000, 0x00802000, - 0x00002080, 0x00800080, 0x00800081, 0x00000001, - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802081, 0x00000081, 0x00000001, 0x00002000, - 0x00800001, 0x00002001, 0x00802080, 0x00800081, - 0x00002001, 0x00002080, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002000, 0x00802080 -}; - -static const u32 S5[64] = { - 0x00000100, 0x02080100, 0x02080000, 0x42000100, - 0x00080000, 0x00000100, 0x40000000, 0x02080000, - 0x40080100, 0x00080000, 0x02000100, 0x40080100, - 0x42000100, 0x42080000, 0x00080100, 0x40000000, - 0x02000000, 0x40080000, 0x40080000, 0x00000000, - 0x40000100, 0x42080100, 0x42080100, 0x02000100, - 0x42080000, 0x40000100, 0x00000000, 0x42000000, - 0x02080100, 0x02000000, 0x42000000, 0x00080100, - 0x00080000, 0x42000100, 0x00000100, 0x02000000, - 0x40000000, 0x02080000, 0x42000100, 0x40080100, - 0x02000100, 0x40000000, 0x42080000, 0x02080100, - 0x40080100, 0x00000100, 0x02000000, 0x42080000, - 0x42080100, 0x00080100, 0x42000000, 0x42080100, - 0x02080000, 0x00000000, 0x40080000, 0x42000000, - 0x00080100, 0x02000100, 0x40000100, 0x00080000, - 0x00000000, 0x40080000, 0x02080100, 0x40000100 -}; - -static const u32 S6[64] = { - 0x20000010, 0x20400000, 0x00004000, 0x20404010, - 0x20400000, 0x00000010, 0x20404010, 0x00400000, - 0x20004000, 0x00404010, 0x00400000, 0x20000010, - 0x00400010, 0x20004000, 0x20000000, 0x00004010, - 0x00000000, 0x00400010, 0x20004010, 0x00004000, - 0x00404000, 0x20004010, 0x00000010, 0x20400010, - 0x20400010, 0x00000000, 0x00404010, 0x20404000, - 0x00004010, 0x00404000, 0x20404000, 0x20000000, - 0x20004000, 0x00000010, 0x20400010, 0x00404000, - 0x20404010, 0x00400000, 0x00004010, 0x20000010, - 0x00400000, 0x20004000, 0x20000000, 0x00004010, - 0x20000010, 0x20404010, 0x00404000, 0x20400000, - 0x00404010, 0x20404000, 0x00000000, 0x20400010, - 0x00000010, 0x00004000, 0x20400000, 0x00404010, - 0x00004000, 0x00400010, 0x20004010, 0x00000000, - 0x20404000, 0x20000000, 0x00400010, 0x20004010 -}; - -static const u32 S7[64] = { - 0x00200000, 0x04200002, 0x04000802, 0x00000000, - 0x00000800, 0x04000802, 0x00200802, 0x04200800, - 0x04200802, 0x00200000, 0x00000000, 0x04000002, - 0x00000002, 0x04000000, 0x04200002, 0x00000802, - 0x04000800, 0x00200802, 0x00200002, 0x04000800, - 0x04000002, 0x04200000, 0x04200800, 0x00200002, - 0x04200000, 0x00000800, 0x00000802, 0x04200802, - 0x00200800, 0x00000002, 0x04000000, 0x00200800, - 0x04000000, 0x00200800, 0x00200000, 0x04000802, - 0x04000802, 0x04200002, 0x04200002, 0x00000002, - 0x00200002, 0x04000000, 0x04000800, 0x00200000, - 0x04200800, 0x00000802, 0x00200802, 0x04200800, - 0x00000802, 0x04000002, 0x04200802, 0x04200000, - 0x00200800, 0x00000000, 0x00000002, 0x04200802, - 0x00000000, 0x00200802, 0x04200000, 0x00000800, - 0x04000002, 0x04000800, 0x00000800, 0x00200002 -}; - -static const u32 S8[64] = { - 0x10001040, 0x00001000, 0x00040000, 0x10041040, - 0x10000000, 0x10001040, 0x00000040, 0x10000000, - 0x00040040, 0x10040000, 0x10041040, 0x00041000, - 0x10041000, 0x00041040, 0x00001000, 0x00000040, - 0x10040000, 0x10000040, 0x10001000, 0x00001040, - 0x00041000, 0x00040040, 0x10040040, 0x10041000, - 0x00001040, 0x00000000, 0x00000000, 0x10040040, - 0x10000040, 0x10001000, 0x00041040, 0x00040000, - 0x00041040, 0x00040000, 0x10041000, 0x00001000, - 0x00000040, 0x10040040, 0x00001000, 0x00041040, - 0x10001000, 0x00000040, 0x10000040, 0x10040000, - 0x10040040, 0x10000000, 0x00040000, 0x10001040, - 0x00000000, 0x10041040, 0x00040040, 0x10000040, - 0x10040000, 0x10001000, 0x10001040, 0x00000000, - 0x10041040, 0x00041000, 0x00041000, 0x00001040, - 0x00001040, 0x00040040, 0x10000000, 0x10041000 -}; - -/* Encryption components: IP, FP, and round function */ - -#define IP(L, R, T) \ - ROL(R, 4); \ - T = L; \ - L ^= R; \ - L &= 0xf0f0f0f0; \ - R ^= L; \ - L ^= T; \ - ROL(R, 12); \ - T = L; \ - L ^= R; \ - L &= 0xffff0000; \ - R ^= L; \ - L ^= T; \ - ROR(R, 14); \ - T = L; \ - L ^= R; \ - L &= 0xcccccccc; \ - R ^= L; \ - L ^= T; \ - ROL(R, 6); \ - T = L; \ - L ^= R; \ - L &= 0xff00ff00; \ - R ^= L; \ - L ^= T; \ - ROR(R, 7); \ - T = L; \ - L ^= R; \ - L &= 0xaaaaaaaa; \ - R ^= L; \ - L ^= T; \ - ROL(L, 1); - -#define FP(L, R, T) \ - ROR(L, 1); \ - T = L; \ - L ^= R; \ - L &= 0xaaaaaaaa; \ - R ^= L; \ - L ^= T; \ - ROL(R, 7); \ - T = L; \ - L ^= R; \ - L &= 0xff00ff00; \ - R ^= L; \ - L ^= T; \ - ROR(R, 6); \ - T = L; \ - L ^= R; \ - L &= 0xcccccccc; \ - R ^= L; \ - L ^= T; \ - ROL(R, 14); \ - T = L; \ - L ^= R; \ - L &= 0xffff0000; \ - R ^= L; \ - L ^= T; \ - ROR(R, 12); \ - T = L; \ - L ^= R; \ - L &= 0xf0f0f0f0; \ - R ^= L; \ - L ^= T; \ - ROR(R, 4); - -#define ROUND(L, R, A, B, K, d) \ - B = K[0]; A = K[1]; K += d; \ - B ^= R; A ^= R; \ - B &= 0x3f3f3f3f; ROR(A, 4); \ - L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \ - L ^= S6[0xff & (B >> 8)]; B >>= 16; \ - L ^= S7[0xff & A]; \ - L ^= S5[0xff & (A >> 8)]; A >>= 16; \ - L ^= S4[0xff & B]; \ - L ^= S2[0xff & (B >> 8)]; \ - L ^= S3[0xff & A]; \ - L ^= S1[0xff & (A >> 8)]; - -/* - * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved - * tables of 128 elements. One set is for C_i and the other for D_i, while - * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i. - * - * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i - * or D_i in bits 7-1 (bit 0 being the least significant). - */ - -#define T1(x) pt[2 * (x) + 0] -#define T2(x) pt[2 * (x) + 1] -#define T3(x) pt[2 * (x) + 2] -#define T4(x) pt[2 * (x) + 3] - -#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) - -/* - * Encryption key expansion - * - * RFC2451: Weak key checks SHOULD be performed. - * - * FIPS 74: - * - * Keys having duals are keys which produce all zeros, all ones, or - * alternating zero-one patterns in the C and D registers after Permuted - * Choice 1 has operated on the key. - * - */ -unsigned long des_ekey(u32 *pe, const u8 *k) -{ - /* K&R: long is at least 32 bits */ - unsigned long a, b, c, d, w; - const u32 *pt = pc2; - - d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; - c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; - b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; - a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; - - pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; - pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; - pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); - - /* Check if first half is weak */ - w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); - - /* Skip to next table set */ - pt += 512; - - d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; - c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; - b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; - a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; - - /* Check if second half is weak */ - w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); - - pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; - pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; - pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); - - /* Fixup: 2413 5768 -> 1357 2468 */ - for (d = 0; d < 16; ++d) { - a = pe[2 * d]; - b = pe[2 * d + 1]; - c = a ^ b; - c &= 0xffff0000; - a ^= c; - b ^= c; - ROL(b, 18); - pe[2 * d] = a; - pe[2 * d + 1] = b; - } - - /* Zero if weak key */ - return w; -} -EXPORT_SYMBOL_GPL(des_ekey); - -/* - * Decryption key expansion - * - * No weak key checking is performed, as this is only used by triple DES - * - */ -static void dkey(u32 *pe, const u8 *k) -{ - /* K&R: long is at least 32 bits */ - unsigned long a, b, c, d; - const u32 *pt = pc2; - - d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; - c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; - b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; - a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; - - pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; - pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; - pe[15 * 2] = DES_PC2(b, c, d, a); - - /* Skip to next table set */ - pt += 512; - - d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; - c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; - b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; - a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; - - pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; - pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; - pe[15 * 2 + 1] = DES_PC2(b, c, d, a); - - /* Fixup: 2413 5768 -> 1357 2468 */ - for (d = 0; d < 16; ++d) { - a = pe[2 * d]; - b = pe[2 * d + 1]; - c = a ^ b; - c &= 0xffff0000; - a ^= c; - b ^= c; - ROL(b, 18); - pe[2 * d] = a; - pe[2 * d + 1] = b; - } -} +#include static int des_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - /* Expand to tmp */ - ret = des_ekey(tmp, key); + int err; - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; + err = des_expand_key(dctx, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; } - /* Copy to output */ - memcpy(dctx->expkey, tmp, sizeof(dctx->expkey)); - - return 0; + if (err) { + memset(dctx, 0, sizeof(*dctx)); + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + } + return err; } -static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { - struct des_ctx *ctx = crypto_tfm_ctx(tfm); - const u32 *K = ctx->expkey; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); - - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - FP(R, L, A); + const struct des_ctx *dctx = crypto_tfm_ctx(tfm); - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des_encrypt(dctx, dst, src); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { - struct des_ctx *ctx = crypto_tfm_ctx(tfm); - const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + const struct des_ctx *dctx = crypto_tfm_ctx(tfm); - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des_decrypt(dctx, dst, src); } int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, @@ -858,76 +68,37 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *expkey = dctx->expkey; int err; - err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); - if (err) - return err; + err = des3_ede_expand_key(dctx, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; + } - return __des3_ede_setkey(expkey, flags, key, keylen); + if (err) { + memset(dctx, 0, sizeof(*dctx)); + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + } + return err; } -static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, + const u8 *src) { - struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - const u32 *K = dctx->expkey; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - for (i = 0; i < 8; i++) { - ROUND(R, L, A, B, K, 2); - ROUND(L, R, A, B, K, 2); - } - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des3_ede_encrypt(dctx, dst, src); } -static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, + const u8 *src) { - struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); - - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - for (i = 0; i < 8; i++) { - ROUND(R, L, A, B, K, -2); - ROUND(L, R, A, B, K, -2); - } - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - FP(R, L, A); + const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des3_ede_decrypt(dctx, dst, src); } static struct crypto_alg des_algs[2] = { { @@ -938,13 +109,12 @@ static struct crypto_alg des_algs[2] = { { .cra_blocksize = DES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct des_ctx), .cra_module = THIS_MODULE, - .cra_alignmask = 3, .cra_u = { .cipher = { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_setkey, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt } } + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt } } }, { .cra_name = "des3_ede", .cra_driver_name = "des3_ede-generic", @@ -953,13 +123,12 @@ static struct crypto_alg des_algs[2] = { { .cra_blocksize = DES3_EDE_BLOCK_SIZE, .cra_ctxsize = sizeof(struct des3_ede_ctx), .cra_module = THIS_MODULE, - .cra_alignmask = 3, .cra_u = { .cipher = { .cia_min_keysize = DES3_EDE_KEY_SIZE, .cia_max_keysize = DES3_EDE_KEY_SIZE, .cia_setkey = des3_ede_setkey, - .cia_encrypt = des3_ede_encrypt, - .cia_decrypt = des3_ede_decrypt } } + .cia_encrypt = crypto_des3_ede_encrypt, + .cia_decrypt = crypto_des3_ede_decrypt } } } }; static int __init des_generic_mod_init(void) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index b8c50871f11b..5cd6e3d12bac 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -150,7 +150,7 @@ config CRYPTO_DES_S390 depends on S390 select CRYPTO_ALGAPI select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help This is the s390 hardware accelerated implementation of the DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). @@ -215,7 +215,7 @@ config CRYPTO_DEV_MARVELL_CESA tristate "Marvell's Cryptographic Engine driver" depends on PLAT_ORION || ARCH_MVEBU select CRYPTO_LIB_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_HASH select SRAM @@ -227,7 +227,7 @@ config CRYPTO_DEV_MARVELL_CESA config CRYPTO_DEV_NIAGARA2 tristate "Niagara2 Stream Processing Unit driver" - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_HASH select CRYPTO_MD5 @@ -244,7 +244,7 @@ config CRYPTO_DEV_NIAGARA2 config CRYPTO_DEV_HIFN_795X tristate "Driver HIFN 795x crypto accelerator chips" - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select HW_RANDOM if CRYPTO_DEV_HIFN_795X_RNG depends on PCI @@ -300,7 +300,7 @@ config CRYPTO_DEV_TALITOS2 config CRYPTO_DEV_IXP4XX tristate "Driver for IXP4xx crypto hardware acceleration" depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER @@ -366,7 +366,7 @@ config CRYPTO_DEV_OMAP_AES config CRYPTO_DEV_OMAP_DES tristate "Support for OMAP DES/3DES hw engine" depends on ARCH_OMAP2PLUS - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_ENGINE help @@ -384,7 +384,7 @@ config CRYPTO_DEV_PICOXCELL select CRYPTO_AES select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_CBC select CRYPTO_ECB select CRYPTO_SEQIV @@ -497,7 +497,7 @@ config CRYPTO_DEV_ATMEL_AES config CRYPTO_DEV_ATMEL_TDES tristate "Support for Atmel DES/TDES hw accelerator" depends on ARCH_AT91 || COMPILE_TEST - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER help Some Atmel processors have DES/TDES hw accelerator. @@ -595,7 +595,7 @@ config CRYPTO_DEV_QCE depends on ARCH_QCOM || COMPILE_TEST depends on HAS_IOMEM select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_ECB select CRYPTO_CBC select CRYPTO_XTS @@ -643,7 +643,7 @@ config CRYPTO_DEV_SUN4I_SS select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER help Some Allwinner SoC have a crypto accelerator named @@ -666,7 +666,7 @@ config CRYPTO_DEV_ROCKCHIP tristate "Rockchip's Cryptographic Engine driver" depends on OF && ARCH_ROCKCHIP select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 @@ -703,7 +703,7 @@ config CRYPTO_DEV_BCM_SPU depends on MAILBOX default m select CRYPTO_AUTHENC - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 @@ -722,7 +722,7 @@ config CRYPTO_DEV_SAFEXCEL select CRYPTO_LIB_AES select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_HASH select CRYPTO_HMAC select CRYPTO_MD5 @@ -760,7 +760,7 @@ config CRYPTO_DEV_CCREE default n select CRYPTO_HASH select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_SHA1 diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig index 3720ddabb507..4a358391b6cb 100644 --- a/drivers/crypto/caam/Kconfig +++ b/drivers/crypto/caam/Kconfig @@ -98,7 +98,7 @@ config CRYPTO_DEV_FSL_CAAM_CRYPTO_API select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help Selecting this will offload crypto for users of the scatterlist crypto API (such as the linux native IPSec diff --git a/drivers/crypto/cavium/nitrox/Kconfig b/drivers/crypto/cavium/nitrox/Kconfig index dab162af41b8..7b1e751bb9cd 100644 --- a/drivers/crypto/cavium/nitrox/Kconfig +++ b/drivers/crypto/cavium/nitrox/Kconfig @@ -6,7 +6,7 @@ config CRYPTO_DEV_NITROX tristate select CRYPTO_BLKCIPHER select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select FW_LOADER config CRYPTO_DEV_NITROX_CNN55XX diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index b49e7587ba07..f410caadf508 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -12,7 +12,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig index d6576280fc9b..1aba9372cd23 100644 --- a/drivers/crypto/stm32/Kconfig +++ b/drivers/crypto/stm32/Kconfig @@ -25,7 +25,7 @@ config CRYPTO_DEV_STM32_CRYP depends on ARCH_STM32 select CRYPTO_HASH select CRYPTO_ENGINE - select CRYPTO_DES + select CRYPTO_LIB_DES help This enables support for the CRYP (AES/DES/TDES) hw accelerator which can be found on STMicroelectronics STM32 SOC. diff --git a/drivers/crypto/ux500/Kconfig b/drivers/crypto/ux500/Kconfig index 349d34eaac13..b1c6f739f77b 100644 --- a/drivers/crypto/ux500/Kconfig +++ b/drivers/crypto/ux500/Kconfig @@ -9,7 +9,7 @@ config CRYPTO_DEV_UX500_CRYP depends on CRYPTO_DEV_UX500 select CRYPTO_ALGAPI select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help This selects the crypto driver for the UX500_CRYP hardware. It supports AES-ECB, CBC and CTR with keys sizes of 128, 192 and 256 bit sizes. diff --git a/include/crypto/des.h b/include/crypto/des.h index 31b04ba835b1..2c864a4e6707 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -6,10 +6,7 @@ #ifndef __CRYPTO_DES_H #define __CRYPTO_DES_H -#include -#include -#include -#include +#include #define DES_KEY_SIZE 8 #define DES_EXPKEY_WORDS 32 @@ -19,6 +16,44 @@ #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE +struct des_ctx { + u32 expkey[DES_EXPKEY_WORDS]; +}; + +struct des3_ede_ctx { + u32 expkey[DES3_EDE_EXPKEY_WORDS]; +}; + +void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src); +void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src); + +void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src); +void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src); + +/** + * des_expand_key - Expand a DES input key into a key schedule + * @ctx: the key schedule + * @key: buffer containing the input key + * @len: size of the buffer contents + * + * Returns 0 on success, -EINVAL if the input key is rejected and -ENOKEY if + * the key is accepted but has been found to be weak. + */ +int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen); + +/** + * des3_ede_expand_key - Expand a triple DES input key into a key schedule + * @ctx: the key schedule + * @key: buffer containing the input key + * @len: size of the buffer contents + * + * Returns 0 on success, -EINVAL if the input key is rejected and -ENOKEY if + * the key is accepted but has been found to be weak. Note that weak keys will + * be rejected (and -EINVAL will be returned) when running in FIPS mode. + */ +int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, + unsigned int keylen); + extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen); diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h index aad576bad8ad..33f0bb0fabed 100644 --- a/include/crypto/internal/des.h +++ b/include/crypto/internal/des.h @@ -23,18 +23,21 @@ */ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) { - u32 tmp[DES_EXPKEY_WORDS]; - int err = 0; + struct des_ctx tmp; + int err; - if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) - return 0; + err = des_expand_key(&tmp, key, DES_KEY_SIZE); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; + } - if (!des_ekey(tmp, key)) { + if (err) crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - err = -EINVAL; - } - memzero_explicit(tmp, sizeof(tmp)); + memzero_explicit(&tmp, sizeof(tmp)); return err; } @@ -51,6 +54,28 @@ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) * property. * */ +static inline int des3_ede_verify_key(const u8 *key, unsigned int key_len, + bool check_weak) +{ + int ret = fips_enabled ? -EINVAL : -ENOKEY; + u32 K[6]; + + memcpy(K, key, DES3_EDE_KEY_SIZE); + + if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || + !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && + (fips_enabled || check_weak)) + goto bad; + + if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) + goto bad; + + ret = 0; +bad: + memzero_explicit(K, DES3_EDE_KEY_SIZE); + + return ret; +} /** * crypto_des3_ede_verify_key - Check whether a DES3-EDE is weak @@ -68,28 +93,14 @@ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, const u8 *key) { - int err = -EINVAL; - u32 K[6]; - - memcpy(K, key, DES3_EDE_KEY_SIZE); - - if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || - !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (fips_enabled || (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) - goto bad; - - if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) - goto bad; + int err; - err = 0; -out: - memzero_explicit(K, DES3_EDE_KEY_SIZE); + err = des3_ede_verify_key(key, DES3_EDE_KEY_SIZE, + crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); + if (err) + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); return err; - -bad: - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - goto out; } #endif /* __CRYPTO_INTERNAL_DES_H */ diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index 42a91c62d96d..101a321b8a99 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -5,3 +5,6 @@ libaes-y := aes.o obj-$(CONFIG_CRYPTO_LIB_ARC4) += libarc4.o libarc4-y := arc4.o + +obj-$(CONFIG_CRYPTO_LIB_DES) += libdes.o +libdes-y := des.o diff --git a/lib/crypto/des.c b/lib/crypto/des.c new file mode 100644 index 000000000000..ef5bb8822aba --- /dev/null +++ b/lib/crypto/des.c @@ -0,0 +1,902 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Cryptographic API. + * + * DES & Triple DES EDE Cipher Algorithms. + * + * Copyright (c) 2005 Dag Arne Osvik + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include + +#define ROL(x, r) ((x) = rol32((x), (r))) +#define ROR(x, r) ((x) = ror32((x), (r))) + +/* Lookup tables for key expansion */ + +static const u8 pc1[256] = { + 0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14, + 0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54, + 0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16, + 0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56, + 0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c, + 0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c, + 0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e, + 0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e, + 0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34, + 0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74, + 0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36, + 0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76, + 0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c, + 0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c, + 0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e, + 0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e, + 0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94, + 0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4, + 0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96, + 0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6, + 0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c, + 0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc, + 0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e, + 0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde, + 0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4, + 0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4, + 0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6, + 0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6, + 0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc, + 0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc, + 0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe, + 0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe +}; + +static const u8 rs[256] = { + 0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82, + 0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86, + 0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a, + 0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e, + 0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92, + 0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96, + 0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a, + 0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e, + 0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2, + 0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6, + 0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa, + 0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae, + 0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2, + 0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6, + 0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba, + 0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe, + 0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2, + 0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6, + 