From patchwork Thu Jun 27 12:02:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167933 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249335ilk; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) X-Google-Smtp-Source: APXvYqzMzek3pFX7fHgG8rPbN6tZwXLvF9pvyVrhWZSP+nzdBx2bTDH/PPHZ2oTW+QYIawdQ1Yp2 X-Received: by 2002:a17:90a:d587:: with SMTP id v7mr5806014pju.28.1561637012409; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637012; cv=none; d=google.com; s=arc-20160816; b=qw/hxNO8HeKXMsrka7v/sR1AbYkrouVU54TGqKLvPf3L3AWBIJPVr8NVXzMpzzY3Qe uxiotJdE52MrMJ7VEp7bYUzWYrqDeTUryzu82JiAPjw4zaYDA9LgzgXtvc2cAFVQq2su 6vDWNQdOcW29xBvP6guRxJ2IfmYqicP0MYGoHlwZQvVn8TFtFZParnO0AEkdLPe7P44R TvEy+UlcihXqrISlZ4T3d/VuVmkuLTl4yzV+wZi7A2fE3Im3/2M3o1XMTPWaDUIZxbtL GqI5JsU/w0DBYcbLTWlYPRRqIFihH78A7TwXzin8/9G0NOGMJNz0p3aTVwFDPuyzqebh u8/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=d6Ad4sF3J0KuAM2WiwWhIDJxHqK9C/INPTZTWpUiWwE=; b=Z7IhyWZ5uLSiFH9/S3P7Nl9kQXHtR9ypmnqJhMVbw5g6d88q/G/siEHGiGsrKGKdxm JqaOxmLg7DUzQuIQmA8QtZ+CwxD2za/afS168RCLvxKLgqYA8kKyib/xtJrOGKZHlkBQ +wtnkioOFJgSnU032FTMEUAY+kGXCCUgaftoa2T36LKOQga/8rqSpvkeC2dbD5G6c+8Z qoasFnqhKeZJF3BsKqlFhUzvw2xDZ+3VyEO2xwU/yBRoiY9hqAdzrIZxxl90dsqKT87E 9wWk5QTj8+2ekyrW75QTDW6a1D/39NdtSEa1lLyraPc9RQdbWYTAfuY2gpO+InD32Wi1 yGzA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ubqKQ+FD; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.32; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ubqKQ+FD; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726664AbfF0MDb (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:31 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:37983 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726462AbfF0MDa (ORCPT ); Thu, 27 Jun 2019 08:03:30 -0400 Received: by mail-wm1-f68.google.com with SMTP id s15so5395985wmj.3 for ; Thu, 27 Jun 2019 05:03:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=d6Ad4sF3J0KuAM2WiwWhIDJxHqK9C/INPTZTWpUiWwE=; b=ubqKQ+FDUwuRQCqth9NGF5DYW8EDnnD81kksG95rwoXctsIrvVdFgHa4pKwIE4d3mO 1F7TD5kB75Q07PtOJKhc18f9OhlHxt1vURb2rJvM/WFIsuntanaP/2/5y0A1ob55UEYk ReT4ChZFY96G2kMa87941xub+l0yW1DtMp99qwidbEOPx2rA2lqq5ijTz9TUAZ7mXLG7 dHfPIng4aM/aEF+/vdbNF/H/txmGq8H4t1SQKhm22g3CLnQBiwCCLzVGNX+XTrIp194g AlEtyZhIL4GF05zSXg7Zv0C6odEu2VyuKXmKMiiWC+H2i5QdSAyjL1DKrHXcX9+Ky2aE qK7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=d6Ad4sF3J0KuAM2WiwWhIDJxHqK9C/INPTZTWpUiWwE=; b=kC4t9ehopzbzJ9WciBLnDH4aWNxciuPUlZc+JM4GQVDcq+keQ3/5Yi+6CqCNk4WMan GnWCpI4j9y97m80mNFwmL6WpGtNPF08MNxl/kJoedaX1z+AEwnXTYUVIhlpKRhUc1IMC H6MdQHYdK/JR0LSNKown2AizLpmIURrvVDcQNJf4974qUmSaVBU9E/yZH6/n/9pqX0O7 PuSW5KYuZxJPiVJMDnDgc221snsQku/u44yydPAq4cL4qDTWl+mIOtPAmBkAKh/u1BLX jHBdhS/pZY1K3bwmha8nAzwOrfqCB5Hf3zXq0sUp09UXpM5oXFfZrK8YBEceCTJAYVKY RXoA== X-Gm-Message-State: APjAAAXE0aVUiS9ODOyYooKMCu7Zt0C+Oq9OCZiHf7kj8hDrffc6w3tK QOMUn7+XwpqBK71wJYh4DWTlJEfLXrCHww== X-Received: by 2002:a1c:6a0e:: with SMTP id f14mr461945wmc.154.1561637006901; Thu, 27 Jun 2019 05:03:26 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.25 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:26 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 01/30] crypto: des/3des_ede - add new helpers to verify key length Date: Thu, 27 Jun 2019 14:02:45 +0200 Message-Id: <20190627120314.7197-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The recently added helper routines to perform key strength validation of 3ede_keys is slightly inadequate, since it doesn't check the key length, and it comes in two versions, neither of which are highly useful for anything other than skciphers (and many users still use the older blkcipher interfaces). So let's add a new helper and, considering that this is a helper function that is only intended to be used by crypto code itself, put it in a new des.h header under crypto/internal. While at it, implement a similar helper for single DES, so that we can replace the pattern of calling des_ekey() into a temp buffer that occurs in many drivers in drivers/crypto. Signed-off-by: Ard Biesheuvel --- crypto/des_generic.c | 13 --- include/crypto/internal/des.h | 96 ++++++++++++++++++++ 2 files changed, 96 insertions(+), 13 