From patchwork Sat Jun 22 00:30:43 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167426 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376511ilk; Fri, 21 Jun 2019 17:31:49 -0700 (PDT) X-Google-Smtp-Source: APXvYqy1qGdYiuVSstO4CFIrVXfWI8yNXyUVse3zPr+nm7uoJCuowia3rn8DH3QGdZna0pHe67tH X-Received: by 2002:a65:478a:: with SMTP id e10mr20771251pgs.245.1561163509204; Fri, 21 Jun 2019 17:31:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163509; cv=none; d=google.com; s=arc-20160816; b=qCVGH0BNMVY0oKHlVPeN2h2lzLmUeGz3ci4w6y25uvr4t92zNkJqT1HYlTrw0bljJ/ uidqKhdoRnqvv0xmUBbhkk/oxLLmdacoZcq0+1TVGcOFv5O3A25GdUApFKO6nOJ0u8PB MhhrCTm4oWsTgAjUOLvSw5fOxjKnFlxlKIYvhUhPg7h3RQ0Jp8d71ggkrXKP5pS0LBhT Ma3U0mlqBQ8f6VslckdaWO2u2PLWbMM+bYkpkvrXthz34oPbyDO9aUdSyewPumv/Gd09 XtcFWf9TQexykkxtNcIE/XTjPG7F9a01/yRFPb/+S6biBzHJfeNkS4QgaWGRZ988F9df kC5w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=kkamP1fTsfSENUMZmFXujGUoa+8ty2j1dMRC+wXtb0U=; b=kXFK8m8UBk7U65RMO065893FaFFYM09UyouryvMIIyNJ9HrewBK7g0pN3bSR8offUa hxb4v746QdY8uI1e+nyAfOX4W6GJf92FkyG6pv8obh9zheNiI7nX+8NymRpUBX+MSupQ PGs68iDUJvuMEG/qhXK69wUfqx61gG6IVXflASCqDhxV4fZJMAgXW/l4OjBcorTmq7Qj XA3g6JRSWUo8AL4u3hHP3D8GeUABhanHRmZWu/xkRMaytjINaFRH0n5NfrYzTEhqgOqG X6TIn8HE7ysOgV2XlfBQfq4TEc9AKWOP1VnQdX9sG8XkT5f1ZkwV4kK50LPPkVxFOxmL 3jBw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hPtWiFqZ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.49; Fri, 21 Jun 2019 17:31:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hPtWiFqZ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726112AbfFVAbs (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:48 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:36721 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726080AbfFVAbs (ORCPT ); Fri, 21 Jun 2019 20:31:48 -0400 Received: by mail-wm1-f66.google.com with SMTP id u8so8098089wmm.1 for ; Fri, 21 Jun 2019 17:31:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=kkamP1fTsfSENUMZmFXujGUoa+8ty2j1dMRC+wXtb0U=; b=hPtWiFqZXGVYo3YUVh5+crVE8BnnIiS3BL3+tfUr1fJk/aDnpwuw/v9scIAi01cf49 oUMDxiJi3Nto0ORhSV0zSlojIG8cMQy2697RWypNA6sI6UF6kz9ic9ibrIHB78gxpCII +/j8W9T2V9zwCb7YHXZRodNt9r7P+ewvkpP8+5EqWBuhMZqLPYqcGJsJT1iuxzs9Z36D fdVdtN0hsuIE7focXoUi2gVN2nyzlv/cMn5Tuz1FQTxpWeADbfCb6Q72klD1ursf/lZv 6PdDldXyuJsNqYTIdriE8hwxloFWDFlH/jBbbcKF9F75Ww78L+Zfd8MMsM6v8x4wnLNH hdXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kkamP1fTsfSENUMZmFXujGUoa+8ty2j1dMRC+wXtb0U=; b=k0UyCdBZuVZnPrnmLRyzlpZY2WQKQh2PrlxUOCEPgWqtpqM3ArHKzn0oiC0DGMOBUI dyLLe7/S+w1yDkafnnGba7IXul2F8TKGfRyOHjuxKc3W858Nz1jp65Sdmjfpr41UcTVN JAvEh86DpWcluUP8ErGdYvlA0hWv3x1TTBcq3RLsa8AjJbQHfa3JjQYG0+L3JFzYq/Vv M+hjLbFfqg1k/N9E1G++jNb6UCLo2FeBN/IjHn7u0GeHVkNCB8VEOHaeA1y3ygFfwRpY QLiFJLwJIMePwieXJd6ipeTL8YdQBMcp3jU0VwURgAkFNBYwcVE1H6NjWAPJlfFNhkYc X5ew== X-Gm-Message-State: APjAAAXjnTqhFhYdEW5ha1b704od5avjREup1qGFeefkwyjizXIBeLrI 9X/1xitmHDjDYty4Lo+GbRCDWxYb5+UHJBxt X-Received: by 2002:a7b:c842:: with SMTP id c2mr5646707wml.28.1561163505145; Fri, 21 Jun 2019 17:31:45 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:44 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 01/30] crypto: des/3des_ede - add new helpers to verify key length Date: Sat, 22 Jun 2019 02:30:43 +0200 Message-Id: <20190622003112.31033-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The recently added helper routines to perform key strength validation of 3ede_keys is slightly inadequate, since it doesn't check the key length, and it comes in two versions, neither of which are highly useful for anything other than skciphers (and many users still use the older blkcipher interfaces). So let's add a new helper and, considering that this is a helper function that is only intended to be used by crypto code itself, put it in a new des.h header under crypto/internal. While at it, implement a similar helper for single DES, so that we can replace the pattern of calling des_ekey() into a temp buffer that occurs in many drivers in drivers/crypto. Signed-off-by: Ard Biesheuvel --- crypto/des_generic.c | 13 --- include/crypto/internal/des.h | 85 ++++++++++++++++++++ 2 files changed, 85 insertions(+), 13 deletions(-) -- 2.20.1 diff --git a/crypto/des_generic.c b/crypto/des_generic.c index d7a88b4fa611..c94a303da4dd 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -846,19 +846,6 @@ static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) d[1] = cpu_to_le32(L); } -/* - * RFC2451: - * - * For DES-EDE3, there is no known need to reject weak or - * complementation keys. Any weakness is obviated by the use of - * multiple keys. - * - * However, if the first two or last two independent 64-bit keys are - * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the - * same as DES. Implementers MUST reject keys that exhibit this - * property. - * - */ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h new file mode 100644 index 000000000000..e33b32c496cd --- /dev/null +++ b/include/crypto/internal/des.h @@ -0,0 +1,85 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * DES & Triple DES EDE key verification helpers + */ + +#ifndef __CRYPTO_INTERNAL_DES_H +#define __CRYPTO_INTERNAL_DES_H + +#include +#include +#include + +static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key, + unsigned int key_len) +{ + u32 tmp[DES_EXPKEY_WORDS]; + int err = -EINVAL; + + if (key_len != DES_KEY_SIZE) { + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } + + if (!des_ekey(tmp, key) && + (fips_enabled || (crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) + goto bad; + + err = 0; +out: + memzero_explicit(tmp, sizeof(tmp)); + return err; + +bad: + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + goto out; +} + +/* + * RFC2451: + * + * For DES-EDE3, there is no known need to reject weak or + * complementation keys. Any weakness is obviated by the use of + * multiple keys. + * + * However, if the first two or last two independent 64-bit keys are + * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the + * same as DES. Implementers MUST reject keys that exhibit this + * property. + * + */ +static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, + const u8 *key, + unsigned int key_len) +{ + int err = -EINVAL; + u32 K[6]; + + if (key_len != DES3_EDE_KEY_SIZE) { + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } + + memcpy(K, key, DES3_EDE_KEY_SIZE); + + if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || + !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && + (fips_enabled || (crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) + goto bad; + + if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) + goto bad; + + err = 0; +out: + memzero_explicit(K, DES3_EDE_KEY_SIZE); + return err; + +bad: + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + goto out; +} + +#endif /* __CRYPTO_INTERNAL_DES_H */ From patchwork Sat Jun 22 00:30:44 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167427 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376515ilk; Fri, 21 Jun 2019 17:31:49 -0700 (PDT) X-Google-Smtp-Source: APXvYqzueBetqK3AgnoA39DB93r2eK/WTHnX7Ohzm2CIBmIN6a4ET9BzvABnSeYHalSkZ1X8YKDI X-Received: by 2002:a17:90a:3225:: with SMTP id k34mr9898331pjb.31.1561163509620; Fri, 21 Jun 2019 17:31:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163509; cv=none; d=google.com; s=arc-20160816; b=TjgUuYYWEZ2CAvhqO9WmiszodgXVvm5johK3Gyfg53q9h8DQkJ2XE1ZLB+IttaZHpi pb88vbrodKDTxKJqqa8llS8GxPJpDmSWdLXDVdfHqXBXqMvc29PRRfDrAsSFuVDcSy12 lgMn8egM31ywJe5zaGVisyQI0w6tT774R8CNRzFsVw3Ez18fgXiMKufvItzsQboaB0mC FpEglZMObCInNmjQjlMvDc+3iWn/G26/jTvXCU7P7eQl0k624H1zW0GMuW3rFmZ1lJMY l7eGSSBUjl6Uzcx3IMu9ovG3I/uEF//XciFhC79rU5H4zQ2mWDVj3klpxmO2Llhb0qQ1 QMJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=4hQd7PYcG7QjLZcDV8BoskodbCYNzyoRKq3CDodt/Bs=; b=xenr49DttR0PG/6HVuDnXkPZMASPV23SQ0/fCJ6kit7fmNmZnkl1VbyVdwXTI4EZuz sw52WFFkTK/XjL6inD0RsLFD6mwGzwCXVIs1H8cNwlVonwdj/pTdqMbnnwOLFOE11+W8 tylUVqPj1D2PaaquJ/168+aFlUB095OIegiJN0VC6GP8kWA9XIEY3OJLoo78QGRYJpKx 9c9K0K6HRB5qg4ndvrsqYohuje9Hv4gafI5LTnhpyoq/qe9yJidE87R7mydknPqRFbrF zQxsvWtfuvmXWbwe2l/lmZD3jqcqaDsCquFZJNYul+VG/dhJiXKOKAiPvmz77vDnBx5h ZbWw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=EoEaND7b; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.49; Fri, 21 Jun 2019 17:31:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=EoEaND7b; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726080AbfFVAbs (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:48 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:35470 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726101AbfFVAbs (ORCPT ); Fri, 21 Jun 2019 20:31:48 -0400 Received: by mail-wm1-f66.google.com with SMTP id c6so8124448wml.0 for ; Fri, 21 Jun 2019 17:31:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4hQd7PYcG7QjLZcDV8BoskodbCYNzyoRKq3CDodt/Bs=; b=EoEaND7b/eAEOtojEsscB8w98xj0f+GMvyWTT/Tfm6cXGNd2d+QBTd95BivBKekLLx TNSzwjLjlGbVq1bVih4315iEcrz14x6fLQglLvvcG6Li/2RaT2tgpTfUc57xaZ5sBQsO ZkNZy/Mc3EO8zFvXGuSA5qxQ6nHXQRfRdAd7ci9ogCg8bc8RDAbzVfZ9PuS8Y78X2Mfz kdDE5RleU1UXcw2uuWamkwzgy1tGlozw/vsfN45kddieYjWmo66f/CcBNtYkhvgzK4LA p2T6U6pDu2cxnSanndDXm+ggpg3E2LWB5vKjhZdjdi9UwmExBXpvqmOobhpBtpFDf0l4 5kjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4hQd7PYcG7QjLZcDV8BoskodbCYNzyoRKq3CDodt/Bs=; b=WX+1pX8d2+KaARFeBIwhHn/J/3zI4k2CMSosoXYcnSxn25lLRsIGzUpCYawJkcje0S rzdDkT+sP0Jl1XTTwqoiAWhO2OSNgHqMROWE3tddTdAI+qmKKW/iiN1d7juAdE6fgn8F iOadHlmmDFwRz9/F4oX1Hnw3zXVgSsoo4SibXxp0EhUqoc4hPDS0pBXl6jBmtpILQw3f wwZBct4mKKi+1m/+3SaGF45hGCVOPUP6T9NmMN2XHVXZzLwhd16VWnqJWGZJe5q4GE0Z 4DCrrH5rFa5GyAXNPALKZ79VD3VzLcW0zj7BPzGzaebFNktH4dqFQ0rkJALutbaFYT8N 2uew== X-Gm-Message-State: APjAAAX2geKjKA21jnwa1OLodQiRt5qlt9wbWnI/ixbWmqBWQNHAPLU/ +aXEvKoIT8fy+F/8wBZDaZiB1+6GrYrtRhtR X-Received: by 2002:a1c:a00f:: with SMTP id j15mr5950679wme.167.1561163506166; Fri, 21 Jun 2019 17:31:46 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:45 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 02/30] crypto: s390/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:44 +0200 Message-Id: <20190622003112.31033-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/s390/crypto/des_s390.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) -- 2.20.1 Acked-by: Harald Freudenberger diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c index 1f9ab24dc048..4e4061885b0d 100644 --- a/arch/s390/crypto/des_s390.c +++ b/arch/s390/crypto/des_s390.c @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include #define DES3_KEY_SIZE (3 * DES_KEY_SIZE) @@ -34,14 +34,11 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - /* check for weak keys */ - if (!des_ekey(tmp, key) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = des_verify_key(tfm, key, key_len); + if (unlikely(err)) + return err; memcpy(ctx->key, key, key_len); return 0; @@ -226,7 +223,7 @@ static int des3_setkey(struct crypto_tfm *tfm, const u8 *key, struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); int err; - err = __des3_verify_key(&tfm->crt_flags, key); + err = crypto_des3_ede_verify_key(tfm, key, key_len); if (unlikely(err)) return err; From patchwork Sat Jun 22 00:30:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167428 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376530ilk; Fri, 21 Jun 2019 17:31:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqzAldf5QojFnl6JuM1cg4bOqSeavbpbC2eSY3VMznqR2vHNelPxFMHJwCGKrZqdExmnNRsa X-Received: by 2002:a63:88c1:: with SMTP id l184mr9361057pgd.376.1561163510680; Fri, 21 Jun 2019 17:31:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163510; cv=none; d=google.com; s=arc-20160816; b=sJRgfSuBs/DuLhZ+/SqANUqOsHQOCr4J/QID6Uvj+Y4BCyPmPIGU8JCm9PqwnbOhM7 k3npnND0wP7hjrVsPv7B4qWpDgbPNS3LvLKGtHBk+26LJhE8MwCpPyqCRq/kGc8DuWn3 5WuY8JA35Bfffi2ncuZQDP+nSCeg5P1Jxyw4r1IVNM8dOpZS7ofQjNakrNkWXaIjwZK8 HjcIfVNMsTtr5s+RXjsIW10H9g9NZNS+I6OdsIoSFtWem9+tiWZg5876TcLzNUbh2QJk OpG2T9MBWQ//1IrJwcXhNrFZvvdNMPqgOkJI3EJfxoQFGs4C1OCD0IHSuMGnQl+h9jTO +PQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=y03artuFEw1EqgZMcNtCu7Lvsp6XqRl3BVBaQjdCwrw=; b=PtgsQIF4ss5lu185gKNxsfNFK6KO8BrC9wA1IQpVvLIwQL1LosbVY7UBoPbgwzsZr5 4gKtCqGSfyQ4hhcm3adgjIwjGs237230q61Ki2EAEcGHYZMp/DnvIGjuVWVBUucGAr4O AUDTy1xjWaBpbKgoaOBDn82TazbSdJt/qxlVweCtUbu+KCB2oWUtQooaU/ML15Vtl+7s PwYfQC82CnJnTzCxwR+oqLyf65L1XrciyBqF5K0hnZJE3Hd8IiJ4tuyRPkRucf3f+GO+ wNaH7fCDZTKHAPrtxVO6IIW/el9glWdsDJxaYX85iDZ5zvpAWoWdkhHxjGoGQnSSU4VI j2Xw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=E9VJbkQ6; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.50; Fri, 21 Jun 2019 17:31:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=E9VJbkQ6; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726118AbfFVAbt (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:49 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:54731 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAbt (ORCPT ); Fri, 21 Jun 2019 20:31:49 -0400 Received: by mail-wm1-f68.google.com with SMTP id g135so7702855wme.4 for ; Fri, 21 Jun 2019 17:31:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=y03artuFEw1EqgZMcNtCu7Lvsp6XqRl3BVBaQjdCwrw=; b=E9VJbkQ6xAG/NjVVA1nLQOt315Kl4uapklC6sIQZrozQdCDaLTDbHy3nNWLNPuJJuk 1dX2vTEiGICvC1aITRkRuuFVvy8pmx3fvuX9+1oRRwO9smRJhewPY1oT3+MAY7a4DQP2 MLPfb+nC+CsBXJDDchHVru6eRZyZor6pqGHUGf20Uih4eoHVRkwnJjIAnOCE8iU7KwVq rvWA4eviazv6TzykNSpsGS0GzITEPG5bYIe53jssdJNZIRn6bf5t7vEZS8MsxSYO8TNJ srw4O+zfmxKpc6bnGYz0qQBu6BPpluizw4EFcM5Tpf8kuNuRnU+eJEdxdSlKfGnJoHEr FwLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=y03artuFEw1EqgZMcNtCu7Lvsp6XqRl3BVBaQjdCwrw=; b=V2+b1YhCUTaDaRmQE837TcSoPmp9Lfo9OmkG3prutGW0wCngoJyR9+uF3q2TD17Y0j NXamJNDFb4y8yBVKeINJAvNMyRpj5S5HCu4uUh+bf/5XvImVkLT3LXmQeRmniDYaYF5K LYawHFLcolyFDwvDOZua3zT5qVEyAay62DebgGuw+T9srd9N1LxKepR4jHe/DL41j2r7 qTMGLCWYzqarZ4o9B4tNyt0TXTyznjyCjUM17rzQx9hsSelCZvO29puki46TAu1R8TKc kkWTNOzgTKOg74kuloYDGJbYl+33mTAV7ZaJ83yxodfviakLoO3vReEuzNj0N4t+6ZlR rwFg== X-Gm-Message-State: APjAAAVUnCJHxFRwOG60zFWA/GEX6pVuuneECsVILmFxNRnvFDppYMgO SN6sGsLxwVys/lRp/4ZJAVhnCenJpNl/LsB0 X-Received: by 2002:a7b:c766:: with SMTP id x6mr5827061wmk.40.1561163507378; Fri, 21 Jun 2019 17:31:47 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:46 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 03/30] crypto: sparc/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:45 +0200 Message-Id: <20190622003112.31033-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/sparc/crypto/des_glue.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) -- 2.20.1 diff --git a/arch/sparc/crypto/des_glue.c b/arch/sparc/crypto/des_glue.c index 453a4cf5492a..d0e3929359a1 100644 --- a/arch/sparc/crypto/des_glue.c +++ b/arch/sparc/crypto/des_glue.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include @@ -44,19 +44,15 @@ static int des_set_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des_sparc64_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; + int err; /* Even though we have special instructions for key expansion, - * we call des_ekey() so that we don't have to write our own + * we call des_verify_key() so that we don't have to write our own * weak key detection code. */ - ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = des_verify_key(tfm, key, keylen); + if (unlikely(err)) + return err; des_sparc64_key_expand((const u32 *) key, &dctx->encrypt_expkey[0]); encrypt_to_decrypt(&dctx->decrypt_expkey[0], &dctx->encrypt_expkey[0]); @@ -207,7 +203,7 @@ static int des3_ede_set_key(struct crypto_tfm *tfm, const u8 *key, u64 k3[DES_EXPKEY_WORDS / 2]; int err; - err = __des3_verify_key(flags, key); + err = crypto_des3_ede_verify_key(tfm, key, keylen); if (unlikely(err)) return err; From patchwork Sat Jun 22 00:30:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167429 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376546ilk; Fri, 21 Jun 2019 17:31:51 -0700 (PDT) X-Google-Smtp-Source: APXvYqwh1RheSsN4Vsq+sYIajSmJ6WmerPtMkqzXRCxdFJJNKeA3M0ki13d3JGr+7UD71iZSOpf9 X-Received: by 2002:a17:902:7295:: with SMTP id d21mr114936989pll.299.1561163511786; Fri, 21 Jun 2019 17:31:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163511; cv=none; d=google.com; s=arc-20160816; b=0De73kYHIpf/qRzB9bJlbIQcFWs2ab5cnPCLsPiDCWnmsEY9ra8oXC90J0bHXfPh6d VINrvb8hr9xpFKmA/43HKBiRcgbLjw1miUTmxEAaPkg7SlKeFoCJhXro8yJ2GUGe/Rn8 ESQcD4aCbP/nl7i6v3NMx8UFR/5f+R6gVaKyt5OTrLSeVB42PYcmJuyWyx59SDdq8Vx0 MMvwA0WEHx557cE6S/SoB6Rsmm/WJVi28EOrxeoi5QuCmyCRdoBzTVpRsLz2LzSE2J1V 4BzQv8dy04A6wy8+hQitEvmsoOGhr8aCf4hSQNjiEAC0DKknqc3NkP6gWawSCgNccPpv phLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=xRjBVTkBknzStzHYOLza7roZdaQ2R1JxmaHYUbiqvWg=; b=vXdzsbRlVPx66A44u83p5zj7YMA5X/eoPcWNrlkQftiw83iJXvJnhZJxt0OHHJqbD9 ol89zQLwb+BKV2jkOzZrdLOOjA5EfYCoDrI2oc7k1k/hLJS4cipSkViSKijFR5NXvykY jLB9dXG/cElhM4s1TntwASqZTsn1wDdXpDlVtjK7UVkBT2tzWzh86hpfImDyAsEjJsWz qysn2fff7hHDHogH7AnJ7uh+ReRGeOcwbOsRJbi+dWW9DVXplcCbAZiycA7XN8P5mqkk 9kvJvBDbCqpdQ4F/SBn9eAgbPSSyiim6nRsIzS7OmPOJiBJODaFO0aNx23sQqrabchON IlTw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ElTmLRwt; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.51; Fri, 21 Jun 2019 17:31:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ElTmLRwt; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726138AbfFVAbv (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:51 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:47064 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726101AbfFVAbu (ORCPT ); Fri, 21 Jun 2019 20:31:50 -0400 Received: by mail-wr1-f68.google.com with SMTP id n4so8064172wrw.13 for ; Fri, 21 Jun 2019 17:31:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=xRjBVTkBknzStzHYOLza7roZdaQ2R1JxmaHYUbiqvWg=; b=ElTmLRwtLSeQqaRoNvsJJp/41tSWboLM8FSS9CRfscU1Q9kA0zGoNFPVXquQI7EMGy aLiY0XJNppxwK0E0VjUpc/h6HGrEFvBuRv1IJUfehx3V/aTiyNScsjjT6Y5JOow18zPc dCBb7sj4/sBOSsig7O6dvvf5n4yXzi19M5PAEQPxg+mY1WCV4Ffhkz8eXdshp/NwY7ns 26JlD5aUEwlLZqNqwR6vmGGPsih+qKy7gIigakNwwE2gxlq0a4ZaCuGd5SBtfRX/aX/K KTbvkualcnXGFbZTog2t/BfWxnzkp2vyy01y7jqgikpfajvHnLGLX/jYbNczxIxzkq3w XDgA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=xRjBVTkBknzStzHYOLza7roZdaQ2R1JxmaHYUbiqvWg=; b=RgekQJ8HvyjtlFVj9GGHGfCBwEV8ANiPDy+i7uBt69tqteZnKxetOw9FErlnrTHjKw 7FDA589QPdVas0o5J59wwTocy4fj3p3pEPVbCRZWBEuPvPeEqcwEUCYQiHyMvexp4X5S gXqq++nU9pLH5fJ4W+HkNMrXsOnS2nQC8uf5nfya3gtyoBQbg9DHIsssHnyIgCu/Dvge 6f4Onh/0VFfbXTPT1KcCF4YlSOqBmnPtf3LpTPEbTMMYpWrNMd3BnKnIeLA4tdvBNAxq eJ357oVV1e5OROHazBlS7NyVTZyYN++s5C8aVtCrcyXK/PmbKLIw5hiBFhrE3VBbBowV hRqA== X-Gm-Message-State: APjAAAXXRm8YSIUR4Ncb/ZddFtk4P1kPiNAQGHoKnbfPc9DJ460hkKES k/ETnihScfiWePD9NcLw9gxOxeSOTyr1d8BJ X-Received: by 2002:adf:de02:: with SMTP id b2mr21934091wrm.349.1561163508422; Fri, 21 Jun 2019 17:31:48 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:47 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 04/30] crypto: atmel/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:46 +0200 Message-Id: <20190622003112.31033-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/atmel-tdes.c | 29 ++++++-------------- 1 file changed, 8 insertions(+), 21 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/atmel-tdes.c b/drivers/crypto/atmel-tdes.c index fa76620281e8..2f35b73b35bb 100644 --- a/drivers/crypto/atmel-tdes.c +++ b/drivers/crypto/atmel-tdes.c @@ -33,7 +33,7 @@ #include #include #include -#include +#include #include #include #include @@ -773,22 +773,12 @@ static void atmel_tdes_dma_cleanup(struct atmel_tdes_dev *dd) static int atmel_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - int err; - struct crypto_tfm *ctfm = crypto_ablkcipher_tfm(tfm); - struct atmel_tdes_ctx *ctx = crypto_ablkcipher_ctx(tfm); + int err; - if (keylen != DES_KEY_SIZE) { - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - err = des_ekey(tmp, key); - if (err == 0 && (ctfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - ctfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key, keylen); + if (unlikely(err)) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -800,15 +790,12 @@ static int atmel_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { struct atmel_tdes_ctx *ctx = crypto_ablkcipher_ctx(tfm); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(tfm, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key, + keylen); + if (unlikely(err)) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Sat Jun 22 00:30:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167430 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376565ilk; Fri, 21 Jun 2019 17:31:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqwacb1aqtZ4GKFG0gi/Y7YeEaLJsF67WwSWrnHuxEaZQweSDvn4wakXB0Nacoe929BFr6Iz X-Received: by 2002:a65:478a:: with SMTP id e10mr20771523pgs.245.1561163513627; Fri, 21 Jun 2019 17:31:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163513; cv=none; d=google.com; s=arc-20160816; b=rAuf0FjlIYig1+7yzCGm2W0wstXcmwfdQEGauBJgCUsE3C6NYlrTTHsKHnZYF38lm7 O5/xbCIz4m45LUs9MjMpw2I+Wr85Gmph5fFlS++UccSL7MYdxcK8nDAf+vmAv2P2OKGF c1sm5JWC+UONmJHNsdPu66JOANE7Zx25RUFAdj8u15pCOvOkEdLc6XyE8nnsB6SjH8tT Pn4LGpBPalMpfi6wTBw0KZCQuOnAcqa3rV2OnpTFbi1OTMQqFompbczrJrl0LLOwn6ep 6lXzpNf4ffBv9UXo7V2O1WaZpaVkbZ0OQpvSjk6N2ubTrdEjDxS89zlYD7zwxJBSBXSk JOGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=72feiy3abGUux7F2VbobpSpYBQ2b1eQYzkaU1DsyD2Q=; b=DsLwRYfM+GOdF6fsFevvsO8DNGvZ3RapEVyI32GgFClIbOSwWDF34fQKHu/L1zT9+f V73eOybGIcS+jWUiBUTuD8nVjPJcKAWBgm9jsY5z0PwftwXQZxir9i2VeTVM9lXAKoda MQ/9guUndrAJde9bPPfCv1dN+7RIp4nzN2jP+Sy7NIRvH9PIBFEo23WUPVBLk4wWrAgW fmABG1KcdFi+gctpWkz3jxkqoU9Hogmfz5sPfVOBeuQAs3PqTFhFmWjX9ksVboso4z9k NtdpqntmeELNdCHuuiiT9eYQt4nn/9r1eGqA97J0UQhFXz6MTgjbQc5v5h8CbbVR09Ex M/Ng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dl+sGCgs; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.53; Fri, 21 Jun 2019 17:31:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dl+sGCgs; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726145AbfFVAbx (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:53 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:50931 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAbw (ORCPT ); Fri, 21 Jun 2019 20:31:52 -0400 Received: by mail-wm1-f65.google.com with SMTP id c66so7735620wmf.0 for ; Fri, 21 Jun 2019 17:31:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=72feiy3abGUux7F2VbobpSpYBQ2b1eQYzkaU1DsyD2Q=; b=dl+sGCgs0VQno0vJe4GwzTfiOiZ39kfSChb0Kb/s+TMMFk9rFS9UzRagck8gCs/oCt MYUMo0lzvokj1XQz8r7Ipw+WGADPt2Emn8xipz3LRI3jkMMyqxfxS7gCXTVHtMreT5z9 EjObMIYQMvkswtN7PZwDAIzE+X0INypFVkjxKFpSF6ZL5jlxSa1a0EDhrlYDzUkOw27T 1GN0g69Lk14R9oMGZ8166BWAWKhS1NybPImZKkDNrq9DKFvJQLtlrRgEQVsl4+bk76HC sYZtZnJF/eiGP+sd7mMtYxXoHGE+k0DwIKrQNiaT9Zlnt3ItISqVHYd/6wh3cg22JyqT pWzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=72feiy3abGUux7F2VbobpSpYBQ2b1eQYzkaU1DsyD2Q=; b=s3stTm2oQHtu6tPxBMm2Ir/fYllr9grw/AUKo0mGhN/Tc9nPFcr0FxzIgVRWBNqIN7 z/WbP6EZME/ThZ6dR0z5vc1hd0GMRvz5gygAdZQW3klfHGY8L1sYRdySyxow02QSYV0y vymEq1RF3hiL6FVaVOjCKhPW/oJTFVk/qUBHihSCcz6ixqKxhdvKCpVIGSkvvSvoJbAO 5n1inkiU6mQNp/a5rTwYLQax5kxP4U7zyRjVaUC2Hi25U7kKe6m2BNRj8OnceJOwCn1l mK6pvUvGCHKmsyZ1Af+tuazwxieekWC9TIWwanIXji1kqjxeKhKIH5IzKaWCGY4wOolc bs+A== X-Gm-Message-State: APjAAAVrgGAozwzo4a0p9OrCkx8upem49d/NRLhiJpe3CqEAkDjwvw4h LzxQRiR58GHqnrbINhLWrswarCUSGSYW/r0R X-Received: by 2002:a7b:c383:: with SMTP id s3mr604630wmj.44.1561163509594; Fri, 21 Jun 2019 17:31:49 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:48 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 05/30] crypto: bcm/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:47 +0200 Message-Id: <20190622003112.31033-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/bcm/cipher.c | 82 +++++--------------- drivers/crypto/caam/caamalg.c | 31 ++++---- 2 files changed, 37 insertions(+), 76 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/bcm/cipher.c b/drivers/crypto/bcm/cipher.c index d972ffac779d..70f2d0cb1a0c 100644 --- a/drivers/crypto/bcm/cipher.c +++ b/drivers/crypto/bcm/cipher.c @@ -35,7 +35,7 @@ #include #include #include -#include +#include #include #include #include @@ -1813,24 +1813,13 @@ static int des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher); - u32 tmp[DES_EXPKEY_WORDS]; - - if (keylen == DES_KEY_SIZE) { - if (des_ekey(tmp, key) == 0) { - if (crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - u32 flags = CRYPTO_TFM_RES_WEAK_KEY; + int err; - crypto_ablkcipher_set_flags(cipher, flags); - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, keylen); + if (unlikely(err)) + return err; - ctx->cipher_type = CIPHER_TYPE_DES; - } else { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + ctx->cipher_type = CIPHER_TYPE_DES; return 0; } @@ -1838,23 +1827,14 @@ static int threedes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher); + int err; - if (keylen == (DES_KEY_SIZE * 3)) { - u32 flags; - int ret; - - flags = crypto_ablkcipher_get_flags(cipher); - ret = __des3_verify_key(&flags, key); - if (unlikely(ret)) { - crypto_ablkcipher_set_flags(cipher, flags); - return ret; - } + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) + return err; - ctx->cipher_type = CIPHER_TYPE_3DES; - } else { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + ctx->cipher_type = CIPHER_TYPE_3DES; return 0; } @@ -2866,40 +2846,18 @@ static int aead_authenc_setkey(struct crypto_aead *cipher, switch (ctx->alg->cipher_info.alg) { case CIPHER_ALG_DES: - if (ctx->enckeylen == DES_KEY_SIZE) { - u32 tmp[DES_EXPKEY_WORDS]; - u32 flags = CRYPTO_TFM_RES_WEAK_KEY; - - if (des_ekey(tmp, keys.enckey) == 0) { - if (crypto_aead_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - crypto_aead_set_flags(cipher, flags); - return -EINVAL; - } - } + if (crypto_des_verify_key(crypto_aead_tfm(cipher), keys.enckey, + keys.enckeylen)) + return -EINVAL; - ctx->cipher_type = CIPHER_TYPE_DES; - } else { - goto badkey; - } + ctx->cipher_type = CIPHER_TYPE_DES; break; case CIPHER_ALG_3DES: - if (ctx->enckeylen == (DES_KEY_SIZE * 3)) { - u32 flags; - - flags = crypto_aead_get_flags(cipher); - ret = __des3_verify_key(&flags, keys.enckey); - if (unlikely(ret)) { - crypto_aead_set_flags(cipher, flags); - return ret; - } - - ctx->cipher_type = CIPHER_TYPE_3DES; - } else { - crypto_aead_set_flags(cipher, - CRYPTO_TFM_RES_BAD_KEY_LEN); + if (crypto_des3_ede_verify_key(crypto_aead_tfm(cipher), + keys.enckey, keys.enckeylen)) return -EINVAL; - } + + ctx->cipher_type = CIPHER_TYPE_3DES; break; case CIPHER_ALG_AES: switch (ctx->enckeylen) { diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 43f18253e5b6..5d4fa65a015f 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -785,20 +785,23 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES3_EDE_EXPKEY_WORDS]; - struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); + int err; - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) { - return -EINVAL; - } + err = des_verify_key(crypto_skcipher_tfm(skcipher), key, keylen); + if (unlikely(err)) + return err; - if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(skcipher, - CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + return skcipher_setkey(skcipher, key, keylen); +} + +static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, + const