0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca, + 0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce, + 0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2, + 0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6, + 0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda, + 0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde, + 0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2, + 0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6, + 0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea, + 0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee, + 0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2, + 0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6, + 0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa, + 0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe +}; + +static const u32 pc2[1024] = { + 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00040000, 0x00000000, 0x04000000, 0x00100000, + 0x00400000, 0x00000008, 0x00000800, 0x40000000, + 0x00440000, 0x00000008, 0x04000800, 0x40100000, + 0x00000400, 0x00000020, 0x08000000, 0x00000100, + 0x00040400, 0x00000020, 0x0c000000, 0x00100100, + 0x00400400, 0x00000028, 0x08000800, 0x40000100, + 0x00440400, 0x00000028, 0x0c000800, 0x40100100, + 0x80000000, 0x00000010, 0x00000000, 0x00800000, + 0x80040000, 0x00000010, 0x04000000, 0x00900000, + 0x80400000, 0x00000018, 0x00000800, 0x40800000, + 0x80440000, 0x00000018, 0x04000800, 0x40900000, + 0x80000400, 0x00000030, 0x08000000, 0x00800100, + 0x80040400, 0x00000030, 0x0c000000, 0x00900100, + 0x80400400, 0x00000038, 0x08000800, 0x40800100, + 0x80440400, 0x00000038, 0x0c000800, 0x40900100, + 0x10000000, 0x00000000, 0x00200000, 0x00001000, + 0x10040000, 0x00000000, 0x04200000, 0x00101000, + 0x10400000, 0x00000008, 0x00200800, 0x40001000, + 0x10440000, 0x00000008, 0x04200800, 0x40101000, + 0x10000400, 0x00000020, 0x08200000, 0x00001100, + 0x10040400, 0x00000020, 0x0c200000, 0x00101100, + 0x10400400, 0x00000028, 0x08200800, 0x40001100, + 0x10440400, 0x00000028, 0x0c200800, 0x40101100, + 0x90000000, 0x00000010, 0x00200000, 0x00801000, + 0x90040000, 0x00000010, 0x04200000, 0x00901000, + 0x90400000, 0x00000018, 0x00200800, 0x40801000, + 0x90440000, 0x00000018, 0x04200800, 0x40901000, + 0x90000400, 0x00000030, 0x08200000, 0x00801100, + 0x90040400, 0x00000030, 0x0c200000, 0x00901100, + 0x90400400, 0x00000038, 0x08200800, 0x40801100, + 0x90440400, 0x00000038, 0x0c200800, 0x40901100, + 0x00000200, 0x00080000, 0x00000000, 0x00000004, + 0x00040200, 0x00080000, 0x04000000, 0x00100004, + 0x00400200, 0x00080008, 0x00000800, 0x40000004, + 0x00440200, 0x00080008, 0x04000800, 0x40100004, + 0x00000600, 0x00080020, 0x08000000, 0x00000104, + 0x00040600, 0x00080020, 0x0c000000, 0x00100104, + 0x00400600, 0x00080028, 0x08000800, 0x40000104, + 0x00440600, 0x00080028, 0x0c000800, 0x40100104, + 0x80000200, 0x00080010, 0x00000000, 0x00800004, + 0x80040200, 0x00080010, 0x04000000, 0x00900004, + 0x80400200, 0x00080018, 0x00000800, 0x40800004, + 0x80440200, 0x00080018, 0x04000800, 0x40900004, + 0x80000600, 0x00080030, 0x08000000, 0x00800104, + 0x80040600, 0x00080030, 0x0c000000, 0x00900104, + 0x80400600, 0x00080038, 0x08000800, 0x40800104, + 0x80440600, 0x00080038, 0x0c000800, 0x40900104, + 0x10000200, 0x00080000, 0x00200000, 0x00001004, + 0x10040200, 0x00080000, 0x04200000, 0x00101004, + 0x10400200, 0x00080008, 0x00200800, 0x40001004, + 0x10440200, 0x00080008, 0x04200800, 0x40101004, + 0x10000600, 0x00080020, 0x08200000, 0x00001104, + 0x10040600, 0x00080020, 0x0c200000, 0x00101104, + 0x10400600, 0x00080028, 0x08200800, 0x40001104, + 0x10440600, 0x00080028, 0x0c200800, 0x40101104, + 0x90000200, 0x00080010, 0x00200000, 0x00801004, + 0x90040200, 0x00080010, 0x04200000, 0x00901004, + 0x90400200, 0x00080018, 0x00200800, 0x40801004, + 0x90440200, 0x00080018, 0x04200800, 0x40901004, + 0x90000600, 0x00080030, 0x08200000, 0x00801104, + 0x90040600, 0x00080030, 0x0c200000, 0x00901104, + 0x90400600, 0x00080038, 0x08200800, 0x40801104, + 0x90440600, 0x00080038, 0x0c200800, 0x40901104, + 0x00000002, 0x00002000, 0x20000000, 0x00000001, + 0x00040002, 0x00002000, 0x24000000, 0x00100001, + 0x00400002, 0x00002008, 0x20000800, 0x40000001, + 0x00440002, 0x00002008, 0x24000800, 0x40100001, + 0x00000402, 0x00002020, 0x28000000, 0x00000101, + 0x00040402, 0x00002020, 0x2c000000, 0x00100101, + 0x00400402, 0x00002028, 0x28000800, 0x40000101, + 0x00440402, 0x00002028, 0x2c000800, 0x40100101, + 0x80000002, 0x00002010, 0x20000000, 0x00800001, + 0x80040002, 0x00002010, 0x24000000, 0x00900001, + 0x80400002, 0x00002018, 0x20000800, 0x40800001, + 0x80440002, 0x00002018, 0x24000800, 0x40900001, + 0x80000402, 0x00002030, 0x28000000, 0x00800101, + 0x80040402, 0x00002030, 0x2c000000, 0x00900101, + 0x80400402, 0x00002038, 0x28000800, 0x40800101, + 0x80440402, 0x00002038, 0x2c000800, 0x40900101, + 0x10000002, 0x00002000, 0x20200000, 0x00001001, + 0x10040002, 0x00002000, 0x24200000, 0x00101001, + 0x10400002, 0x00002008, 0x20200800, 0x40001001, + 0x10440002, 0x00002008, 0x24200800, 0x40101001, + 0x10000402, 0x00002020, 0x28200000, 0x00001101, + 0x10040402, 0x00002020, 0x2c200000, 0x00101101, + 0x10400402, 0x00002028, 0x28200800, 0x40001101, + 0x10440402, 0x00002028, 0x2c200800, 0x40101101, + 0x90000002, 0x00002010, 0x20200000, 0x00801001, + 0x90040002, 0x00002010, 0x24200000, 0x00901001, + 0x90400002, 0x00002018, 0x20200800, 0x40801001, + 0x90440002, 0x00002018, 0x24200800, 0x40901001, + 0x90000402, 0x00002030, 0x28200000, 0x00801101, + 0x90040402, 0x00002030, 0x2c200000, 0x00901101, + 0x90400402, 0x00002038, 0x28200800, 0x40801101, + 0x90440402, 0x00002038, 0x2c200800, 0x40901101, + 0x00000202, 0x00082000, 0x20000000, 0x00000005, + 0x00040202, 0x00082000, 0x24000000, 0x00100005, + 0x00400202, 0x00082008, 0x20000800, 0x40000005, + 0x00440202, 0x00082008, 0x24000800, 0x40100005, + 0x00000602, 0x00082020, 0x28000000, 0x00000105, + 0x00040602, 0x00082020, 0x2c000000, 0x00100105, + 0x00400602, 0x00082028, 0x28000800, 0x40000105, + 0x00440602, 0x00082028, 0x2c000800, 0x40100105, + 0x80000202, 0x00082010, 0x20000000, 0x00800005, + 0x80040202, 0x00082010, 0x24000000, 0x00900005, + 0x80400202, 0x00082018, 0x20000800, 0x40800005, + 0x80440202, 0x00082018, 0x24000800, 0x40900005, + 0x80000602, 0x00082030, 0x28000000, 0x00800105, + 0x80040602, 0x00082030, 0x2c000000, 0x00900105, + 0x80400602, 0x00082038, 0x28000800, 0x40800105, + 0x80440602, 0x00082038, 0x2c000800, 0x40900105, + 0x10000202, 0x00082000, 0x20200000, 0x00001005, + 0x10040202, 0x00082000, 0x24200000, 0x00101005, + 0x10400202, 0x00082008, 0x20200800, 0x40001005, + 0x10440202, 0x00082008, 0x24200800, 0x40101005, + 0x10000602, 0x00082020, 0x28200000, 0x00001105, + 0x10040602, 0x00082020, 0x2c200000, 0x00101105, + 0x10400602, 0x00082028, 0x28200800, 0x40001105, + 0x10440602, 0x00082028, 0x2c200800, 0x40101105, + 0x90000202, 0x00082010, 0x20200000, 0x00801005, + 0x90040202, 0x00082010, 0x24200000, 0x00901005, + 0x90400202, 0x00082018, 0x20200800, 0x40801005, + 0x90440202, 0x00082018, 0x24200800, 0x40901005, + 0x90000602, 0x00082030, 0x28200000, 0x00801105, + 0x90040602, 0x00082030, 0x2c200000, 0x00901105, + 0x90400602, 0x00082038, 0x28200800, 0x40801105, + 0x90440602, 0x00082038, 0x2c200800, 0x40901105, + + 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00000000, 0x00000008, 0x00080000, 0x10000000, + 0x02000000, 0x00000000, 0x00000080, 0x00001000, + 0x02000000, 0x00000008, 0x00080080, 0x10001000, + 0x00004000, 0x00000000, 0x00000040, 0x00040000, + 0x00004000, 0x00000008, 0x00080040, 0x10040000, + 0x02004000, 0x00000000, 0x000000c0, 0x00041000, + 0x02004000, 0x00000008, 0x000800c0, 0x10041000, + 0x00020000, 0x00008000, 0x08000000, 0x00200000, + 0x00020000, 0x00008008, 0x08080000, 0x10200000, + 0x02020000, 0x00008000, 0x08000080, 0x00201000, + 0x02020000, 0x00008008, 0x08080080, 0x10201000, + 0x00024000, 0x00008000, 0x08000040, 0x00240000, + 0x00024000, 0x00008008, 0x08080040, 0x10240000, + 0x02024000, 0x00008000, 0x080000c0, 0x00241000, + 0x02024000, 0x00008008, 0x080800c0, 0x10241000, + 0x00000000, 0x01000000, 0x00002000, 0x00000020, + 0x00000000, 0x01000008, 0x00082000, 0x10000020, + 0x02000000, 0x01000000, 0x00002080, 0x00001020, + 0x02000000, 0x01000008, 0x00082080, 0x10001020, + 0x00004000, 0x01000000, 