deletions(-) -- 2.20.1 diff --git a/crypto/des_generic.c b/crypto/des_generic.c index d7a88b4fa611..c94a303da4dd 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -846,19 +846,6 @@ static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) d[1] = cpu_to_le32(L); } -/* - * RFC2451: - * - * For DES-EDE3, there is no known need to reject weak or - * complementation keys. Any weakness is obviated by the use of - * multiple keys. - * - * However, if the first two or last two independent 64-bit keys are - * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the - * same as DES. Implementers MUST reject keys that exhibit this - * property. - * - */ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h new file mode 100644 index 000000000000..53dffa0667ca --- /dev/null +++ b/include/crypto/internal/des.h @@ -0,0 +1,96 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * DES & Triple DES EDE key verification helpers + */ + +#ifndef __CRYPTO_INTERNAL_DES_H +#define __CRYPTO_INTERNAL_DES_H + +#include +#include +#include + +/** + * crypto_des_verify_key - Check whether a DES is weak + * @tfm: the crypto algo + * @key: the key buffer + * + * Returns -EINVAL if the key is weak and the crypto TFM does not permit weak + * keys. Otherwise, 0 is returned. + * + * It is the job of the caller to ensure that the size of the key equals + * DES_KEY_SIZE. + */ +static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) +{ + u32 tmp[DES_EXPKEY_WORDS]; + int err = 0; + + if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) + return 0; + + if (!des_ekey(tmp, key)) { + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + err = -EINVAL; + } + + err = 0; + memzero_explicit(tmp, sizeof(tmp)); + return err; +} + +/* + * RFC2451: + * + * For DES-EDE3, there is no known need to reject weak or + * complementation keys. Any weakness is obviated by the use of + * multiple keys. + * + * However, if the first two or last two independent 64-bit keys are + * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the + * same as DES. Implementers MUST reject keys that exhibit this + * property. + * + */ + +/** + * crypto_des3_ede_verify_key - Check whether a DES3-EDE is weak + * @tfm: the crypto algo + * @key: the key buffer + * + * Returns -EINVAL if the key is weak and the crypto TFM does not permit weak + * keys or when running in FIPS mode. Otherwise, 0 is returned. Note that some + * keys are rejected in FIPS mode even if weak keys are permitted by the TFM + * flags. + * + * It is the job of the caller to ensure that the size of the key equals + * DES3_EDE_KEY_SIZE. + */ +static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, + const u8 *key) +{ + int err = -EINVAL; + u32 K[6]; + + memcpy(K, key, DES3_EDE_KEY_SIZE); + + if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || + !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && + (fips_enabled || (crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) + goto bad; + + if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) + goto bad; + + err = 0; +out: + memzero_explicit(K, DES3_EDE_KEY_SIZE); + return err; + +bad: + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + goto out; +} + +#endif /* __CRYPTO_INTERNAL_DES_H */ From patchwork Thu Jun 27 12:02:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167934 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249341ilk; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) X-Google-Smtp-Source: APXvYqyKjija0sOMxeC6qKS7TE21+I5Yz1vmkEpGqGsPasBUuhwdgwoKhvPPWpo/351EYIXDknsq X-Received: by 2002:a17:902:4201:: with SMTP id g1mr4277441pld.300.1561637012793; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637012; cv=none; d=google.com; s=arc-20160816; b=gmucMiUmpO9ly6BUBfyNZBHquj6yQKFzQMjFCZhFnUAp9I2EoOqDWap5H9hLud5OlF RvU+5TITkwTlB4slmiwoB6lVhT6cwj/g1MZZXDh2xmTkQOvCcNsu7iJnpaLZ7n2CPvGr /5P5ROFQQTkzg4pm3J/7/EMnbXcTlUdVjLwivf99gIYqrnAdz0xFtJgU7bSdOwYunElN oeuEvZhgSIFAZJivFxkHcm7BJlUwq20hwWr2oH32z2xzFYQUVlI8n83GR3n8ALx0M2qB Ni+DovSqRrJ3FnS0Uqu0DESpPempihuxnpZ1zzHaRFlCOwyrt4ZmVL9ou6XcA/SDDbrB n2Tw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=QKKvnKfAoojqb9qpbzog+67ExgqfuGGUR2Pd0cRpEHk=; b=NpPkEtWFb5mmC9MvVII2BQYSd4l4iZ0Kyi8shp5biLEJpMveb8GhcMBnW2td2EdLIA