u8 *key, unsigned int keylen) +{ + int err; + + err = des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key, keylen); + if (unlikely(err)) + return err; return skcipher_setkey(skcipher, key, keylen); } @@ -1899,7 +1902,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "cbc-3des-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, @@ -2018,7 +2021,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "ecb-des3-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, From patchwork Sat Jun 22 00:30:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167431 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376579ilk; Fri, 21 Jun 2019 17:31:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqw2l4CtyO+9UyV/SHjQMFj3CrDozg01FOPCvFbrRlL5NlRQJKofJl1mEYefxYSRuRHIysTv X-Received: by 2002:a63:1b66:: with SMTP id b38mr21054541pgm.54.1561163514774; Fri, 21 Jun 2019 17:31:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163514; cv=none; d=google.com; s=arc-20160816; b=Oz5i7AOtGp2VBvE7E5oF8GWI3Ls4rNaJ2g2tDMwc12yn0NHTZ1W+MBIw5cQKRPAg6w F25F4NU1VCpffi6nKJPLwQzDh0j2xgt/pzkp8iNlaacjOzdk4HjJ8oMyd8ucHtY6KuiG vwFQpuRfFh9Ukc2Fl9ODFtvmjJcGDPuOIaLirE1+uoi3iqsMIAi/bNfrrtNOyV+tE0HH 5c9n8883KGT8iCkPNzzoOUnxO1GStfyI1uzrC3IAv+khduzpoKJWyaVafvnNx9eOMJ3V htXVs9sflZ04fNtWJp7v3A0iPhJm0bYVa9A+SKZnVj9kzRNUG+6FPbz+GRS55nAOk0PC Q4UQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Px2Laz9uqyJKRzB3E2oP9MkftSsMAPig3kr3f5zcU1g=; b=O9WaS2Cp5nINVx6Fy32kwNplVu7s6hDLToW5prg7/qzjmma9tb61DaYldxYk/zwfQc NLiUdgV5N80xv/7OBi939BlXZCwPX7xwoXQ1ELWM1xj4IY3f1l2BDvD/cGKdi25oLK7e j2A/ehytXIInFA21riR0Ewd4R9g6w3H2rNXJ7v3+aOMlS2R7JLlW91EMpQEfPb9IcEwP xGXxwyTqYFeQpT0GV3+iU+ua1CsrysynP6qrVpdBWOTHyns12pvvLJfZfd5AUXg9XBXz nSbqr+teEMn0Li3hthlB4ZgDtH1BFIF0tYHBjBR2G+Q1+Vu0KpqFu4Wjg6IQU11Ub+Vh kBzw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=EDjNFtut; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.54; Fri, 21 Jun 2019 17:31:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=EDjNFtut; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726147AbfFVAby (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:54 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:41549 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726101AbfFVAbx (ORCPT ); Fri, 21 Jun 2019 20:31:53 -0400 Received: by mail-wr1-f68.google.com with SMTP id c2so8100406wrm.8 for ; Fri, 21 Jun 2019 17:31:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Px2Laz9uqyJKRzB3E2oP9MkftSsMAPig3kr3f5zcU1g=; b=EDjNFtutREH1DmcAqkCwjBX7nI9qAIkpsKYWQa+zHqTmiiWqwQAN3apYIosgS6sGRt UjZWuUgOSwu/AtUnLh/bzz8zXCq+ggBneQ8R0mRbG72gVfeM+FMVOHl4luomR7cIEVRK 4pchiBalyXTxVjbWPgVWSIfUhpr7GotSsjJffDYXPzrB3pGtwpXsRgItkstsRhJR2yV2 SU5VZKlryEVfOJ+h98aRo4u+dqpTHmsyfnh2T7It6R0IPipAhh7UG0meQ9NByacXa9dL jZpj5Fe6Sfq9XQJpVKxHja3AvEBDSxUTE+fVSTsVhqtbsHB1qLfORbWBnkxlhK426QzC AFFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Px2Laz9uqyJKRzB3E2oP9MkftSsMAPig3kr3f5zcU1g=; b=sekG4dpUADPkV5QAk6HTOiwPWchdK09YEIhZBpi1JbPkOa6NsRGkVbNA2P1EjCA5vg E/nbepKKEv9woCbCzVsA1Jy82u5A56+jd/A6x6cVNNVptRj6NNi1MbXqhUlhHwa6udbK 8fnJqRhFJuSqZf/v1dUA5nyA9jte3oUuvfjYxqLisugyWAGKNXVCibuc7WVsFUP2jpT1 dkWU71GMpDORrtl7WyH+g7BCDDCvPLKJMKy1hy1El21iRByn8Jd9lqhMoQcatXqd+nev 052PsdftV9iG/lvDExyxslnneNoT9QbTfP4UqGgFZdq4kLlbVp9fOnZWLctQJnCa4Dxq qZGg== X-Gm-Message-State: APjAAAVl9R1094tC38oSl0TXptSq93xLGJZa/tM7HixsPRUsD68voaoO w23jV+2bkA1hs9oPPoE5pN4n2OzLvztyh5Vw X-Received: by 2002:a5d:6a05:: with SMTP id m5mr1801942wru.161.1561163510711; Fri, 21 Jun 2019 17:31:50 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:49 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 06/30] crypto: caam/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:48 +0200 Message-Id: <20190622003112.31033-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/caam/caamalg.c | 13 +++-------- drivers/crypto/caam/caamalg_qi.c | 23 ++++++++++---------- drivers/crypto/caam/caamalg_qi2.c | 23 ++++++++++---------- drivers/crypto/caam/compat.h | 2 +- 4 files changed, 26 insertions(+), 35 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 5d4fa65a015f..b4ab64146b21 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -633,23 +633,16 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); if (unlikely(err)) goto badkey; - err = -EINVAL; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) - goto badkey; - - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(tfm), keys.enckey, + keys.enckeylen); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c index 32f0f8a72067..01d92ef0142a 100644 --- a/drivers/crypto/caam/caamalg_qi.c +++ b/drivers/crypto/caam/caamalg_qi.c @@ -296,23 +296,16 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); if (unlikely(err)) goto badkey; - err = -EINVAL; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) - goto badkey; - - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey, + keys.enckeylen); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); @@ -697,8 +690,14 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: - skcipher_setkey(skcipher, key, keylen); + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key, + keylen); + if (unlikely(err)) + return err; + + return skcipher_setkey(skcipher, key, keylen); } static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c index 06bf32c32cbd..074fbb8356e5 100644 --- a/drivers/crypto/caam/caamalg_qi2.c +++ b/drivers/crypto/caam/caamalg_qi2.c @@ -329,23 +329,16 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); if (unlikely(err)) goto badkey; - err = -EINVAL; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) - goto badkey; - - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey, + keys.enckeylen); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); @@ -999,8 +992,14 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: - skcipher_setkey(skcipher, key, keylen); + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key, + keylen); + if (unlikely(err)) + return err; + + return skcipher_setkey(skcipher, key, keylen); } static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, diff --git a/drivers/crypto/caam/compat.h b/drivers/crypto/caam/compat.h index 8639b2df0371..60e2a54c19f1 100644 --- a/drivers/crypto/caam/compat.h +++ b/drivers/crypto/caam/compat.h @@ -32,7 +32,7 @@ #include #include #include -#include +#include #include #include #include From patchwork Sat Jun 22 00:30:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167432 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376585ilk; Fri, 21 Jun 2019 17:31:55 -0700 (PDT) X-Google-Smtp-Source: APXvYqy7fPzOlMtTOYL0FZsDAhvsh0CBdPcp5oPzrPm7sRyz63e/76yyQuKRftIzENzTCWrkGSHd X-Received: by 2002:a63:e14:: with SMTP id d20mr21258767pgl.264.1561163515194; Fri, 21 Jun 2019 17:31:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163515; cv=none; d=google.com; s=arc-20160816; b=INW0Z6YCaJ1segyaJ97dCF7K6x0OIexu3o2+OMWcMaE4oI5Q8HBHVO3KDzlp/u0LOa WFWv32KNAR27cCu0GOGYZhrQn33BoFIJkAZTDaEsW21yJM/3GoyZgzngvX8172OmMTNO 9Uv/xi9j4aiN7iMxOY0Dy5J3pAnzkc3KFM4BijiBJxnYlQW+Ug2TtsF022pVaOFRHvW5 V5qksnUQr3R3jXhSGFW/eXS1zQEjZhCNdKn7GfKoxH/u0oGBNo+/jd3sxHFivSwAx1/I CEWlKJlClZcZNv2I/+UBGTmA/WujTgx8x1JSvt77P4BBXhSGcLs1OH7cRSkMMpQ4m7WL d/xA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=f5axQ0mO4kpO+K+YY2LlgHyD0t680/v3sDL49EUqAMg=; b=yXQdmVVpvTXnB47GkwHKhuVBdKQW0qRJ2ECflf4I7QWUHESGjUE0O50Vx2GumQcqH8 4A7hYPyULwk4nrZmJexrDzhAtDAcxYJ6oe4laXxwmac0hGZ36FgYNaVaGQb4BhwBH+El 0ragpfExe6flt1U38DpIsVR9PfqAOnFHjbq8pbEfWj2fOhG8+TVgjeQ/JdyI6uhEY+oE 6SmesRLu6IfctvbaCLIBe3pr2pH8BbHQAVhnleWygZKsfNp2eWPmoLJwPPK1u6EKAaRf Hx4BOBJeZW4k2TfyVK5Fqj4/1mUVI55UncBbC/meEolEtZskn01U22U2eQes/IEFquW5 Udbw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WdHjXjOg; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.54; Fri, 21 Jun 2019 17:31:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WdHjXjOg; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726101AbfFVAby (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:54 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:33087 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726141AbfFVAbx (ORCPT ); Fri, 21 Jun 2019 20:31:53 -0400 Received: by mail-wr1-f66.google.com with SMTP id n9so8162046wru.0 for ; Fri, 21 Jun 2019 17:31:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=f5axQ0mO4kpO+K+YY2LlgHyD0t680/v3sDL49EUqAMg=; b=WdHjXjOgfpJ7ZYXtp7oYGvbA0VnORA1GJtFfXu1w36zP5JSHA75nPTLSXFCedaRPdz fzWU2syBAHAK8aSjDpBDZhCpfmAJK0MF34Klf+1hmK9D9CGIdKeEW02tID5YJUIdZ1uz Uk9KAUiYfhFnpDZ7fnOAJT1PZ5/jk9VebooT2t8lPcdlfJ3BsDPQO1TiKBJ5QTuxgQIG 57Tt9FxgqjdIOujH4jGVu+XyRbZv6HygnCCzFnjHUqyC45lm7xJSlmhJTwjatBDqjHQK /Dc+FI4GdmtC3BQ3pzfY9v5S7c7G20DuVsI9f4UJdINGWcbcieeuYreknuqNPjmpw5kl a64w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=f5axQ0mO4kpO+K+YY2LlgHyD0t680/v3sDL49EUqAMg=; b=ozWNQhCuewXWTJA2qr/F3iRJtOa4sveJKsvhyDeTY/4U6baPEsVgZggq8I5WesZbyL pnS9h5hf9oAUrOcKaE0MSJnZ4bWQ424yM1gOsd+Gf6TpCMoy0zLoD7OxSKNZP2qDygN/ OMDSV2QpB+xpOJ9SXQv5onwQOwwJjqapU0ClxM1yOv2J/pfPFY/4CPLa+8Qm0RmH9+wu xJ3Prnyztb99jowgKEOAiv0dDbdX3d1TlWpYSzWgl2EhiA5MG3dRUpjHGOSdoybEnT14 CPLXdsKMG0IGlAAXNsZZcF45uabDzgBAeYoM0hg5GZp0h43wvIyAPDq8nePdl+gPe44c B4sQ== X-Gm-Message-State: APjAAAXcq4sPiUJ+hHAxxfH+5QLU1yORrt1zgbNDyt0Q3PvKrLZGpwVW ea/U5PgmL+XaQl5g0PfhloK3wbxXiTIeOCo+ X-Received: by 2002:adf:f6cb:: with SMTP id y11mr11414457wrp.245.1561163511775; Fri, 21 Jun 2019 17:31:51 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:51 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 07/30] crypto: cpt/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:49 +0200 Message-Id: <20190622003112.31033-8-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/cavium/cpt/cptvf_algs.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/cavium/cpt/cptvf_algs.c b/drivers/crypto/cavium/cpt/cptvf_algs.c index f6b0c9df12ed..92132f84931a 100644 --- a/drivers/crypto/cavium/cpt/cptvf_algs.c +++ b/drivers/crypto/cavium/cpt/cptvf_algs.c @@ -10,7 +10,7 @@ #include #include #include -#include +#include #include #include #include @@ -325,14 +325,12 @@ static int cvm_cfb_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, static int cvm_cbc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, u32 keylen) { - u32 flags = crypto_ablkcipher_get_flags(cipher); int err; - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) return err; - } return cvm_setkey(cipher, key, keylen, DES3_CBC); } @@ -340,14 +338,12 @@ static int cvm_cbc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, static int cvm_ecb_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, u32 keylen) { - u32 flags = crypto_ablkcipher_get_flags(cipher); int err; - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) return err; - } return cvm_setkey(cipher, key, keylen, DES3_ECB); } From patchwork Sat Jun 22 00:30:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167433 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376601ilk; Fri, 21 Jun 2019 17:31:56 -0700 (PDT) X-Google-Smtp-Source: APXvYqwSZFfvirvQhK8riMlwX7kqr6+Y7VV8AJBJX46ZHtbVpCI+W2bHJaYyBO65jDDuFU9P54zy X-Received: by 2002:a17:90a:376f:: with SMTP id u102mr10134185pjb.5.1561163516156; Fri, 21 Jun 2019 17:31:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163516; cv=none; d=google.com; s=arc-20160816; b=JIDzmBYE9aqE9444gnBV/uenth8uwmhQlq0DcW9xP2/7IirDaAUh4aWe8fLnaZAfTY RmAurmz01ze/nVJOiOpMM8QnNYTvCjZmnRPHY4R6R6S94IXpOWdlaZSy5TZONvGvxEQ5 y8AdVWbJWIoI1NR0gTLdRA7QOhMRkD4IKa5inro2GHtB/kk/EE2RDENqH+vJr5Gj2FnP tna9brNS1Ge3ktsimORGzRMXvRTlinB+aZ0pTQ9hUgQhwl2u3I7p2ATu0iHu1Yzxaf/D Qk37AWZCnkI77RJKie7QfyAbQyvP98iQVI8zl4wyMEPlanD1yaLINBO6RADqxGIcDTcZ nxuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=92I3Q15kMAvGJYoPL2kO9fMeWG/QF51hQZh+CfnwyBs=; b=XoN+f+hopOX9Y5Su5BUtq0ulx8tFrIhyb2MmfESg9htnQhLSFIbnMcRGLd+sVwQOLo nfzngmDJKOhPgzGXiuEdpejv9+gJq0VcC4nCIsc+9i4+92eoyE/bf2E99f7a9wu9nsYG 3Knn+m7vuXYK8Y0zaVXK6B84N1G7/stOfZ57I/ESuj2QIn8mBwfdI8juBOqqePcv3/dy Elualfr5ZWWR4j0m4kIeBNKTEco7+SPMiqsZ2xCO0RyzqOlwGwmU4XMXe1K+zI0Y5P5w RGZe4Y0ri6AMSVMmgstNLpUxjCNs2QNGRm4KOR7lHvIot67tn51ZbaOHampz2oJKGrzQ EPbg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LBDjv8Xx; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.55; Fri, 21 Jun 2019 17:31:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LBDjv8Xx; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726168AbfFVAbz (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:55 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:39197 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAbz (ORCPT ); Fri, 21 Jun 2019 20:31:55 -0400 Received: by mail-wm1-f67.google.com with SMTP id z23so8094331wma.4 for ; Fri, 21 Jun 2019 17:31:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=92I3Q15kMAvGJYoPL2kO9fMeWG/QF51hQZh+CfnwyBs=; b=LBDjv8XxLfee39Wm3xMYXaiNilyhIaY/2GH0kCwHHUtMfBamaXv55VDVqjvu1IJQSX 4/ozgWQ2h1Je/aD4DRWRolwtDvPaWTjZ+BFLo/0Pg/dMfduGnPxgi4BWKtjBLQ4lOOGv 7xjaWjX+n0NJlqpceducq2VjZRkOvn1zAznnSJKMZOz6X3DBrI2b8vYoVugdvgxZW0JZ dW4zYi0GwvP7BkEhpF4sj7XsuCWdJZ3O47Z40dAE89+LgT8E8FSPC0Sl9iGVb3qtpbPZ jR32DcTA/7WC6aiNk1BFOJGkHOUHXnORtN3qLA5AsUrAza2qZKo8d2sjRsuGZVq57xhn zKwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=92I3Q15kMAvGJYoPL2kO9fMeWG/QF51hQZh+CfnwyBs=; b=E01UX49vZ4/4FZ/JD3rBsSHp2ApXMV7jHvhW5wm9fpSIw5ZHxyL+MNLH/VWFqdij/C 697j/vSiDFuwTQz8uIAuJ2rxuiN+1GcI9Y5BD8jvZ6ENC+5blfVH17zW0Rt0nIr28eGx xb5/VCP9kJH0BLgTTTxi1qR+PyOYUlevLI3PcuJPjhhxR7GgcUe0HigzmDUBJ15ph/Ad PGWwnuSIh5CyAluoAF4PK27wz7prCLhFWeF7K/JuIVmR6YL/awd1GMwRsf23eGidh/JC xbt1FD7CNz7ShT+z+I3/JSI6mdOyteFGcXZwMFNFSHNSWzySMquGQm7W6denuFl+gobO 0Vog== X-Gm-Message-State: APjAAAUSEAzgpkmY0NUGhNWrvJaxAXVJ0FcZQx/L9gTeXw35qvhWyHJ3 0+JdL0qJWHMuIw2kGDNS33SuMqBuYpI3W4YN X-Received: by 2002:a7b:c301:: with SMTP id k1mr5436642wmj.43.1561163512819; Fri, 21 Jun 2019 17:31:52 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:52 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 08/30] crypto: nitrox/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:50 +0200 Message-Id: <20190622003112.31033-9-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/cavium/nitrox/nitrox_skcipher.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c index 7e4a5e69085e..927915b285de 100644 --- a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c +++ b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include "nitrox_dev.h" @@ -257,8 +257,14 @@ static int nitrox_aes_decrypt(struct skcipher_request *skreq) static int nitrox_3des_setkey(struct crypto_skcipher *cipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(cipher, key)) ?: - nitrox_skcipher_setkey(cipher, 0, key, keylen); + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) + return err; + + return nitrox_skcipher_setkey(cipher, 0, key, keylen); } static int nitrox_3des_encrypt(struct skcipher_request *skreq) From patchwork Sat Jun 22 00:30:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167434 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376622ilk; Fri, 21 Jun 2019 17:31:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqwKTVb0ZAYNoYpyy5vXfkN6Ylw+5mrzdzq5VyJGmcQUHsZzkvn5G2CYl8GQ9YscAJkKuvph X-Received: by 2002:a17:90a:26ef:: with SMTP id m102mr9905436pje.50.1561163517260; Fri, 21 Jun 2019 17:31:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163517; cv=none; d=google.com; s=arc-20160816; b=gGsfU4kwE406r166I+hP08B5B4XJcU+7cI6PNliSr5vULcYMRFBlO+fIY2Jky094aS kQd7u3QnIXpyW0bxwWZm5HfFh1iiUCvIz8oRSDbuz64w/vnr/85IEd277G8pq3GVv01j RPMyrbXp6wutWoduNM6dUblzpGJoV/nAi9Y7kpCbAMppftcbDgWylkfPKWvhJBuVQfZv /crTMjG20QTf9CL6BSzq/6wex+YntlG+kHteXukRGdClWMVXrwFb3z1geO9Z7ojnNXrT Nnoe2WyE5A5UDIZhOmsr4nuvo54f6Dqh0AegM56BxPbax/0enqm5i9hk5wSRWCZEJs0I oHpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=V8X5/ubFSdpIRa9WveOdT0HY/2abExAr4F4rR7aDxfE=; b=O2mEvBtEliB/SoX0xKaPUqTs3kcXzNjv+epKc0hCV9xYs2ZHs/SJMgdLmUtsU63QSw JCRjaOeyi8cV9XlciDRCaF52LvTB3ZNNieyuY2kbknTZjajCe5Of6eyf5ZPrF3obO2A1 AMDiNEe9ZXXLrhFtrN2uv6nqM+QPWvJ/V2VazpNmNRWv0WPkykmazLUdcI9n/pFjTIQz qBcKbRXDcXtM3sQvtM0zR7nlNL+MFqJrK8zWM85cFi4mP9JTVpsKX9JxATe5Ggd6enwl NNu9ChuXjRr9FsoIhuppy6CCMIwSCffe6Z/p3dEeyj98pk+V7GvPq/JjPU7Np/BLGPXy vgAg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RzKaFWEn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.57; Fri, 21 Jun 2019 17:31:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RzKaFWEn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726174AbfFVAb4 (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:56 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:34799 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726141AbfFVAb4 (ORCPT ); Fri, 21 Jun 2019 20:31:56 -0400 Received: by mail-wm1-f67.google.com with SMTP id w9so10135990wmd.1 for ; Fri, 21 Jun 2019 17:31:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=V8X5/ubFSdpIRa9WveOdT0HY/2abExAr4F4rR7aDxfE=; b=RzKaFWEnOJnOBsr5iz0AqZQj9K4SOtwFtcdFG7aU0nWBa+BTfm4JpSzY8c0LCagqre n/9X0nJd1SI/wD1+ZchGtq/zPRU7QjiGkR2tmvdVk+BzDpDn1uuL7dJWf3olDLoaqcdv UarlIbwv52qJnwr+TvdwAmhcg2DOMMbZEF2gHV/MUwVN69qqtFSuz3boQ20kikEtCwqI V5yXGDqOy15WBTDYXZQO1jTpXCNYoa1zn0PD7+zV+s0oO48vgY0Mlbu2ow0CNjw5AfSV JDGYVDpiVzwr93wNqiMlbVAoGiWBxuO+EO2XhsY/u/g2eB9J68LJa1WnE+I89nUntrxb lowg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=V8X5/ubFSdpIRa9WveOdT0HY/2abExAr4F4rR7aDxfE=; b=ZxJlZJJ3Q1hffvkOzNJHkTiCOSSFykiERheWn0gDtfnLiuVOv1mbZGmMUp0jfos8T7 SXPn8C2u76fHNBPZ5UDslqjAC5KKkj0l4aTWPXfd6kllM8zvy+AC9B9dCZWy9XK+QzVN OxueXL+Iu/BVWXtLNXQ+o8qFO/ckY/WpQSFszygCRDoLxlsiQV55yoyAhkbvI07w+xyi ig7zsbcpVa9YKUNrrnKJITWW15hpaivcRKNcuRprTxJdE8r+Lo5e40JbKt9mclbXIbaq o0PCPp366Ggb8S8gwOODN7kISM5OhI7JgH+4hUwqgBsVn2fjD5oq2pAFHf2jHXDfZDCx vutw== X-Gm-Message-State: APjAAAVKUCjWVvMSIfjChkZKKvGXICitTXtC4GKQxVQKxZNaZDzpwsrN p3icsYojhfOy0IUcPaw/Ik/b95qMof3yqsYG X-Received: by 2002:a1c:1a06:: with SMTP id a6mr5651678wma.128.1561163513830; Fri, 21 Jun 2019 17:31:53 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:53 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 09/30] crypto: ccp/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:51 +0200 Message-Id: <20190622003112.31033-10-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccp/ccp-crypto-des3.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ccp/ccp-crypto-des3.c b/drivers/crypto/ccp/ccp-crypto-des3.c index 91482ffcac59..6c99abf68c0d 100644 --- a/drivers/crypto/ccp/ccp-crypto-des3.c +++ b/drivers/crypto/ccp/ccp-crypto-des3.c @@ -17,7 +17,7 @@ #include #include #include -#include +#include #include "ccp-crypto.h" @@ -42,10 +42,10 @@ static int ccp_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ablkcipher_tfm(tfm)); struct ccp_crypto_ablkcipher_alg *alg = ccp_crypto_ablkcipher_alg(crypto_ablkcipher_tfm(tfm)); - u32 *flags = &tfm->base.crt_flags; int err; - err = __des3_verify_key(flags, key); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key, + key_len); if (unlikely(err)) return err; From patchwork Sat Jun 22 00:30:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167435 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376639ilk; Fri, 21 Jun 2019 17:31:58 -0700 (PDT) X-Google-Smtp-Source: APXvYqwPeF1bF7kEVyKD4iQKwCWgu2WdbW1waS4Cqufx9opoY/c81pb6HK2D35nbuoiPj6gB4EPR X-Received: by 2002:a63:3710:: with SMTP id e16mr20954290pga.391.1561163517940; Fri, 21 Jun 2019 17:31:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163517; cv=none; d=google.com; s=arc-20160816; b=vUVTT6GxBfDNwCaFY2x4VLJY5Lk4n+bzgT+dc24Hf4l0j0LLN6aP8cxXeyxQUvgSoL 8UI6LUyU3iaQjOxKi/f3Os0txHroVJddWMGd/WrVoEBeQdrTi01rjujKfjwfjVZoB5DJ X0ag07AvmY2s2yI6ftty+mqtbhtBi1GbL6tBRQStbZ+QyXrqT3I5vf6ZGxmkJpqPUBWY WN8OxYN7jgMPNhHVc9LKGwfzLKvGhGI2SwUoDEW0pSsP9IHcaj4tYhps69JG9jvBcVQy jbqRvnETXk4lZYC8fUc84mvvEBeGIprvCO65H9EO36NTLMLaqYG5G9x3XYoMrH3MFNgY 7BAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Sw/4V5sz4cIIWmh9i5YRPfjfh8aZfarMIo8BE1tJa7w=; b=gaKgdcOjoOBrFL5JDhEGgpH1W0W2bmB6HSIdKg4HcoeKxyatr956Rm/+K7Caqn9K7d fprV2xIBM/8+y8cX8JmwOgkvoOXCmx1FYcWgQAH90/fxzGrPsxC6ZZf+jBM+uIFji26E SEYNiVayepzwfGBs/F5NJR48fzDAaNNJIVTG0fxTN6QPz78yFVCGxRfTdlYaXjmvGafU 2IoM/X9xdXvsdd87PDKhpIhZqTwsRBMYUIBpheBezN5dhinRb6wRDx3Ivw3s8ve+qEYt 3OXIjQJGWE2QiPT3/u6ctKlAK9Ia7uIr/N6NUC7UwzzQro+7uoSCuWZPJXLWOz5Uy47j mtFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="BMYJq+/N"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.57; Fri, 21 Jun 2019 17:31:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="BMYJq+/N"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726192AbfFVAb5 (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:57 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:55786 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAb4 (ORCPT ); Fri, 21 Jun 2019 20:31:56 -0400 Received: by mail-wm1-f66.google.com with SMTP id a15so7712190wmj.5 for ; Fri, 21 Jun 2019 17:31:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Sw/4V5sz4cIIWmh9i5YRPfjfh8aZfarMIo8BE1tJa7w=; b=BMYJq+/N9GxpN65F8iED9JT99dekl5Go9ylqrT1O++r1GZDncutoa6nDMEicIpw7a1 9fx9MeEOt3jd+Fd0WzzRs9FwU5brKRGEwu1Y1DLfR5gq7D9KeCPKOs/oV9SeUQJIXZjh 1AjE00EopH8Y+JpcKdJM3g9SSB0y7ZrWdWdrR3nMnBZ45h32f3NyUcqfIlTShUvXJRme LO9VrvsngCefYf2XhIedQVxu0C7CgdKRtitkpjmARgw9A7oJOZ5RpFJAQxvKKx22VOmQ 633V4nr1I2RMtoMzLWD1CIxQh4NMoHIho86SqowuB+WS9k7daQoibRYt+R8GMulRAJ0U sF2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Sw/4V5sz4cIIWmh9i5YRPfjfh8aZfarMIo8BE1tJa7w=; b=k17d6Fqrc0iy7oKFhTh5+h8kvxuu275bbh7dMHHy33ynESxZ0lM4IRjSRW3Wjd/n5g PsTO2pgfKnB/3EUzTTfPcY7gBamB0hVq/mPTDLxr+2JOA6dhW7Bp4KsQ8+Uj/YwSLl8P Pe13zHmeLVv7UGR4ODjj/uEpgFlnVoux6qCeprvINh7C35Drs6Y41NQu2bXw1xN6ILf0 sfSLAzdCyH5LT4JVOqjKPkl72uORsqzvDliJWNhoH6PFJEIwY+59dmK1E7CfgrnfsJuc D5Zug2nt866N0KeODLO3u2V0VhCfXIKkKkjp2YY52280LMuwu75JovRazontEfqcjUzx QKlA== X-Gm-Message-State: APjAAAWtm1dRwOBE/ci4Hf8Oguby4NJ8KXQ1JAfVxSILwRThE6d4QakL Yt3eD6oW4X7ghLgoZKX6hU+ebZElblbfT8mR X-Received: by 2002:a7b:cd15:: with SMTP id f21mr5259669wmj.99.1561163514784; Fri, 21 Jun 2019 17:31:54 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:54 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 10/30] crypto: ccree/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:52 +0200 Message-Id: <20190622003112.31033-11-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccree/cc_aead.c | 15 ++++----------- drivers/crypto/ccree/cc_cipher.c | 12 +++--------- 2 files changed, 7 insertions(+), 20 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c index 7aa4cbe19a86..254f5be1f49f 100644 --- a/drivers/crypto/ccree/cc_aead.c +++ b/drivers/crypto/ccree/cc_aead.c @@ -6,7 +6,7 @@ #include #include #include -#include +#include #include #include "cc_driver.h" #include "cc_buffer_mgr.h" @@ -663,23 +663,16 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); if (unlikely(err)) goto badkey; - err = -EINVAL; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) - goto badkey; - - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey, + keys.enckeylen); + if (unlikely(err)) goto out; - } err = cc_aead_setkey(aead, key, keylen); diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index 5b58226ea24d..e4dcfbfef446 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -412,15 +412,9 @@ static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key, */ if (ctx_p->flow_mode == S_DIN_to_DES) { u32 tmp[DES3_EDE_EXPKEY_WORDS]; - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, - DES3_EDE_KEY_SIZE)) { - dev_dbg(dev, "weak 3DES key"); - return -EINVAL; - } else if (!des_ekey(tmp, key) && - (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; + if ((keylen == DES3_EDE_KEY_SIZE && + des3_ede_verify_key(tfm, key, keylen)) || + des_verify_key(tfm, key, keylen)) { dev_dbg(dev, "weak DES key"); return -EINVAL; } From patchwork Sat Jun 22 00:30:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167436 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376658ilk; Fri, 21 Jun 2019 17:31:59 -0700 (PDT) X-Google-Smtp-Source: APXvYqzb2dNC61OyZq0nujRzC59KtjXtI//ef6kOvYBta5vxNwC18phMjvEijbTjd/uf6lxriwwF X-Received: by 2002:a17:90a:9a8d:: with SMTP id e13mr10149656pjp.77.1561163519275; Fri, 21 Jun 2019 17:31:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163519; cv=none; d=google.com; s=arc-20160816; b=LTpzDC6VsQh/PmSHlBKHyvkJaNCigGSDYJ7OMkoyvGieXQB9YZ6SzOy4XUSiiDhUaH exL/j8qMJSPdEfW8XM58Sr+TTUa/niHUYIde334OtpHL1Kin9nHjwhQdk6mFydVzsy63 8wewU1lQ/ezlb+sk0WF8jyBstovWxo1E8niHqmdxZytjmqUivRywmynwN3/ASt4jhJcq HOABh+pDX+6EDUR805FUshmljLoseJlpkCXBMhoLeSePnecA2s5k4lsZR5E+XkR3MKc/ iC3cA27aABek37MblttvWGhq1Kt8YVDee9b9GDCYAxsRFYB2mRr4b5u3Q5hp/1dcEmiA TXvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=skPEgyB6K58F0JFBqiqoUFb0RrK94HT325v0Xt9TX8Q=; b=chEJXUXLDY3K8maG4umjqVcs7x6QzmwmkduRmW3vTN6ukjcN4xzzP4eKZ+cq0mJt/L z7s6Xtg20JIpgogRcGyYqedn/jr0c1yt7bQYI6af6t1QEZMmuIOnpdHINCQ75xBmUUrf CrEEXe4AQfXuW479bjbJ14AWBCxVT90Y3djAE+CUzJCzKRhkBySSG3NSQPV2kpQccoMf J2Eqf0JNOYpv50KSypXAnwihIqVdDmChCsd4MB4BhZaGR0SnG77Rd09n7hJg3nmuuxUW NyVjyc3Z/RBISbLEMIjeap6u+Z2OULsvumw9DzphmCxVEBNOwQkIonq/W3uC3SIpsIqk Nr8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Z1utctrf; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.31.59; Fri, 21 Jun 2019 17:31:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Z1utctrf; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726194AbfFVAb6 (ORCPT + 3 others); Fri, 21 Jun 2019 20:31:58 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:33546 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726141AbfFVAb6 (ORCPT ); Fri, 21 Jun 2019 20:31:58 -0400 Received: by mail-wm1-f67.google.com with SMTP id h19so10135382wme.0 for ; Fri, 21 Jun 2019 17:31:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=skPEgyB6K58F0JFBqiqoUFb0RrK94HT325v0Xt9TX8Q=; b=Z1utctrfbMwUyC3wz3j6Et4vmqX1pyhe9NhJdH1Ti5/f46RdZt+RAejlWBoQLdncgg BWHgz4iAE23K8g2EYOFWkr5M2JdlijKTmCxLtBPocscVRqaovDI4EFy7yPBy70QqHCiK zQy8HVDKQWypSklTUXDol6Z+7mxrXLnZNJVsngh0wqWAgk7kPy2jQSPM1SWy124AZHBM z2fOJK4FaypaNn5ipoDB5KzLdZFWsLLah3+i1P5arjzAwBF/grDxGdSyLMeh4Yvn3TTa clXnqivhDYf03oCf9t3aJFZ1ZrUfWlWIGkY8x2g+woJ1RurKa2ltArl+wU3GgMPcpUHr 2vKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=skPEgyB6K58F0JFBqiqoUFb0RrK94HT325v0Xt9TX8Q=; b=ffvZmpSN+VMNI2y9Uvl+A6oJnaOEDMXD4ESbPHV6yd42Erh0P+u1R4gxqFcq8ILqm/ yy//b41DZG5n0g9zbl9/ga1XLx4DsAQkhWfmx5FiazlR2258XRnugk+B7xeN6N18jkc/ UBt6TDfsrli5doBj6JlJotTXlc/pywyDYypPb91Nmp2teRUBxG87GAT89SaQca/boggJ chpAb7gmUw9AZE1RU4VNUfunkf33/OetCNRPSaSp3fU40UoJ56vmvFeCVGSNoTuPY1dB f0VX+aTurjkMtIV1bNkb8z/BEkr6cJa8qshJP7Kmz+LZ9QIhJuYGUqlWBgUAtpwT+GHr ma8w== X-Gm-Message-State: APjAAAVzNeDqWVNvpUuFx5HiQEGVClCeNzC0k4Vwla2QusmkFRgCJevJ uh30Lns76wvBWzuNya0+Zp5UGnYS+DbdqEd5 X-Received: by 2002:a1c:e183:: with SMTP id y125mr5636663wmg.152.1561163515978; Fri, 21 Jun 2019 17:31:55 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:55 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 11/30] crypto: hifn/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:53 +0200 Message-Id: <20190622003112.31033-12-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/hifn_795x.c | 30 +++++--------------- 1 file changed, 7 insertions(+), 23 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c index d656be0a142b..3eb1ca59e90c 100644 --- a/drivers/crypto/hifn_795x.c +++ b/drivers/crypto/hifn_795x.c @@ -30,7 +30,7 @@ #include #include -#include +#include static char hifn_pll_ref[sizeof("extNNN")] = "ext"; module_param_string(hifn_pll_ref, hifn_pll_ref, sizeof(hifn_pll_ref), 0444); @@ -1948,25 +1948,13 @@ static void hifn_flush(struct hifn_device *dev) static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len) { - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct hifn_context *ctx = crypto_tfm_ctx(tfm); struct hifn_device *dev = ctx->dev; + int err; - if (len > HIFN_MAX_CRYPT_KEY_LENGTH) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -1; - } - - if (len == HIFN_DES_KEY_LENGTH) { - u32 tmp[DES_EXPKEY_WORDS]; - int ret = des_ekey(tmp, key); - - if (unlikely(ret == 0) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, len); + if (unlikely(err)) + return err; dev->flags &= ~HIFN_FLAG_OLD_KEY; @@ -1981,15 +1969,11 @@ static int hifn_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, { struct hifn_context *ctx = crypto_ablkcipher_ctx(cipher); struct hifn_device *dev = ctx->dev; - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, len); + if (unlikely(err)) return err; - } dev->flags &= ~HIFN_FLAG_OLD_KEY; From patchwork Sat Jun 22 00:30:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167437 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376674ilk; Fri, 21 Jun 2019 17:32:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqwDr0zVVhZZREZyzpK1zSXu7qog6qiT2SMwJNe8fQmVkg4oFqFNrCH1FHOJmMB2O9PZIiin X-Received: by 2002:a17:90a:a00d:: with SMTP id q13mr9937630pjp.80.1561163520834; Fri, 21 Jun 2019 17:32:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163520; cv=none; d=google.com; s=arc-20160816; b=uiUgi6+nGHZfdRvnECeYo7UxlhES1N4N4Xy3E0Zvy/3UCJFFigyx90HTGeLY5/JiYI 3xxXmhmWwWGDvGYhuDirIkH/954uxyF4u/cWm1x7V1aDOLVW/Y4XtULpv8bxE6M5I058 MZBGGxzY6v9CPXkTBaY0YuKPVgOMwwEB0sLMjvz7ITrlQ08sLCK4qoUqDhwl4DrnJYNs /jcHKeWmmQEt7TXegHt0zEypGzS8GeIOXCm8+RbatQdcvlgDAU/OZ20OUSowkt0MVUDZ /R7Odllos68A+1I+bHkG7dJT+05e0+twDKsK08ErYlObb+nkNvwRg24C0h0Yg3jfkfQN FeaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=I5vcNvV5pKsNXmEt0eCjUJ4deAdaj9PR1+fxGr7yxD8=; b=GJ7UWzxurnbQMR9ibXmSsZpQ8GzhzBauLJhvmZsdOblZucqmYlHJBkNUuDAQhE4JHo fJi1swGQ4XKaGMqzoQ9aQbVUilgsEfs9745TF5zKv2H+mVy/3MF+qeon9GdNUZUDQ0Cy KJ3W6iLLelP1Ni4jGcLpHZwuGP2/ZSZ4XWBlfxeDAvhNxyGzZXlPGm8I+IPML6Y6CnL1 VVzrwV+ZeVHWCydNLN4Eb9cjOg+fSbrv1tBa/s/NbGb0n8M+ZCGvLapEszx+Ejvat0Fv chf8Ez7gGpHdhbal7MH9C5KB/i/SeM8uSCXd0jCh82UNFHxBYsF3ONSz6qQZQd+s5ZKd cJjg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ElYHiGYq; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.00; Fri, 21 Jun 2019 17:32:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ElYHiGYq; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726202AbfFVAcA (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:00 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:35811 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAb7 (ORCPT ); Fri, 21 Jun 2019 20:31:59 -0400 Received: by mail-wr1-f68.google.com with SMTP id m3so8142294wrv.2 for ; Fri, 21 Jun 2019 17:31:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=I5vcNvV5pKsNXmEt0eCjUJ4deAdaj9PR1+fxGr7yxD8=; b=ElYHiGYqrNfyG5oAsejxiKcl1Cs/6X2b/n4a6+SidJfAxwyxZqMHLd0TtMy4xYFBKN 8YoeRfAqLH7nzSQzrnKCn3Bizunten2kEwvLaAZFMcAjxcSfKMSVx9Kfjle3vcV2XaQ2 RqWI6xiuIyFUBaydP43880AMd/Xahd5UqGx0XiADRK7MXManUlo8ECbMPBEyPrT+XY4b 0EukO1IjSFIMV48CbgHImjT5PJjwdg8zkqFdCqRJhQav+g1fZ+91hVAMRgUsNGclO+JO tEtZy08USEBHJgosNBs2pMn4WTFij+hhMD+FEKwy4wggItVVH+2oYst1jf7GrWaoP1ur egZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=I5vcNvV5pKsNXmEt0eCjUJ4deAdaj9PR1+fxGr7yxD8=; b=iETuGDt1JahI3CbEPU40hxQxS2A9fm/dpXc1eeNAlVTW1X7cyE7IQhAs29CQ1Bpmzo yGMKUkXwAks9xOUxSrV9i4bcDtikLBMUYi39nVg1TKD8CtiRtudQv73NngUDpONbHwHC r4z1P9wEyiK5oKpq68C9e9CYIAT7G5crOuvbEKK8ulopL2KL+zKcRmkoAG6ixlF5MgbK P2CNxKA7d1lJrjV1frmI2qCxRSZABjhVeajtHkDVDZxP/ta7pZwc6OTwoJ0Mq/M8QMJE Rt7wOCeIsscQJ+EZVb7pZNCx8rA1M6F+bCMvGNIbhhtZkVy1nqg9lvLXsdQk01RUhwWm cZ4g== X-Gm-Message-State: APjAAAVq55EKB7np1U0Di15J0uYvGVxPg1Su7NO3oJGyirISs74t6TFc W/68Ls4vtt+FPwK60YLt4O+4zBXVQmafiSba X-Received: by 2002:adf:f181:: with SMTP id h1mr2508620wro.18.1561163516946; Fri, 21 Jun 2019 17:31:56 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:56 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 12/30] crypto: hisilicon/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:54 +0200 Message-Id: <20190622003112.31033-13-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/hisilicon/sec/sec_algs.c | 34 ++++++++++++++------ 1 file changed, 25 insertions(+), 9 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/hisilicon/sec/sec_algs.c b/drivers/crypto/hisilicon/sec/sec_algs.c index 02768af0dccd..7d563188d80c 100644 --- a/drivers/crypto/hisilicon/sec/sec_algs.c +++ b/drivers/crypto/hisilicon/sec/sec_algs.c @@ -9,7 +9,7 @@ #include #include -#include +#include #include #include #include @@ -347,8 +347,11 @@ static int sec_alg_skcipher_setkey_aes_xts(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_des_ecb(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - if (keylen != DES_KEY_SIZE) - return -EINVAL; + int err; + + err = crypto_des_verify_key(crypto_skcipher_tfm(tfm), key, keylen); + if (unlikely(err)) + return err; return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_ECB_64); } @@ -356,8 +359,11 @@ static int sec_alg_skcipher_setkey_des_ecb(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_des_cbc(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - if (keylen != DES_KEY_SIZE) - return -EINVAL; + int err; + + err = crypto_des_verify_key(crypto_skcipher_tfm(tfm), key, keylen); + if (unlikely(err)) + return err; return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_CBC_64); } @@ -365,16 +371,26 @@ static int sec_alg_skcipher_setkey_des_cbc(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_3des_ecb(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(tfm, key)) ?: - sec_alg_skcipher_setkey(tfm, key, keylen, + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key, keylen); + if (unlikely(err)) + return err; + + return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_3DES_ECB_192_3KEY); } static int sec_alg_skcipher_setkey_3des_cbc(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(tfm, key)) ?: - sec_alg_skcipher_setkey(tfm, key, keylen, + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key, keylen); + if (unlikely(err)) + return err; + + return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_3DES_CBC_192_3KEY); } From patchwork Sat Jun 22 00:30:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167438 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376696ilk; Fri, 21 Jun 2019 17:32:02 -0700 (PDT) X-Google-Smtp-Source: APXvYqwPAC5WXSe1Ng67H4Cvcdomr7CzpwI2Isdqct1qALawqrT8+H70KoHs+/ZJCVnxFyIdxJ4K X-Received: by 2002:a63:6156:: with SMTP id v83mr15097317pgb.358.1561163522630; Fri, 21 Jun 2019 17:32:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163522; cv=none; d=google.com; s=arc-20160816; b=lvH1buSk3sfsFxZ/9Dw5jUMEn6u1D9YrNpdAnw8qhpEfmhWitf8fp9r2hANIRxu5M7 fXLipqiZfSRwhFw4BCuHR5zPenJO3XHRe5saYPUOj3eozdRRVusA9b2ALAkhQ0d5+Kh5 k8JiHIL91ThdRtVof/Cm6qGzIV8HkRH73Mw2JhlI7CvFXC4DM3FsFzj85IR+cjtw7h+Y 2bBsni/5JRcBfWzmx62zQ6ORq/NA9Hr5b8ajUwwVRGpLSNY5xwGWVfIdpVxCxiqicTW8 S67ON3K/i12bf7IPJc1/jCs/VUThJMSRTLl2Ndm7ePg1hZ76yj0B2N551o4jPWQpqqxM 89AA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=vApWO3NPTtkZ39m30CStMxAxSIOK9CFxw47NF6Cp5iU=; b=0qRj+bFYEcNdNWzi0j2717RJ8lU5l/2+eSjwOsJKruycftFP/GCAlMDNcWisUpP3Ll LWoIWY9AJ8sVyx39Ipovem1K4l/6WljEZeS4uvV6ahRQXHsjSLpXy9/ayd6XUsByq756 +iOaRYrvsou3VgFIVRhUhgQkNWQXEPxiGiHzMc2VFVLcUx7ZrqkklXUlarwb3nPapEGT K8R6cYVi+QIxFy4l+LSJbgQmeM8xKJ99GZaK0eZNsuUChbtM09dMBBgYy8zJrMrXv55G f9HRDmfghGqRWYVdGgXMqFLJahp//QhKVad9ZB8+Se5plqAuQ6uVO8krdFV3JOeVfRec eNww== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XSaTX3dh; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.02; Fri, 21 Jun 2019 17:32:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XSaTX3dh; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726203AbfFVAcC (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:02 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:42654 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726141AbfFVAcA (ORCPT ); Fri, 21 Jun 2019 20:32:00 -0400 Received: by mail-wr1-f66.google.com with SMTP id x17so8087954wrl.9 for ; Fri, 21 Jun 2019 17:31:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=vApWO3NPTtkZ39m30CStMxAxSIOK9CFxw47NF6Cp5iU=; b=XSaTX3dhYLHnsAwzlSHynStn3Vli6o558owwN/zYBthggLpHrs9rvVKdcf0cCJlz/i 5eLRTZOLv0/QiByvi8tIlPc6pcdMelYtHSbLKJXqI/bj4xFBHxs6XPjzDQut+peTZdxl wva+M/bKbkikgNKv5ioPu15S/25i7nz1GNsq2xnOcW6zNhN+7RKcVKI1kc+aRmpkmrW/ TuPOGFNyMU/377dJyuKLqGXWl+hyvVu8UMoQX50aHiZkR+uU+8vJm6zhhsGyFPlov9KO Znk7HYr0XmdEylL1PPVE7a6VVQSpgXON0cw8AIkqnHawy39ppxyDxlm3KbQAbQweWgcE hIww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vApWO3NPTtkZ39m30CStMxAxSIOK9CFxw47NF6Cp5iU=; b=pIyr5Dcdsk9mrNvGB/lzPlqVgTna12jpcAnQ2+xCfupVfONRpS4GnSsrx6BLOPJ9vx keFWzEfGgStWh7RvRA7PZ/oh3F7FrsVfJhWjCb+Rn3UvI8oAPfuRoLjEnRf6gYFxh+xM BYVpg/6KAJQr2DKx2/dO11UoljCaVuP/AKK+bl+86pZNw5oHlya7mrDDTlpnTUY1LePM F67QLM9QjnQ6FTvni4IRmNbyh7CXhT7q40hNWFZ2PtM57QG/ihSUkv8vBINaJCoKtqQw Sihc1vXGDKGcIY85huTXs1CVz0DfkBFPGAOrI2Y5RYZxGclPniVU7hIbifi/2WMcI5EB buDA== X-Gm-Message-State: APjAAAXlj+hQ6zHgebHK2wjRzxAwAtEYfOz5E5+r1rAQPlXJstFrXmI8 dZk/Fpvv/RD1/N/gPq5zsfu582ywnqofmoSM X-Received: by 2002:a5d:5510:: with SMTP id b16mr63602486wrv.267.1561163518061; Fri, 21 Jun 2019 17:31:58 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:57 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 13/30] crypto: safexcel/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:55 +0200 Message-Id: <20190622003112.31033-14-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/inside-secure/safexcel_cipher.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index 8cdbdbe35681..82cc6f003bc9 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -963,19 +963,11 @@ static int safexcel_des_setkey(struct crypto_skcipher *ctfm, const u8 *key, { struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm); struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; int ret; - if (len != DES_KEY_SIZE) { - crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - ret = des_ekey(tmp, key); - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + ret = crypto_des_verify_key(tfm, key, len); + if (unlikely(ret)) + return ret; /* if context exits and key changed, need to invalidate it */ if (ctx->base.ctxr_dma) @@ -1074,7 +1066,7 @@ static int safexcel_des3_ede_setkey(struct crypto_skcipher *ctfm, struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm); int err; - err = des3_verify_key(ctfm, key); + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(ctfm), key, len); if (unlikely(err)) return err; From patchwork Sat Jun 22 00:30:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167439 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376703ilk; Fri, 21 Jun 2019 17:32:03 -0700 (PDT) X-Google-Smtp-Source: APXvYqxFtYt99hyE1aVd5IitufHMLzB/q2zVie1t8y7dKU8kiqDFWv7Qh2kc7/LGGctKhjz2V1IP X-Received: by 2002:a17:90a:21ac:: with SMTP id q41mr10242092pjc.31.1561163523011; Fri, 21 Jun 2019 17:32:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163523; cv=none; d=google.com; s=arc-20160816; b=xYKgYRQOC11ukf+b4i8IYRjRGPZiyCa7GpbPUTiwcmYhdG6yAmMMW4D9VzkuXA+9AU FpSpin44Era4a1HsPWJBGvVe43DvFiDISqZB4cPFPtKHkZItpCjHS8CEsH5zkY3RD88u 7xJsKy7DMh/NCPZB+8/Zc73aB2XU6TA6f8WFWkwlU8S1RELo+SCGAgrukhZQ0D6+XVNR gEnAt2DvTjP1xM1PtbAPGIsuKtrbXh07bAQpe6QBF58Aqi1GmW7gh9QUHFk1JID3NBam GWL6itHhyGXu1HjU9cR9of914RSEib8/lDevsdVfyTEEU0U5uFqibMq4+dgQa+nk1n7e yyXA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=7F5RsJkfhfCqxXQ3FuUN7mpglFHFhmO5SknpRKUDDDg=; b=XCwTRsNLQRXZPVy+eynHqfkJjGUCarV/lDI4xV1+tRwnSjczD1aH9hXvq1Ng8sd/xN FBUX3fZ9znprt0F5o4wKr/IvaHgOjRMUeiD+oEsbxoAgKcnqlGzXTwJNRCnfr65DtFsF ylCQ/gki2nuE2lJkfQ/HdKUEz7wkCD6k1MJsIxywfoLrlGl6bMph+WrjfbiDV+vNaKJV /97LqKVTlptsunR2bwvsfl4GVYBpvaRqSENzWjx3tVGRseP6ntwFawlcImel2JDvX7Ew TtvyiFbfMTF52YnYbPgJU7gGqlNBASTkQeVw9veOU5q7J7xJGJV9ezXoy4bA4SllAbmC +TRA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=h6drCIm9; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.02; Fri, 21 Jun 2019 17:32:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=h6drCIm9; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726205AbfFVAcC (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:02 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:36734 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726196AbfFVAcA (ORCPT ); Fri, 21 Jun 2019 20:32:00 -0400 Received: by mail-wm1-f66.google.com with SMTP id u8so8098340wmm.1 for ; Fri, 21 Jun 2019 17:31:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=7F5RsJkfhfCqxXQ3FuUN7mpglFHFhmO5SknpRKUDDDg=; b=h6drCIm9lg+tvttAr95UWZKBo2HwuwNEi6WN4wEwRTWeAd/wcXknaXvXOrt2fvKSz8 WX60sznO5UJbVgwbjZXav3x029fq2hCUjPDT/YwPscUYFqGaFyAXx/Y+G8Tl9jnzZ8be X5lgn9jrcEeEs2mBP270kP5/6H9qOf+IwizawD79M66okiJY78ZFDOScH7TiE0nqJHKk t6MCOhkuQyFdBpzDlDpTfQQLCXuiy7nCytgjf9Ls0gvtgcgaz2sr5VA2hdLSXu0H+wZL byV8Lv8TzqZE3NCp2wLWPmG5kqJ107GIRG1bx/p/N6guGPMhiAlq3Ubr2WzOe7biN28e GBgQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7F5RsJkfhfCqxXQ3FuUN7mpglFHFhmO5SknpRKUDDDg=; b=mN+3UAUoayftujdzPGLJblLtAEHI5DHrqlYzKfuTKEzje/4sLKb4i7ISPp0AzhQAiY pm3yiGHBNNrtQZEiQKKXuVRhoSqjiy0tsmB2ZS31r6fo2Hfb6+a3B/+zCEqxF5d3/2Bs U7HaFHpkj1YuzsHqpEcqzHbIDKRRgOsKygE9FKgwxL7nV2hz543CIZz13Sd9IuR2NChY Xme/j9INTG+mX/aG0VnbrB20b04p9UtOpcasEkyWVhpDPiMwlvcOpVCji43ykU7Joaxp 3vA43TfWF2+dqoEaVewHIlmp67lvIfD0tGExVDqZgKBn+vQDWLRmn5PVJ8XDR/ETKgGm bSRA== X-Gm-Message-State: APjAAAVaOW0SMNnw9EJsv48Y/wNLO3t93O/ALll+lFHpBND96FrZII6l 9BQoU9b/TMCtTX+L+kb/zJGZRDBm/Iuov114 X-Received: by 2002:a1c:c003:: with SMTP id q3mr5610542wmf.42.1561163518975; Fri, 21 Jun 2019 17:31:58 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:58 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 14/30] crypto: ixp4xx/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:56 +0200 Message-Id: <20190622003112.31033-15-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ixp4xx_crypto.c | 22 +++++++------------- 1 file changed, 7 insertions(+), 15 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ixp4xx_crypto.c b/drivers/crypto/ixp4xx_crypto.c index 3f40be34ac95..e3bc61eb873d 100644 --- a/drivers/crypto/ixp4xx_crypto.c +++ b/drivers/crypto/ixp4xx_crypto.c @@ -21,7 +21,7 @@ #include #include -#include +#include #include #include #include @@ -760,10 +760,7 @@ static int setup_cipher(struct crypto_tfm *tfm, int encrypt, } cipher_cfg |= keylen_cfg; } else { - u32 tmp[DES_EXPKEY_WORDS]; - if (des_ekey(tmp, key) == 0) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - } + des_verify_key(tfm, key, key_len); } /* write cfg word to cryptinfo */ *(u32*)cinfo = cpu_to_be32(cipher_cfg); @@ -855,12 +852,12 @@ static int ablk_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int ablk_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int key_len) { - u32 flags = crypto_ablkcipher_get_flags(tfm); int err; - err = __des3_verify_key(&flags, key); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key, + keylen); if (unlikely(err)) - crypto_ablkcipher_set_flags(tfm, flags); + return err; return ablk_setkey(tfm, key, key_len); } @@ -1185,7 +1182,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen) { struct ixp_ctx *ctx = crypto_aead_ctx(tfm); - u32 flags = CRYPTO_TFM_RES_BAD_KEY_LEN; struct crypto_authenc_keys keys; int err; @@ -1197,11 +1193,8 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, if (keys.authkeylen > sizeof(ctx->authkey)) goto badkey; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) - goto badkey; - - flags = crypto_aead_get_flags(tfm); - err = __des3_verify_key(&flags, keys.enckey); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(tfm), keys.enckey, + keys.enckeylen); if (unlikely(err)) goto badkey; @@ -1213,7 +1206,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, memzero_explicit(&keys, sizeof(keys)); return aead_setup(tfm, crypto_aead_authsize(tfm)); badkey: - crypto_aead_set_flags(tfm, flags); memzero_explicit(&keys, sizeof(keys)); return err; } From patchwork Sat Jun 22 00:30:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167440 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376712ilk; Fri, 21 Jun 2019 17:32:03 -0700 (PDT) X-Google-Smtp-Source: APXvYqxMODQkgnm3S0FmaZ8FRkQo1CVD2LdAN/0sZE+ZI0hUJVZBpaCX8Zbov+qmhvpUlAcuUH+I X-Received: by 2002:a17:90a:9281:: with SMTP id n1mr9724838pjo.25.1561163523423; Fri, 21 Jun 2019 17:32:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163523; cv=none; d=google.com; s=arc-20160816; b=Ld4IOGcE/iUl4JMrEYwyEnGb2mRCQ4hNkWGq6INw2aDHNNXss2EE4oblYdEFiyYgCf m3JARootqJ5wXW/oL56xj7jrP4aeCX1OVorNG3cTpKcL1C5WD3OFkWhkEnyc5bRC2IYa 5t3tsasbPR0W+bnB24EwPg7DB5cN0sMWHfHlNujxSCuQd37sLnSDsh+uhGRU7Waj6KqW xNvAmbCtTD4c4H97G3z1N9JUos8r+cqjhKVLxd2G2CPJ57CIPVP81QR+SPHF3OlVpU7C kEF4KfZyDNrpFVElzlBmZfbQqyCeE8mTEkHMSPK5CmA/nP5E6FM7yp64QSMXD+tskHmY 070A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=7KbUq/Neoi/+vA9jXPmf0VHExg0kIN5TmhcZN+HEmk4=; b=sgmK8QcY6xvb1AuHRR04y6ZQAVpeVEeIqQNTjHEaeCVcGoAzPqSDaGTkZNbTi+Epoe Lqve46JZRXYxIy0YPWMAzZsvJYWeS6CPKrXmEC9+gcq3nzg2j+ddZbW1PNBXqFAhjA+c wwmgmhWsDSsD5TnAA6dMI7etbdvvfYhcd5XUC8FdzZxqmyomCioJvuqNnHeCp2bxomhM NuO+mtlor5/frwok7kSrIs8hvo9eUZzsPbyByIb/rLprlKoorbbHWeOcrWj8AGNGHeKX 2nbJgyU/RuMTjqeCNhQOfFAsctUOWm/Dof8M6u/5k5sBtOLOKgfsh5ADaVMCs63b6oCc wbhg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=z0Qg4wX3; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.03; Fri, 21 Jun 2019 17:32:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=z0Qg4wX3; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726196AbfFVAcC (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:02 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:45172 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAcC (ORCPT ); Fri, 21 Jun 2019 20:32:02 -0400 Received: by mail-wr1-f65.google.com with SMTP id f9so8073460wre.12 for ; Fri, 21 Jun 2019 17:32:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=7KbUq/Neoi/+vA9jXPmf0VHExg0kIN5TmhcZN+HEmk4=; b=z0Qg4wX3eLbrweXds6GqhNJCh00BrwySg4SULPG3XMzVQsHlbojj3i5h8sG4s4ZZFh c9CTi0f75YLltwOAoHinKCvAQqgQmy2Xr/+CcGIhu05d7UQUo6b7i6yc6vf4Ryz/Hf1p iIiC7EvxF51YYRGC3YA9YvISDo8M97b5xf2Jjr3KOw4caOHMxn4Oj+FY8eXMa1AS6qTh mGDTVG2QU5uXWXrhh9VKn1FEJ4WfLnGG9+YkYtf9Si6d7k6qwOtJZOdTQXOMZ+HuOfeC 55rNdsc/ZevGbW+aQXICDcLw8IcmAUY3tHfo+9Mtf3ByBN1ybdxT42PLZ9RZF4VmMoRp sfhg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7KbUq/Neoi/+vA9jXPmf0VHExg0kIN5TmhcZN+HEmk4=; b=CrUDa+FJXJxIJBrlJJUCSZUH1jElIdy8jOgYLP0aTTHzCafHQI6s2BscovTRPJSgwq 5u1BuMqLJMyk7t5v5udS844M972a1WBsaDY/6Pf4s+FV2Y256t+Kxe4C6Ac8b5OsI+ei z5RlkDXVntrfxq9CMfziOoKXx4CZlLkRI8P3A2ndarBpeAaGQrmA+ZBhpQc8fKyvCgW8 QHSDcJcwm6C6IkNGRlLBwlOK48UiJDZNUFin71vFmP6f4tpyb5iTnbfD6zVh1Swze5HT OacQeNSRgvSsvL0ZECssxN6CrbR2NEqGkf9K5O4UCtTAuv/G4uGsaBy4O/BW27JRpe0A C9LA== X-Gm-Message-State: APjAAAUEY7oX2fCm1s2jEmkFm7+CTrkbvFgtpUOpi8EeP6Oxct+xMY+Z 9iPbaVzPkACCv97WzFQ/953e8jiv0ghYlnDl X-Received: by 2002:a5d:488b:: with SMTP id g11mr22072217wrq.72.1561163519950; Fri, 21 Jun 2019 17:31:59 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.31.59 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:31:59 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 15/30] crypto: cesa/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:57 +0200 Message-Id: <20190622003112.31033-16-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/marvell/cipher.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/marvell/cipher.c b/drivers/crypto/marvell/cipher.c index 2fd936b19c6d..68d26a573f71 100644 --- a/drivers/crypto/marvell/cipher.c +++ b/drivers/crypto/marvell/cipher.c @@ -13,7 +13,7 @@ */ #include -#include +#include #include "cesa.h" @@ -277,19 +277,11 @@ static int mv_cesa_des_setkey(struct crypto_skcipher *cipher, const u8 *key, { struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); struct mv_cesa_des_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - if (len != DES_KEY_SIZE) { - crypto_skcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + int err; - ret = des_ekey(tmp, key); - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key, len); + if (unlikely(err)) + return err; memcpy(ctx->key, key, DES_KEY_SIZE); @@ -302,7 +294,7 @@ static int mv_cesa_des3_ede_setkey(struct crypto_skcipher *cipher, struct mv_cesa_des_ctx *ctx = crypto_skcipher_ctx(cipher); int err; - err = des3_verify_key(cipher, key); + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(cipher), key, len); if (unlikely(err)) return err; From patchwork Sat Jun 22 00:30:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167441 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376750ilk; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) X-Google-Smtp-Source: APXvYqzSJUjF0eh4FRK0aURKM6dUhTnJJTcy5cIUL8f7bULXt2oArQwYkR/X8sRRS+PMI/7paQL9 X-Received: by 2002:a17:90a:8a91:: with SMTP id x17mr10045581pjn.95.1561163526084; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163526; cv=none; d=google.com; s=arc-20160816; b=ztcADAWtX9GLg5gR6HpgqMGjmdMJgiRJxx9d6R4V8LJ1OWwzX1kR5Pv2d5SRRVkq8g U7U9/QDbxwtTA5vSqVpY8TMRTsbGmV1WhbG5Up7l/MHaD6NHRHGVEeDlItP+eKh3wuIb C6r5SCX9kpj4GKqcx/wYE0w8V1dhoWLflm/KAeKrT9zDQzKzGYNPVXR5xYCkh9YTep+v h5kNCgCdOyxRbDwnL6GJa439hB6NM+wvMiYHXnfEey65LCQQEG0PELftbIAOlYRXY+se pr48GTT+Tv71/DRPub/m5WK1qln5FG80Ah1h33Fv5gUWqKj1iZ/2vGbr9OhIEdLeIRfj OmDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=43iFQu78wgoaNu64Kv3t6cejeLFkzXhBymZ9nsSNkdI=; b=wMfFAXxviehGmL8RELqXy1lPxoXc/YKTF3z1euTfEf15fadYsAk7zBEZgfstO9WJvH 7YQjK1LI8lb7IZRBo7dvY0kFLBlZ6VVJOfUbMkzbwAiCDpe/MzhRNIq3TCvZ3a9azjIy LE8BYofEduf/C361AlEmP5JI9lvMpnkwl6V/+adnsHGvtn542SPqHPrLT/I+SSImaoSv d95BArKkZN2+gVAii5FFSZAhLRVcT0nOdkCPE6xztJMErWjQUlTE5cGnkhAG5evgTpZ4 2YvT4KOexpTzK/JYhxqbCXBb/yDqguKxXCO1MSvMTIWRq7CmVvoBzLuTaTMG91v4fU/k xJKw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=tE4G1zc5; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.05; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=tE4G1zc5; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726215AbfFVAcF (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:05 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:37724 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726141AbfFVAcD (ORCPT ); Fri, 21 Jun 2019 20:32:03 -0400 Received: by mail-wm1-f68.google.com with SMTP id f17so8103112wme.2 for ; Fri, 21 Jun 2019 17:32:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=43iFQu78wgoaNu64Kv3t6cejeLFkzXhBymZ9nsSNkdI=; b=tE4G1zc5hed7KbunYdBx4wC+eNX1jJMbadxhiSRX1qMXE5nqp7CxnrItOFhfotVQp3 txelMVliEP5U9VPQA0R3Q7ChIfEB/x2zLQJ20ikHcG6UFcuRFCcJ9rCrjccxl7KvNtEb Tnf7oc73Rm3A2AH5oQN0GAbriJOGsxVq3n4DBmcuvBOtjd0eXibTbfB6lbfZC6RS2UX7 hq6frp1e9wGChQTFqMnn9RlxwUKthDJxarzn7S9U6XJv09VShXboi1jde92eeKcYaM6R Jo9DqLfGoI9s/xrNnmiB1JvSOHIk03DrX407bjagrqu5Ym9Jpg74ScQRmsasr75S3SiR sH4g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=43iFQu78wgoaNu64Kv3t6cejeLFkzXhBymZ9nsSNkdI=; b=kvGqT9P4DULcGZjBE5gWiFPKE+ARXVGHdCeI/GieN0mzlLK1/tvb2SmmCigzr96b83 aOE7VN/TrXDhGTPauchTG9MrGlHpUoGE6Am5BQ0YpleiNE8AMNA/N6S0PoJ+RchY/MRF vlk0X/uydnEpFzBM4FYgHTc4ddU+TYVaUa1EjmVXd6cfzIpXSHitQrqqY2i/Omtvdjzd Gj5XSJPN2hmFN9kkxoSDHwTIyt3yeAAKXFKoqySdSY07/H7jDpS6YNdkgc35xg+0FWOt R7EllmKdrYawka63uwWNIEhAOyRJ2MdAHbhPJL+vLIH10WPmbhU27DHnBk1RbAdmw86M 3aAQ== X-Gm-Message-State: APjAAAUvKDwZCGDLUpvTc/b7o+gOnRE/cZGvQkuKFql+/uFIwlZCNxiY qEVL4DD9LTxVHYlJPTeHNjeJ+hDAWoFVvYJS X-Received: by 2002:a7b:c215:: with SMTP id x21mr5663657wmi.38.1561163521055; Fri, 21 Jun 2019 17:32:01 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:00 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 16/30] crypto: n2/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:58 +0200 Message-Id: <20190622003112.31033-17-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/n2_core.c | 26 ++++++-------------- 1 file changed, 7 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/n2_core.c b/drivers/crypto/n2_core.c index 0d5d3d8eb680..132961a33b6d 100644 --- a/drivers/crypto/n2_core.c +++ b/drivers/crypto/n2_core.c @@ -16,7 +16,7 @@ #include #include #include -#include +#include #include #include #include @@ -759,21 +759,13 @@ static int n2_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct n2_cipher_context *ctx = crypto_tfm_ctx(tfm); struct n2_cipher_alg *n2alg = n2_cipher_alg(tfm); - u32 tmp[DES_EXPKEY_WORDS]; int err; - ctx->enc_type = n2alg->enc_type; - - if (keylen != DES_KEY_SIZE) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key, keylen); + if (unlikely(err)) + return err; - err = des_ekey(tmp, key); - if (err == 0 && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + ctx->enc_type = n2alg->enc_type; ctx->key_len = keylen; memcpy(ctx->key.des, key, keylen); @@ -786,15 +778,11 @@ static int n2_3des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct n2_cipher_context *ctx = crypto_tfm_ctx(tfm); struct n2_cipher_alg *n2alg = n2_cipher_alg(tfm); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(tfm, key, keylen); + if (unlikely(err)) return err; - } ctx->enc_type = n2alg->enc_type; From patchwork Sat Jun 22 00:30:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167443 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376759ilk; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) X-Google-Smtp-Source: APXvYqwCQBsExcJ+tBsfmgRao1Sf/oTQrOPVwAVyM1yyW3KmJEpYIiUX/EFrgOKZbyV+i0ooOtMy X-Received: by 2002:a17:902:7603:: with SMTP id k3mr27476164pll.245.1561163526767; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163526; cv=none; d=google.com; s=arc-20160816; b=rusYmqcQI/G1EXf9+HOCNvmBHnvDLwc6KrzmngeRiSmoDVHNVDoc7uNqMfetAVS9Z9 AtLsKL6JIjGP5S0Li2Ci37M+mKbmA6vDD015xamJQF9B99uFmOszUZSi4WCqIlr2LC5S tfLeBAEg9CN63u0a1xZ0ouUvUn7dCL5KizEfsgXD+lFgYctXa4HMEQqEXtCNGGjansBP RVLDn1HHOU47zt7C9VWvLjcBB7rNJczVK6w9+b/2HcHzPhSWct8PIbRKtAVi57XW3VU0 BrFaOJpbYZrPeOn5vUw/ynZFNRArP99Pu5uGK0sSZ+XIhgrgevC/lZYEJIq6up4IXEet J5AA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=O7DR5C/lWiSweuqmSJBPrK6JFLnDeOwIB42xolmC51s=; b=aDQKhQBdA65EjDLy+6Tm8+IXZbGxzxo7yU8FpIL/840n6UoSK/sRMwy4VUCq2aFjHr HrKnvzxCt3AMRW8MNv3OuP0xIqNqa2T+iQrFGVSsd9SGKOhxlCwDCXSUr5DxJyhB92sj mfEswvNeDTNBBjizDaOb7s1YWlkC0xzvbEVwaD+0znxVHZjZ49oKaHsEjqDKTMvBiyn0 WTDY7SBSjRtIQc/dNp8fMXJ9K5mAkvCbwUiXJL5b1UfPNjrZ2j97AzzdAs3z+jGo3TsO 58Pxuue0uHpC+cR8wCbDHmDa03UMhv+nLZ6TdgvIMVoqLDi5JQvPzu0jKUAImQazl0Hp 4/6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dHIp3gjX; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.06; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dHIp3gjX; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726141AbfFVAcF (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:05 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:53124 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726219AbfFVAcE (ORCPT ); Fri, 21 Jun 2019 20:32:04 -0400 Received: by mail-wm1-f66.google.com with SMTP id s3so7718125wms.2 for ; Fri, 21 Jun 2019 