0x00002040, 0x00040020, + 0x00004000, 0x01000008, 0x00082040, 0x10040020, + 0x02004000, 0x01000000, 0x000020c0, 0x00041020, + 0x02004000, 0x01000008, 0x000820c0, 0x10041020, + 0x00020000, 0x01008000, 0x08002000, 0x00200020, + 0x00020000, 0x01008008, 0x08082000, 0x10200020, + 0x02020000, 0x01008000, 0x08002080, 0x00201020, + 0x02020000, 0x01008008, 0x08082080, 0x10201020, + 0x00024000, 0x01008000, 0x08002040, 0x00240020, + 0x00024000, 0x01008008, 0x08082040, 0x10240020, + 0x02024000, 0x01008000, 0x080020c0, 0x00241020, + 0x02024000, 0x01008008, 0x080820c0, 0x10241020, + 0x00000400, 0x04000000, 0x00100000, 0x00000004, + 0x00000400, 0x04000008, 0x00180000, 0x10000004, + 0x02000400, 0x04000000, 0x00100080, 0x00001004, + 0x02000400, 0x04000008, 0x00180080, 0x10001004, + 0x00004400, 0x04000000, 0x00100040, 0x00040004, + 0x00004400, 0x04000008, 0x00180040, 0x10040004, + 0x02004400, 0x04000000, 0x001000c0, 0x00041004, + 0x02004400, 0x04000008, 0x001800c0, 0x10041004, + 0x00020400, 0x04008000, 0x08100000, 0x00200004, + 0x00020400, 0x04008008, 0x08180000, 0x10200004, + 0x02020400, 0x04008000, 0x08100080, 0x00201004, + 0x02020400, 0x04008008, 0x08180080, 0x10201004, + 0x00024400, 0x04008000, 0x08100040, 0x00240004, + 0x00024400, 0x04008008, 0x08180040, 0x10240004, + 0x02024400, 0x04008000, 0x081000c0, 0x00241004, + 0x02024400, 0x04008008, 0x081800c0, 0x10241004, + 0x00000400, 0x05000000, 0x00102000, 0x00000024, + 0x00000400, 0x05000008, 0x00182000, 0x10000024, + 0x02000400, 0x05000000, 0x00102080, 0x00001024, + 0x02000400, 0x05000008, 0x00182080, 0x10001024, + 0x00004400, 0x05000000, 0x00102040, 0x00040024, + 0x00004400, 0x05000008, 0x00182040, 0x10040024, + 0x02004400, 0x05000000, 0x001020c0, 0x00041024, + 0x02004400, 0x05000008, 0x001820c0, 0x10041024, + 0x00020400, 0x05008000, 0x08102000, 0x00200024, + 0x00020400, 0x05008008, 0x08182000, 0x10200024, + 0x02020400, 0x05008000, 0x08102080, 0x00201024, + 0x02020400, 0x05008008, 0x08182080, 0x10201024, + 0x00024400, 0x05008000, 0x08102040, 0x00240024, + 0x00024400, 0x05008008, 0x08182040, 0x10240024, + 0x02024400, 0x05008000, 0x081020c0, 0x00241024, + 0x02024400, 0x05008008, 0x081820c0, 0x10241024, + 0x00000800, 0x00010000, 0x20000000, 0x00000010, + 0x00000800, 0x00010008, 0x20080000, 0x10000010, + 0x02000800, 0x00010000, 0x20000080, 0x00001010, + 0x02000800, 0x00010008, 0x20080080, 0x10001010, + 0x00004800, 0x00010000, 0x20000040, 0x00040010, + 0x00004800, 0x00010008, 0x20080040, 0x10040010, + 0x02004800, 0x00010000, 0x200000c0, 0x00041010, + 0x02004800, 0x00010008, 0x200800c0, 0x10041010, + 0x00020800, 0x00018000, 0x28000000, 0x00200010, + 0x00020800, 0x00018008, 0x28080000, 0x10200010, + 0x02020800, 0x00018000, 0x28000080, 0x00201010, + 0x02020800, 0x00018008, 0x28080080, 0x10201010, + 0x00024800, 0x00018000, 0x28000040, 0x00240010, + 0x00024800, 0x00018008, 0x28080040, 0x10240010, + 0x02024800, 0x00018000, 0x280000c0, 0x00241010, + 0x02024800, 0x00018008, 0x280800c0, 0x10241010, + 0x00000800, 0x01010000, 0x20002000, 0x00000030, + 0x00000800, 0x01010008, 0x20082000, 0x10000030, + 0x02000800, 0x01010000, 0x20002080, 0x00001030, + 0x02000800, 0x01010008, 0x20082080, 0x10001030, + 0x00004800, 0x01010000, 0x20002040, 0x00040030, + 0x00004800, 0x01010008, 0x20082040, 0x10040030, + 0x02004800, 0x01010000, 0x200020c0, 0x00041030, + 0x02004800, 0x01010008, 0x200820c0, 0x10041030, + 0x00020800, 0x01018000, 0x28002000, 0x00200030, + 0x00020800, 0x01018008, 0x28082000, 0x10200030, + 0x02020800, 0x01018000, 0x28002080, 0x00201030, + 0x02020800, 0x01018008, 0x28082080, 0x10201030, + 0x00024800, 0x01018000, 0x28002040, 0x00240030, + 0x00024800, 0x01018008, 0x28082040, 0x10240030, + 0x02024800, 0x01018000, 0x280020c0, 0x00241030, + 0x02024800, 0x01018008, 0x280820c0, 0x10241030, + 0x00000c00, 0x04010000, 0x20100000, 0x00000014, + 0x00000c00, 0x04010008, 0x20180000, 0x10000014, + 0x02000c00, 0x04010000, 0x20100080, 0x00001014, + 0x02000c00, 0x04010008, 0x20180080, 0x10001014, + 0x00004c00, 0x04010000, 0x20100040, 0x00040014, + 0x00004c00, 0x04010008, 0x20180040, 0x10040014, + 0x02004c00, 0x04010000, 0x201000c0, 0x00041014, + 0x02004c00, 0x04010008, 0x201800c0, 0x10041014, + 0x00020c00, 0x04018000, 0x28100000, 0x00200014, + 0x00020c00, 0x04018008, 0x28180000, 0x10200014, + 0x02020c00, 0x04018000, 0x28100080, 0x00201014, + 0x02020c00, 0x04018008, 0x28180080, 0x10201014, + 0x00024c00, 0x04018000, 0x28100040, 0x00240014, + 0x00024c00, 0x04018008, 0x28180040, 0x10240014, + 0x02024c00, 0x04018000, 0x281000c0, 0x00241014, + 0x02024c00, 0x04018008, 0x281800c0, 0x10241014, + 0x00000c00, 0x05010000, 0x20102000, 0x00000034, + 0x00000c00, 0x05010008, 0x20182000, 0x10000034, + 0x02000c00, 0x05010000, 0x20102080, 0x00001034, + 0x02000c00, 0x05010008, 0x20182080, 0x10001034, + 0x00004c00, 0x05010000, 0x20102040, 0x00040034, + 0x00004c00, 0x05010008, 0x20182040, 0x10040034, + 0x02004c00, 0x05010000, 0x201020c0, 0x00041034, + 0x02004c00, 0x05010008, 0x201820c0, 0x10041034, + 0x00020c00, 0x05018000, 0x28102000, 0x00200034, + 0x00020c00, 0x05018008, 0x28182000, 0x10200034, + 0x02020c00, 0x05018000, 0x28102080, 0x00201034, + 0x02020c00, 0x05018008, 0x28182080, 0x10201034, + 0x00024c00, 0x05018000, 0x28102040, 0x00240034, + 0x00024c00, 0x05018008, 0x28182040, 0x10240034, + 0x02024c00, 0x05018000, 0x281020c0, 0x00241034, + 0x02024c00, 0x05018008, 0x281820c0, 0x10241034 +}; + +/* S-box lookup tables */ + +static const u32 S1[64] = { + 0x01010400, 0x00000000, 0x00010000, 0x01010404, + 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, + 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, + 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, + 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, + 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, + 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, + 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, + 0x00010004, 0x00010400, 0x00000000, 0x01010004 +}; + +static const u32 S2[64] = { + 0x80108020, 0x80008000, 0x00008000, 0x00108020, + 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, + 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, + 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, + 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, + 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, + 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, + 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, + 0x80000000, 0x80100020, 0x80108020, 0x00108000 +}; + +static const u32 S3[64] = { + 0x00000208, 0x08020200, 0x00000000, 0x08020008, + 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, + 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, + 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, + 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, + 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, + 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, + 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, + 0x00020208, 0x00000008, 0x08020008, 0x00020200 +}; + +static const u32 S4[64] = { + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, + 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, + 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002000, 0x00802080 +}; + +static const u32 S5[64] = { + 0x00000100, 0x02080100, 0x02080000, 0x42000100, + 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, + 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, + 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, + 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, + 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, + 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, + 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, + 0x00000000, 0x40080000, 0x02080100, 0x40000100 +}; + +static const u32 S6[64] = { + 0x20000010, 0x20400000, 0x00004000, 0x20404010, + 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, + 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, + 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, + 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, + 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, + 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, + 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, + 0x20404000, 