Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
---
 drivers/crypto/bcm/cipher.c   | 82 +++++---------------
 drivers/crypto/caam/caamalg.c | 31 ++++----
 2 files changed, 37 insertions(+), 76 deletions(-)

diff --git a/drivers/crypto/bcm/cipher.c b/drivers/crypto/bcm/cipher.c
index d972ffac779d..70f2d0cb1a0c 100644
--- a/drivers/crypto/bcm/cipher.c
+++ b/drivers/crypto/bcm/cipher.c
@@ -35,7 +35,7 @@
 #include <crypto/aead.h>
 #include <crypto/internal/aead.h>
 #include <crypto/aes.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
 #include <crypto/hmac.h>
 #include <crypto/sha.h>
 #include <crypto/md5.h>
@@ -1813,24 +1813,13 @@ static int des_setkey(struct crypto_ablkcipher *cipher, 
const u8 *key,
                      unsigned int keylen)
 {
        struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher);
-       u32 tmp[DES_EXPKEY_WORDS];
-
-       if (keylen == DES_KEY_SIZE) {
-               if (des_ekey(tmp, key) == 0) {
-                       if (crypto_ablkcipher_get_flags(cipher) &
-                           CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) {
-                               u32 flags = CRYPTO_TFM_RES_WEAK_KEY;
+       int err;
 
-                               crypto_ablkcipher_set_flags(cipher, flags);
-                               return -EINVAL;
-                       }
-               }
+       err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, keylen);
+       if (unlikely(err))
+               return err;
 
-               ctx->cipher_type = CIPHER_TYPE_DES;
-       } else {
-               crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
-               return -EINVAL;
-       }
+       ctx->cipher_type = CIPHER_TYPE_DES;
        return 0;
 }
 
@@ -1838,23 +1827,14 @@ static int threedes_setkey(struct crypto_ablkcipher 
*cipher, const u8 *key,
                           unsigned int keylen)
 {
        struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher);
+       int err;
 
-       if (keylen == (DES_KEY_SIZE * 3)) {
-               u32 flags;
-               int ret;
-
-               flags = crypto_ablkcipher_get_flags(cipher);
-               ret = __des3_verify_key(&flags, key);
-               if (unlikely(ret)) {
-                       crypto_ablkcipher_set_flags(cipher, flags);
-                       return ret;
-               }
+       err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key,
+                                        keylen);
+       if (unlikely(err))
+               return err;
 
-               ctx->cipher_type = CIPHER_TYPE_3DES;
-       } else {
-               crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
-               return -EINVAL;
-       }
+       ctx->cipher_type = CIPHER_TYPE_3DES;
        return 0;
 }
 
@@ -2866,40 +2846,18 @@ static int aead_authenc_setkey(struct crypto_aead 
*cipher,
 
        switch (ctx->alg->cipher_info.alg) {
        case CIPHER_ALG_DES:
-               if (ctx->enckeylen == DES_KEY_SIZE) {
-                       u32 tmp[DES_EXPKEY_WORDS];
-                       u32 flags = CRYPTO_TFM_RES_WEAK_KEY;
-
-                       if (des_ekey(tmp, keys.enckey) == 0) {
-                               if (crypto_aead_get_flags(cipher) &
-                                   CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) {
-                                       crypto_aead_set_flags(cipher, flags);
-                                       return -EINVAL;
-                               }
-                       }
+               if (crypto_des_verify_key(crypto_aead_tfm(cipher), keys.enckey,
+                                  keys.enckeylen))
+                       return -EINVAL;
 
-                       ctx->cipher_type = CIPHER_TYPE_DES;
-               } else {
-                       goto badkey;
-               }
+               ctx->cipher_type = CIPHER_TYPE_DES;
                break;
        case CIPHER_ALG_3DES:
-               if (ctx->enckeylen == (DES_KEY_SIZE * 3)) {
-                       u32 flags;
-
-                       flags = crypto_aead_get_flags(cipher);
-                       ret = __des3_verify_key(&flags, keys.enckey);
-                       if (unlikely(ret)) {
-                               crypto_aead_set_flags(cipher, flags);
-                               return ret;
-                       }
-
-                       ctx->cipher_type = CIPHER_TYPE_3DES;
-               } else {
-                       crypto_aead_set_flags(cipher,
-                                             CRYPTO_TFM_RES_BAD_KEY_LEN);
+               if (crypto_des3_ede_verify_key(crypto_aead_tfm(cipher),
+                                              keys.enckey, keys.enckeylen))
                        return -EINVAL;
-               }
+
+               ctx->cipher_type = CIPHER_TYPE_3DES;
                break;
        case CIPHER_ALG_AES:
                switch (ctx->enckeylen) {
diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 43f18253e5b6..5d4fa65a015f 100644
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -785,20 +785,23 @@ static int skcipher_setkey(struct crypto_skcipher 
*skcipher, const u8 *key,
 static int des_skcipher_setkey(struct crypto_skcipher *skcipher,
                               const u8 *key, unsigned int keylen)
 {
-       u32 tmp[DES3_EDE_EXPKEY_WORDS];
-       struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher);
+       int err;
 
-       if (keylen == DES3_EDE_KEY_SIZE &&
-           __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) {
-               return -EINVAL;
-       }
+       err = des_verify_key(crypto_skcipher_tfm(skcipher), key, keylen);
+       if (unlikely(err))
+               return err;
 
-       if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) &
-           CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
-               crypto_skcipher_set_flags(skcipher,
-                                         CRYPTO_TFM_RES_WEAK_KEY);
-               return -EINVAL;
-       }
+       return skcipher_setkey(skcipher, key, keylen);
+}
+
+static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,
+                               const u8 *key, unsigned int keylen)
+{
+       int err;
+
+       err = des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key, keylen);
+       if (unlikely(err))
+               return err;
 
        return skcipher_setkey(skcipher, key, keylen);
 }
@@ -1899,7 +1902,7 @@ static struct caam_skcipher_alg driver_algs[] = {
                                .cra_driver_name = "cbc-3des-caam",
                                .cra_blocksize = DES3_EDE_BLOCK_SIZE,
                        },
-                       .setkey = des_skcipher_setkey,
+                       .setkey = des3_skcipher_setkey,
                        .encrypt = skcipher_encrypt,
                        .decrypt = skcipher_decrypt,
                        .min_keysize = DES3_EDE_KEY_SIZE,
@@ -2018,7 +2021,7 @@ static struct caam_skcipher_alg driver_algs[] = {
                                .cra_driver_name = "ecb-des3-caam",
                                .cra_blocksize = DES3_EDE_BLOCK_SIZE,
                        },
-                       .setkey = des_skcipher_setkey,
+                       .setkey = des3_skcipher_setkey,
                        .encrypt = skcipher_encrypt,
                        .decrypt = skcipher_decrypt,
                        .min_keysize = DES3_EDE_KEY_SIZE,
-- 
2.20.1

Reply via email to