17:32:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=O7DR5C/lWiSweuqmSJBPrK6JFLnDeOwIB42xolmC51s=; b=dHIp3gjX/z7+mIYEOuoLvCOZyhf2x5f+wfiTkWOmMoFBidLm8ShD2jXDNHxtHJkoFH /pFxc5PNQx6rc3j4dXWqe4pHns+Rm+p83YzbxLW3i5Dga3YuuomAxoAJxN279rLkObs3 GEJ9kHGiv9GBNmhldAfcMiSAiIU/14uFG3z/tNbjRFQv9F2fs15Pbm459rX+redPSeUH Y0S8yZl1rxXr6a+ZbYZibGVnnfokFvFkBItTqveIFkbrZNkii4Hoew7h3XEWnvFTJtGE 8xjIdndoyf/f1O4BnddjM2rG4DM/VzKw2kYnuN/2gjKWtP7idkbHYq6pzZfHdHhE+H0W vwzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=O7DR5C/lWiSweuqmSJBPrK6JFLnDeOwIB42xolmC51s=; b=NyPWRYDuJ1JFEtbS4/uMDPMgO9hYjT5DGOuMY83WPYsROaOanJmyA5M/oVCFC1eMBx 0BxLtrM/9Q4+JWE4XFT4684LJrCAAgHSHBBHuaD20khXxqET5SHDzhlg3zazfRO8vU7H DPwoXXHVy+QFoHwJiqCpU2KwVmF5OywJ60vDEpMyJI2p3Uh4K1fjO+4vylCuuwY+AFFN lMo/FXtK9MP9cfkmRDjSGKPSg1Es4MCsnchpwjPvMBDNLqPKoqaZdCT3TtcsNRI3OBnx oVa4oqblfErmk6DCT97bWet5j/ARIYdpv7VqKyFB5g/xhVXNoBrezsHzsbgjUTqy38Uc hD0g== X-Gm-Message-State: APjAAAVlDHExTEOl6KzcbHSof3K2C6MFFLuuSrwHMAbb49dXATWsJMSg rC7R3OMQS6zNCoaTcFzVA+4EgiWt3mCTLJ0/ X-Received: by 2002:a1c:7408:: with SMTP id p8mr5305899wmc.161.1561163522048; Fri, 21 Jun 2019 17:32:02 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:01 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 17/30] crypto: omap/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:30:59 +0200 Message-Id: <20190622003112.31033-18-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/omap-des.c | 26 ++++++-------------- 1 file changed, 8 insertions(+), 18 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c index 3d82d18ff810..260fe83b8a7b 100644 --- a/drivers/crypto/omap-des.c +++ b/drivers/crypto/omap-des.c @@ -37,7 +37,7 @@ #include #include #include -#include +#include #include #include @@ -654,20 +654,13 @@ static int omap_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); + int err; pr_debug("enter, keylen: %d\n", keylen); - /* Do we need to test against weak key? */ - if (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - u32 tmp[DES_EXPKEY_WORDS]; - int ret = des_ekey(tmp, key); - - if (!ret) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, keylen); + if (unlikely(err)) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -679,17 +672,14 @@ static int omap_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; pr_debug("enter, keylen: %d\n", keylen); - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Sat Jun 22 00:31:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167442 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376756ilk; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) X-Google-Smtp-Source: APXvYqwlje7x450CZ5IwA1D+TG7BqHmvXYRquc1ltNVjfVi2A19fW0tDkC3/740qAD0Rj6TKsBud X-Received: by 2002:a63:1b5c:: with SMTP id b28mr11587599pgm.101.1561163526428; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163526; cv=none; d=google.com; s=arc-20160816; b=CnnX/VWiEv6ZNzUIoaOwPjBiVFARggIWseh8IIRNqX4a9Wb+p3oSPyWoCuOQof53L5 p39uwtwiOIIFlEE9ODut5uitPq2vXZ/CX17cGmSkO5xVrfE2EgCNbMjKsgT+KFIVI7O1 l1b9NEizuWdJkcyM7y9x+pJWuw1iwXtZPj/2ePEWdEXQ75+md34S7alQsKPnMlvrVYik Gxuj2boOErc1qeXA/hTWgr5zbOS6Bs0EEyOB4cqaP+sjwjFzuQOJpJm4cK05KvK+39NV q4mGzXZfTQxDgV5L2FFn0bspXbrnfiFIXmVnCsZp2tNVkBLROjrw9WaNPgL+JWlI/Ptm sh/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Z8daLmjOEf04g8WjHQNmRajwguwqmG3XocInKtjiqrg=; b=E8RwGsG/sm6JUSTS6INwfHEBKNGHHj8k6dz1ZP60sM3rNptk1chybP7AXp2rVfwAOT CisnoZc55JLCbEIafEOwqssa4Xc5bbVV6zox5UIXE3aHTKpLNJJfm8EH0nkM6SRbz9wC 1Wgt7ZMLxRgnhgLyMzaQkVKzEpZD9NLNJHl9ZpoPQl23MJ1QOBDbPyYCiZdvFTl8BExk WUZAQXWp0uJwtMjsTgNHkdRz6bruTc4R6ncLm9EPRIo7JhVhsBi5AkmvsS57+FZfnFLO IgrJ7MUO8GF8onX1W7IEa7pH3D07oiqxb7eHLFvKXxPUwSzyAE/XgGjimhKq4zS3OdPv 9Dqg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=w51YrzvC; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.06; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=w51YrzvC; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726219AbfFVAcF (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:05 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:35815 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAcF (ORCPT ); Fri, 21 Jun 2019 20:32:05 -0400 Received: by mail-wr1-f67.google.com with SMTP id m3so8142425wrv.2 for ; Fri, 21 Jun 2019 17:32:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Z8daLmjOEf04g8WjHQNmRajwguwqmG3XocInKtjiqrg=; b=w51YrzvCWbrepL3Q6zlCS5U778Lf7vRAL7MmEwnPFOwHpAZbu+UkJ2HnMNiGbn+/Gg GHbnKPg1kXazV4Uk0yrOckglvRWQ5uhez8LrIT25teYPTQUt6n6xQpnmi8dgsK+Y0z01 tZI37rPOBs177RTsRxXa54NJ/UuFIILtpCF1GZRAyPnjB/+ug3+96Ljy2PJBMsRr3jwE flN1eT95sgreJpTLXDWc1NTLd6wQTkxfP6wP/HqVereLAZwFvqSnzJFic5gyvGiOipFL MF1o2qKCb2gs/hVXKDAB53I16jCxqVqGoJpx7C10dUwKUkiRRo/fQWTKMuXt8X0rmOuF ExTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Z8daLmjOEf04g8WjHQNmRajwguwqmG3XocInKtjiqrg=; b=LNdGLP09zdEp1fvxRH5v13+S14UyCfxPu/Y7v5FtawjYP2wD7YLUN8swTPqeJNu8yy IfMuU0oMGPd8a/Ho1o+9BMw3ShnuqJKxd6DYMMaSkmb3usOdDnrSN3keMidef/f9RWrx yHoQLqxjPILW8N//2c+3msMKt4Y1Vlir/inMmxGQT4KLx0QWG4Q6WJ5uxuTqNM6Swdrz RebKjMYU4Y77zhjDDq4tXL71lpzZXKCOMLsI9CqctLp4ruug9M4xn07IkDghI2nTnFuZ fOU2m9OgDzgLNYkdeCrJINdPa9OgIuE21TGD/nMVnG0shmMqgQ2E7qYwARcv1PXZXAEd cG1w== X-Gm-Message-State: APjAAAXUNtUSgMnuY3Ucu+C3+KJC6PhfD/6QnUNKXmbqcl5edHtC29ug EJeyumaLWbV4BAQLrcIewDITOziY6WonD4co X-Received: by 2002:a5d:430c:: with SMTP id h12mr14668897wrq.163.1561163523178; Fri, 21 Jun 2019 17:32:03 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:02 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 18/30] crypto: picoxcell/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:31:00 +0200 Message-Id: <20190622003112.31033-19-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/picoxcell_crypto.c | 23 +++++++------------- 1 file changed, 8 insertions(+), 15 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/picoxcell_crypto.c b/drivers/crypto/picoxcell_crypto.c index 05b89e703903..a7ee17e475ae 100644 --- a/drivers/crypto/picoxcell_crypto.c +++ b/drivers/crypto/picoxcell_crypto.c @@ -19,7 +19,7 @@ #include #include #include -#include +#include #include #include #include @@ -749,16 +749,12 @@ static void spacc_aead_cra_exit(struct crypto_aead *tfm) static int spacc_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len) { - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - if (unlikely(!des_ekey(tmp, key)) && - (crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, keylen); + if (unlikely(err)) + return err; memcpy(ctx->key, key, len); ctx->key_len = len; @@ -774,15 +770,12 @@ static int spacc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len) { struct spacc_ablk_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) return err; - } memcpy(ctx->key, key, len); ctx->key_len = len; From patchwork Sat Jun 22 00:31:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167445 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376818ilk; Fri, 21 Jun 2019 17:32:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqwrxJHbwKu1KTP4NOpndjb8SNRIlTWNeYPDMSwy08UbM3RmhMtCqEUBXv8ZheW6AyxkKf2d X-Received: by 2002:a63:1b66:: with SMTP id b38mr21055580pgm.54.1561163530160; Fri, 21 Jun 2019 17:32:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163530; cv=none; d=google.com; s=arc-20160816; b=UZjKRWxcOMlvrpfezTEpmqVJ0HiqvnnaAeLMFqmOnGhNwkVVc51CQePtpiCpqZl/IL CO2RO7TYFozl+u/ebJrFabqwVefAhwj2Y9jFn+egPI3siOaDJKvKQx/M99XNwYgdHvRt qGkKqJwZryFr7xi7Pah9AyeB6mR8HUDhK97C8fk9cdNBYqfRjWYsk4uFhWIXkrKdxL4m JDuHoIjG6jE1EnPbQtv768zp+XYtMhgLb4Urb3RTNzmrvZfYpKzZKaC3wbyTT+xpTBNO 3EcXeuPYh0G4SHAuJsCVPi+oXnsD3G+5VnV8oBV+dwXpFTak3PIGqkCtfWwPvXclbJCh fd4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=UegmsAOjoNCHrQaB/W23ATKBTZ4x8N3x14/ck1Y1UZ8=; b=wBF4fCGUPwa+LEUA8cZYTHdIHX7e7HElP7xFg7FM6uIKMzMAPKfbgnadAWi8XjH+II +0fdvvLavlGyMy0vScyIoPDgLGzfSB7iCX5Dymh81jSFDivrVJD//UJm/0QnWqZzvo3Q OTDyIDvSzmQDhQyWqOnGGuLYUhOHZ4p60/jPmuby+YaHoufsipS169AfyIF0s2MTePlF NSsxiJG0OEwxK5FR4UcmwlqdA4RQS8GnhiNX0Ycieb4twufzVaM1RMcqRNeEZp9Acglh 79IJVbpQneQYUqupOAlecmst3ev0+lw5ZbZK5WKDjuVq9SMVXY1hYA+C7Nv7FHFNu2D+ w2AA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RMfB2j6C; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.09; Fri, 21 Jun 2019 17:32:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RMfB2j6C; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726049AbfFVAcJ (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:09 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:36787 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726212AbfFVAcG (ORCPT ); Fri, 21 Jun 2019 20:32:06 -0400 Received: by mail-wr1-f65.google.com with SMTP id n4so6915577wrs.3 for ; Fri, 21 Jun 2019 17:32:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=UegmsAOjoNCHrQaB/W23ATKBTZ4x8N3x14/ck1Y1UZ8=; b=RMfB2j6Cb2sx1Rm9XYLCYM6p+siIEicTA5Ft5WqkGakiwcWqNRaGPagAeNuE9E+ORH xAE1jD8aAE1ykIjapFruNPPK7Wrns0s8VdPWdUbl/RA29MGyOZbvdaKPHOfY/Ovff7z8 dj4eLDKy+BXeNOclRGqgyOSb6yXGagY/11VGMhhsnEz7CRE86+4Phq+Iy1btjYlJWyjH qHaHe51FxfPtYNoigik2vd7OZKoTXjuz5ock/IW/LmRsEb+CZJW/g3MFj/UVY2hH75g4 4xGKiBtKGKip/9cMqTB3BCWv3jfLSv07V9HB1DejT34dgkikka+4NgPwuFCepU2EFoAQ 8b7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=UegmsAOjoNCHrQaB/W23ATKBTZ4x8N3x14/ck1Y1UZ8=; b=S0gujvKIdV2O262FvLvqJxibtbZe3W0lgKvGm3AqGG4UO2c3nCqnil+LyMlltLwHTe ddKq0hzcP4FT0SQX1FL6qibJ/SIfeTs+/0badsza5JQlO1gCirWBY1F7P55nfVNEg2KJ ARFS47fjciTi2HMmDAd2f9lKXfuYEeniAb5orrlKv8Ve8QwzLsy40zu+hGkoaDTEVFoH Jc0y8ETsZ3QSovBoMOmLH8mjCl0w54MEtO/zS8d/n0Yb/Jb26SdPLXOCWsPALrh5B23t 1Vebkr7nB58SFxw8hUfIy/nJB/9TTZ06d9+q/6FCXPwwS5bGAD68cknCqZEEqwzeRaCk TU5g== X-Gm-Message-State: APjAAAXG7yHHEidkjo+6IT//cUWNulolN5sdbTF0P9foeDelC5rMdBnv HReHL5GyyvD3we2TXBojy3qNhlj8JSRh+Ffi X-Received: by 2002:adf:ce82:: with SMTP id r2mr35969812wrn.223.1561163524328; Fri, 21 Jun 2019 17:32:04 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:03 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 19/30] crypto: qce/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:31:01 +0200 Message-Id: <20190622003112.31033-20-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/qce/ablkcipher.c | 23 ++++++-------------- 1 file changed, 7 insertions(+), 16 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/qce/ablkcipher.c b/drivers/crypto/qce/ablkcipher.c index 8d3493855a70..e646e90f93ed 100644 --- a/drivers/crypto/qce/ablkcipher.c +++ b/drivers/crypto/qce/ablkcipher.c @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include #include "cipher.h" @@ -177,12 +177,9 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, goto fallback; } } else if (IS_DES(flags)) { - u32 tmp[DES_EXPKEY_WORDS]; - - ret = des_ekey(tmp, key); - if (!ret && (crypto_ablkcipher_get_flags(ablk) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) - goto weakkey; + if (crypto_des_verify_key(crypto_ablkcipher_tfm(ablk), key, + keylen)) + return -EINVAL; } ctx->enc_keylen = keylen; @@ -193,24 +190,18 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, if (!ret) ctx->enc_keylen = keylen; return ret; -weakkey: - crypto_ablkcipher_set_flags(ablk, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; } static int qce_des3_setkey(struct crypto_ablkcipher *ablk, const u8 *key, unsigned int keylen) { struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(ablk); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(ablk, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(ablk), key, + keylen); + if (unlikely(err)) return err; - } ctx->enc_keylen = keylen; memcpy(ctx->enc_key, key, keylen); From patchwork Sat Jun 22 00:31:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167444 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376811ilk; Fri, 21 Jun 2019 17:32:09 -0700 (PDT) X-Google-Smtp-Source: APXvYqxV50NiwAJLkrcLu6jrm0UkPyzoSyI7vOjAascFjUGIgYmDryb/9JusIbRqFcUNJd1kQPFn X-Received: by 2002:a17:902:7793:: with SMTP id o19mr73343822pll.110.1561163529882; Fri, 21 Jun 2019 17:32:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163529; cv=none; d=google.com; s=arc-20160816; b=Sqw6mQYo7qqI6vFir2dmu5AIq0dokRsskcwkl3SxH1RRZKiKY8K/xn/t66oTfEb9md XCVgSuNec8XcMBqFbDTN1Efx6AL0D6+mfg/EblcyJCageDljZMv0cjCY7KfEN3YGsMgj RdEAxUezykjU2gZQWrkB1h98GGRZKBMF+kYHmVJcsOygiJjEk8lipVsnT1S+PkvyvCPW DDkS5pwWcJP4DKkZIxzpBBczG8F+/GAVnRvAcjiW/VDZwEYf11givGFkLFjRlEIGhQVz gB93V/p1A/C20W9Aydtkht4owbgKaCphhrKdsrHrobKXXxZxs6vuv8izQVNIiEkdccGf KVMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=zvCQRfOP2GyB1vKcLOKImMUkTNgEYkoALm6jTAaS9J0=; b=WGjVn8GNEf+OU3mZW9QOu5aBSYEHWjr4apbGlzpmm2XSZnUDTGOd4p0bQSyllyNKCm EpWPd+ZgZugoX0zx+DpBafDNDJTtRrq5NOoMHBFPEh9jDW6peOkSXDK7bBQvzyF2PDxP ZOgQpif66qMxzPkO82JIteb9EkrWJYhPCeBYWjOAwKzv0p557NnBdsHREG/om77rCK1M gQfkNherj9VdVGVHjPkV1UTfSxtQ8BVcQFrQxVVBA90E/R8QeXlo9XT202Vip2kjYBLK ZBKYYc2cByy8dBXKrzA2lO6XganMLfDD0pYaeW7hQ7Du9fffeo8atIYxo1mMg4QPbKis JvmQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gM+yZUpf; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.09; Fri, 21 Jun 2019 17:32:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gM+yZUpf; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726243AbfFVAcJ (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:09 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:53126 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726049AbfFVAcG (ORCPT ); Fri, 21 Jun 2019 20:32:06 -0400 Received: by mail-wm1-f65.google.com with SMTP id s3so7718179wms.2 for ; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=zvCQRfOP2GyB1vKcLOKImMUkTNgEYkoALm6jTAaS9J0=; b=gM+yZUpfvZpOXxitltEj8QbMED7HtH4P9DQTqE5klWQneC+cIt+BpcCD7onChWs/TX pEnlISLoj0GmzasJepkdmokCbHg4IJInny5yTaPkMGdc8MQPuHU6guKyL+PY4dHWCApq Otd76Ufn2vbMHN7JRnITDycPlhlx2Fssz7QzdelgyYQH+luzfKdpdUOBB9e/4itb5Bfm GQNyFvu0Uy0J+Qc4eVDNEUBIQ2UdWD5judY3di2Xj9EmlJreLwYIVlk2ZcfNIvwQ3Tp+ Igis90rpESdkxLqwmlP5KQuut38RFM4sS5cdgBgEWz0JoKjcBxO9dWnOlUtyT6Yt+3M0 kCuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=zvCQRfOP2GyB1vKcLOKImMUkTNgEYkoALm6jTAaS9J0=; b=WNyqEI+iZuRDZVJdApqHN17hjzmunnk3FdjCJrDzu2C0Os3of6JK3oudwkw2uWFbLd 9QwPSjj7UltDWZYWSiL6ufkuso9l7W4sx1ydK2tEMONXD8orNMWv3refe3R0XJggMKgj A7qWhcCzjkJKBfY1QxGo8yDEUhp6hsD4n6xI+TUB9KOOk/BzqTskZ1fizxVZq7K4nuB8 yZreBni5dln6yyS3bTzk7bjzOylKL6GOOjitDyMAPks87g3qa/5rFKc4UXThDK1HDIQ+ 84bn88m1WAXEfQbyD0KN1lbfAOU4+5zHDA9jzFySrb6TjsqN2wl+ZG7g+vuy92E9gyZ1 A0aw== X-Gm-Message-State: APjAAAWePLIyYo6XwJvFEc7/GklK+kBKy8MoZ8x3gnIJ5ptFVJFDZmnx ss2m2PZVvsfODHqOTbFXGLRcyzX5IbBY09s6 X-Received: by 2002:a1c:7a01:: with SMTP id v1mr5876112wmc.10.1561163525372; Fri, 21 Jun 2019 17:32:05 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:04 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 20/30] crypto: rk3288/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:31:02 +0200 Message-Id: <20190622003112.31033-21-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/rockchip/rk3288_crypto.h | 2 +- drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 20 +++++++------------- 2 files changed, 8 insertions(+), 14 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/rockchip/rk3288_crypto.h b/drivers/crypto/rockchip/rk3288_crypto.h index 54ee5b3ed9db..18e2b3f29336 100644 --- a/drivers/crypto/rockchip/rk3288_crypto.h +++ b/drivers/crypto/rockchip/rk3288_crypto.h @@ -3,7 +3,7 @@ #define __RK3288_CRYPTO_H__ #include -#include +#include #include #include #include diff --git a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c index 313759521a0f..1c24602bac83 100644 --- a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c +++ b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c @@ -50,14 +50,11 @@ static int rk_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); - struct rk_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - if (!des_ekey(tmp, key) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, keylen); + if (unlikely(err)) + return err; ctx->keylen = keylen; memcpy_toio(ctx->dev->reg + RK_CRYPTO_TDES_KEY1_0, key, keylen); @@ -68,15 +65,12 @@ static int rk_tdes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) return err; - } ctx->keylen = keylen; memcpy_toio(ctx->dev->reg + RK_CRYPTO_TDES_KEY1_0, key, keylen); From patchwork Sat Jun 22 00:31:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167447 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376834ilk; Fri, 21 Jun 2019 17:32:11 -0700 (PDT) X-Google-Smtp-Source: APXvYqxaAuWsp2FCVmwNcA687A3RZitz9Du2EOhyiCsnP+hNK+SlnzTL1EtjpWo+oYjMNnv4vInS X-Received: by 2002:a17:902:e287:: with SMTP id cf7mr43500443plb.32.1561163531121; Fri, 21 Jun 2019 17:32:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163531; cv=none; d=google.com; s=arc-20160816; b=0vI/HREmdOAGvDR06BtMwQp/s50Py1ig+vIVsjl4DPX5iUB5Cv3c4k2dHSfSH/3qOJ ywEe9WMAOdc/fYVXXOXuTMe+eyiRZlyxDupUbBxoTCJGd/b9ZNeQ4smJMaPluWNXb0Kn yL2z+xHy4QWpZLuS0i8aEGAJpVVYWF/m1EgH75v7ki3Wd6ofzS5qBCfrcog2Z3ihMD4b JWr6FhaNG3OYtRnBLyOxcUOQOY475sgOhl6CAPOTzLj1Dl/3W52xtSf9zqYIz28GwzB7 1l++DzF+YaVht1fbrQ0b5/5dICTc78MHuq6+3Z49tOxor8u+3LF0ejMbEPIwSP/r77A4 u9rw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lrgZUl57nCjRD4Ecxl/6+lhgudAbeMv5YE7gLc7E7NY=; b=fi1tcCVFr1NXywkPpCwKt6dFB06nN5CqC15ldhfFy/TGEMNZNxeTnVOvevbds6U2fW muBpif6iBk2PaCn0OLmzcPlyShHcA42fK31ZO9B7/YZOPEdmHDflY+72ir2OAnM20lja gswj7DCdk60UlnIpMu/n5J1aYQ0dq9vofaLvC+mqrstu4G+om5E1nSkkrBpj+fPBNAs2 dOGs7WoZ/ohOXBuxtuHjdKQSVYrz8UnVWrDk8QhwQjd6L0j4xOowRBrDTDtDe7MLzv5L MgQiaFwlZ4T+iadGPK62Yy+kTbkh5KAxHXo5QF4wIKtqjodpPEINWJbFud8taLRqN3bw Qo3A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=v0aeJQDQ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.10; Fri, 21 Jun 2019 17:32:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=v0aeJQDQ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726245AbfFVAcJ (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:09 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:42662 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726220AbfFVAcI (ORCPT ); Fri, 21 Jun 2019 20:32:08 -0400 Received: by mail-wr1-f66.google.com with SMTP id x17so8088118wrl.9 for ; Fri, 21 Jun 2019 17:32:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=lrgZUl57nCjRD4Ecxl/6+lhgudAbeMv5YE7gLc7E7NY=; b=v0aeJQDQzEzolIu1C+8SuRAoxm8KsfKkkpG6gaiFkGqpDHFQVGOFkWRIXI1riH/hhp sM+bIXOCOp0JTKIgobm4WIkRS7fQQWjzMxp/tchGVZGQ0mFnawTQGR1UCfjFibjlNZlT D6VLo2SxWMbXdLw1Uxmmqq59I7ATdhUCgyv5LP7lbJvZIe3ZLthPEtuAB5+pJEbjvcW+ aB9LZIinLgckEBXNh3OsqOKeqppEKZ8O/dVF1Hp8B8lcgh9Q2nPG1UiAjxH/f8qhXo5N fk5tGunlH8qIrIvl/iKRQLIRDIfYNI5Uy1NxeEH4vZi1a6+oFFGz9avRwKnlH3lkIlLp 5fYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=lrgZUl57nCjRD4Ecxl/6+lhgudAbeMv5YE7gLc7E7NY=; b=ERjXrBv5VANJxjdNd/fjl2nUJy3KvjYWV2l3qvtZGPuEhzXgsZG3uPRMI4OmqH1VCm 3F2L/U8J14PtZuOUyURxUTNFs1r+LkxkpBTqn8SzwroTiN0LolhM+R3c3wAtmNsnr/Kl jKRPQwBZoQEn6roUg5gYg6BDJNwNjyTycKPr3oAcUwxGtZMAKYnYXjI1TweLZezi2OQy hD9FN2aZtWvCY1zIgxz61wozv02DLm5fLrj9gmie41UcKDdMQVrnHHGGdFZfb5y6plwT uliV+jLZ2gd2/IgHmx662idx3CE6gbJ3FMXswdruC8j95JWEetMZnxvdTxB0BS3kqnZr a14w== X-Gm-Message-State: APjAAAWdhtn/wBQsg5m84XsCVnRGv6ejHtecqf+g5MkWkFn3U03smoQu EwAMg/oKdts2wths7mwoPmw5O4XXO3ksUsgj X-Received: by 2002:adf:dd89:: with SMTP id x9mr21011334wrl.7.1561163526321; Fri, 21 Jun 2019 17:32:06 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:05 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 21/30] crypto: stm32/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:31:03 +0200 Message-Id: <20190622003112.31033-22-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/stm32/stm32-cryp.c | 25 +++++++------------- 1 file changed, 8 insertions(+), 17 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c index cddcc97875b2..12473c297060 100644 --- a/drivers/crypto/stm32/stm32-cryp.c +++ b/drivers/crypto/stm32/stm32-cryp.c @@ -15,7 +15,7 @@ #include #include -#include +#include #include #include #include @@ -767,17 +767,11 @@ static int stm32_cryp_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int stm32_cryp_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - - if (keylen != DES_KEY_SIZE) - return -EINVAL; + int err; - if ((crypto_ablkcipher_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - unlikely(!des_ekey(tmp, key))) { - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key, keylen); + if (unlikely(err)) + return err; return stm32_cryp_setkey(tfm, key, keylen); } @@ -785,15 +779,12 @@ static int stm32_cryp_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int stm32_cryp_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(tfm, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key, + keylen); + if (unlikely(err)) return err; - } return stm32_cryp_setkey(tfm, key, keylen); } From patchwork Sat Jun 22 00:31:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167446 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376826ilk; Fri, 21 Jun 2019 17:32:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqyxjDIe9zC3b4JhfrS5wTeSb4txCLvyDh28zoeq84Gq275luX3wokMRU6AdFd60ZWpYtWu/ X-Received: by 2002:a63:e14:: with SMTP id d20mr21259794pgl.264.1561163530590; Fri, 21 Jun 2019 17:32:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163530; cv=none; d=google.com; s=arc-20160816; b=czb1iRwyEDJnKj5RJVibjYxTvAuDqxIILFO2heNzTX8ioeF8RFUuvKVpwUet1Zb5mj TAzhLlSfNjYkK62eYxUebXoyiyFWKei5Gg0ze5GUo+559aMLN90fIc/vPXPVcaX2p04P CePf+aZRKuoKI6bJCt68Mw7WiR0fwuZttLzilKdu3M8B6kwRL9mCQHWbbhmm5jSj/yZC 2/XuyjwoS2TUtq5IRfBoK/4JDglpqNJQfaaTdd8pvn2KPhyudvDT2g30zYHCMZoHwVhy Ab/QDrvo7IO3AbD8tXpldItiap0s0woUrgre04e3rDTbYwDvzkzAJOoFd7J8oWfHKnqt EUSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=FrBLYeLtuiaLDwgJn1TkWrukHdAbPf9Wo3+1MqcyfMY=; b=DIT41DDECjERnmaR5lbmdbf4u7s9sn/SpDLH0nTGBmO3eKVio5fYqrmvYwpc1P1yMQ 72K8Tzkr2+wdKU+Cx+MULSO+nFpX4LCSooyGGbVxMm1+klfbpjqMk8eKcE4++CoXD5s9 aXfZz6WharjefTDb37LiSxD5SH7KGpSu/WqVPEPrVJrfKpx+eVv0gKUGWGK5H0UHs8g6 w7TxdLuGT65cmYABfa/OVZhhX/+vbJRmO+LAoYNatdzP0MF7bDvweGQnmJgh2fLFS2gx MK+oZBSG7CnadAfpUSrw5d3xKHS2NfDuzm9J9Wuvi9Fyy0bo9qv0EGl0nSnN/NfEPZ1w aW+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=DqneX8HO; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.10; Fri, 21 Jun 2019 17:32:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=DqneX8HO; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726220AbfFVAcJ (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:09 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:38482 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726237AbfFVAcJ (ORCPT ); Fri, 21 Jun 2019 20:32:09 -0400 Received: by mail-wm1-f68.google.com with SMTP id s15so8083011wmj.3 for ; Fri, 21 Jun 2019 17:32:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=FrBLYeLtuiaLDwgJn1TkWrukHdAbPf9Wo3+1MqcyfMY=; b=DqneX8HOgoQO2mD6QMWQn5DHaaqbsINCgJSEvBBaKHkLw4oRa3I1nLUayrw1Dubc6h 5gUzeE63x8jZItdisVKTTO8CWBLYjuP/VH5JEeLv1r0QIhPvN7K+LKaDkGJ8VH4bl4Rx hQhTl26a9A7k9RKExhtIGTQM9nLeNaFpipvD2HUFslu+0JvjcltPcPZnJ8zaFHTffhE5 W7J+VN4rqF3kPB0aXqFZThpeYggHOdLoCM+RtbWQlJmGXBTY3IT/AWZRHGRkI4bk31QV +Wm/1H1fzlrhYKzrs/ymUh5sxcOPvLcXGpgYuRXFHaK/1LzdkXBqLZuMfe9D3HsZFeiy uWeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=FrBLYeLtuiaLDwgJn1TkWrukHdAbPf9Wo3+1MqcyfMY=; b=RMOCwSKyz5K1ecd0OiZsX4yHnw8dszpikXb6GClYLshD/vhEk1l0KtCgqWXpDiL7Dl C0EnBCI1Ih+3fLkOiSKMEgFv1GBJhYvyTG0bQ8Od2m2f6nwn9SnWp9PDHvvjvSQB+6mh srInEJ8HdQDnKVvmzU0BXWf2JPwY8kHCjMHB5lfMUgAFutzj40Twg2K23Z0qjnoUn3fz Hw3fkULOdjSXNsMVGRAb4dPgQ34JsW4Kntu6dkpksVpPS2ICD4wOTbwmTteZElDUqBRy 8T/3aI9gpBEVBrejUTbIrYuMKzeQ/pC27qeaXAgBmBmUgYRbLPDiO4ccQnEhNaZyLQZh GdLA== X-Gm-Message-State: APjAAAVKEkH6USUUToISsmM0eY3rDtJZlnmon/e9rFp/6x9sv9bUm3JZ CE+M2qdaLf3CqG35hefPMdcKHCKSz8KR54kx X-Received: by 2002:a1c:f515:: with SMTP id t21mr5946128wmh.39.1561163527346; Fri, 21 Jun 2019 17:32:07 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:06 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 22/30] crypto: sun4i/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:31:04 +0200 Message-Id: <20190622003112.31033-23-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 22 ++++---------------- drivers/crypto/sunxi-ss/sun4i-ss.h | 2 +- 2 files changed, 5 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c index b060a0810934..05b2b2136743 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c +++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c @@ -533,25 +533,11 @@ int sun4i_ss_des_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { struct sun4i_tfm_ctx *op = crypto_skcipher_ctx(tfm); - struct sun4i_ss_ctx *ss = op->ss; - u32 flags; - u32 tmp[DES_EXPKEY_WORDS]; int ret; - if (unlikely(keylen != DES_KEY_SIZE)) { - dev_err(ss->dev, "Invalid keylen %u\n", keylen); - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - flags = crypto_skcipher_get_flags(tfm); - - ret = des_ekey(tmp, key); - if (unlikely(!ret) && (flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - dev_dbg(ss->dev, "Weak key %u\n", keylen); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_skcipher_tfm(tfm), key, keylen); + if (unlikely(err)) + return err; op->keylen = keylen; memcpy(op->key, key, keylen); @@ -569,7 +555,7 @@ int sun4i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key, struct sun4i_tfm_ctx *op = crypto_skcipher_ctx(tfm); int err; - err = des3_verify_key(tfm, key); + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key, keylen); if (unlikely(err)) return err; diff --git a/drivers/crypto/sunxi-ss/sun4i-ss.h b/drivers/crypto/sunxi-ss/sun4i-ss.h index 8c4ec9e93565..3c62624d8faa 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss.h +++ b/drivers/crypto/sunxi-ss/sun4i-ss.h @@ -30,7 +30,7 @@ #include #include #include -#include +#include #include #include From patchwork Sat Jun 22 00:31:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167448 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376853ilk; Fri, 21 Jun 2019 17:32:12 -0700 (PDT) X-Google-Smtp-Source: APXvYqyASbIPvlqTcjzuSKN+JbBAo871YzOMB57UNtJaZ5RG+juOvsPNsqLJQIbVSFpObhMwbOwr X-Received: by 2002:a17:90a:8a0b:: with SMTP id w11mr9961183pjn.125.1561163532407; Fri, 21 Jun 2019 17:32:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163532; cv=none; d=google.com; s=arc-20160816; b=N4UhFGNxlqOocltFfAI90b2WpN0i1DwlA7+4AGRcRUvCO1pdovHVAhM4jHR1GEvFbM JU1MhDC7ny9r67Jaf5NHqjSjEgo/cZLxJAtKZ0jcrpbw0W6EX+bTBx2DCiV5RLXwSMe/ Cq9oaD6i08fTOJqciWG7wj0F7TvKx16XsnU5C7VzHSbjKbWDZ1a053P32unBXlZC3ZCJ YQD2nOFNXpFv2r7KxNDPsqJuqNT665aoPjaPpgg8BUHHApLmniaa5kj/SA/pMJGiC05x kamlbbEJRxDoGfdadfv8ed6EIOntdufcwqqaWozTW+ul7CFbHavxsIYy8B4iit2Iiacv 1vpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=8ECamVGrenRrFvw0EKJFpRTvGkUBrF3jVsxmqTaUFNc=; b=eYtBrv8ms2eYayeUvtM3DQ+m1YY8UeptcTO0twTcgHzp4WBgiMIcb2sCfNSLh7eu3H Ovf8nOh6v9V07NHYrPXn756qvfrSlWofmyTOkHxqOJ1tN5jWhOK19c5EdvEEnPLWKqF1 t16rHyYb0zexHXePR/6ZbP7tlaXzMYLa1706nGpXuasxYMlatWuFHFZOIWXOQSk98OR3 3pR1ho8KlbzC7M6wVuYzLXwJ0n3lyNOM2QLf6gL8ynm32f+FWdfYpqkDGPNVIElSPdFw t6h/HsQRuCdjEry+8oiQxd0XqdgN29IH9Hr8cGROnwCrT6x7yiLbOKL3XURgKhXkni2Y 79XQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=VISEf18Q; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.12; Fri, 21 Jun 2019 17:32:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=VISEf18Q; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726250AbfFVAcL (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:11 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:40829 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726212AbfFVAcK (ORCPT ); Fri, 21 Jun 2019 20:32:10 -0400 Received: by