0x20000000, 0x00400010, 0x20004010 +}; + +static const u32 S7[64] = { + 0x00200000, 0x04200002, 0x04000802, 0x00000000, + 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, + 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, + 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, + 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, + 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, + 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, + 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, + 0x04000002, 0x04000800, 0x00000800, 0x00200002 +}; + +static const u32 S8[64] = { + 0x10001040, 0x00001000, 0x00040000, 0x10041040, + 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, + 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, + 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, + 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, + 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, + 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, + 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, + 0x00001040, 0x00040040, 0x10000000, 0x10041000 +}; + +/* Encryption components: IP, FP, and round function */ + +#define IP(L, R, T) \ + ROL(R, 4); \ + T = L; \ + L ^= R; \ + L &= 0xf0f0f0f0; \ + R ^= L; \ + L ^= T; \ + ROL(R, 12); \ + T = L; \ + L ^= R; \ + L &= 0xffff0000; \ + R ^= L; \ + L ^= T; \ + ROR(R, 14); \ + T = L; \ + L ^= R; \ + L &= 0xcccccccc; \ + R ^= L; \ + L ^= T; \ + ROL(R, 6); \ + T = L; \ + L ^= R; \ + L &= 0xff00ff00; \ + R ^= L; \ + L ^= T; \ + ROR(R, 7); \ + T = L; \ + L ^= R; \ + L &= 0xaaaaaaaa; \ + R ^= L; \ + L ^= T; \ + ROL(L, 1); + +#define FP(L, R, T) \ + ROR(L, 1); \ + T = L; \ + L ^= R; \ + L &= 0xaaaaaaaa; \ + R ^= L; \ + L ^= T; \ + ROL(R, 7); \ + T = L; \ + L ^= R; \ + L &= 0xff00ff00; \ + R ^= L; \ + L ^= T; \ + ROR(R, 6); \ + T = L; \ + L ^= R; \ + L &= 0xcccccccc; \ + R ^= L; \ + L ^= T; \ + ROL(R, 14); \ + T = L; \ + L ^= R; \ + L &= 0xffff0000; \ + R ^= L; \ + L ^= T; \ + ROR(R, 12); \ + T = L; \ + L ^= R; \ + L &= 0xf0f0f0f0; \ + R ^= L; \ + L ^= T; \ + ROR(R, 4); + +#define ROUND(L, R, A, B, K, d) \ + B = K[0]; A = K[1]; K += d; \ + B ^= R; A ^= R; \ + B &= 0x3f3f3f3f; ROR(A, 4); \ + L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \ + L ^= S6[0xff & (B >> 8)]; B >>= 16; \ + L ^= S7[0xff & A]; \ + L ^= S5[0xff & (A >> 8)]; A >>= 16; \ + L ^= S4[0xff & B]; \ + L ^= S2[0xff & (B >> 8)]; \ + L ^= S3[0xff & A]; \ + L ^= S1[0xff & (A >> 8)]; + +/* + * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved + * tables of 128 elements. One set is for C_i and the other for D_i, while + * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i. + * + * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i + * or D_i in bits 7-1 (bit 0 being the least significant). + */ + +#define T1(x) pt[2 * (x) + 0] +#define T2(x) pt[2 * (x) + 1] +#define T3(x) pt[2 * (x) + 2] +#define T4(x) pt[2 * (x) + 3] + +#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) + +/* + * Encryption key expansion + * + * RFC2451: Weak key checks SHOULD be performed. + * + * FIPS 74: + * + * Keys having duals are keys which produce all zeros, all ones, or + * alternating zero-one patterns in the C and D registers after Permuted + * Choice 1 has operated on the key. + * + */ +static unsigned long des_ekey(u32 *pe, const u8 *k) +{ + /* K&R: long is at least 32 bits */ + unsigned long a, b, c, d, w; + const u32 *pt = pc2; + + d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; + c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; + b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; + a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; + + pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; + pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; + pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); + + /* Check if first half is weak */ + w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); + + /* Skip to next table set */ + pt += 512; + + d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; + c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; + b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; + a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; + + /* Check if second half is weak */ + w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); + + pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; + pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; + pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); + + /* Fixup: 2413 5768 -> 1357 2468 */ + for (d = 0; d < 16; ++d) { + a = pe[2 * d]; + b = pe[2 * d + 1]; + c = a ^ b; + c &= 0xffff0000; + a ^= c; + b ^= c; + ROL(b, 18); + pe[2 * d] = a; + pe[2 * d + 1] = b; + } + + /* Zero if weak key */ + return w; +} + +int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen) +{ + if (keylen != DES_KEY_SIZE) + return -EINVAL; + + return des_ekey(ctx->expkey, key) ? 0 : -ENOKEY; +} +EXPORT_SYMBOL_GPL(des_expand_key); + +/* + * Decryption key expansion + * + * No weak key checking is performed, as this is only used by triple DES + * + */ +static void dkey(u32 *pe, const u8 *k) +{ + /* K&R: long is at least 32 bits */ + unsigned long a, b, c, d; + const u32 *pt = pc2; + + d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; + c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; + b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; + a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; + + pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; + pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; + pe[15 * 2] = DES_PC2(b, c, d, a); + + /* Skip to next table set */ + pt += 512; + + d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; + c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; + b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; + a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; + + pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; + pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; + pe[15 * 2 + 1] = DES_PC2(b, c, d, a); + + /* Fixup: 2413 5768 -> 1357 2468 */ + for (d = 0; d < 16; ++d) { + a = pe[2 * d]; + b = pe[2 * d + 1]; + c = a ^ b; + c &= 0xffff0000; + a ^= c; + b ^= c; + ROL(b, 18); + pe[2 * d] = a; + pe[2 * d + 1] = b; + } +} + +void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src) +{ + const u32 *K = ctx->expkey; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des_encrypt); + +void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src) +{ + const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des_decrypt); + +int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, + unsigned int keylen) +{ + u32 *pe = ctx->expkey; + int err; + + if (keylen != DES3_EDE_KEY_SIZE) + return -EINVAL; + + err = des3_ede_verify_key(key, keylen, true); + if (err && err != -ENOKEY) + return err; + + des_ekey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + dkey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + des_ekey(pe, key); + + return err; +} +EXPORT_SYMBOL_GPL(des3_ede_expand_key); + +void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src) +{ + const u32 *K = dctx->expkey; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + for (i = 0; i < 8; i++) { + ROUND(R, L, A, B, K, 2); + ROUND(L, R, A, B, K, 2); + } + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des3_ede_encrypt); + +void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src) +{ + const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + for (i = 0; i < 8; i++) { + ROUND(R, L, A, B, K, -2); + ROUND(L, R, A, B, K, -2); + } + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des3_ede_decrypt); + +MODULE_LICENSE("GPL"); From patchwork Mon Aug 5 17:00:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170604 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538822ile; Mon, 5 Aug 2019 10:02:35 -0700 (PDT) X-Google-Smtp-Source: APXvYqzJYm8b7TPpST3d3Lfm7vCksRdYgUYd92uABTfsIFJ81Sjldvaqk861mLM6csxro9aIY70e X-Received: by 2002:a17:902:b698:: with SMTP id c24mr13999930pls.28.1565024555578; Mon, 05 Aug 2019 10:02:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024555; cv=none; d=google.com; s=arc-20160816; b=uxk7zUB2aKgMnKqpaOzV4cHDm9u94q0n8IYlcN1/o4hYk483ZWmH5mtN1rYDXUQVGB RwyH+Fu7eooFMDcmUkqFrvqJrDz9HxuvSSqCYtW26A5oQpIdhbq7D6TFiiWrmaQ7t+Db