des - switch to new verification routines

Harald Freudenberger Mon, 05 Aug 2019 23:13:12 -0700

On 05.08.19 19:00, Ard Biesheuvel wrote:
> Acked-by: Harald Freudenberger <fre...@linux.ibm.com>
> Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
> ---
>  arch/s390/crypto/des_s390.c | 25 +++++++++-----------
>  1 file changed, 11 insertions(+), 14 deletions(-)
>
> diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c
> index 374b42fc7637..f56a84751fdb 100644
> --- a/arch/s390/crypto/des_s390.c
> +++ b/arch/s390/crypto/des_s390.c
> @@ -16,7 +16,7 @@
>  #include <linux/fips.h>
>  #include <linux/mutex.h>
>  #include <crypto/algapi.h>
> -#include <crypto/des.h>
> +#include <crypto/internal/des.h>
>  #include <asm/cpacf.h>
>
>  #define DES3_KEY_SIZE        (3 * DES_KEY_SIZE)
> @@ -35,27 +35,24 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 
> *key,
>                     unsigned int key_len)
>  {
>       struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
> -     u32 tmp[DES_EXPKEY_WORDS];
> +     int err;
>
> -     /* check for weak keys */
> -     if (!des_ekey(tmp, key) &&
> -         (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
> -             tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
> -             return -EINVAL;
> -     }
> +     err = crypto_des_verify_key(tfm, key);
> +     if (err)
> +             return err;
>
>       memcpy(ctx->key, key, key_len);
>       return 0;
>  }
>
> -static void des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
> +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
>  {
>       struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
>
>       cpacf_km(CPACF_KM_DEA, ctx->key, out, in, DES_BLOCK_SIZE);
>  }
>
> -static void des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
> +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
>  {
>       struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
>
> @@ -76,8 +73,8 @@ static struct crypto_alg des_alg = {
>                       .cia_min_keysize        =       DES_KEY_SIZE,
>                       .cia_max_keysize        =       DES_KEY_SIZE,
>                       .cia_setkey             =       des_setkey,
> -                     .cia_encrypt            =       des_encrypt,
> -                     .cia_decrypt            =       des_decrypt,
> +                     .cia_encrypt            =       crypto_des_encrypt,
> +                     .cia_decrypt            =       crypto_des_decrypt,
>               }
>       }
>  };
> @@ -227,8 +224,8 @@ static int des3_setkey(struct crypto_tfm *tfm, const u8 
> *key,
>       struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
>       int err;
>
> -     err = __des3_verify_key(&tfm->crt_flags, key);
> -     if (unlikely(err))
> +     err = crypto_des3_ede_verify_key(tfm, key);
> +     if (err)
>               return err;
>
>       memcpy(ctx->key, key, key_len);


add my

reviewed-by Harald Freudenberger <fre...@de.ibm.com>

however, could you please choose another prefix when there's a symbol
collision instead of the "crypto_" maybe "s390_" or something like 
"des_s390_xxx".
Thanks

Re: [PATCH v4 02/30] crypto: s390/des - switch to new verification routines

Reply via email to