mail-wr1-f66.google.com with SMTP id p11so8100477wre.7 for ; Fri, 21 Jun 2019 17:32:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=8ECamVGrenRrFvw0EKJFpRTvGkUBrF3jVsxmqTaUFNc=; b=VISEf18QwcsCpnpxGjFbR3q7mDOPmNA/ZtZ14P/RgS2SnOGoJ/MqIHKwpl8YCWaepm +YdcjYANEv5+lHp+k/EYrTRRNH8he5iBVgHgy0qIIuQjTuNM4mzHqVZwmgLUTo3vmY4c 8Jsc5GsLp+eU+AW3Dyoq3zQ54rbcE22GhPvoRMR8AWTaHbBtLa8Z6U+heezqmVIoDxiq 3vx0b4XPWkX8IxlowU6e36Cd/wNKIpCX4g+de++znJpUs5yYdMLYijcDIkSggg4j9NV+ JsQiq0bDan1AxjEWThfjmdA38cN7SNtxuWkEeZJyVA2TLMcmZPlQ3KQKLfgUhmveQyes P2IQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=8ECamVGrenRrFvw0EKJFpRTvGkUBrF3jVsxmqTaUFNc=; b=Y7DDmViR9A1Ge4nXZK6z7bA+86+/qilTnM6rCguD7lpK8gl6yw6G3vJzemdHbGUqKk eham0dPlqj9sMokNpkpukySx2JvwaBWX6E4Yy2x9HP+hEys30C+MmL/fGCNKOE8H4g3X X9GreKMIqiO+fXYUNXUW8bMXxDQDAvRgpzOBRbLhfM5n8gfL1QH4MyyolBzQo4YPVsHE QysfONWygz29Ro97kHbkxYAE6y7GIgkI51KeBkDalbxX8e2EPxJwlxYF0q0V7cD5kpD7 JIFBc+Q0BXPGddyagvpORrrKTBnpJGUhQhBv4QON5GhX4EmDyBzF1ptye4KIwooyiqv1 UDeg== X-Gm-Message-State: APjAAAXJVUxym2Im7L3Jcab4HAU3xRlKGeCMzQ2G+MYqFFm4TefqX5Hu K9cgmalXjTFujasrVjh+jK41o0xz3qD6fR29 X-Received: by 2002:a5d:4992:: with SMTP id r18mr7274973wrq.107.1561163528517; Fri, 21 Jun 2019 17:32:08 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:07 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 23/30] crypto: talitos/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:31:05 +0200 Message-Id: <20190622003112.31033-24-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/talitos.c | 33 +++++++------------- 1 file changed, 11 insertions(+), 22 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index c865f5d5eaba..ec759576ebd3 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -30,7 +30,7 @@ #include #include -#include +#include #include #include #include @@ -920,16 +920,11 @@ static int aead_des3_setkey(struct crypto_aead *authenc, if (keys.authkeylen + keys.enckeylen > TALITOS_MAX_KEY_SIZE) goto badkey; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) + err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey, + keys.enckeylen); + if (unlikely(err)) goto badkey; - flags = crypto_aead_get_flags(authenc); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(authenc, flags); - goto out; - } - if (ctx->keylen) dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE); @@ -1538,14 +1533,11 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; + int err; - if (unlikely(crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - !des_ekey(tmp, key)) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, keylen); + if (unlikely(err)) + return err; return ablkcipher_setkey(cipher, key, keylen); } @@ -1553,15 +1545,12 @@ static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) return err; - } return ablkcipher_setkey(cipher, key, keylen); } From patchwork Sat Jun 22 00:31:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167449 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376858ilk; Fri, 21 Jun 2019 17:32:12 -0700 (PDT) X-Google-Smtp-Source: APXvYqyvg3s+J0mMZivmhNk8MqsaltMd0ARxJvrrc+a4gXUi9eSDD5bCzoCFnBR3r9NR7RgbearS X-Received: by 2002:a63:2a83:: with SMTP id q125mr6173659pgq.102.1561163532716; Fri, 21 Jun 2019 17:32:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163532; cv=none; d=google.com; s=arc-20160816; b=tKLSsyEGOP3mKpSnDls4soQGTF+yV0WtMixEGC9XTyjOK0jVABVmci4lipyGfmmwq4 wCpLJCnF5z5LzIwuNOjDklzbKykVboK6PCJvOrwWA7IMmVtBXQVsAboBBl92tK7XcX9H WV3gwMjjLL7+DvLSNBRDhx2W1qpiH3kqsPMiYZfknm2xI/8SWI97YamWYCn2iMeU8GRL 79Rgu6wX7Ps1ifh8lRVjo0MaNVxf/ThiP8Kr3bUoDUjSU2yc5pqSMum6TTd7NFbRuXnN /XE+Kzxnz32qqL8jm1GnbMyT2df4hTI9Q3cPF4kI0pv/4QZF5QYRgjSPm1qxh3H/Zi+f XjXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=+sdt/3gJ4yj04TA6LoWxsEfYMxca+n+KFCJfOd7D3AQ=; b=tmjMH4eBy7dEQ2LEjVNhIawFmxGL+ww3esEw/A6wwmjUqmYywxfnK6AL9oMhBJJtWa 9mjDUBrwgYXQYKqx2T7u3H43Zvh1dHB79Lj/r8awMoDWRiMMVnE0Kto4DaWcwMdmG17C ZPX1GkcxTcDM5FU/d+RSVDCm5XukNgiRuWx+NdvKCtVZLWHwlWjukyaa7yi9JRCojRmW Ng4GvpPT4LcZsaxZ7o4TGzHQyIYZjncAvQJ+iSp2edYfVDfEm1D6zqiRGArOlY2zguVj i+digidl5DLbyHKCmQ/qoToYpXdh5O/n4bp2v0PBRxIDfBYfI+L7iL70+28mTfrU+7oN tFaw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZmbmJll2; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.12; Fri, 21 Jun 2019 17:32:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZmbmJll2; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726212AbfFVAcL (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:11 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:36798 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726237AbfFVAcL (ORCPT ); Fri, 21 Jun 2019 20:32:11 -0400 Received: by mail-wr1-f67.google.com with SMTP id n4so6915692wrs.3 for ; Fri, 21 Jun 2019 17:32:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=+sdt/3gJ4yj04TA6LoWxsEfYMxca+n+KFCJfOd7D3AQ=; b=ZmbmJll21x+q8cTsz00X56alzpx01OH6084Y11pxU0bcdWi1u9FYSgaGlfpsLkgatp LdSM/x7tS/qyYoJseoB95llS9+HHMA1ehsiJAgOIXNrk24jjtJJ1Oe3Ymefgxnhf0AZC Kfiuga+35cFFXSv1Kn9yadUc7Kgd5wAZsKNybkMg/rnVXWrezfG55CIfdSbrtycqWDnp l57E+yDkTkygoHOBjnvKwbvDhh0VCsCAIvtAUPzS2R+/zyFBMbQFXwhj3vQzLjKJvAUc 8cODyBNtmAlacBgesrjoDpGjXdyUUDDBtA+IH+lmkWoDh3v4t3yNy8PbIWgLuMagkhAI lSvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+sdt/3gJ4yj04TA6LoWxsEfYMxca+n+KFCJfOd7D3AQ=; b=tQt6wdGebDR0n2gIoiCbq4RwAbBhDO1dIaVQU11O2lTjoUsajfXxFiAVOMW5mvNcI5 +w9jnV5G/8qDmdQi273HTxqIrx2WRzVGX1DyioYDr2UwqBwE5sZEiCtlPT0HL0DPEzTW +vzyulFAjdSD6YNP8zoVbZKs+B1Up6GCxpyVeRVOfwWUPlQXV8qditygL6wyGB9uzmao aVOVOcl0X8//vqBs6u5Xdh8NgTdWWYIRqXsvrdF9x8Rt1fQEtM2MF7PopxCZ9fuKgBQW nIbs8Gvc1CpKWPktwoqAn1Jx7XENKIkW5Oorj7IiHPsCyAX6DoJM+f8HnEgMmn5ocNbT zpQA== X-Gm-Message-State: APjAAAWBbYk6YN3m2P/wm9LAOxSkmz8svfHhood0U/fl3mRNyGh2EJXO sgIkaDrN+MocA35T+m3ctqvpl6RkR7Ty/yx7 X-Received: by 2002:a5d:6243:: with SMTP id m3mr5058729wrv.41.1561163529444; Fri, 21 Jun 2019 17:32:09 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:08 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 24/30] crypto: ux500/des - switch to new verification routines Date: Sat, 22 Jun 2019 02:31:06 +0200 Message-Id: <20190622003112.31033-25-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ux500/cryp/cryp_core.c | 32 +++++--------------- 1 file changed, 8 insertions(+), 24 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ux500/cryp/cryp_core.c b/drivers/crypto/ux500/cryp/cryp_core.c index 7a93cba0877f..9342e8e6398b 100644 --- a/drivers/crypto/ux500/cryp/cryp_core.c +++ b/drivers/crypto/ux500/cryp/cryp_core.c @@ -29,7 +29,7 @@ #include #include #include -#include +#include #include #include @@ -987,26 +987,13 @@ static int des_ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct cryp_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 *flags = &cipher->base.crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; + int err; pr_debug(DEV_DBG_NAME " [%s]", __func__); - if (keylen != DES_KEY_SIZE) { - *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_BAD_KEY_LEN", - __func__); - return -EINVAL; - } - ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && - (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_WEAK_KEY", - __func__); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, keylen); + if (unlikely(err)) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -1019,17 +1006,14 @@ static int des3_ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct cryp_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; pr_debug(DEV_DBG_NAME " [%s]", __func__); - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Sat Jun 22 00:31:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167450 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376871ilk; Fri, 21 Jun 2019 17:32:13 -0700 (PDT) X-Google-Smtp-Source: APXvYqz+k7D6qmsK3LCIRh5fp67/6clgbl1OEA4WTJKv9O8+KZfjVcLrEE2iPBVuYLIlLEvsJ9wp X-Received: by 2002:a17:902:ac1:: with SMTP id 59mr57051849plp.168.1561163533561; Fri, 21 Jun 2019 17:32:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163533; cv=none; d=google.com; s=arc-20160816; b=yalWk+ZXxi3YSxOD6quYmt0JkUwCX+DT+nP0BvZMA2SjsNAyHD9NnmJWGR0UihOsTT g5GUV6S17JVo5Fy2BxAQh83eQAsKpwoiTgEXBPfiFgmtbZGrBOjCo+ulf+TaLw5fdcwS OIZgWHIPxJwKuCW3ZFhmkszCM4QbGMBBJMMah9J3OumlbbiDu9wT1xWo9pgueVmePA/c ZM0nzaJORvoW/GveUteWjTNiiavR25rfI+eBIFoi7oA8ff1Z/DCGbu7Uefny51gtH1sF VlMdanUZAH+zDJOjr0x5WksnFHeIAE7ghMaxuzgLa4iqx8TmGxdGtdOm/4UDikOLa5Z8 4BhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=KG8WnE1mm/pt8XuVucBEWIW6qbyg1qS4SYR7MAokAw0=; b=gX9UHvgohDyfbTkfHdyEhqo++5g5cMm2vLpJazhWw77pTWfJ5KRkLdNV3lgvr69nDX F/lRIbW72Pk/URGV5+gRlNsB8OFdA+uaTXdDrrUuDdL3K98IZr0tKpYDKfIocmHizyuC PzZ6NAzfl6mdE3SnFogo6VW3h/y7Vs/gAC6YIFVyiYTXpM7ke5bkGs7UTi62Vl/Hyr5N SzvmpF+60DtWYCLzTn2edz+qDzQd7HD697lUBVAnPjWm5wDizO6gMHbqxduSlBtM8JWn D2whUFwTACkP57xQjEODQilT2Zmtx7ejsiYDHTHlWpR+FLcCowwPgTe0EG5ew9KemRxr +l5g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="TfhS/DaS"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.13; Fri, 21 Jun 2019 17:32:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="TfhS/DaS"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726257AbfFVAcM (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:12 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:43592 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726246AbfFVAcM (ORCPT ); Fri, 21 Jun 2019 20:32:12 -0400 Received: by mail-wr1-f67.google.com with SMTP id p13so8087724wru.10 for ; Fri, 21 Jun 2019 17:32:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=KG8WnE1mm/pt8XuVucBEWIW6qbyg1qS4SYR7MAokAw0=; b=TfhS/DaSlC9dCB66BhT5FNJX1QKZLTuaXnrT0U82MfiFZcgv0jTRrJodZWpLJxxaqh zsYOfiyUqYpGFhi993m+CjA3BK/9wDTKMo3Q2R6sKfBkKtY/lcog+f5PI/JkVpl2Suej pB32wGzfuA2oAa2ouWw5UMFMR6zgVmCW5ZVDt+dXpZuck7RJBJk3DVx0ggyQ/6ju+qL7 LuSc0wExvvjeqHYerLOa5QEXBd1OkBVnJBng9T6iiACA215kEHa+nRUgdjw1Hvyn1Fcv vZjqQCs8GeLVzpdHcHZn861cCRTxkz++x84DWjQr/JKOR6BgQmATenuxT2KmNY3XIpau LjUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KG8WnE1mm/pt8XuVucBEWIW6qbyg1qS4SYR7MAokAw0=; b=Gf9H8VPwCypj1CKFJWwAAYkzQYRSvrVEvtaCuf1/TvoNHS//WNwaje1kUF5IrKbyjw +HaxIWj0E39lfdt6XZmuVwInzMkUKYvc2Nf6zUrYb5hMKjeCtbbGS7rdMXrFBV+GDcvT tpQTFopUG1HAwgiwUeeB6fyeTpsN2g2DXjGKT++VGVE0unIyE13Bpsz9Wtb0TyFoRPLP 7fbGYpA0Df3aSIdccZECQ039xIefeATPOxsL7X3WQZfdh+TtEt+ETJQI4jsw6l8XfQ0N 22KIrDiTc9CS+2P2eN93RR9nSAO8adIrHaBjDfLUspLmVKdVUNr4Osoz+9L5WOGrqT7j PH2g== X-Gm-Message-State: APjAAAUPq3rHZwWPr6uELOBeM0lOH+lYEizFbHUVs2CNizwPPQ/MImRr YpWFWC2N7FBfHO4bTjfYtlRrc65I1Cr3BRRJ X-Received: by 2002:adf:dc45:: with SMTP id m5mr31140866wrj.148.1561163530349; Fri, 21 Jun 2019 17:32:10 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:09 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 25/30] crypto: 3des - move verification out of exported routine Date: Sat, 22 Jun 2019 02:31:07 +0200 Message-Id: <20190622003112.31033-26-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In preparation of moving the shared key expansion routine into the DES library, move the verification done by __des3_ede_setkey() into its callers. Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 4 ++++ crypto/des_generic.c | 10 +++++----- 2 files changed, 9 insertions(+), 5 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index 5c610d4ef9fc..48292a2ce66d 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -358,6 +358,10 @@ static int des3_ede_x86_setkey(struct crypto_tfm *tfm, const u8 *key, u32 i, j, tmp; int err; + err = des3_ede_verify_key(tfm, key, keylen); + if (unlikely(err)) + return err; + /* Generate encryption context using generic implementation. */ err = __des3_ede_setkey(ctx->enc_expkey, &tfm->crt_flags, key, keylen); if (err < 0) diff --git a/crypto/des_generic.c b/crypto/des_generic.c index c94a303da4dd..34921f8004cc 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -851,10 +851,6 @@ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, { int err; - err = __des3_verify_key(flags, key); - if (unlikely(err)) - return err; - des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; des_ekey(expkey, key); @@ -867,8 +863,12 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; u32 *expkey = dctx->expkey; + int err; + + err = des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key, keylen); + if (unlikely(err)) + return err; return __des3_ede_setkey(expkey, flags, key, keylen); } From patchwork Sat Jun 22 00:31:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167451 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376875ilk; Fri, 21 Jun 2019 17:32:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqwpMRwYm0r0IUG4OntOFvlupCx9S28UCy2dFaKtMVzbYaDeU87AMIQiomZdQkK1TWQnwW1W X-Received: by 2002:a17:90a:de02:: with SMTP id m2mr10049309pjv.18.1561163534206; Fri, 21 Jun 2019 17:32:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163534; cv=none; d=google.com; s=arc-20160816; b=b3ni3B5JOBxbglhBPOWBhhKZLQ5MOlCWHZDgDYW7IGuCGZ6zJ8hqYhnId74nJ+oCm0 zhm87CxJmtzI4d6eGhwBc1e9EVjAjOav37W79BUuLu9RjIuEeQnBdzGv4XUvC47C1Fhz 3hmK9bNfWo00BDuyjOX/jnPvRCxnFy73K6Wn7oOfFh+aPwR46irNF7ynh2fCLziu2+Cz RkiAG8dqkrIDEsD5Zgl5IYXBl3Sk0TdvMYrngEFt05UF0B6leReUDzPGY8iMWmOAJkNB fvE3SFkZqkSXlY8A82eZQHi6+ctkUS4ONc+NyulA2TgPwpEnoHLvM5XCaOeYla5Camzp iTjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=CbGILY8ncRMp44ZG4GypjYJVSKRowL5JA0jxFG4yh4PpKFyUOCzdyTRsJgZheRaey3 i4ZVlpTnrbtz6hy2JQOi+Hqr815myfZKIp7uAKAaDzP+h3w/99njLVrkjtPy54WZ/KrE QIGAhP3AfhBmkw944mh/R5qF5fO22g4esbHfS2iI6PTzx1bqsY53YaCqPa9dInif/0F8 vzf+FUNkOONVelLarI/LtLX0wGkczCB97CTAX0d/bLKYV+cMZS/pDpFX3+TYwwqUWoOQ G6cYqHUlPXydflnze4p8pT4YA3tNCAyOaqKIK9LVpfMJQW1C/rA5FIKhSmkEeNfMbrU+ yFBw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=iPi8nc45; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.14; Fri, 21 Jun 2019 17:32:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=iPi8nc45; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726246AbfFVAcN (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:13 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:34629 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726237AbfFVAcN (ORCPT ); Fri, 21 Jun 2019 20:32:13 -0400 Received: by mail-wr1-f67.google.com with SMTP id k11so8144751wrl.1 for ; Fri, 21 Jun 2019 17:32:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=iPi8nc45G1O5UoLYxlDzUR4fdl2tpSItDMz/Dr+rvbkBvg9zqZ4sNo/1JU69yl0OiU Gt1aKpxu2Pv3kUMm0eVdt5mPhmdc2LLF4Ql3QpXImq+rnMOBryPuKg4r3tzi2vF9+aTT c2KvnpiPtFbWLMkT3hOHQ9BZ4w8drzRQJuc3ysDWb3tHng6RDGPT3+ypSWhXKwXC6NRd JIcYmomeywsftvZogkuScilR2M+ap0xkgDitcksqyTEpxD+5Mz9JPz++6BZXNHD+gwDG sux2XrdfFwpJyolnaWQZwu9xa9qAxbhVjH5NYSiS7KNZQwLRTi+jn7JK7Q5nY7MV2Fwp Ki1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=K6JRl5R+br6DBCi4IVLDFvjRzZ7JobDael1laynAGVM0vQ0xgDin7mw0SXhBawcK8n ZciE6LuVdzlVuQQmQ/5VSwq31jGN8NXUBlPl5BHK9sOsqNEciagUNP6wYqxbU8M+i2ET iMQnx5bEm/sJaKC5P02naxpsfw1gQS5IYnCFxJGqOZkfsAOuegXWzyXVUoLp5x7ubEDp 3W+c5N38cLR2jK2f4QtyPVxcJ+UW1wHQTQd8frHye7Tep9xLQkT3hQG2z57yw1IHnMQC sRM4l0Q4BfuKygiaJF1dBzBS9vTfj1EbUhawCHP2P1yvlYaG2mVpxOioncLvD3VGa0UR Gzkw== X-Gm-Message-State: APjAAAUdXoVnPRGTYVWzuX1VFE2FrtfcqvFGimld24E79KeoKhBKcrDd E56p6o634dg1+RZp/8ZEDwMVnA2c9Bzmg4cq X-Received: by 2002:adf:fc45:: with SMTP id e5mr6733064wrs.240.1561163531312; Fri, 21 Jun 2019 17:32:11 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:10 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 26/30] crypto: des - remove unused function Date: Sat, 22 Jun 2019 02:31:08 +0200 Message-Id: <20190622003112.31033-27-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Remove the old DES3 verification functions that are no longer used. Signed-off-by: Ard Biesheuvel --- include/crypto/des.h | 41 -------------------- 1 file changed, 41 deletions(-) -- 2.20.1 diff --git a/include/crypto/des.h b/include/crypto/des.h index 72c7c8e5a5a7..31b04ba835b1 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -19,47 +19,6 @@ #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE -static inline int __des3_verify_key(u32 *flags, const u8 *key) -{ - int err = -EINVAL; - u32 K[6]; - - memcpy(K, key, DES3_EDE_KEY_SIZE); - - if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || - !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (fips_enabled || - (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) - goto bad; - - if (unlikely(!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) - goto bad; - - err = 0; - -out: - memzero_explicit(K, DES3_EDE_KEY_SIZE); - - return err; - -bad: - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - goto out; -} - -static inline int des3_verify_key(struct crypto_skcipher *tfm, const u8 *key) -{ - u32 flags; - int err; - - flags = crypto_skcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - crypto_skcipher_set_flags(tfm, flags); - return err; -} - -extern unsigned long des_ekey(u32 *pe, const u8 *k); - extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen); From patchwork Sat Jun 22 00:31:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167455 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1377018ilk; Fri, 21 Jun 2019 17:32:25 -0700 (PDT) X-Google-Smtp-Source: APXvYqxdZo0eTuKW+OTN6+4dfq4q2Fi904rMRYzAHtA9jbpvYM18ino94kpWDCGREZSA5S4kZp0P X-Received: by 2002:a17:902:7603:: with SMTP id k3mr27477648pll.245.1561163545767; Fri, 21 Jun 2019 17:32:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163545; cv=none; d=google.com; s=arc-20160816; b=xPOwnB0H9/0+l7FHN7kzErNipq+uKCfZqnfivMPYYx3BSF8oL9UsPSf3eho/m6AXZ7 CN2dYZ+ODSHu4ieZ78xDe9JFTLkAGBztaG2SInktAbAj4e3g2YpiZcw3vkFzrn/F5QaN CGJ9GKSDuYZI41fAohCcy/RLlzezetup1svIRydvHjHVOYMH9P5d2kv5Ulz+x5i72QNp XKo+lqWlQxndvdmm1lbtbiXFEll/bnHklY7o5P0HzrkO6tgSj6C4aCfc758IPCz63M2f dsng9R+oO2aMmraDmW3VloDjB0p7t4tstMFjhrllJ/z8RFpXLGDchA0Tjz3R5LfPoXy4 Tepg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=CJiLszm4SFLd1ntaR2rCX7KlGsTjUJrzM4mu1AvZvJY=; b=AN1RT/EMnKYehJkNTDefC54ehISqQNqKGgJgPVb5zEe2xDdk1617NBh1SF/uxKcDqC 2TeAW2L6O5ukYoOxEKQBwv7q70oQpLXmvRqKSWMw0gIQ1xoz/M5qBEpONeqhb/YuFwPE YxYG95wAMMtqLdKLydGEWwXNhdjfWgp5IuebQIbOQEV/Y4qtsI4cbmSClJy71gENwDhz HGF+6/5PGGC5C/pLj7UHKs8iG7XzMCaCFaYnS5KG4A82KKqsjRcsuHo9szU5XQVZ+/kE vz1pxGvKxae1BMj40LM27KqZ3Svu6YrxG8e7Hpe+cmvsMLKXCUubAWGSqiWhZbRCPCON x/jQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RXYm7+xa; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.25; Fri, 21 Jun 2019 17:32:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RXYm7+xa; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726270AbfFVAcY (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:24 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:50962 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726259AbfFVAcY (ORCPT ); Fri, 21 Jun 2019 20:32:24 -0400 Received: by mail-wm1-f68.google.com with SMTP id c66so7736096wmf.0 for ; Fri, 21 Jun 2019 17:32:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=CJiLszm4SFLd1ntaR2rCX7KlGsTjUJrzM4mu1AvZvJY=; b=RXYm7+xaOoQHa6ETIBEEPwHcj54PhxBrl+eLYnnhFvS+jbK3G3JVubUMm4T35ibKV1 mLujORjvEBenblIYLAmFmG1QR7Y1RJcsfOP4LAfn7bNk5WbdiE6i9U81/LYHr8G13loH sr5VBV/vVvg+34pLmrUtjj8cjGWv2z1MS6Psk2K1vyZ413mDi0IdKpLglrdkplTs018f v/GYQ3W3O9qM2ZF4p99IRP3e6beEKhIHXowgPpt6oe12fIQzLVj4oyH4yTog8oJW3qtb gRGwe7F86G1wbUMCE87riAKl4AqGq+ZE9pFXCgaqzmAYr8hWAfmU9eN2fUrvoh1gkpVX tudQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=CJiLszm4SFLd1ntaR2rCX7KlGsTjUJrzM4mu1AvZvJY=; b=CKKw/Bsk62S4wjwCT1ayyn49F1JNAmEBlz0Q7de038eNCE8MfNxf9L0LSdbJhCcxTo EfGx65nrLFpn/FFygCQZ32y5Tv2DJL5KkIfb/KZEsegiEme0hRyq9zjVDVt2guTdfXMH ynpSiF2+0/62M1O99DID35rFmFvpiLe0ZFi/OCYTwNtk1/GY3KfjLziP/hVn4lWOwDod 8TE7uY1w1PmlAyePXqxNb5NFnzaXQUrANAK646cwjVsUhj8FfKaZA8LI/gD+rL03X/5N JLVCeyFBXGSjQDasIUpxkNj4nqK605jUnTnBdxFRJhwJeLjODYPJ/wHNnCATXkZRXxsa /ytQ== X-Gm-Message-State: APjAAAWMFjrRyDPZQtjrhqKbThwlqBGuq9jbDI4rXFWFg0SatitY8KP7 HdQhy0qAsG2kq1ahTNwIPnX3CLmPi6kflFOl X-Received: by 2002:a05:600c:224d:: with SMTP id a13mr5487598wmm.62.1561163532932; Fri, 21 Jun 2019 17:32:12 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:12 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 27/30] crypto: des - split off DES library from generic DES cipher driver Date: Sat, 22 Jun 2019 02:31:09 +0200 Message-Id: <20190622003112.31033-28-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Another one for the cipher museum: split off DES core processing into a separate module so other drivers (mostly for crypto accelerators) can reuse the code without pulling in the generic DES cipher itself. This will also permit the cipher interface to be made private to the crypto API itself once we move the only user in the kernel (CIFS) to this library interface. The resulting code is an attempt at walking the fine line between sanity and the peculiarities of the existing API (which is already used as a library interface to some extent). For instance, des_ekey() is already widely used by drivers, and so the newly introduced key expansion routine for triple-DES is called des3_ede_ekey(), and returns a 1 on success and 0 if a weak key is encountered. Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 2 +- crypto/Kconfig | 8 +- crypto/des_generic.c | 917 +------------------- drivers/crypto/Kconfig | 28 +- drivers/crypto/caam/Kconfig | 2 +- drivers/crypto/cavium/nitrox/Kconfig | 2 +- drivers/crypto/inside-secure/safexcel_cipher.c | 2 +- drivers/crypto/stm32/Kconfig | 2 +- drivers/crypto/ux500/Kconfig | 2 +- include/crypto/des.h | 24 +- include/crypto/internal/des.h | 65 +- lib/crypto/Makefile | 3 + lib/crypto/des.c | 897 +++++++++++++++++++ 13 files changed, 1026 insertions(+), 928 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index 48292a2ce66d..571966e5c542 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -21,7 +21,7 @@ */ #include -#include +#include #include #include #include diff --git a/crypto/Kconfig b/crypto/Kconfig index e801450bcb1c..ba0c0ab62ee4 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1426,9 +1426,13 @@ config CRYPTO_CAST6_AVX_X86_64 This module provides the Cast6 cipher algorithm that processes eight blocks parallel using the AVX instruction set. +config CRYPTO_LIB_DES + tristate + config CRYPTO_DES tristate "DES and Triple DES EDE cipher algorithms" select CRYPTO_ALGAPI + select CRYPTO_LIB_DES help DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). @@ -1436,7 +1440,7 @@ config CRYPTO_DES_SPARC64 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" depends on SPARC64 select CRYPTO_ALGAPI - select CRYPTO_DES + select CRYPTO_LIB_DES help DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), optimized using SPARC64 crypto opcodes. @@ -1445,7 +1449,7 @@ config CRYPTO_DES3_EDE_X86_64 tristate "Triple DES EDE cipher algorithm (x86-64)" depends on X86 && 64BIT select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help Triple DES EDE (FIPS 46-3) algorithm. diff --git a/crypto/des_generic.c b/crypto/des_generic.c index 34921f8004cc..fd0a92a471d4 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -18,832 +18,44 @@ #include #include #include -#include -#include - -#define ROL(x, r) ((x) = rol32((x), (r))) -#define ROR(x, r) ((x) = ror32((x), (r))) - -struct des_ctx { - u32 expkey[DES_EXPKEY_WORDS]; -}; - -struct des3_ede_ctx { - u32 expkey[DES3_EDE_EXPKEY_WORDS]; -}; - -/* Lookup tables for key expansion */ - -static const u8 pc1[256] = { - 0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14, - 0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54, - 0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16, - 0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56, - 0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c, - 0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c, - 0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e, - 0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e, - 0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34, - 0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74, - 0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36, - 0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76, - 0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c, - 0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c, - 0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e, - 0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e, - 0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94, - 0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4, - 0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96, - 0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6, - 0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c, - 0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc, - 0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e, - 0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde, - 0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4, - 0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4, - 0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6, - 0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6, - 0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc, - 0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc, - 0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe, - 0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe -}; - -static const u8 rs[256] = { - 0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82, - 0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86, - 0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a, - 0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e, - 0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92, - 0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96, - 0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a, - 0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e, - 0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2, - 0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6, - 0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa, - 0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae, - 0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2, - 0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6, - 0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba, - 0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe, - 0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2, - 0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6, - 0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca, - 0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce, - 0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2, - 0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6, - 0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda, - 0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde, - 0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2, - 0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6, - 0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea, - 0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee, - 0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2, - 0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6, - 0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa, - 0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe -}; - -static const u32 pc2[1024] = { - 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00040000, 0x00000000, 0x04000000, 0x00100000, - 