X6Lqr09DC8j6/PyupuBhFiGM4Dz/jHsqoHH2TdpnUCtaBdFHlHB23qcF0YLjlWK0HHby ch6TGJBDo7tCjvjhK0Yr+yvzyvL4tbUL3D4tedjIsUR+2A2yBgyLThblIaaWPbC0kFcU Bjoo/eG6WwIR12ynrwYNu+F8ZvJbBmkbhnausa0xG4GISVuJJmHOJHySYV6ula86zfKm fqng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=uMoPWG7ZtNqmAOxM6E+qCA9KIAAzgWl56JeFS/8CuPA=; b=CIcxBWUMwVR/ehtQaXmBIcWKEq7GfenRcryjOxiGa25QeF9QSbccSqGawNE1lbY0ve pQ20/wAiuvzmNqX6jRRbIVuleoW8PIXkyEbLmOr06IVe/Gj1lAiDEVIACfVfA1/m/BSk nOHpSNYm4SIxXLWTpkzeUFmj17II1A44wkbIGeGB2Wp5NfyzvKzdnEwZa29RKI/K636q I7XQzXivFlk+fv54oWCi8bTlnY2ROdxLTZqSacwVgRJ6dyYG8YqYQt9fVDOeEJ7uDgVX an4P2403G92hcVEFiB9Ph7yLkuhnklG6lj/PbF5UTLJ435VPoCiiBMsxR+q3RE3QTBAs ZysQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ufjjEcrg; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l63si46181371pfl.41.2019.08.05.10.02.35; Mon, 05 Aug 2019 10:02:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ufjjEcrg; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729957AbfHERCd (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:33 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:39561 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729919AbfHERCb (ORCPT ); Mon, 5 Aug 2019 13:02:31 -0400 Received: by mail-wr1-f68.google.com with SMTP id x4so31972029wrt.6 for ; Mon, 05 Aug 2019 10:02:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=uMoPWG7ZtNqmAOxM6E+qCA9KIAAzgWl56JeFS/8CuPA=; b=ufjjEcrg/2Jv/d51R7cDrKbAvrREURUhkX4Dfm8DPcIUtLmY4dZVWaMAoZVJw6ICvt qXvxQY/flcD10W88Et37euPeHlCIHbf+MMTotJLR7E6vulsQtPDM7atoBDXYwow/hOko 7a1R0jM6mtUahtGHTFtM8RPJo+ZxY24z1WLAv3CNyX8VQLrOKmIZNbdK3rHGM65pAqw4 RFjB4Yg1TbYEFjjgrcbHwaeQPjbzBL1FyEQ9dIkoHCvtPYCLe9SHdyMGFWjnAD1j96AB YnaXXgyZNrsqU5z/vbbFZ2/NY/Nv8SLUCt+ehWHdncO5OWu9T7vF+/Rsz12sIWD7DfZu umEQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=uMoPWG7ZtNqmAOxM6E+qCA9KIAAzgWl56JeFS/8CuPA=; b=cMl7l9+sha+FNdygJnD2Nodp/LHHZq9WA1suI8RTTKZwzQ+H+3cExRNGkDmstQeHYW Qe212pRDQs+sZ89FjkNx1WRUmfGtpZNjsVFeJ02UkbyA8zf+NCdJaOr7vuOojYtR5/oD jQsWe6L16byN8I0PzVe00J3ScZC854tvx4R+J4LLDPkJpv53lFx0yQjVC/LzogdPIOFI 1f3XgEEw+1IIKDKEUbsOW6lyEjP9yU6sYW/iNJTBwgtw1SoLRbreiJowXwBe+cqOxyS8 6glqzJtmHJMU12urh4BEK1hrX+C47P0n7a1PHgDFT6EwayJdH6wBzX/E1k31UQ9s0LzY hz/Q== X-Gm-Message-State: APjAAAWRGFNzMPc7e/w6RLThDFVe0R9jGD6tP5cKSNNC0OCzeCO0dNTp P8SiGKU/2JaXBX5jEKc6yLIAj7cbNwcD/w== X-Received: by 2002:adf:e343:: with SMTP id n3mr125259830wrj.103.1565024549785; Mon, 05 Aug 2019 10:02:29 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:29 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 28/30] crypto: x86/des - switch to library interface Date: Mon, 5 Aug 2019 20:00:35 +0300 Message-Id: <20190805170037.31330-29-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 42 +++++++++++--------- 1 file changed, 23 insertions(+), 19 deletions(-) -- 2.17.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index f730a312ce35..89830e531350 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -11,7 +11,7 @@ */ #include -#include +#include #include #include #include @@ -19,8 +19,8 @@ #include struct des3_ede_x86_ctx { - u32 enc_expkey[DES3_EDE_EXPKEY_WORDS]; - u32 dec_expkey[DES3_EDE_EXPKEY_WORDS]; + struct des3_ede_ctx enc; + struct des3_ede_ctx dec; }; /* regular block cipher functions */ @@ -34,7 +34,7 @@ asmlinkage void des3_ede_x86_64_crypt_blk_3way(const u32 *expkey, u8 *dst, static inline void des3_ede_enc_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *enc_ctx = ctx->enc_expkey; + u32 *enc_ctx = ctx->enc.expkey; des3_ede_x86_64_crypt_blk(enc_ctx, dst, src); } @@ -42,7 +42,7 @@ static inline void des3_ede_enc_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_dec_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *dec_ctx = ctx->dec_expkey; + u32 *dec_ctx = ctx->dec.expkey; des3_ede_x86_64_crypt_blk(dec_ctx, dst, src); } @@ -50,7 +50,7 @@ static inline void des3_ede_dec_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_enc_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *enc_ctx = ctx->enc_expkey; + u32 *enc_ctx = ctx->enc.expkey; des3_ede_x86_64_crypt_blk_3way(enc_ctx, dst, src); } @@ -58,7 +58,7 @@ static inline void des3_ede_enc_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_dec_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *dec_ctx = ctx->dec_expkey; + u32 *dec_ctx = ctx->dec.expkey; des3_ede_x86_64_crypt_blk_3way(dec_ctx, dst, src); } @@ -122,7 +122,7 @@ static int ecb_encrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct des3_ede_x86_ctx *ctx = crypto_skcipher_ctx(tfm); - return ecb_crypt(req, ctx->enc_expkey); + return ecb_crypt(req, ctx->enc.expkey); } static int ecb_decrypt(struct skcipher_request *req) @@ -130,7 +130,7 @@ static int ecb_decrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct des3_ede_x86_ctx *ctx = crypto_skcipher_ctx(tfm); - return ecb_crypt(req, ctx->dec_expkey); + return ecb_crypt(req, ctx->dec.expkey); } static unsigned int __cbc_encrypt(struct des3_ede_x86_ctx *ctx, @@ -348,24 +348,28 @@ static int des3_ede_x86_setkey(struct crypto_tfm *tfm, const u8 *key, u32 i, j, tmp; int err; - err = crypto_des3_ede_verify_key(tfm, key); - if (err) - return err; + err = des3_ede_expand_key(&ctx->enc, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; + } - /* Generate encryption context using generic implementation. */ - err = __des3_ede_setkey(ctx->enc_expkey, &tfm->crt_flags, key, keylen); - if (err < 0) + if (err) { + memset(ctx, 0, sizeof(*ctx)); return err; + } /* Fix encryption context for this implementation and form decryption * context. */ j = DES3_EDE_EXPKEY_WORDS - 2; for (i = 0; i < DES3_EDE_EXPKEY_WORDS; i += 2, j -= 2) { - tmp = ror32(ctx->enc_expkey[i + 1], 4); - ctx->enc_expkey[i + 1] = tmp; + tmp = ror32(ctx->enc.expkey[i + 1], 4); + ctx->enc.expkey[i + 1] = tmp; - ctx->dec_expkey[j + 0] = ctx->enc_expkey[i + 0]; - ctx->dec_expkey[j + 1] = tmp; + ctx->dec.expkey[j + 0] = ctx->enc.expkey[i + 0]; + ctx->dec.expkey[j + 1] = tmp; } return 0; From patchwork Mon Aug 5 17:00:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170605 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538861ile; Mon, 5 Aug 2019 10:02:37 -0700 (PDT) X-Google-Smtp-Source: APXvYqyS4c/4ZlnuYDn6hBuGR2LtsXZ26mSVSEKLDC41Xlypq6LQZ5zwhH5P2oNjpla9tNA1aT7Q X-Received: by 2002:a65:4205:: with SMTP id c5mr25994331pgq.267.1565024556964; Mon, 05 Aug 2019 10:02:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024556; cv=none; d=google.com; s=arc-20160816; b=YoJ/u3YR/6FM5x0S/zXFOtEqT6OVJb5KlYXkyJnE30UMQsMdt0RFby2F0ySF5rqYsP 8wiQQGB1LNaaNcV7lLU6vZiV+3krXRMXYpF9WUpGxD1h3AatMmP/hgbnreH7QdrOxXDa t7rqlRb549oE2PE1RSrKLdN1DoXoJrKO5wKlkYd6S3g627/KWpMwQqaS7vPX5+RBmHbr 34V3D0c5DKwGuFnFmxUijh5MJJSrgEU4vvzWj0vSaa2x/jB0DTmBWlEuhlIhfT8xl9lu U+e+iIEfYmoHa9XC5kRaNwQkbXv+lbcopfm08SqdwO4D+6hzzgrFwDedBDJU6KsZ/2vP j7Rg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=6OhjbF2M4HRdeN0EH1XAkAXt0Z8G30cJBFEK1XTbAV0=; b=c5DcZnW9kJbzFr8h8l1GvwYyrPYk1S8t1dXru5gcJeLeLR1JMGZiD666FV9zC5NNPU xZBJ32IxXT9jZDI9L6QTOSFy4y/k2hiRdwNBuz2PDvUHkvFvhC40WHtvs467tFfGPAR1 WvGMVZyvlwxbSeJBYPSy7eRU5/9cW3dal8n+rHoVgwKLjCWOGnknMPmNjCqTP3XdVNfI ds7rMzzTWbF92PsJK+ykBtPNb2QkREj+8k1Ir8jGUFo76NuUIU1uYOp8IU+DP1/y/6oQ v2GkcvQrR5iXqHL3rB+2zSgCo3y/hxbbA6GXX/RSVi2PEIR/0FyX5pVNzVoz0yI08HkV RJfw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ve7cF51U; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l63si46181371pfl.41.2019.08.05.10.02.36; Mon, 05 Aug 2019 10:02:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ve7cF51U; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729962AbfHERCf (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:35 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:53826 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729439AbfHERCe (ORCPT ); Mon, 5 Aug 2019 13:02:34 -0400 Received: by mail-wm1-f65.google.com with SMTP id x15so75470295wmj.3 for ; Mon, 05 Aug 2019 10:02:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=6OhjbF2M4HRdeN0EH1XAkAXt0Z8G30cJBFEK1XTbAV0=; b=ve7cF51UDM8GKtpnt3c0ZOMXwuYbMzLdGmkJNZFrwyl8m2/bvpwtP5076qo7fWKvzV moI1ez+/fU3iIaRuFnFS84anGgzFD2hxYtgFxMEIcZgcXBnYDDGDOnB54WCen6g2Ezjg YG80M/DYx5Di8X8gAPZyrsQ4PWG9uRn8eoXQgAh9CpU/K93MRSuKvBywUL1PKva7SBh5 639M7HQAWH/4F4Q2ed/94+SBZuhOKIIttFa2EFBRqDjJihpj5/7FGExqXylWyMNugXw2 