des - switch to new verification routines

Ard Biesheuvel Fri, 21 Jun 2019 17:32:28 -0700

Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
---
 drivers/crypto/ccree/cc_aead.c   | 15 ++++-----------
 drivers/crypto/ccree/cc_cipher.c | 12 +++---------
 2 files changed, 7 insertions(+), 20 deletions(-)


diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c
index 7aa4cbe19a86..254f5be1f49f 100644
--- a/drivers/crypto/ccree/cc_aead.c
+++ b/drivers/crypto/ccree/cc_aead.c
@@ -6,7 +6,7 @@
 #include <crypto/algapi.h>
 #include <crypto/internal/aead.h>
 #include <crypto/authenc.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
 #include <linux/rtnetlink.h>
 #include "cc_driver.h"
 #include "cc_buffer_mgr.h"
@@ -663,23 +663,16 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, 
const u8 *key,
                               unsigned int keylen)
 {
        struct crypto_authenc_keys keys;
-       u32 flags;
        int err;
 
        err = crypto_authenc_extractkeys(&keys, key, keylen);
        if (unlikely(err))
                goto badkey;
 
-       err = -EINVAL;
-       if (keys.enckeylen != DES3_EDE_KEY_SIZE)
-               goto badkey;
-
-       flags = crypto_aead_get_flags(aead);
-       err = __des3_verify_key(&flags, keys.enckey);
-       if (unlikely(err)) {
-               crypto_aead_set_flags(aead, flags);
+       err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey,
+                                        keys.enckeylen);
+       if (unlikely(err))
                goto out;
-       }
 
        err = cc_aead_setkey(aead, key, keylen);
 
diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c
index 5b58226ea24d..e4dcfbfef446 100644
--- a/drivers/crypto/ccree/cc_cipher.c
+++ b/drivers/crypto/ccree/cc_cipher.c
@@ -412,15 +412,9 @@ static int cc_cipher_setkey(struct crypto_skcipher *sktfm, 
const u8 *key,
         */
        if (ctx_p->flow_mode == S_DIN_to_DES) {
                u32 tmp[DES3_EDE_EXPKEY_WORDS];
-               if (keylen == DES3_EDE_KEY_SIZE &&
-                   __des3_ede_setkey(tmp, &tfm->crt_flags, key,
-                                     DES3_EDE_KEY_SIZE)) {
-                       dev_dbg(dev, "weak 3DES key");
-                       return -EINVAL;
-               } else if (!des_ekey(tmp, key) &&
-                          (crypto_tfm_get_flags(tfm) &
-                           CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
-                       tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
+               if ((keylen == DES3_EDE_KEY_SIZE &&
+                    des3_ede_verify_key(tfm, key, keylen)) ||
+                   des_verify_key(tfm, key, keylen)) {
                        dev_dbg(dev, "weak DES key");
                        return -EINVAL;
                }
-- 
2.20.1

[RFC PATCH 10/30] crypto: ccree/des - switch to new verification routines

Reply via email to