0x00400000, 0x00000008, 0x00000800, 0x40000000, - 0x00440000, 0x00000008, 0x04000800, 0x40100000, - 0x00000400, 0x00000020, 0x08000000, 0x00000100, - 0x00040400, 0x00000020, 0x0c000000, 0x00100100, - 0x00400400, 0x00000028, 0x08000800, 0x40000100, - 0x00440400, 0x00000028, 0x0c000800, 0x40100100, - 0x80000000, 0x00000010, 0x00000000, 0x00800000, - 0x80040000, 0x00000010, 0x04000000, 0x00900000, - 0x80400000, 0x00000018, 0x00000800, 0x40800000, - 0x80440000, 0x00000018, 0x04000800, 0x40900000, - 0x80000400, 0x00000030, 0x08000000, 0x00800100, - 0x80040400, 0x00000030, 0x0c000000, 0x00900100, - 0x80400400, 0x00000038, 0x08000800, 0x40800100, - 0x80440400, 0x00000038, 0x0c000800, 0x40900100, - 0x10000000, 0x00000000, 0x00200000, 0x00001000, - 0x10040000, 0x00000000, 0x04200000, 0x00101000, - 0x10400000, 0x00000008, 0x00200800, 0x40001000, - 0x10440000, 0x00000008, 0x04200800, 0x40101000, - 0x10000400, 0x00000020, 0x08200000, 0x00001100, - 0x10040400, 0x00000020, 0x0c200000, 0x00101100, - 0x10400400, 0x00000028, 0x08200800, 0x40001100, - 0x10440400, 0x00000028, 0x0c200800, 0x40101100, - 0x90000000, 0x00000010, 0x00200000, 0x00801000, - 0x90040000, 0x00000010, 0x04200000, 0x00901000, - 0x90400000, 0x00000018, 0x00200800, 0x40801000, - 0x90440000, 0x00000018, 0x04200800, 0x40901000, - 0x90000400, 0x00000030, 0x08200000, 0x00801100, - 0x90040400, 0x00000030, 0x0c200000, 0x00901100, - 0x90400400, 0x00000038, 0x08200800, 0x40801100, - 0x90440400, 0x00000038, 0x0c200800, 0x40901100, - 0x00000200, 0x00080000, 0x00000000, 0x00000004, - 0x00040200, 0x00080000, 0x04000000, 0x00100004, - 0x00400200, 0x00080008, 0x00000800, 0x40000004, - 0x00440200, 0x00080008, 0x04000800, 0x40100004, - 0x00000600, 0x00080020, 0x08000000, 0x00000104, - 0x00040600, 0x00080020, 0x0c000000, 0x00100104, - 0x00400600, 0x00080028, 0x08000800, 0x40000104, - 0x00440600, 0x00080028, 0x0c000800, 0x40100104, - 0x80000200, 0x00080010, 0x00000000, 0x00800004, - 0x80040200, 0x00080010, 0x04000000, 0x00900004, - 0x80400200, 0x00080018, 0x00000800, 0x40800004, - 0x80440200, 0x00080018, 0x04000800, 0x40900004, - 0x80000600, 0x00080030, 0x08000000, 0x00800104, - 0x80040600, 0x00080030, 0x0c000000, 0x00900104, - 0x80400600, 0x00080038, 0x08000800, 0x40800104, - 0x80440600, 0x00080038, 0x0c000800, 0x40900104, - 0x10000200, 0x00080000, 0x00200000, 0x00001004, - 0x10040200, 0x00080000, 0x04200000, 0x00101004, - 0x10400200, 0x00080008, 0x00200800, 0x40001004, - 0x10440200, 0x00080008, 0x04200800, 0x40101004, - 0x10000600, 0x00080020, 0x08200000, 0x00001104, - 0x10040600, 0x00080020, 0x0c200000, 0x00101104, - 0x10400600, 0x00080028, 0x08200800, 0x40001104, - 0x10440600, 0x00080028, 0x0c200800, 0x40101104, - 0x90000200, 0x00080010, 0x00200000, 0x00801004, - 0x90040200, 0x00080010, 0x04200000, 0x00901004, - 0x90400200, 0x00080018, 0x00200800, 0x40801004, - 0x90440200, 0x00080018, 0x04200800, 0x40901004, - 0x90000600, 0x00080030, 0x08200000, 0x00801104, - 0x90040600, 0x00080030, 0x0c200000, 0x00901104, - 0x90400600, 0x00080038, 0x08200800, 0x40801104, - 0x90440600, 0x00080038, 0x0c200800, 0x40901104, - 0x00000002, 0x00002000, 0x20000000, 0x00000001, - 0x00040002, 0x00002000, 0x24000000, 0x00100001, - 0x00400002, 0x00002008, 0x20000800, 0x40000001, - 0x00440002, 0x00002008, 0x24000800, 0x40100001, - 0x00000402, 0x00002020, 0x28000000, 0x00000101, - 0x00040402, 0x00002020, 0x2c000000, 0x00100101, - 0x00400402, 0x00002028, 0x28000800, 0x40000101, - 0x00440402, 0x00002028, 0x2c000800, 0x40100101, - 0x80000002, 0x00002010, 0x20000000, 0x00800001, - 0x80040002, 0x00002010, 0x24000000, 0x00900001, - 0x80400002, 0x00002018, 0x20000800, 0x40800001, - 0x80440002, 0x00002018, 0x24000800, 0x40900001, - 0x80000402, 0x00002030, 0x28000000, 0x00800101, - 0x80040402, 0x00002030, 0x2c000000, 0x00900101, - 0x80400402, 0x00002038, 0x28000800, 0x40800101, - 0x80440402, 0x00002038, 0x2c000800, 0x40900101, - 0x10000002, 0x00002000, 0x20200000, 0x00001001, - 0x10040002, 0x00002000, 0x24200000, 0x00101001, - 0x10400002, 0x00002008, 0x20200800, 0x40001001, - 0x10440002, 0x00002008, 0x24200800, 0x40101001, - 0x10000402, 0x00002020, 0x28200000, 0x00001101, - 0x10040402, 0x00002020, 0x2c200000, 0x00101101, - 0x10400402, 0x00002028, 0x28200800, 0x40001101, - 0x10440402, 0x00002028, 0x2c200800, 0x40101101, - 0x90000002, 0x00002010, 0x20200000, 0x00801001, - 0x90040002, 0x00002010, 0x24200000, 0x00901001, - 0x90400002, 0x00002018, 0x20200800, 0x40801001, - 0x90440002, 0x00002018, 0x24200800, 0x40901001, - 0x90000402, 0x00002030, 0x28200000, 0x00801101, - 0x90040402, 0x00002030, 0x2c200000, 0x00901101, - 0x90400402, 0x00002038, 0x28200800, 0x40801101, - 0x90440402, 0x00002038, 0x2c200800, 0x40901101, - 0x00000202, 0x00082000, 0x20000000, 0x00000005, - 0x00040202, 0x00082000, 0x24000000, 0x00100005, - 0x00400202, 0x00082008, 0x20000800, 0x40000005, - 0x00440202, 0x00082008, 0x24000800, 0x40100005, - 0x00000602, 0x00082020, 0x28000000, 0x00000105, - 0x00040602, 0x00082020, 0x2c000000, 0x00100105, - 0x00400602, 0x00082028, 0x28000800, 0x40000105, - 0x00440602, 0x00082028, 0x2c000800, 0x40100105, - 0x80000202, 0x00082010, 0x20000000, 0x00800005, - 0x80040202, 0x00082010, 0x24000000, 0x00900005, - 0x80400202, 0x00082018, 0x20000800, 0x40800005, - 0x80440202, 0x00082018, 0x24000800, 0x40900005, - 0x80000602, 0x00082030, 0x28000000, 0x00800105, - 0x80040602, 0x00082030, 0x2c000000, 0x00900105, - 0x80400602, 0x00082038, 0x28000800, 0x40800105, - 0x80440602, 0x00082038, 0x2c000800, 0x40900105, - 0x10000202, 0x00082000, 0x20200000, 0x00001005, - 0x10040202, 0x00082000, 0x24200000, 0x00101005, - 0x10400202, 0x00082008, 0x20200800, 0x40001005, - 0x10440202, 0x00082008, 0x24200800, 0x40101005, - 0x10000602, 0x00082020, 0x28200000, 0x00001105, - 0x10040602, 0x00082020, 0x2c200000, 0x00101105, - 0x10400602, 0x00082028, 0x28200800, 0x40001105, - 0x10440602, 0x00082028, 0x2c200800, 0x40101105, - 0x90000202, 0x00082010, 0x20200000, 0x00801005, - 0x90040202, 0x00082010, 0x24200000, 0x00901005, - 0x90400202, 0x00082018, 0x20200800, 0x40801005, - 0x90440202, 0x00082018, 0x24200800, 0x40901005, - 0x90000602, 0x00082030, 0x28200000, 0x00801105, - 0x90040602, 0x00082030, 0x2c200000, 0x00901105, - 0x90400602, 0x00082038, 0x28200800, 0x40801105, - 0x90440602, 0x00082038, 0x2c200800, 0x40901105, - - 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00000000, 0x00000008, 0x00080000, 0x10000000, - 0x02000000, 0x00000000, 0x00000080, 0x00001000, - 0x02000000, 0x00000008, 0x00080080, 0x10001000, - 0x00004000, 0x00000000, 0x00000040, 0x00040000, - 0x00004000, 0x00000008, 0x00080040, 0x10040000, - 0x02004000, 0x00000000, 0x000000c0, 0x00041000, - 0x02004000, 0x00000008, 0x000800c0, 0x10041000, - 0x00020000, 0x00008000, 0x08000000, 0x00200000, - 0x00020000, 0x00008008, 0x08080000, 0x10200000, - 0x02020000, 0x00008000, 0x08000080, 0x00201000, - 0x02020000, 0x00008008, 0x08080080, 0x10201000, - 0x00024000, 0x00008000, 0x08000040, 0x00240000, - 0x00024000, 0x00008008, 0x08080040, 0x10240000, - 0x02024000, 0x00008000, 0x080000c0, 0x00241000, - 0x02024000, 0x00008008, 0x080800c0, 0x10241000, - 0x00000000, 0x01000000, 0x00002000, 0x00000020, - 0x00000000, 0x01000008, 0x00082000, 0x10000020, - 0x02000000, 0x01000000, 0x00002080, 0x00001020, - 0x02000000, 0x01000008, 0x00082080, 0x10001020, - 0x00004000, 0x01000000, 0x00002040, 0x00040020, - 0x00004000, 0x01000008, 0x00082040, 0x10040020, - 0x02004000, 0x01000000, 0x000020c0, 0x00041020, - 0x02004000, 0x01000008, 0x000820c0, 0x10041020, - 0x00020000, 0x01008000, 0x08002000, 0x00200020, - 0x00020000, 0x01008008, 0x08082000, 0x10200020, - 0x02020000, 0x01008000, 0x08002080, 0x00201020, - 0x02020000, 0x01008008, 0x08082080, 0x10201020, - 0x00024000, 0x01008000, 0x08002040, 0x00240020, - 0x00024000, 0x01008008, 0x08082040, 0x10240020, - 0x02024000, 0x01008000, 0x080020c0, 0x00241020, - 0x02024000, 0x01008008, 0x080820c0, 0x10241020, - 0x00000400, 0x04000000, 0x00100000, 0x00000004, - 0x00000400, 0x04000008, 0x00180000, 0x10000004, - 0x02000400, 0x04000000, 0x00100080, 0x00001004, - 0x02000400, 0x04000008, 0x00180080, 0x10001004, - 0x00004400, 0x04000000, 0x00100040, 0x00040004, - 0x00004400, 0x04000008, 0x00180040, 0x10040004, - 0x02004400, 0x04000000, 0x001000c0, 0x00041004, - 0x02004400, 0x04000008, 0x001800c0, 0x10041004, - 0x00020400, 0x04008000, 0x08100000, 0x00200004, - 0x00020400, 0x04008008, 0x08180000, 0x10200004, - 0x02020400, 0x04008000, 0x08100080, 0x00201004, - 0x02020400, 0x04008008, 0x08180080, 0x10201004, - 0x00024400, 0x04008000, 0x08100040, 0x00240004, - 0x00024400, 0x04008008, 0x08180040, 0x10240004, - 0x02024400, 0x04008000, 0x081000c0, 0x00241004, - 0x02024400, 0x04008008, 0x081800c0, 0x10241004, - 0x00000400, 0x05000000, 0x00102000, 0x00000024, - 0x00000400, 0x05000008, 0x00182000, 0x10000024, - 0x02000400, 0x05000000, 0x00102080, 0x00001024, - 0x02000400, 0x05000008, 0x00182080, 0x10001024, - 0x00004400, 0x05000000, 0x00102040, 0x00040024, - 0x00004400, 0x05000008, 0x00182040, 0x10040024, - 0x02004400, 0x05000000, 0x001020c0, 0x00041024, - 0x02004400, 0x05000008, 0x001820c0, 0x10041024, - 0x00020400, 0x05008000, 0x08102000, 0x00200024, - 0x00020400, 0x05008008, 0x08182000, 0x10200024, - 0x02020400, 0x05008000, 0x08102080, 0x00201024, - 0x02020400, 0x05008008, 0x08182080, 0x10201024, - 0x00024400, 0x05008000, 0x08102040, 0x00240024, - 0x00024400, 0x05008008, 0x08182040, 0x10240024, - 0x02024400, 0x05008000, 0x081020c0, 0x00241024, - 0x02024400, 0x05008008, 0x081820c0, 0x10241024, - 0x00000800, 0x00010000, 0x20000000, 0x00000010, - 0x00000800, 0x00010008, 0x20080000, 0x10000010, - 0x02000800, 0x00010000, 0x20000080, 0x00001010, - 0x02000800, 0x00010008, 0x20080080, 0x10001010, - 0x00004800, 0x00010000, 0x20000040, 0x00040010, - 0x00004800, 0x00010008, 0x20080040, 0x10040010, - 0x02004800, 0x00010000, 0x200000c0, 0x00041010, - 0x02004800, 0x00010008, 0x200800c0, 0x10041010, - 0x00020800, 0x00018000, 0x28000000, 0x00200010, - 0x00020800, 0x00018008, 0x28080000, 0x10200010, - 0x02020800, 0x00018000, 0x28000080, 0x00201010, - 0x02020800, 0x00018008, 0x28080080, 0x10201010, - 0x00024800, 0x00018000, 0x28000040, 0x00240010, - 0x00024800, 0x00018008, 0x28080040, 0x10240010, - 0x02024800, 0x00018000, 0x280000c0, 0x00241010, - 0x02024800, 0x00018008, 0x280800c0, 0x10241010, - 0x00000800, 0x01010000, 0x20002000, 0x00000030, - 0x00000800, 0x01010008, 0x20082000, 0x10000030, - 0x02000800, 0x01010000, 0x20002080, 0x00001030, - 0x02000800, 0x01010008, 0x20082080, 0x10001030, - 0x00004800, 0x01010000, 0x20002040, 0x00040030, - 0x00004800, 0x01010008, 0x20082040, 0x10040030, - 0x02004800, 0x01010000, 0x200020c0, 0x00041030, - 0x02004800, 0x01010008, 0x200820c0, 0x10041030, - 0x00020800, 0x01018000, 0x28002000, 0x00200030, - 0x00020800, 0x01018008, 0x28082000, 0x10200030, - 0x02020800, 0x01018000, 0x28002080, 0x00201030, - 0x02020800, 0x01018008, 0x28082080, 0x10201030, - 0x00024800, 0x01018000, 0x28002040, 0x00240030, - 0x00024800, 0x01018008, 0x28082040, 0x10240030, - 0x02024800, 0x01018000, 0x280020c0, 0x00241030, - 0x02024800, 0x01018008, 0x280820c0, 0x10241030, - 0x00000c00, 0x04010000, 0x20100000, 0x00000014, - 0x00000c00, 0x04010008, 0x20180000, 0x10000014, - 0x02000c00, 0x04010000, 0x20100080, 0x00001014, - 0x02000c00, 0x04010008, 0x20180080, 0x10001014, - 0x00004c00, 0x04010000, 0x20100040, 0x00040014, - 0x00004c00, 0x04010008, 0x20180040, 0x10040014, - 0x02004c00, 0x04010000, 0x201000c0, 0x00041014, - 0x02004c00, 0x04010008, 0x201800c0, 0x10041014, - 0x00020c00, 0x04018000, 0x28100000, 0x00200014, - 0x00020c00, 0x04018008, 0x28180000, 0x10200014, - 0x02020c00, 0x04018000, 0x28100080, 0x00201014, - 0x02020c00, 0x04018008, 0x28180080, 0x10201014, - 0x00024c00, 0x04018000, 0x28100040, 0x00240014, - 0x00024c00, 0x04018008, 0x28180040, 0x10240014, - 0x02024c00, 0x04018000, 0x281000c0, 0x00241014, - 0x02024c00, 0x04018008, 0x281800c0, 0x10241014, - 0x00000c00, 0x05010000, 0x20102000, 0x00000034, - 0x00000c00, 0x05010008, 0x20182000, 0x10000034, - 0x02000c00, 0x05010000, 0x20102080, 0x00001034, - 0x02000c00, 0x05010008, 0x20182080, 0x10001034, - 0x00004c00, 0x05010000, 0x20102040, 0x00040034, - 0x00004c00, 0x05010008, 0x20182040, 0x10040034, - 0x02004c00, 0x05010000, 0x201020c0, 0x00041034, - 0x02004c00, 0x05010008, 0x201820c0, 0x10041034, - 0x00020c00, 0x05018000, 0x28102000, 0x00200034, - 0x00020c00, 0x05018008, 0x28182000, 0x10200034, - 0x02020c00, 0x05018000, 0x28102080, 0x00201034, - 0x02020c00, 0x05018008, 0x28182080, 0x10201034, - 0x00024c00, 0x05018000, 0x28102040, 0x00240034, - 0x00024c00, 0x05018008, 0x28182040, 0x10240034, - 0x02024c00, 0x05018000, 0x281020c0, 0x00241034, - 0x02024c00, 0x05018008, 0x281820c0, 0x10241034 -}; - -/* S-box lookup tables */ - -static const u32 S1[64] = { - 0x01010400, 0x00000000, 0x00010000, 0x01010404, - 0x01010004, 0x00010404, 0x00000004, 0x00010000, - 0x00000400, 0x01010400, 0x01010404, 0x00000400, - 0x01000404, 0x01010004, 0x01000000, 0x00000004, - 0x00000404, 0x01000400, 0x01000400, 0x00010400, - 0x00010400, 0x01010000, 0x01010000, 0x01000404, - 0x00010004, 0x01000004, 0x01000004, 0x00010004, - 0x00000000, 0x00000404, 0x00010404, 0x01000000, - 0x00010000, 0x01010404, 0x00000004, 0x01010000, - 0x01010400, 0x01000000, 0x01000000, 0x00000400, - 0x01010004, 0x00010000, 0x00010400, 0x01000004, - 0x00000400, 0x00000004, 0x01000404, 0x00010404, - 0x01010404, 0x00010004, 0x01010000, 0x01000404, - 0x01000004, 0x00000404, 0x00010404, 0x01010400, - 0x00000404, 0x01000400, 0x01000400, 0x00000000, - 0x00010004, 0x00010400, 0x00000000, 0x01010004 -}; - -static const u32 S2[64] = { - 0x80108020, 0x80008000, 0x00008000, 0x00108020, - 0x00100000, 0x00000020, 0x80100020, 0x80008020, - 0x80000020, 0x80108020, 0x80108000, 0x80000000, - 0x80008000, 0x00100000, 0x00000020, 0x80100020, - 0x00108000, 0x00100020, 0x80008020, 0x00000000, - 0x80000000, 0x00008000, 0x00108020, 0x80100000, - 0x00100020, 0x80000020, 0x00000000, 0x00108000, - 0x00008020, 0x80108000, 0x80100000, 0x00008020, - 0x00000000, 0x00108020, 0x80100020, 0x00100000, - 0x80008020, 0x80100000, 0x80108000, 0x00008000, - 0x80100000, 0x80008000, 0x00000020, 0x80108020, - 0x00108020, 0x00000020, 0x00008000, 0x80000000, - 0x00008020, 0x80108000, 0x00100000, 0x80000020, - 0x00100020, 0x80008020, 0x80000020, 0x00100020, - 0x00108000, 0x00000000, 0x80008000, 0x00008020, - 0x80000000, 0x80100020, 0x80108020, 0x00108000 -}; - -static const u32 S3[64] = { - 0x00000208, 0x08020200, 0x00000000, 0x08020008, - 0x08000200, 0x00000000, 0x00020208, 0x08000200, - 0x00020008, 0x08000008, 0x08000008, 0x00020000, - 0x08020208, 0x00020008, 0x08020000, 0x00000208, - 0x08000000, 0x00000008, 0x08020200, 0x00000200, - 0x00020200, 0x08020000, 0x08020008, 0x00020208, - 0x08000208, 0x00020200, 0x00020000, 0x08000208, - 0x00000008, 0x08020208, 0x00000200, 0x08000000, - 0x08020200, 0x08000000, 0x00020008, 0x00000208, - 0x00020000, 0x08020200, 0x08000200, 0x00000000, - 0x00000200, 0x00020008, 0x08020208, 0x08000200, - 0x08000008, 0x00000200, 0x00000000, 0x08020008, - 0x08000208, 0x00020000, 0x08000000, 0x08020208, - 0x00000008, 0x00020208, 0x00020200, 0x08000008, - 0x08020000, 0x08000208, 0x00000208, 0x08020000, - 0x00020208, 0x00000008, 0x08020008, 0x00020200 -}; - -static const u32 S4[64] = { - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802080, 0x00800081, 0x00800001, 0x00002001, - 0x00000000, 0x00802000, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00800080, 0x00800001, - 0x00000001, 0x00002000, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002001, 0x00002080, - 0x00800081, 0x00000001, 0x00002080, 0x00800080, - 0x00002000, 0x00802080, 0x00802081, 0x00000081, - 0x00800080, 0x00800001, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00000000, 0x00802000, - 0x00002080, 0x00800080, 0x00800081, 0x00000001, - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802081, 0x00000081, 0x00000001, 0x00002000, - 0x00800001, 0x00002001, 0x00802080, 0x00800081, - 0x00002001, 0x00002080, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002000, 0x00802080 -}; - -static const u32 S5[64] = { - 0x00000100, 0x02080100, 0x02080000, 0x42000100, - 0x00080000, 0x00000100, 0x40000000, 0x02080000, - 0x40080100, 0x00080000, 0x02000100, 0x40080100, - 0x42000100, 0x42080000, 0x00080100, 0x40000000, - 0x02000000, 0x40080000, 0x40080000, 0x00000000, - 0x40000100, 0x42080100, 0x42080100, 0x02000100, - 0x42080000, 0x40000100, 0x00000000, 0x42000000, - 0x02080100, 0x02000000, 0x42000000, 0x00080100, - 0x00080000, 0x42000100, 0x00000100, 0x02000000, - 0x40000000, 0x02080000, 0x42000100, 0x40080100, - 0x02000100, 0x40000000, 0x42080000, 0x02080100, - 0x40080100, 0x00000100, 0x02000000, 0x42080000, - 0x42080100, 0x00080100, 0x42000000, 0x42080100, - 0x02080000, 0x00000000, 0x40080000, 0x42000000, - 0x00080100, 0x02000100, 0x40000100, 0x00080000, - 0x00000000, 0x40080000, 0x02080100, 0x40000100 -}; - -static const u32 S6[64] = { - 0x20000010, 0x20400000, 0x00004000, 0x20404010, - 0x20400000, 0x00000010, 0x20404010, 0x00400000, - 0x20004000, 0x00404010, 0x00400000, 0x20000010, - 0x00400010, 0x20004000, 0x20000000, 0x00004010, - 0x00000000, 0x00400010, 0x20004010, 0x00004000, - 0x00404000, 0x20004010, 0x00000010, 0x20400010, - 0x20400010, 0x00000000, 0x00404010, 0x20404000, - 0x00004010, 0x00404000, 0x20404000, 0x20000000, - 0x20004000, 0x00000010, 0x20400010, 0x00404000, - 0x20404010, 0x00400000, 0x00004010, 0x20000010, - 0x00400000, 0x20004000, 0x20000000, 0x00004010, - 0x20000010, 0x20404010, 0x00404000, 0x20400000, - 0x00404010, 0x20404000, 0x00000000, 0x20400010, - 0x00000010, 0x00004000, 0x20400000, 0x00404010, - 0x00004000, 0x00400010, 0x20004010, 0x00000000, - 0x20404000, 0x20000000, 0x00400010, 0x20004010 -}; - -static const u32 S7[64] = { - 0x00200000, 0x04200002, 0x04000802, 0x00000000, - 0x00000800, 0x04000802, 0x00200802, 0x04200800, - 0x04200802, 0x00200000, 0x00000000, 0x04000002, - 0x00000002, 0x04000000, 0x04200002, 0x00000802, - 0x04000800, 0x00200802, 0x00200002, 0x04000800, - 0x04000002, 0x04200000, 0x04200800, 0x00200002, - 0x04200000, 0x00000800, 0x00000802, 0x04200802, - 0x00200800, 0x00000002, 0x04000000, 0x00200800, - 0x04000000, 0x00200800, 0x00200000, 0x04000802, - 0x04000802, 0x04200002, 0x04200002, 0x00000002, - 0x00200002, 0x04000000, 0x04000800, 0x00200000, - 0x04200800, 0x00000802, 0x00200802, 0x04200800, - 0x00000802, 0x04000002, 0x04200802, 0x04200000, - 0x00200800, 0x00000000, 0x00000002, 0x04200802, - 0x00000000, 0x00200802, 0x04200000, 0x00000800, - 0x04000002, 0x04000800, 0x00000800, 0x00200002 -}; - -static const u32 S8[64] = { - 0x10001040, 0x00001000, 0x00040000, 0x10041040, - 0x10000000, 0x10001040, 0x00000040, 0x10000000, - 0x00040040, 0x10040000, 0x10041040, 0x00041000, - 0x10041000, 0x00041040, 0x00001000, 0x00000040, - 0x10040000, 0x10000040, 0x10001000, 0x00001040, - 0x00041000, 0x00040040, 0x10040040, 0x10041000, - 0x00001040, 0x00000000, 0x00000000, 0x10040040, - 0x10000040, 0x10001000, 0x00041040, 0x00040000, - 0x00041040, 0x00040000, 0x10041000, 0x00001000, - 0x00000040, 0x10040040, 0x00001000, 0x00041040, - 0x10001000, 0x00000040, 0x10000040, 0x10040000, - 0x10040040, 0x10000000, 0x00040000, 0x10001040, - 0x00000000, 0x10041040, 0x00040040, 0x10000040, - 0x10040000, 0x10001000, 0x10001040, 0x00000000, - 0x10041040, 0x00041000, 0x00041000, 0x00001040, - 0x00001040, 0x00040040, 0x10000000, 0x10041000 -}; - -/* Encryption components: IP, FP, and round function */ - -#define IP(L, R, T) \ - ROL(R, 4); \ - T = L; \ - L ^= R; \ - L &= 0xf0f0f0f0; \ - R ^= L; \ - L ^= T; \ - ROL(R, 12); \ - T = L; \ - L ^= R; \ - L &= 0xffff0000; \ - R ^= L; \ - L ^= T; \ - ROR(R, 14); \ - T = L; \ - L ^= R; \ - L &= 0xcccccccc; \ - R ^= L; \ - L ^= T; \ - ROL(R, 6); \ - T = L; \ - L ^= R; \ - L &= 0xff00ff00; \ - R ^= L; \ - L ^= T; \ - ROR(R, 7); \ - T = L; \ - L ^= R; \ - L &= 0xaaaaaaaa; \ - R ^= L; \ - L ^= T; \ - ROL(L, 1); - -#define FP(L, R, T) \ - ROR(L, 1); \ - T = L; \ - L ^= R; \ - L &= 0xaaaaaaaa; \ - R ^= L; \ - L ^= T; \ - ROL(R, 7); \ - T = L; \ - L ^= R; \ - L &= 0xff00ff00; \ - R ^= L; \ - L ^= T; \ - ROR(R, 6); \ - T = L; \ - L ^= R; \ - L &= 0xcccccccc; \ - R ^= L; \ - L ^= T; \ - ROL(R, 14); \ - T = L; \ - L ^= R; \ - L &= 0xffff0000; \ - R ^= L; \ - L ^= T; \ - ROR(R, 12); \ - T = L; \ - L ^= R; \ - L &= 0xf0f0f0f0; \ - R ^= L; \ - L ^= T; \ - ROR(R, 4); - -#define ROUND(L, R, A, B, K, d) \ - B = K[0]; A = K[1]; K += d; \ - B ^= R; A ^= R; \ - B &= 0x3f3f3f3f; ROR(A, 4); \ - L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \ - L ^= S6[0xff & (B >> 8)]; B >>= 16; \ - L ^= S7[0xff & A]; \ - L ^= S5[0xff & (A >> 8)]; A >>= 16; \ - L ^= S4[0xff & B]; \ - L ^= S2[0xff & (B >> 8)]; \ - L ^= S3[0xff & A]; \ - L ^= S1[0xff & (A >> 8)]; - -/* - * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved - * tables of 128 elements. One set is for C_i and the other for D_i, while - * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i. - * - * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i - * or D_i in bits 7-1 (bit 0 being the least significant). - */ - -#define T1(x) pt[2 * (x) + 0] -#define T2(x) pt[2 * (x) + 1] -#define T3(x) pt[2 * (x) + 2] -#define T4(x) pt[2 * (x) + 3] - -#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) - -/* - * Encryption key expansion - * - * RFC2451: Weak key checks SHOULD be performed. - * - * FIPS 74: - * - * Keys having duals are keys which produce all zeros, all ones, or - * alternating zero-one patterns in the C and D registers after Permuted - * Choice 1 has operated on the key. - * - */ -unsigned long des_ekey(u32 *pe, const u8 *k) -{ - /* K&R: long is at least 32 bits */ - unsigned long a, b, c, d, w; - const u32 *pt = pc2; - - d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; - c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; - b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; - a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; - - pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; - pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; - pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); - - /* Check if first half is weak */ - w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); - - /* Skip to next table set */ - pt += 512; - - d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; - c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; - b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; - a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; - - /* Check if second half is weak */ - w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); - - pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; - pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; - pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); - - /* Fixup: 2413 5768 -> 1357 2468 */ - for (d = 0; d < 16; ++d) { - a = pe[2 * d]; - b = pe[2 * d + 1]; - c = a ^ b; - c &= 0xffff0000; - a ^= c; - b ^= c; - ROL(b, 18); - pe[2 * d] = a; - pe[2 * d + 1] = b; - } - - /* Zero if weak key */ - return w; -} -EXPORT_SYMBOL_GPL(des_ekey); - -/* - * Decryption key expansion - * - * No weak key checking is performed, as this is only used by triple DES - * - */ -static void dkey(u32 *pe, const u8 *k) -{ - /* K&R: long is at least 32 bits */ - unsigned long a, b, c, d; - const u32 *pt = pc2; - - d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; - c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; - b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; - a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; - - pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; - pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; - pe[15 * 2] = DES_PC2(b, c, d, a); - - /* Skip to next table set */ - pt += 512; - - d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; - c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; - b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; - a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; - - pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; - pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; - pe[15 * 2 + 1] = DES_PC2(b, c, d, a); - - /* Fixup: 2413 5768 -> 1357 2468 */ - for (d = 0; d < 16; ++d) { - a = pe[2 * d]; - b = pe[2 * d + 1]; - c = a ^ b; - c &= 0xffff0000; - a ^= c; - b ^= c; - ROL(b, 18); - pe[2 * d] = a; - pe[2 * d + 1] = b; - } -} +#include static int des_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - /* Expand to tmp */ - ret = des_ekey(tmp, key); + int err; - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; + if (keylen != DES_KEY_SIZE) { + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); return -EINVAL; } - /* Copy to output */ - memcpy(dctx->expkey, tmp, sizeof(dctx->expkey)); + err = des_expand_key(dctx, key, keylen); + if (err == -ENOKEY && + !(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) + err = 0; - return 0; + if (err) { + memzero_explicit(dctx, sizeof(*dctx)); + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + } + return err; } -static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { - struct des_ctx *ctx = crypto_tfm_ctx(tfm); - const u32 *K = ctx->expkey; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + const struct des_ctx *dctx = crypto_tfm_ctx(tfm); - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des_encrypt(dctx, dst, src); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { - struct des_ctx *ctx = crypto_tfm_ctx(tfm); - const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + const struct des_ctx *dctx = crypto_tfm_ctx(tfm); - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des_decrypt(dctx, dst, src); } int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, @@ -863,76 +75,39 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *expkey = dctx->expkey; int err; - err = des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key, keylen); - if (unlikely(err)) - return err; - - return __des3_ede_setkey(expkey, flags, key, keylen); -} - -static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) -{ - struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - const u32 *K = dctx->expkey; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; + if (keylen != DES3_EDE_KEY_SIZE) { + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + err = des3_ede_expand_key(dctx, key, keylen); + if (err == -ENOKEY && + !