1lTsd8wZh+0FWUtkqEIwEO25PbHsfJvIIsCeN6UTXFGduFv/ydTm0yESQvXQ/nn1Mw7O YxcA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=6OhjbF2M4HRdeN0EH1XAkAXt0Z8G30cJBFEK1XTbAV0=; b=siE6gLzSLv2iKtAmwCicPkhdhlOGzCPcqgqrSO7vArVi5IKccm0x3MkQCz9s1b/3mM dAKnwbA0cgF2kFOri+PiJF50qPbMJKJYlQ18I2zJkrZJyGe/HHFtfGNXrzIaA58sAp+o IIPT1R/ktRVrV2MvA4zbUi0C65WOKu9qiw5oJpOZgljfipWyFTWcSgSG6CeMfOKWB7JZ NfKHSB2Tk9+J58HoVjRj8DD2DN1nbqi6GUo7aj+wRfA6tfwn8gtugtWkZ/mN+MIwfQzz 69L138DLZ8tIGkKX+USC0bf0E0YCwGTlOAEGfuNBfQ544/e2VTkhEyh3M4vCWXeUAU/d WQwQ== X-Gm-Message-State: APjAAAU9nHhMxfQ0ZAaolNNpkdZf88oUD2uVkfhJIaREvFOtism5JpcA uTcFyoOP91QlOakxwyQpAFewYg0U+BtlIw== X-Received: by 2002:a1c:4054:: with SMTP id n81mr19962693wma.78.1565024552290; Mon, 05 Aug 2019 10:02:32 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:31 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 29/30] crypto: des - remove now unused __des3_ede_setkey() Date: Mon, 5 Aug 2019 20:00:36 +0300 Message-Id: <20190805170037.31330-30-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- crypto/des_generic.c | 13 ------------- include/crypto/des.h | 3 --- 2 files changed, 16 deletions(-) -- 2.17.1 diff --git a/crypto/des_generic.c b/crypto/des_generic.c index e021a321f584..6e13a4a29ecb 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -51,19 +51,6 @@ static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des_decrypt(dctx, dst, src); } -int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, - unsigned int keylen) -{ - int err; - - des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - des_ekey(expkey, key); - - return 0; -} -EXPORT_SYMBOL_GPL(__des3_ede_setkey); - static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/des.h b/include/crypto/des.h index 2c864a4e6707..7812b4331ae4 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -54,7 +54,4 @@ int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen); int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, unsigned int keylen); -extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, - unsigned int keylen); - #endif /* __CRYPTO_DES_H */ From patchwork Mon Aug 5 17:00:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 170606 Delivered-To: patch@linaro.org Received: by 2002:a92:512:0:0:0:0:0 with SMTP id q18csp4538881ile; Mon, 5 Aug 2019 10:02:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqw8sytWRDN5otUaPXqFevinIM11yRHTbFh7jxij18gOlnCQXIj4BjN6Nxy5/WrTLr6Yqf3b X-Received: by 2002:a17:90a:2627:: with SMTP id l36mr19653825pje.71.1565024558018; Mon, 05 Aug 2019 10:02:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565024558; cv=none; d=google.com; s=arc-20160816; b=SblYyLzBLfeqBCKUeBBUAp+eAXEd2hri0eh+8GVN7m5nwai1iQ3TvA8tbW2zHdmP2y Pu9nQ2IZdeH2+W0+0ErBlhGuIwNW0Ewr3yiOXKxNUv7BxrHND3YOGaGL72mlWg627/3i 0IP6oN9Wb4lwzouT2F5P6BKXI7hdlfw86U6mxecUCSoD6Y2Nquy0wis1lRY2JbHtXLuf gqczWsD9EfXvyO6cuTrKIVtySyZB027jiClMVW4erC02EkPDyfCZsPv/FmHVeWLImmkk Phzw9Gz4SuJZEFwiK7iohICWdooh/RsPfgF6cG0PayNGi8S/RaE1GN1M66kIcb9Q6oc/ JC7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=BotHPKD3g+g+mUZQ/dtkowLHJlOQtGFVF7+kbySZOcU=; b=T5bPTSDGF2e7dCYw4Au/1riSNK3IJPL5bocn6AjmmhTtT5VXs3PyNhIQxO+xelqO0P h+IL+nL+qmN4xLCkxP/GKNq3Z3w5pC2c01p7Dvvd+9jJ0somzD2SVdggzHyeOHdfYJjk 6+38iCn/VldD4L6iFPTD70xekODS+CAmkCnU4W+tVtpSdyJ7okQw8FeYU+dBelhO1A6c so8XhPp5ttMKxjEVC4FGz1mm3/1z3an61Ypx4jELs3IiF0Ck5zxjb9h0jInQBS7A4ocF +ejTxyWdLMuCSP4KbWSj/oJywgGAt1v2P0SKH9HV5B+jO+H01bc5Y7PQDe3VHSBuXfZW m0aA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=obbR8EMZ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l63si46181371pfl.41.2019.08.05.10.02.37; Mon, 05 Aug 2019 10:02:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=obbR8EMZ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729334AbfHERCh (ORCPT + 3 others); Mon, 5 Aug 2019 13:02:37 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:46569 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729914AbfHERCg (ORCPT ); Mon, 5 Aug 2019 13:02:36 -0400 Received: by mail-wr1-f66.google.com with SMTP id z1so85138707wru.13 for ; Mon, 05 Aug 2019 10:02:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=BotHPKD3g+g+mUZQ/dtkowLHJlOQtGFVF7+kbySZOcU=; b=obbR8EMZnX9a6vmvwBmSWBGnOOKN1dVJCGQ4ifjqJajW1phHKR4LOZA7JiismaEyz1 92MA1noE3SpLmLqwHS+E8ytPal+A7ID2yxssz1aVbouVCJociz2IC2UjHm9LWmXRPa3w Hm7tykA2xhBRF0S47SN17wyZkAm4T/K37yPOYSSvw4WqVSxhmFLRkM+JsJqdQl+/3YhK Mn9L4PyKH6b1yy5y8JCaeDkmLTnQ20EVo/MVul9dFlCn/ikynHw3tZJP32EEtooszfvt C6gFPdorWwsmgVV5YdiTm8YZWOoI2Bt5uGyyXVdgj6Ib6ZMmkinGlwN82GVXs1E0hpfx joGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=BotHPKD3g+g+mUZQ/dtkowLHJlOQtGFVF7+kbySZOcU=; b=R1aU3qUEMIS2c2vd6oi9qfLySa7XEnPxV4YGCrM6NWKPO4TthCXXGlUjZSU045f7i3 8QBzjIus6jcoWheXfFMNEQtPGzt3VZOUYssdBvfiL5z4vWvshGPtCnjxQB7wFwXt2Dov MvXtkeOl4QxgQAgOLOmYGFKTScVi4Fl8Crfc4Gz4xeoZB6EZWBf0ArAaxpq8rBWj2qAV Vxjs47KxpXD4MU7tqr0fYNi2H53kL4AXW8sTjHLtReRN/3Gospfo0QPesRLSgzOhiB2s 7KWmXQ6BQqV8AkUB8fKJtf1aytl9gJ7nrStm6onh8ITmPdhjsp3nq3N7sukvKTa6/rUk IdYw== X-Gm-Message-State: APjAAAVREYYHCh+t+8YgA7yIqFe8WaxyK/OP3J0qEsKu2by+0llKxTet HlohGBxSad4JcEcdxd4oy2D2gBKywXBVhw== X-Received: by 2002:adf:8364:: with SMTP id 91mr161963813wrd.13.1565024554417; Mon, 05 Aug 2019 10:02:34 -0700 (PDT) Received: from localhost.localdomain ([2a02:587:a407:da00:582f:8334:9cd9:7241]) by smtp.gmail.com with ESMTPSA id j9sm95669383wrn.81.2019.08.05.10.02.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Aug 2019 10:02:33 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v4 30/30] fs: cifs: move from the crypto cipher API to the new DES library interface Date: Mon, 5 Aug 2019 20:00:37 +0300 Message-Id: <20190805170037.31330-31-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190805170037.31330-1-ard.biesheuvel@linaro.org> References: <20190805170037.31330-1-ard.biesheuvel@linaro.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Some legacy code in the CIFS driver uses single DES to calculate some password hash, and uses the crypto cipher API to do so. Given that there is no point in invoking an accelerated cipher for doing 56-bit symmetric encryption on a single 8-byte block of input, the flexibility of the crypto cipher API does not add much value here, and so we're much better off using a library call into the generic C implementation. Signed-off-by: Ard Biesheuvel --- fs/cifs/Kconfig | 2 +- fs/cifs/cifsfs.c | 1 - fs/cifs/smbencrypt.c | 18 +++++++++--------- 3 files changed, 10 insertions(+), 11 deletions(-) -- 2.17.1 diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index b16219e5dac9..350bc3061656 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig @@ -16,7 +16,7 @@ config CIFS select CRYPTO_GCM select CRYPTO_ECB select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select KEYS help This is the client VFS module for the SMB3 family of NAS protocols, diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index 3289b566463f..4e2f74894e9b 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -1601,7 +1601,6 @@ MODULE_DESCRIPTION ("VFS to access SMB3 servers e.g. Samba, Macs, Azure and Windows (and " "also older servers complying with the SNIA CIFS Specification)"); MODULE_VERSION(CIFS_VERSION); -MODULE_SOFTDEP("pre: des"); MODULE_SOFTDEP("pre: ecb"); MODULE_SOFTDEP("pre: hmac"); MODULE_SOFTDEP("pre: md4"); diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c index 2b6d87bfdf8e..39a938443e3e 100644 --- a/fs/cifs/smbencrypt.c +++ b/fs/cifs/smbencrypt.c @@ -11,13 +11,14 @@ */ -#include #include #include +#include #include #include #include #include +#include #include "cifs_fs_sb.h" #include "cifs_unicode.h" #include "cifspdu.h" @@ -58,19 +59,18 @@ static int smbhash(unsigned char *out, const unsigned char *in, unsigned char *key) { unsigned char key2[8]; - struct crypto_cipher *tfm_des; + struct des_ctx ctx; str_to_key(key, key2); - tfm_des = crypto_alloc_cipher("des", 0, 0); - if (IS_ERR(tfm_des)) { - cifs_dbg(VFS, "could not allocate des crypto API\n"); - return PTR_ERR(tfm_des); + if (fips_enabled) { + cifs_dbg(VFS, "FIPS compliance enabled: DES not permitted\n"); + return -ENOENT; } - crypto_cipher_setkey(tfm_des, key2, 8); - crypto_cipher_encrypt_one(tfm_des, out, in); - crypto_free_cipher(tfm_des); + des_expand_key(&ctx, key2, DES_KEY_SIZE); + des_encrypt(&ctx, out, in); + memzero_explicit(&ctx, sizeof(ctx)); return 0; }