(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) + err = 0; - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - for (i = 0; i < 8; i++) { - ROUND(R, L, A, B, K, 2); - ROUND(L, R, A, B, K, 2); - } - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); + if (err) { + memzero_explicit(dctx, sizeof(*dctx)); + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + return err; } -static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, + const u8 *src) { - struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; + const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + des3_ede_encrypt(dctx, dst, src); +} - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - for (i = 0; i < 8; i++) { - ROUND(R, L, A, B, K, -2); - ROUND(L, R, A, B, K, -2); - } - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - FP(R, L, A); +static void crypto_des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, + const u8 *src) +{ + const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des3_ede_decrypt(dctx, dst, src); } static struct crypto_alg des_algs[2] = { { @@ -943,13 +118,12 @@ static struct crypto_alg des_algs[2] = { { .cra_blocksize = DES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct des_ctx), .cra_module = THIS_MODULE, - .cra_alignmask = 3, .cra_u = { .cipher = { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_setkey, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt } } + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt } } }, { .cra_name = "des3_ede", .cra_driver_name = "des3_ede-generic", @@ -958,13 +132,12 @@ static struct crypto_alg des_algs[2] = { { .cra_blocksize = DES3_EDE_BLOCK_SIZE, .cra_ctxsize = sizeof(struct des3_ede_ctx), .cra_module = THIS_MODULE, - .cra_alignmask = 3, .cra_u = { .cipher = { .cia_min_keysize = DES3_EDE_KEY_SIZE, .cia_max_keysize = DES3_EDE_KEY_SIZE, .cia_setkey = des3_ede_setkey, - .cia_encrypt = des3_ede_encrypt, - .cia_decrypt = des3_ede_decrypt } } + .cia_encrypt = crypto_des3_ede_encrypt, + .cia_decrypt = crypto_des3_ede_decrypt } } } }; static int __init des_generic_mod_init(void) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 67af688d7d84..ef4d2db69837 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -149,7 +149,7 @@ config CRYPTO_DES_S390 depends on S390 select CRYPTO_ALGAPI select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help This is the s390 hardware accelerated implementation of the DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). @@ -214,7 +214,7 @@ config CRYPTO_DEV_MARVELL_CESA tristate "Marvell's Cryptographic Engine driver" depends on PLAT_ORION || ARCH_MVEBU select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_HASH select SRAM @@ -226,7 +226,7 @@ config CRYPTO_DEV_MARVELL_CESA config CRYPTO_DEV_NIAGARA2 tristate "Niagara2 Stream Processing Unit driver" - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_HASH select CRYPTO_MD5 @@ -243,7 +243,7 @@ config CRYPTO_DEV_NIAGARA2 config CRYPTO_DEV_HIFN_795X tristate "Driver HIFN 795x crypto accelerator chips" - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select HW_RANDOM if CRYPTO_DEV_HIFN_795X_RNG depends on PCI @@ -299,7 +299,7 @@ config CRYPTO_DEV_TALITOS2 config CRYPTO_DEV_IXP4XX tristate "Driver for IXP4xx crypto hardware acceleration" depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER @@ -365,7 +365,7 @@ config CRYPTO_DEV_OMAP_AES config CRYPTO_DEV_OMAP_DES tristate "Support for OMAP DES/3DES hw engine" depends on ARCH_OMAP2PLUS - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_ENGINE help @@ -383,7 +383,7 @@ config CRYPTO_DEV_PICOXCELL select CRYPTO_AES select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_CBC select CRYPTO_ECB select CRYPTO_SEQIV @@ -496,7 +496,7 @@ config CRYPTO_DEV_ATMEL_AES config CRYPTO_DEV_ATMEL_TDES tristate "Support for Atmel DES/TDES hw accelerator" depends on ARCH_AT91 || COMPILE_TEST - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER help Some Atmel processors have DES/TDES hw accelerator. @@ -594,7 +594,7 @@ config CRYPTO_DEV_QCE depends on ARCH_QCOM || COMPILE_TEST depends on HAS_IOMEM select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_ECB select CRYPTO_CBC select CRYPTO_XTS @@ -642,7 +642,7 @@ config CRYPTO_DEV_SUN4I_SS select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER help Some Allwinner SoC have a crypto accelerator named @@ -665,7 +665,7 @@ config CRYPTO_DEV_ROCKCHIP tristate "Rockchip's Cryptographic Engine driver" depends on OF && ARCH_ROCKCHIP select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 @@ -702,7 +702,7 @@ config CRYPTO_DEV_BCM_SPU depends on MAILBOX default m select CRYPTO_AUTHENC - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 @@ -721,7 +721,7 @@ config CRYPTO_DEV_SAFEXCEL select CRYPTO_AES select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_HASH select CRYPTO_HMAC select CRYPTO_MD5 @@ -759,7 +759,7 @@ config CRYPTO_DEV_CCREE default n select CRYPTO_HASH select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_SHA1 diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig index 3720ddabb507..4a358391b6cb 100644 --- a/drivers/crypto/caam/Kconfig +++ b/drivers/crypto/caam/Kconfig @@ -98,7 +98,7 @@ config CRYPTO_DEV_FSL_CAAM_CRYPTO_API select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help Selecting this will offload crypto for users of the scatterlist crypto API (such as the linux native IPSec diff --git a/drivers/crypto/cavium/nitrox/Kconfig b/drivers/crypto/cavium/nitrox/Kconfig index 181a1dfec932..1a6b51563154 100644 --- a/drivers/crypto/cavium/nitrox/Kconfig +++ b/drivers/crypto/cavium/nitrox/Kconfig @@ -5,7 +5,7 @@ config CRYPTO_DEV_NITROX tristate select CRYPTO_BLKCIPHER select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select FW_LOADER config CRYPTO_DEV_NITROX_CNN55XX diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index 82cc6f003bc9..b05431f20750 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -12,7 +12,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig index 4491e2197d9f..ceeaa10b2829 100644 --- a/drivers/crypto/stm32/Kconfig +++ b/drivers/crypto/stm32/Kconfig @@ -24,7 +24,7 @@ config CRYPTO_DEV_STM32_CRYP depends on ARCH_STM32 select CRYPTO_HASH select CRYPTO_ENGINE - select CRYPTO_DES + select CRYPTO_LIB_DES help This enables support for the CRYP (AES/DES/TDES) hw accelerator which can be found on STMicroelectronics STM32 SOC. diff --git a/drivers/crypto/ux500/Kconfig b/drivers/crypto/ux500/Kconfig index 0e338bf6dfb7..cbb16d6a9aa9 100644 --- a/drivers/crypto/ux500/Kconfig +++ b/drivers/crypto/ux500/Kconfig @@ -9,7 +9,7 @@ config CRYPTO_DEV_UX500_CRYP depends on CRYPTO_DEV_UX500 select CRYPTO_ALGAPI select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help This selects the crypto driver for the UX500_CRYP hardware. It supports AES-ECB, CBC and CTR with keys sizes of 128, 192 and 256 bit sizes. diff --git a/include/crypto/des.h b/include/crypto/des.h index 31b04ba835b1..2c9cc198b214 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -6,10 +6,7 @@ #ifndef __CRYPTO_DES_H #define __CRYPTO_DES_H -#include -#include -#include -#include +#include #define DES_KEY_SIZE 8 #define DES_EXPKEY_WORDS 32 @@ -19,6 +16,25 @@ #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE +struct des_ctx { + u32 expkey[DES_EXPKEY_WORDS]; +}; + +struct des3_ede_ctx { + u32 expkey[DES3_EDE_EXPKEY_WORDS]; +}; + +void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src); +void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src); + +void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src); +void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src); + +int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen); + +int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, + unsigned int keylen); + extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen); diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h index e33b32c496cd..7fc94e72710c 100644 --- a/include/crypto/internal/des.h +++ b/include/crypto/internal/des.h @@ -13,27 +13,24 @@ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len) { - u32 tmp[DES_EXPKEY_WORDS]; - int err = -EINVAL; + struct des_ctx tmp; + int err; if (key_len != DES_KEY_SIZE) { crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); return -EINVAL; } - if (!des_ekey(tmp, key) && - (fips_enabled || (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) - goto bad; + err = des_expand_key(&tmp, key, key_len); + if (err == -ENOKEY && !fips_enabled && + !(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) + err = 0; - err = 0; -out: - memzero_explicit(tmp, sizeof(tmp)); - return err; + if (err) + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); -bad: - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - goto out; + memzero_explicit(&tmp, sizeof(tmp)); + return err; } /* @@ -49,37 +46,45 @@ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key, * property. * */ -static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, - const u8 *key, - unsigned int key_len) +static inline int des3_ede_verify_key(const u8 *key, unsigned int key_len, + bool check_weak) { - int err = -EINVAL; + int ret = fips_enabled ? -EINVAL : -ENOKEY; u32 K[6]; - if (key_len != DES3_EDE_KEY_SIZE) { - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - memcpy(K, key, DES3_EDE_KEY_SIZE); if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (fips_enabled || (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) + (fips_enabled || check_weak)) goto bad; if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) goto bad; - err = 0; -out: + ret = 0; +bad: memzero_explicit(K, DES3_EDE_KEY_SIZE); - return err; -bad: - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - goto out; + return ret; +} + +static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, + const u8 *key, + unsigned int key_len) +{ + int err; + + if (key_len != DES3_EDE_KEY_SIZE) { + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } + + err = des3_ede_verify_key(key, key_len, crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); + if (err) + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + return err; } #endif /* __CRYPTO_INTERNAL_DES_H */ diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index 88195c34932d..b9ea19a1c6ef 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -2,3 +2,6 @@ obj-$(CONFIG_CRYPTO_LIB_ARC4) += libarc4.o libarc4-y := arc4.o + +obj-$(CONFIG_CRYPTO_LIB_DES) += libdes.o +libdes-y := des.o diff --git a/lib/crypto/des.c b/lib/crypto/des.c new file mode 100644 index 000000000000..154210570a61 --- /dev/null +++ b/lib/crypto/des.c @@ -0,0 +1,897 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Cryptographic API. + * + * DES & Triple DES EDE Cipher Algorithms. + * + * Copyright (c) 2005 Dag Arne Osvik + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include + +#define ROL(x, r) ((x) = rol32((x), (r))) +#define ROR(x, r) ((x) = ror32((x), (r))) + +/* Lookup tables for key expansion */ + +static const u8 pc1[256] = { + 0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14, + 0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54, + 0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16, + 0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56, + 0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c, + 0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c, + 0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e, + 0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e, + 0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34, + 0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74, + 0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36, + 0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76, + 0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c, + 0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c, + 0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e, + 0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e, + 0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94, + 0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4, + 0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96, + 0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6, + 0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c, + 0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc, + 0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e, + 0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde, + 0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4, + 0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4, + 0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6, + 0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6, + 0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc, + 0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc, + 0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe, + 0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe +}; + +static const u8 rs[256] = { + 0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82, + 0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86, + 0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a, + 0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e, + 0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92, + 0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96, + 0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a, + 0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e, + 0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2, + 0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6, + 0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa, + 0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae, + 0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2, + 0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6, + 0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba, + 0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe, + 0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2, + 0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6, + 0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca, + 0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce, + 0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2, + 0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6, + 0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda, + 0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde, + 0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2, + 0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6, + 0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea, + 0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee, + 0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2, + 0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6, + 0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa, + 0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe +}; + +static const u32 pc2[1024] = { + 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00040000, 0x00000000, 0x04000000, 0x00100000, + 0x00400000, 0x00000008, 0x00000800, 0x40000000, + 0x00440000, 0x00000008, 0x04000800, 0x40100000, + 0x00000400, 0x00000020, 0x08000000, 0x00000100, + 0x00040400, 0x00000020, 0x0c000000, 0x00100100, + 0x00400400, 0x00000028, 0x08000800, 0x40000100, + 0x00440400, 0x00000028, 0x0c000800, 0x40100100, + 0x80000000, 0x00000010, 0x00000000, 0x00800000, + 0x80040000, 0x00000010, 0x04000000, 0x00900000, + 0x80400000, 0x00000018, 0x00000800, 0x40800000, + 0x80440000, 0x00000018, 0x04000800, 0x40900000, + 0x80000400, 0x00000030, 0x08000000, 0x00800100, + 0x80040400, 0x00000030, 0x0c000000, 0x00900100, + 0x80400400, 0x00000038, 0x08000800, 0x40800100, + 0x80440400, 0x00000038, 0x0c000800, 0x40900100, + 0x10000000, 0x00000000, 0x00200000, 0x00001000, + 0x10040000, 0x00000000, 0x04200000, 0x00101000, + 0x10400000, 0x00000008, 0x00200800, 0x40001000, + 0x10440000, 0x00000008, 0x04200800, 0x40101000, + 0x10000400, 0x00000020, 0x08200000, 0x00001100, + 0x10040400, 0x00000020, 0x0c200000, 0x00101100, + 0x10400400, 0x00000028, 0x08200800, 0x40001100, + 0x10440400, 0x00000028, 0x0c200800, 0x40101100, + 0x90000000, 0x00000010, 0x00200000, 0x00801000, + 0x90040000, 0x00000010, 0x04200000, 0x00901000, + 0x90400000, 0x00000018, 0x00200800, 0x40801000, + 0x90440000, 0x00000018, 0x04200800, 0x40901000, + 0x90000400, 0x00000030, 0x08200000, 0x00801100, + 0x90040400, 0x00000030, 0x0c200000, 0x00901100, + 0x90400400, 0x00000038, 0x08200800, 0x40801100, + 0x90440400, 0x00000038, 0x0c200800, 0x40901100, + 0x00000200, 0x00080000, 0x00000000, 0x00000004, + 0x00040200, 0x00080000, 0x04000000, 0x00100004, + 0x00400200, 0x00080008, 0x00000800, 0x40000004, + 0x00440200, 0x00080008, 0x04000800, 0x40100004, + 0x00000600, 0x00080020, 0x08000000, 0x00000104, + 0x00040600, 0x00080020, 0x0c000000, 0x00100104, + 0x00400600, 0x00080028, 0x08000800, 0x40000104, + 0x00440600, 0x00080028, 0x0c000800, 0x40100104, + 0x80000200, 0x00080010, 0x00000000, 0x00800004, + 0x80040200, 0x00080010, 0x04000000, 0x00900004, + 0x80400200, 0x00080018, 0x00000800, 0x40800004, + 0x80440200, 0x00080018, 0x04000800, 0x40900004, + 0x80000600, 0x00080030, 0x08000000, 0x00800104, + 0x80040600, 0x00080030, 0x0c000000, 0x00900104, + 0x80400600, 0x00080038, 0x08000800, 0x40800104, + 0x80440600, 0x00080038, 0x0c000800, 0x40900104, + 0x10000200, 0x00080000, 0x00200000, 0x00001004, + 0x10040200, 0x00080000, 0x04200000, 0x00101004, + 0x10400200, 0x00080008, 0x00200800, 0x40001004, + 0x10440200, 0x00080008, 0x04200800, 0x40101004, + 0x10000600, 0x00080020, 0x08200000, 0x00001104, + 0x10040600, 0x00080020, 0x0c200000, 0x00101104, + 0x10400600, 0x00080028, 0x08200800, 0x40001104, + 0x10440600, 0x00080028, 0x0c200800, 0x40101104, + 0x90000200, 0x00080010, 0x00200000, 0x00801004, + 0x90040200, 0x00080010, 0x04200000, 0x00901004, + 0x90400200, 0x00080018, 0x00200800, 0x40801004, + 0x90440200, 0x00080018, 0x04200800, 0x40901004, + 0x90000600, 0x00080030, 0x08200000, 0x00801104, + 0x90040600, 0x00080030, 0x0c200000, 0x00901104, + 0x90400600, 0x00080038, 0x08200800, 0x40801104, + 0x90440600, 0x00080038, 0x0c200800, 0x40901104, + 0x00000002, 0x00002000, 0x20000000, 0x00000001, + 0x00040002, 0x00002000, 0x24000000, 0x00100001, + 0x00400002, 0x00002008, 0x20000800, 0x40000001, + 0x00440002, 0x00002008, 0x24000800, 0x40100001, + 0x00000402, 0x00002020, 0x28000000, 0x00000101, + 0x00040402, 0x00002020, 0x2c000000, 0x00100101, + 0x00400402, 0x00002028, 0x28000800, 0x40000101, + 0x00440402, 0x00002028, 0x2c000800, 0x40100101, + 0x80000002, 0x00002010, 0x20000000, 0x00800001, + 0x80040002, 0x00002010, 0x24000000, 0x00900001, + 0x80400002, 0x00002018, 0x20000800, 0x40800001, + 0x80440002, 0x00002018, 0x24000800, 0x40900001, + 0x80000402, 0x00002030, 0x28000000, 0x00800101, + 0x80040402, 0x00002030, 0x2c000000, 0x00900101, + 0x80400402, 0x00002038, 0x28000800, 0x40800101, + 0x80440402, 0x00002038, 0x2c000800, 0x40900101, + 0x10000002, 0x00002000, 0x20200000, 0x00001001, + 0x10040002, 0x00002000, 0x24200000, 0x00101001, + 0x10400002, 0x00002008, 0x20200800, 0x40001001, + 0x10440002, 0x00002008, 0x24200800, 0x40101001, + 0x10000402, 0x00002020, 0x28200000, 0x00001101, + 0x10040402, 0x00002020, 0x2c200000, 0x00101101, + 0x10400402, 0x00002028, 0x28200800, 0x40001101, + 0x10440402, 0x00002028, 0x2c200800, 0x40101101, + 0x90000002, 0x00002010, 0x20200000, 0x00801001, + 0x90040002, 0x00002010, 0x24200000, 0x00901001, + 0x90400002, 0x00002018, 0x20200800, 0x40801001, + 0x90440002, 0x00002018, 0x24200800, 0x40901001, + 0x90000402, 0x00002030, 0x28200000, 0x00801101, + 0x90040402, 0x00002030, 0x2c200000, 0x00901101, + 0x90400402, 0x00002038, 0x28200800, 0x40801101, + 0x90440402, 0x00002038, 0x2c200800, 0x40901101, + 0x00000202, 0x00082000, 0x20000000, 0x00000005, + 0x00040202, 0x00082000, 0x24000000, 0x00100005, + 0x00400202, 0x00082008, 0x20000800, 0x40000005, + 0x00440202, 0x00082008, 0x24000800, 0x40100005, + 0x00000602, 0x00082020, 0x28000000, 0x00000105, + 0x00040602, 0x00082020, 0x2c000000, 0x00100105, + 0x00400602, 0x00082028, 0x28000800, 0x40000105, + 0x00440602, 0x00082028, 0x2c000800, 0x40100105, + 0x80000202, 0x00082010, 0x20000000, 0x00800005, + 0x80040202, 0x00082010, 0x24000000, 0x00900005, + 0x80400202, 0x00082018, 0x20000800, 0x40800005, + 0x80440202, 0x00082018, 0x24000800, 0x40900005, + 0x80000602, 0x00082030, 0x28000000, 0x00800105, + 0x80040602, 0x00082030, 0x2c000000, 0x00900105, + 0x80400602, 0x00082038, 0x28000800, 0x40800105, + 0x80440602, 0x00082038, 0x2c000800, 0x40900105, + 0x10000202, 0x00082000, 0x20200000, 0x00001005, + 0x10040202, 0x00082000, 0x24200000, 0x00101005, + 0x10400202, 0x00082008, 0x20200800, 0x40001005, + 0x10440202, 0x00082008, 0x24200800, 0x40101005, + 0x10000602, 0x00082020, 0x28200000, 0x00001105, + 0x10040602, 0x00082020, 0x2c200000, 0x00101105, + 0x10400602, 0x00082028, 0x28200800, 0x40001105, + 0x10440602, 0x00082028, 0x2c200800, 0x40101105, + 0x90000202, 0x00082010, 0x20200000, 0x00801005, + 0x90040202, 0x00082010, 0x24200000, 0x00901005, + 0x90400202, 0x00082018, 0x20200800, 0x40801005, + 0x90440202, 0x00082018, 0x24200800, 0x40901005, + 0x90000602, 0x00082030, 0x28200000, 0x00801105, + 0x90040602, 0x00082030, 0x2c200000, 0x00901105, + 0x90400602, 0x00082038, 0x28200800, 0x40801105, + 0x90440602, 0x00082038, 0x2c200800, 0x40901105, + + 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00000000, 0x00000008, 0x00080000, 0x10000000, + 0x02000000, 0x00000000, 0x00000080, 0x00001000, + 0x02000000, 0x00000008, 0x00080080, 0x10001000, + 0x00004000, 0x00000000, 0x00000040, 0x00040000, + 0x00004000, 0x00000008, 0x00080040, 0x10040000, + 0x02004000, 0x00000000, 0x000000c0, 0x00041000, + 0x02004000, 0x00000008, 0x000800c0, 0x10041000, + 0x00020000, 0x00008000, 0x08000000, 0x00200000, + 0x00020000, 0x00008008, 0x08080000, 0x10200000, + 0x02020000, 0x00008000, 0x08000080, 0x00201000, + 0x02020000, 0x00008008, 0x08080080, 0x10201000, + 0x00024000, 0x00008000, 0x08000040, 0x00240000, + 0x00024000, 0x00008008, 0x08080040, 0x10240000, + 0x02024000, 0x00008000, 0x080000c0, 0x00241000, + 0x02024000, 0x00008008, 0x080800c0, 0x10241000, + 0x00000000, 0x01000000, 0x00002000, 0x00000020, + 0x00000000, 0x01000008, 0x00082000, 0x10000020, + 0x02000000, 0x01000000, 0x00002080, 0x00001020, + 0x02000000, 0x01000008, 0x00082080, 0x10001020, + 0x00004000, 0x01000000, 0x00002040, 0x00040020, + 0x00004000, 0x01000008, 0x00082040, 0x10040020, + 0x02004000, 0x01000000, 0x000020c0, 0x00041020, + 0x02004000, 0x01000008, 0x000820c0, 0x10041020, + 0x00020000, 0x01008000, 0x08002000, 0x00200020, + 0x00020000, 0x01008008, 0x08082000, 0x10200020, + 0x02020000, 0x01008000, 0x08002080, 0x00201020, + 0x02020000, 0x01008008, 0x08082080, 0x10201020, + 0x00024000, 0x01008000, 0x08002040, 0x00240020, + 0x00024000, 0x01008008, 0x08082040, 0x10240020, + 0x02024000, 0x01008000, 0x080020c0, 0x00241020, + 0x02024000, 0x01008008, 0x080820c0, 0x10241020, + 0x00000400, 0x04000000, 0x00100000, 0x00000004, + 0x00000400, 0x04000008, 0x00180000, 0x10000004, + 0x02000400, 0x04000000, 0x00100080, 0x00001004, + 0x02000400, 0x04000008, 0x00180080, 0x10001004, + 0x00004400, 0x04000000, 0x00100040, 0x00040004, + 0x00004400, 0x04000008, 0x00180040, 0x10040004, + 0x02004400, 0x04000000, 0x001000c0, 0x00041004, + 0x02004400, 0x04000008, 0x001800c0, 0x10041004, + 0x00020400, 0x04008000, 0x08100000, 0x00200004, + 0x00020400, 0x04008008, 0x08180000, 0x10200004, + 0x02020400, 0x04008000, 0x08100080, 0x00201004, + 0x02020400, 0x04008008, 0x08180080, 0x10201004, + 0x00024400, 0x04008000, 0x08100040, 0x00240004, + 0x00024400, 0x04008008, 0x08180040, 0x10240004, + 0x02024400, 0x04008000, 0x081000c0, 0x00241004, + 0x02024400, 0x04008008, 0x081800c0, 0x10241004, + 0x00000400, 0x05000000, 0x00102000, 0x00000024, + 0x00000400, 0x05000008, 0x00182000, 0x10000024, + 0x02000400, 0x05000000, 0x00102080, 0x00001024, + 0x02000400, 0x05000008, 0x00182080, 0x10001024, + 0x00004400, 0x05000000, 0x00102040, 0x00040024, + 0x00004400, 0x05000008, 0x00182040, 0x10040024, + 0x02004400, 0x05000000, 0x001020c0, 0x00041024, + 0x02004400, 0x05000008, 0x001820c0, 0x10041024, + 0x00020400, 0x05008000, 0x08102000, 0x00200024, + 0x00020400, 0x05008008, 0x08182000, 0x10200024, + 0x02020400, 0x05008000, 0x08102080, 0x00201024, + 0x02020400, 0x05008008, 0x08182080, 0x10201024, + 0x00024400, 0x05008000, 0x08102040, 0x00240024, + 0x00024400, 0x05008008, 0x08182040, 0x10240024, + 0x02024400, 0x05008000, 0x081020c0, 0x00241024, + 0x02024400, 0x05008008, 0x081820c0, 0x10241024, + 0x00000800, 0x00010000, 0x20000000, 0x00000010, + 0x00000800, 0x00010008, 0x20080000, 0x10000010, + 0x02000800, 0x00010000, 0x20000080, 0x00001010, + 0x02000800, 0x00010008, 0x20080080, 0x10001010, + 0x00004800, 0x00010000, 0x20000040, 0x00040010, + 0x00004800, 0x00010008, 0x20080040, 0x10040010, + 0x02004800, 0x00010000, 0x200000c0, 0x00041010, + 0x02004800, 0x00010008, 0x200800c0, 0x10041010, + 0x00020800, 0x00018000, 0x28000000, 0x00200010, + 0x00020800, 0x00018008, 0x28080000, 0x10200010, + 0x02020800, 0x00018000, 0x28000080, 0x00201010, + 0x02020800, 0x00018008, 0x28080080, 0x10201010, + 0x00024800, 0x00018000, 0x28000040, 0x00240010, + 0x00024800, 0x00018008, 0x28080040, 0x10240010, + 0x02024800, 0x00018000, 0x280000c0, 0x00241010, + 0x02024800, 0x00018008, 0x280800c0, 0x10241010, + 0x00000800, 0x01010000, 0x20002000, 0x00000030, + 0x00000800, 0x01010008, 0x20082000, 0x10000030, + 0x02000800, 0x01010000, 0x20002080, 0x00001030, + 0x02000800, 0x01010008, 0x20082080, 0x10001030, + 0x00004800, 0x01010000, 0x20002040, 0x00040030, + 0x00004800, 0x01010008, 0x20082040, 0x10040030, + 0x02004800, 0x01010000, 0x200020c0, 0x00041030, + 0x02004800, 0x01010008, 0x200820c0, 0x10041030, + 0x00020800, 0x01018000, 0x28002000, 0x00200030, + 0x00020800, 0x01018008, 0x28082000, 0x10200030, + 0x02020800, 0x01018000, 0x28002080, 0x00201030, + 0x02020800, 0x01018008, 0x28082080, 0x10201030, + 0x00024800, 0x01018000, 0x28002040, 0x00240030, + 0x00024800, 0x01018008, 0x28082040, 0x10240030, + 0x02024800, 0x01018000, 0x280020c0, 0x00241030, + 0x02024800, 0x01018008, 0x280820c0, 0x10241030, + 0x00000c00, 0x04010000, 0x20100000, 0x00000014, + 0x00000c00, 0x04010008, 0x20180000, 0x10000014, + 0x02000c00, 0x04010000, 0x20100080, 0x00001014, + 0x02000c00, 0x04010008, 0x20180080, 0x10001014, + 0x00004c00, 0x04010000, 0x20100040, 0x00040014, + 0x00004c00, 0x04010008, 0x20180040, 0x10040014, + 0x02004c00, 0x04010000, 0x201000c0, 0x00041014, + 0x02004c00, 0x04010008, 0x201800c0, 0x10041014, + 0x00020c00, 0x04018000, 0x28100000, 0x00200014, + 0x00020c00, 0x04018008, 0x28180000, 0x10200014, + 0x02020c00, 0x04018000, 0x28100080, 0x00201014, + 0x02020c00, 0x04018008, 0x28180080, 0x10201014, + 0x00024c00, 0x04018000, 0x28100040, 0x00240014, + 0x00024c00, 0x04018008, 0x28180040, 0x10240014, + 0x02024c00, 0x04018000, 0x281000c0, 0x00241014, + 0x02024c00, 0x04018008, 0x281800c0, 0x10241014, + 0x00000c00, 0x05010000, 0x20102000, 0x00000034, + 0x00000c00, 0x05010008, 0x20182000, 0x10000034, + 0x02000c00, 0x05010000, 0x20102080, 0x00001034, + 0x02000c00, 0x05010008, 0x20182080, 0x10001034, + 0x00004c00, 0x05010000, 0x20102040, 0x00040034, + 0x00004c00, 0x05010008, 0x20182040, 0x10040034, + 0x02004c00, 0x05010000, 0x201020c0, 0x00041034, + 0x02004c00, 0x05010008, 0x201820c0, 0x10041034, + 0x00020c00, 0x05018000, 0x28102000, 0x00200034, + 0x00020c00, 0x05018008, 0x28182000, 0x10200034, + 0x02020c00, 0x05018000, 0x28102080, 0x00201034, + 0x02020c00, 0x05018008, 0x28182080, 0x10201034, + 0x00024c00, 0x05018000, 0x28102040, 0x00240034, + 0x00024c00, 0x05018008, 0x28182040, 0x10240034, + 0x02024c00, 0x05018000, 0x281020c0, 0x00241034, + 0x02024c00, 0x05018008, 0x281820c0, 0x10241034 +}; + +/* S-box lookup tables */ + +static const u32 S1[64] = { + 0x01010400, 0x00000000, 0x00010000, 0x01010404, + 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, + 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, + 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, + 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, + 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, + 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, + 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, + 0x00010004, 0x00010400, 0x00000000, 0x01010004 +}; + +static const u32 S2[64] = { + 0x80108020, 0x80008000, 0x00008000, 0x00108020, + 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, + 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, + 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, + 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, + 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, + 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, + 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, + 0x80000000, 0x80100020, 0x80108020, 0x00108000 +}; + +static const u32 S3[64] = { + 0x00000208, 0x08020200, 0x00000000, 0x08020008, + 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, + 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, + 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, + 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, + 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, + 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, + 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, + 0x00020208, 0x00000008, 0x08020008, 0x00020200 +}; + +static const u32 S4[64] = { + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, + 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, + 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002000, 0x00802080 +}; + +static const u32 S5[64] = { + 0x00000100, 0x02080100, 0x02080000, 0x42000100, + 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, + 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, + 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, + 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, + 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, + 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, + 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, + 0x00000000, 0x40080000, 0x02080100, 0x40000100 +}; + +static const u32 S6[64] = { + 0x20000010, 0x20400000, 0x00004000, 0x20404010, + 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, + 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, + 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, + 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, + 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, + 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, + 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, + 0x20404000, 0x20000000, 0x00400010, 0x20004010 +}; + +static const u32 S7[64] = { + 0x00200000, 0x04200002, 0x04000802, 0x00000000, + 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, + 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, + 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, + 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, + 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, + 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, + 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, + 0x04000002, 0x04000800, 0x00000800, 0x00200002 +}; + +static const u32 S8[64] = { + 0x10001040, 0x00001000, 0x00040000, 0x10041040, + 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, + 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, + 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, + 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, + 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, + 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, + 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, + 0x00001040, 0x00040040, 0x10000000, 0x10041000 +}; + +/* Encryption components: IP, FP, and round function */ + +#define IP(L, R, T) \ + ROL(R, 4); \ + T = L; \ + L ^= R; \ + L &= 0xf0f0f0f0; \ + R ^= L; \ + L ^= T; \ + ROL(R, 12); \ + T = L; \ + L ^= R; \ + L &= 0xffff0000; \ + R ^= L; \ + L ^= T; \ + ROR(R, 14); \ + T = L; \ + L ^= R; \ + L &= 0xcccccccc; \ + R ^= L; \ + L ^= T; \ + ROL(R, 6); \ + T = L; \ + L ^= R; \ + L &= 0xff00ff00; \ + R ^= L; \ + L ^= T; \ + ROR(R, 7); \ + T = L; \ + L ^= R; \ + L &= 0xaaaaaaaa; \ + R ^= L; \ + L ^= T; \ + ROL(L, 1); + +#define FP(L, R, T) \ + ROR(L, 1); \ + T = L; \ + L ^= R; \ + L &= 0xaaaaaaaa; \ + R ^= L; \ + L ^= T; \ + ROL(R, 7); \ + T = L; \ + L ^= R; \ + L &= 0xff00ff00; \ + R ^= L; \ + L ^= T; \ + ROR(R, 6); \ + T = L; \ + L ^= R; \ + L &= 0xcccccccc; \ + R ^= L; \ + L ^= T; \ + ROL(R, 14); \ + T = L; \ + L ^= R; \ + L &= 0xffff0000; \ + R ^= L; \ + L ^= T; \ + ROR(R, 12); \ + T = L; \ + L ^= R; \ + L &= 0xf0f0f0f0; \ + R ^= L; \ + L ^= T; \ + ROR(R, 4); + +#define ROUND(L, R, A, B, K, d) \ + B = K[0]; A = K[1]; K += d; \ + B ^= R; A ^= R; \ + B &= 0x3f3f3f3f; ROR(A, 4); \ + L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \ + L ^= S6[0xff & (B >> 8)]; B >>= 16; \ + L ^= S7[0xff & A]; \ + L ^= S5[0xff & (A >> 8)]; A >>= 16; \ + L ^= S4[0xff & B]; \ + L ^= S2[0xff & (B >> 8)]; \ + L ^= S3[0xff & A]; \ + L ^= S1[0xff & (A >> 8)]; + +/* + * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved + * tables of 128 elements. One set is for C_i and the other for D_i, while + * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i. + * + * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i + * or D_i in bits 7-1 (bit 0 being the least significant). + */ + +#define T1(x) pt[2 * (x) + 0] +#define T2(x) pt[2 * (x) + 1] +#define T3(x) pt[2 * (x) + 2] +#define T4(x) pt[2 * (x) + 3] + +#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) + +/* + * Encryption key expansion + * + * RFC2451: Weak key checks SHOULD be performed. + * + * FIPS 74: + * + * Keys having duals are keys which produce all zeros, all ones, or + * alternating zero-one patterns in the C and D registers after Permuted + * Choice 1 has operated on the key. + * + */ +static unsigned long des_ekey(u32 *pe, const u8 *k) +{ + /* K&R: long is at least 32 bits */ + unsigned long a, b, c, d, w; + const u32 *pt = pc2; + + d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; + c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; + b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; + a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; + + pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; + pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; + pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); + + /* Check if first half is weak */ + w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); + + /* Skip to next table set */ + pt += 512; + + d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; + c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; + b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; + a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; + + /* Check if second half is weak */ + w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); + + pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; + pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; + pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); + + /* Fixup: 2413 5768 -> 1357 2468 */ + for (d = 0; d < 16; ++d) { + a = pe[2 * d]; + b = pe[2 * d + 1]; + c = a ^ b; + c &= 0xffff0000; + a ^= c; + b ^= c; + ROL(b, 18); + pe[2 * d] = a; + pe[2 * d + 1] = b; + } + + /* Zero if weak key */ + return w; +} + +int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen) +{ + if (keylen != DES_KEY_SIZE) + return -EINVAL; + + return des_ekey(ctx->expkey, key) ? 0 : -ENOKEY; +} +EXPORT_SYMBOL_GPL(des_expand_key); + +/* + * Decryption key expansion + * + * No weak key checking is performed, as this is only used by triple DES + * + */ +static void dkey(u32 *pe, const u8 *k) +{ + /* K&R: long is at least 32 bits */ + unsigned long a, b, c, d; + const u32 *pt = pc2; + + d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; + c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; + b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; + a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; + + pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; + pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; + pe[15 * 2] = DES_PC2(b, c, d, a); + + /* Skip to next table set */ + pt += 512; + + d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; + c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; + b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; + a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; + + pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; + pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; + pe[15 * 2 + 1] = DES_PC2(b, c, d, a); + + /* Fixup: 2413 5768 -> 1357 2468 */ + for (d = 0; d < 16; ++d) { + a = pe[2 * d]; + b = pe[2 * d + 1]; + c = a ^ b; + c &= 0xffff0000; + a ^= c; + b ^= c; + ROL(b, 18); + pe[2 * d] = a; + pe[2 * d + 1] = b; + } +} + +void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src) +{ + const u32 *K = ctx->expkey; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des_encrypt); + +void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src) +{ + const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des_decrypt); + +int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, + unsigned int keylen) +{ + u32 *pe = ctx->expkey; + + if (keylen != DES3_EDE_KEY_SIZE) + return -EINVAL; + + des_ekey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + dkey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + des_ekey(pe, key); + + return des3_ede_verify_key(key, keylen, true); +} +EXPORT_SYMBOL_GPL(des3_ede_expand_key); + +void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src) +{ + const u32 *K = dctx->expkey; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + for (i = 0; i < 8; i++) { + ROUND(R, L, A, B, K, 2); + ROUND(L, R, A, B, K, 2); + } + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des3_ede_encrypt); + +void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src) +{ + const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + for (i = 0; i < 8; i++) { + ROUND(R, L, A, B, K, -2); + ROUND(L, R, A, B, K, -2); + } + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des3_ede_decrypt); + +MODULE_LICENSE("GPL"); From patchwork Sat Jun 22 00:31:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167454 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376944ilk; Fri, 21 Jun 2019 17:32:18 -0700 (PDT) X-Google-Smtp-Source: APXvYqxU6CNoAn/vYuvEn2S2XI/VcUkgYytGdKMX9tFEvrf5FqZACJSf3HF9XB3ZZ2ENSd8BZ+Wf X-Received: by 2002:a17:902:28e9:: with SMTP id f96mr85796888plb.114.1561163538147; Fri, 21 Jun 2019 17:32:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163538; cv=none; d=google.com; s=arc-20160816; b=jMWUgjxkng21UkV9JqiJGRXv6VkR3kvLuYQ1RiZBcr5JOeSrK/ipovrUrHMdJWq6rO 9GwUt/vh0yT37SwbX1LIfebtnYnblDtzBZXs2u07njqpL0LZuEbU/k8sF9ILHpdreDZ2 KWxk4nhE7UALsMbDeSmCZg/Z12Uh+/KH+eARMDGLOkxPEyYr8BEG5XwkcjCCuJVtoJZH Ujp0cN1MR0sZpxJd5cxiqTwro4Ky/K0HsiE1fWJ4fzLYmMFb29PLJUx5VeLoA4hvOBro 6uQf1M/VSEAbWdwxsQSwlMNCeb1TmgtqtsXKnmsHasgg3sxMz4ypXgF0WD3iLpVlu1CF MQZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=MVcWeMwNTv13v+WqRc8HlJLKxMyNI5qCt4nrC5wTvjo=; b=WdgfRcK/mHY8oZHm20mvjWy7//33Tfu7aE8PDvKE+02xmdtEQhDnI80qlTZjfKJ2y1 DEnsvHYPyZfRxa+ZSSLqfKNYmEl4u8vvRpqC7LQFUyUsmzD5yYITvaXl3Xv0W0zET75o Y6ELiFnoQxCNaZMv/V375jWNIih2Lff2Bcz+P15sR2tL1kXTukSxtRg2+6NefBJoB+Ij 4vGZZigVDDiOZczh1MGPBN11GgzkDq5lo2/0HH/CyoWVEaygj28/Pm3IJ494g5ii15xj 76t9x5mVeSG6tLAUibSNq7+2vfApWa4/Usqi163k6mbJ9k49Ob3n9nXGoa3m4Iqc6LPG ujow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="SnxxU/+1"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.17; Fri, 21 Jun 2019 17:32:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="SnxxU/+1"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726262AbfFVAcR (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:17 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:50959 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726237AbfFVAcR (ORCPT ); Fri, 21 Jun 2019 20:32:17 -0400 Received: by mail-wm1-f65.google.com with SMTP id c66so7736085wmf.0 for ; Fri, 21 Jun 2019 17:32:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=MVcWeMwNTv13v+WqRc8HlJLKxMyNI5qCt4nrC5wTvjo=; b=SnxxU/+1YIkAksFjBl7jlWcjEgLlSQvEIKU5f3Y5jXNHiT1x2bO7m4NUwScl+HqnTd dqGBCq93hYTszUOjMlAXazCf6ZWWLqYxGWR7EuQpfAZguIwL4rqN251VeIYmAbbFM0SH b/CErMBQh532OAlfZMtZgx0LKohy7V168TIM40QLDmb8Js3DI9KL797mzOYi3dk5Mfb1 s2GtekeIRNMGoYo0JO2aR9VUvR9lBKSzvpGw8fh5ro7zIPoQ8FjF9mcJnqjYYWEEdO/u wYjumyIP+qBdDhwUQidqfM0Imm/dvXkkU+Qvu8wYzOMtgj57wEcSS8HY+QPpphVSv6Oe 7kuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MVcWeMwNTv13v+WqRc8HlJLKxMyNI5qCt4nrC5wTvjo=; b=MK8YmtkaELjM7gzvxlKxgDvNHXNr5FBxR1GAEoGwvZvit76DUz2wx2xjUJFNGPAptf gJa0XQnEqgeADlTnQEpdV1rYFjlcNkUe8AsNELWN28M2JZ3m4Rz33gS13hYL3G99uXcc kuAOse+Is5ZyhwZCIZyi/4Um+WrB5to1o514J/XW10SI5nyljKVCR/G7lYhFPFJyv3pK XjjGe7m/erUbAJpb8xpb48PDHBvvPtfivofA3AFIXVeGjINoETW9PpSeoYfkCXQ0dmVm BWXKdWYBEqF8DyeXbhJDN7ysrRYjUorH0kbTXaVEP9WaDb8+2p1XePrYeSIpPKW5wEUr Oq8g== X-Gm-Message-State: APjAAAUX/az1y9Zxe3o1tDrL8FsI3ay5QLmwD52nvsQ4i76pGw0r+8H2 8ynnfkc3CloNJ5XHx4hd6yczB62sX4PVQpqr X-Received: by 2002:a05:600c:2201:: with SMTP id z1mr5301146wml.59.1561163534021; Fri, 21 Jun 2019 17:32:14 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:13 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 28/30] crypto: x86/des - switch to library interface Date: Sat, 22 Jun 2019 02:31:10 +0200 Message-Id: <20190622003112.31033-29-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 39 ++++++++++---------- 1 file changed, 20 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index 571966e5c542..9c743246f5ad 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -21,7 +21,7 @@ */ #include -#include +#include #include #include #include @@ -29,8 +29,8 @@ #include struct des3_ede_x86_ctx { - u32 enc_expkey[DES3_EDE_EXPKEY_WORDS]; - u32 dec_expkey[DES3_EDE_EXPKEY_WORDS]; + struct des3_ede_ctx enc; + struct des3_ede_ctx dec; }; /* regular block cipher functions */ @@ -44,7 +44,7 @@ asmlinkage void des3_ede_x86_64_crypt_blk_3way(const u32 *expkey, u8 *dst, static inline void des3_ede_enc_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *enc_ctx = ctx->enc_expkey; + u32 *enc_ctx = ctx->enc.expkey; des3_ede_x86_64_crypt_blk(enc_ctx, dst, src); } @@ -52,7 +52,7 @@ static inline void des3_ede_enc_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_dec_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *dec_ctx = ctx->dec_expkey; + u32 *dec_ctx = ctx->dec.expkey; des3_ede_x86_64_crypt_blk(dec_ctx, dst, src); } @@ -60,7 +60,7 @@ static inline void des3_ede_dec_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_enc_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *enc_ctx = ctx->enc_expkey; + u32 *enc_ctx = ctx->enc.expkey; des3_ede_x86_64_crypt_blk_3way(enc_ctx, dst, src); } @@ -68,7 +68,7 @@ static inline void des3_ede_enc_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_dec_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *dec_ctx = ctx->dec_expkey; + u32 *dec_ctx = ctx->dec.expkey; des3_ede_x86_64_crypt_blk_3way(dec_ctx, dst, src); } @@ -132,7 +132,7 @@ static int ecb_encrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct des3_ede_x86_ctx *ctx = crypto_skcipher_ctx(tfm); - return ecb_crypt(req, ctx->enc_expkey); + return ecb_crypt(req, ctx->enc.expkey); } static int ecb_decrypt(struct skcipher_request *req) @@ -140,7 +140,7 @@ static int ecb_decrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct des3_ede_x86_ctx *ctx = crypto_skcipher_ctx(tfm); - return ecb_crypt(req, ctx->dec_expkey); + return ecb_crypt(req, ctx->dec.expkey); } static unsigned int __cbc_encrypt(struct des3_ede_x86_ctx *ctx, @@ -358,24 +358,25 @@ static int des3_ede_x86_setkey(struct crypto_tfm *tfm, const u8 *key, u32 i, j, tmp; int err; - err = des3_ede_verify_key(tfm, key, keylen); - if (unlikely(err)) - return err; + err = des3_ede_expand_key(&ctx->enc, key, keylen); + if (err == -ENOKEY && + !(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) + err = 0; - /* Generate encryption context using generic implementation. */ - err = __des3_ede_setkey(ctx->enc_expkey, &tfm->crt_flags, key, keylen); - if (err < 0) + if (err) { + memzero_explicit(ctx, sizeof(*ctx)); return err; + } /* Fix encryption context for this implementation and form decryption * context. */ j = DES3_EDE_EXPKEY_WORDS - 2; for (i = 0; i < DES3_EDE_EXPKEY_WORDS; i += 2, j -= 2) { - tmp = ror32(ctx->enc_expkey[i + 1], 4); - ctx->enc_expkey[i + 1] = tmp; + tmp = ror32(ctx->enc.expkey[i + 1], 4); + ctx->enc.expkey[i + 1] = tmp; - ctx->dec_expkey[j + 0] = ctx->enc_expkey[i + 0]; - ctx->dec_expkey[j + 1] = tmp; + ctx->dec.expkey[j + 0] = ctx->enc.expkey[i + 0]; + ctx->dec.expkey[j + 1] = tmp; } return 0; From patchwork Sat Jun 22 00:31:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167452 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376941ilk; Fri, 21 Jun 2019 17:32:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqxJ2wmYWflIqyHsZiZRIn0ENHzPMx9paZ9z1e+ft+bE3T8LoEq0gl4X/72VDuMmI6wgCPqV X-Received: by 2002:a17:90a:9a8d:: with SMTP id e13mr10151265pjp.77.1561163537867; Fri, 21 Jun 2019 17:32:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163537; cv=none; d=google.com; s=arc-20160816; b=AJaq0IF2wBKTbtjLM9dAASCwFC9bUMNt9+f5l2d/4inV3SXuA15ibHY76+CocPpgW/ j9ZmAgRtrf9R3mI9w/VkL0sHS7E1c9UJRzYKkVlelNn8YV5imRFWIhGwAmpAVakHflRa YgR/jp+IF4EMJsVIa7a7CBNBoMDRWSN0RRc6bagLhrHuzvVTNA6+Zj5UzBCCE3kWVp9e M94JNRb/AfwR1naqNN8ZDAJJOXSIy6f+wY1OME0U8KV0xhGosy99td1NwEJ5f0Nsa7Mi TBJ/5UqDSVmwzQxhKAZ6ZgK0rB41Z+Dm8+4BX6kbExt9p8yJcPOjIO6k2IDqsHEtQC3B lzSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=d98uZ13bv3wjIuUwQ08LpTEfRPRoso0kw20Awag4Gho=; b=Bdnf5JwbdFcqvkTUNxVhsWLbDGlb1IZ9UvBo0MkXg/GfzE0HAvk5wD1fz66rgrbC2h elt9VwxuPgMfKTjl/lhbYV6zJTPmi+djD6Llg2ZKxWLeyVc6Em97Vyh/d7+FPBF5nslj TWv/b6KzmMPpJwXHAQj8i2Qezdk0mj6DenKSkVHkmiIF6UFAuXlEqLtDqgIFBOzsTmIa 70Yqdgy+iL0qxPZUCGDCJeo+I2sBugZG8CQaplC5OZC5ZrUPsUggMrYmeX1CAwzaJ27M 8IhrH4poSECCW6hon6i2Y1sbjtN3XTQ85TqfZPSSzXcUn0KOCJAscHdwlOmre+LMfIk5 cfEg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=fJbwQOIc; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.17; Fri, 21 Jun 2019 17:32:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=fJbwQOIc; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726272AbfFVAcR (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:17 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:40315 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726262AbfFVAcR (ORCPT ); Fri, 21 Jun 2019 20:32:17 -0400 Received: by mail-wm1-f67.google.com with SMTP id v19so8077159wmj.5 for ; Fri, 21 Jun 2019 17:32:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=d98uZ13bv3wjIuUwQ08LpTEfRPRoso0kw20Awag4Gho=; b=fJbwQOIczyZUwpncHeLMRfNzg2PHy+uX6H06nCYAftifkCnZh6mEEOur+6VSyB/e8X M5G1m2D8Iixpa1oWcByzZFIXCmjSbCuTbMbVQ5FM0J20X+J3LTS4uT39lE8kSgxN60NN 7Ohud6SyOSrVcuaYL5Tnx034lpzIE7afA1qAQQcIQJOhRcvD/cRLcm5eT9aCx66X8Kw0 /nfv2z4PxJV2wYtOF+rKEbIgf6brgUQy6Tvsv0LNQ/brYRlfTRW5ruW3ZcQVCNpu0req hLvi2tM1O6FJ8uZFO+NaW9yUTZbZzD9MlQA9UMWlgUpJKCYHcTou9+N7SCph7PSsI63Z UQkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=d98uZ13bv3wjIuUwQ08LpTEfRPRoso0kw20Awag4Gho=; b=XAjEJWJlA/lNHIIjVLTIDo3HRqcldhjwJl2T9kW4yhYpmW8kB9npUJqTx1hfUpw/gg oGfz47OaTWHiw0OTPJLIopmRcKXd1dVEyTLoZDHD7wLi3VL3Y0PBTalX65AfO3stt4jp +yZrIKVLRrX0M2RcFZAGOnMLsaiB93lE69F4Ngf3CR19A9SYYVZXaIc9SaizPKWc/fUM 3pCtNkIa+FMpiszsWm1fT0MQtUfV2QDH1gXA2m5YMiQSyWGkJTzQgmoREHpvCXyYNCHP dzPQ2eK3nHrnNSecJIMs4gjMKqVIQE+Supm4fSrjo+9gvuNZUaN9F3V1krhwVrNnMi7s PGiQ== X-Gm-Message-State: APjAAAVoYtWbghLQuxHS9rW8tYVNhU0c+MPZAUBgvpQdR64+An4DbsQr yQeZppjM/ahlXs52vkbXp7ZI1cvVDyipT7IX X-Received: by 2002:a05:600c:2182:: with SMTP id e2mr5580949wme.104.1561163535032; Fri, 21 Jun 2019 17:32:15 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:14 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 29/30] crypto: des - remove now unused __des3_ede_setkey() Date: Sat, 22 Jun 2019 02:31:11 +0200 Message-Id: <20190622003112.31033-30-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- crypto/des_generic.c | 13 ------------- include/crypto/des.h | 3 --- 2 files changed, 16 deletions(-) -- 2.20.1 diff --git a/crypto/des_generic.c b/crypto/des_generic.c index fd0a92a471d4..6360b14a2367 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -58,19 +58,6 @@ static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des_decrypt(dctx, dst, src); } -int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, - unsigned int keylen) -{ - int err; - - des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - des_ekey(expkey, key); - - return 0; -} -EXPORT_SYMBOL_GPL(__des3_ede_setkey); - static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/des.h b/include/crypto/des.h index 2c9cc198b214..c3e2cd772128 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -35,7 +35,4 @@ int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen); int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, unsigned int keylen); -extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, - unsigned int keylen); - #endif /* __CRYPTO_DES_H */ From patchwork Sat Jun 22 00:31:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167453 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp1376952ilk; Fri, 21 Jun 2019 17:32:19 -0700 (PDT) X-Google-Smtp-Source: APXvYqyKK/UicAU2NQABovH3A2r8w7D52fdo1zXw2DUm/9hP+m3epPmprnJFLQKGugCRwBPoSAQY X-Received: by 2002:a17:90a:3544:: with SMTP id q62mr10119456pjb.53.1561163539464; Fri, 21 Jun 2019 17:32:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561163539; cv=none; d=google.com; s=arc-20160816; b=rc1neZf8K7h2WF4Gjoe8Kchgv2wq6lEuYEcUi1eYjmF/4/5HuttlmT4n7BRWZ4wRIq 7XAghe0nM/oQoHMT1A1+7T/tOx+Jls1COSm8EJWNfhWYMTtdbZWY0H8aOKCUoTNOdeFT 4Q7/jK/bNj84u5LRtVN+YPS3QgWXa6puwZgfewLwanlzg3SxmoxEwJxq3UssPC0wt43W LT0Erkp3Css6ygD/TEXePa/7tV9YkU3WQBvhGBVmf9yyxbV12uRaFuz16CnA1sBMY+AM x3O5+Gqfswduq4DxvZELgFu4IeqWArptd7he3V9nx/ZOpSuXtH+f26JHchtl65DXGjWA 0JqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=mCsEnAP2oL66UMgflkiPsBtum694MAUnMKTZwZyY2CQ=; b=upatWGdraNWhhq0Ri9Vpag4zNAzpvPFDhr8veM34GD9+zMMADWeZiRoTVaoLn2IsPf 2o3jx+osu5FcB9iLelirRYt8tC7XXgrfGUX198ocKx5/dAOr/nV9oRSj8iHcpcHB0K1t F3mOpeX4h4BGAfm+QYtWrhxwxJ8iQDZ824S9UqQs1HV/SDSXHHKg+IrLGgI2VxcWZ6ZS y8LGSVRU6UU/kmZeAv4b9WZdJnb557T24KunfjLukyJIIXATwclkh3nr9EtZIVvkXMf4 fAZZULn9JmXlgt1XkpYw7OAy4e9V9W+I+gA3x8aMZPS1sWZvvYcpuVHm7O5mQHp1hFOo VLtg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dZTd+802; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v10si4096271plg.320.2019.06.21.17.32.19; Fri, 21 Jun 2019 17:32:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dZTd+802; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726237AbfFVAcS (ORCPT + 3 others); Fri, 21 Jun 2019 20:32:18 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:55808 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726270AbfFVAcS (ORCPT ); Fri, 21 Jun 2019 20:32:18 -0400 Received: by mail-wm1-f68.google.com with SMTP id a15so7712590wmj.5 for ; Fri, 21 Jun 2019 17:32:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=mCsEnAP2oL66UMgflkiPsBtum694MAUnMKTZwZyY2CQ=; b=dZTd+802WlPaJ1ZQsrZxqUX9/heuVYJkSzVtU7Ygjw6KyQLH+YruszrRWdjahzXJ5n s4FAz+L8q+9OXE1nwe/pWoP9BRH1BGaDzoLHGUZKEse33IpSeamAYWGtfQqe0vTBVqzG yVPe2Nkr3j8Jl11kd834kuU8/A6LDkNzOd/k/IYS1/5mdpaV/1qPeT9aAU4adzn0J5Fw y/rHBkaFfc+BTa+01Qn7yheezs5GftP/luxbilPW4KG0LQoy5QkPD5HmOvSQo5jymFV8 uaT6fcTSZUPhzcIKvLKh/sV70Lq0MgmMaETnbo6Q/ZSyyJymI6/lC5olAB6LVim3m+BR b2CQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=mCsEnAP2oL66UMgflkiPsBtum694MAUnMKTZwZyY2CQ=; b=ID3MHixH/ZFJrdXqPDLGMZIBBUojyIghWh7pwyGo3UwWmmN0K4ONgnxlPTcmJepj9u NGP3Sze1vIMldTtQ0A7SY/OBwspSVYmEejYzACLtFX7/2cSecKIE0JZroPZ60w0r4V3v HY1mgy5sTKN2/EUMk9Sotyvg+nrZUTUm6nWK/AQCOv/gGMGtAbfgoZtXGg2Mp0A9765k L8iTZae7Fv0KdepwHyvlo7GpKKsaDisdnxBJlN/vCsjmU/K6mREpoxRVnel28gJWizcf PzxaGKCDrKtos76V+vc4EsexdG9K0kh97UBrp94ftc8F3bTkcYKwtqrAsHWPTlOuHCIW sttg== X-Gm-Message-State: APjAAAXGy3Nc/0BmZpApy55nWMJeKYM8+VM0ETWrguDluyoiRDSR3jLF v/IbkvH5/HRmjbJibG8AMEqJmlKIQZ/+MphN X-Received: by 2002:a7b:cc09:: with SMTP id f9mr5912789wmh.68.1561163536119; Fri, 21 Jun 2019 17:32:16 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:99d4:1ff0:ed6:dfbb]) by smtp.gmail.com with ESMTPSA id v18sm4792019wrd.51.2019.06.21.17.32.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jun 2019 17:32:15 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@google.com, Ard Biesheuvel Subject: [RFC PATCH 30/30] fs: cifs: move from the crypto cipher API to the new DES library interface Date: Sat, 22 Jun 2019 02:31:12 +0200 Message-Id: <20190622003112.31033-31-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190622003112.31033-1-ard.biesheuvel@linaro.org> References: <20190622003112.31033-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Some legacy code in the CIFS driver uses single DES to calculate some password hash, and uses the crypto cipher API to do so. Given that there is no point in invoking an accelerated cipher for doing 56-bit symmetric encryption on a single 8-byte block of input, the flexibility of the crypto cipher API does not add much value here, and so we're much better off using a library call into the generic C implementation. Signed-off-by: Ard Biesheuvel --- fs/cifs/Kconfig | 2 +- fs/cifs/smbencrypt.c | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) -- 2.20.1 diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index 3da294231dcc..dedab8f79ee8 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig @@ -14,7 +14,7 @@ config CIFS select CRYPTO_CCM select CRYPTO_ECB select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES help This is the client VFS module for the SMB3 family of NAS protocols, (including support for the most recent, most secure dialect SMB3.1.1) diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c index a0b80ac651a6..5c55c35f47d6 100644 --- a/fs/cifs/smbencrypt.c +++ b/fs/cifs/smbencrypt.c @@ -23,13 +23,14 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#include #include #include +#include #include #include #include #include +#include #include "cifs_fs_sb.h" #include "cifs_unicode.h" #include "cifspdu.h" @@ -70,19 +71,18 @@ static int smbhash(unsigned char *out, const unsigned char *in, unsigned char *key) { unsigned char key2[8]; - struct crypto_cipher *tfm_des; + struct des_ctx ctx; str_to_key(key, key2); - tfm_des = crypto_alloc_cipher("des", 0, 0); - if (IS_ERR(tfm_des)) { - cifs_dbg(VFS, "could not allocate des crypto API\n"); - return PTR_ERR(tfm_des); + if (fips_enabled) { + cifs_dbg(VFS, "FIPS compliance enabled: DES not permitted\n"); + return -ENOENT; } - crypto_cipher_setkey(tfm_des, key2, 8); - crypto_cipher_encrypt_one(tfm_des, out, in); - crypto_free_cipher(tfm_des); + des_expand_key(&ctx, key2, DES_KEY_SIZE); + des_encrypt(&ctx, out, in); + memzero_explicit(&ctx, sizeof(ctx)); return 0; }