vtP50utmXzJSdXDCBoh1jY+CFhQf0EVZULVvmTPv5qc433krhIVdomr9NXqLHkim/xTE ek9oEzg18jvXyuL3vntyQzLtqo+bNqhudZCJFU8ZjulnN809xC2X4t8SPyF2gXI9nC9L 88ZIq1Js8Z4FFYPyazvDtcquHtsr3LrymLSK5tfGoeyXotVJS/E7xm47VE3AgwxsqE0A j5D35xgzCWhBlwQgKO1UdfS4I+ldmfcpxkn4Ywkv1HIjRbcGLLDt7Fo9M2hlA+HKWkHE ZtVQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=YO63AJYr; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.32; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=YO63AJYr; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726462AbfF0MDb (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:31 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:44742 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726370AbfF0MDa (ORCPT ); Thu, 27 Jun 2019 08:03:30 -0400 Received: by mail-wr1-f67.google.com with SMTP id r16so382533wrl.11 for ; Thu, 27 Jun 2019 05:03:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=QKKvnKfAoojqb9qpbzog+67ExgqfuGGUR2Pd0cRpEHk=; b=YO63AJYr8M/E6foKiZqJWaQhhv0dOKiQrz+/PxMLvOsFBuFGX6x8rKPkTmKRXYq3TD Tr7t+JKNzZbXcUK6Lboj1K9SiiNr5DF5sqZx5qANPmnzk389Pg5FDgzgBYA5vhOkcaBs 4cCuxVWZN+q4+IuNIGp52FFKTYkAV8GbgBxaC8rAhCKtlQDclin2Ku/jR6hJficiPlzM ZNnk88Bevawh2liPLq+dJfWB56VdjyY0yD9xCceqXa7k1MmXcPk3NX50IdAqEJ67qc7z XLM34Hrg/D+4Mxn+86ingG9Jvmpefl78H7uT+NIh0hys1ab+v5DVRW8qsNukwiXCSEU3 HNaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=QKKvnKfAoojqb9qpbzog+67ExgqfuGGUR2Pd0cRpEHk=; b=OQ9DbP+ycbXlQMSD9fLugi196qT5yDLWpbaRiMt+UX0wVXkOJd4kuDYizH+0vwL9no ahhlmBRKj3bFa4oCtWqbGaB18u3bZxTR8qwd4Te51TDypbI3Bngw6fO3/C2Fgh3Hcqjz dlyO4+zFTnaDSeKZ3G5RNYah83E9P4e7AWv6giD+X0iiKh9v9d0vJSX328vZgKHUGP0S 0nbn+9VUCVDx5ApAc8IehlEdcea8fnKE0fLxSlw2+TrlGat16W+k4Bv76adFD06cWAHm RvepXcqopUq1apn5086o9Ymt9hLVa/G+PrPftOKhVDcFRUszvlZCMq/V903vnL/N0dbV 76JA== X-Gm-Message-State: APjAAAV9ms6hZigPONB0EBX58adYNHPhLf+4EaQzaOtdPpjU51R2pA/M Ac8bwG9WmIBhFGM2B+9cESgZ0j6mOPpW+g== X-Received: by 2002:a5d:4909:: with SMTP id x9mr2820836wrq.226.1561637008133; Thu, 27 Jun 2019 05:03:28 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.26 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:27 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel , Harald Freudenberger Subject: [PATCH v2 02/30] crypto: s390/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:46 +0200 Message-Id: <20190627120314.7197-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Acked-by: Harald Freudenberger Signed-off-by: Ard Biesheuvel --- arch/s390/crypto/des_s390.c | 23 +++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) -- 2.20.1 diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c index 1f9ab24dc048..99edfb4907b5 100644 --- a/arch/s390/crypto/des_s390.c +++ b/arch/s390/crypto/des_s390.c @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include #define DES3_KEY_SIZE (3 * DES_KEY_SIZE) @@ -34,27 +34,24 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - /* check for weak keys */ - if (!des_ekey(tmp, key) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (unlikely(err)) + return err; memcpy(ctx->key, key, key_len); return 0; } -static void des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); cpacf_km(CPACF_KM_DEA, ctx->key, out, in, DES_BLOCK_SIZE); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); @@ -75,8 +72,8 @@ static struct crypto_alg des_alg = { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_setkey, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt, + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt, } } }; @@ -226,7 +223,7 @@ static int des3_setkey(struct crypto_tfm *tfm, const u8 *key, struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); int err; - err = __des3_verify_key(&tfm->crt_flags, key); + err = crypto_des3_ede_verify_key(tfm, key); if (unlikely(err)) return err; From patchwork Thu Jun 27 12:02:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167936 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249380ilk; Thu, 27 Jun 2019 05:03:35 -0700 (PDT) X-Google-Smtp-Source: APXvYqwHVJTJJtBTsLCxNdv1f5xPMZEdOewxbz94Pc2hG6IqbhOWCIeHkuBqxhS06QTOSC1jhTLm X-Received: by 2002:a63:1b07:: with SMTP id b7mr3415303pgb.133.1561637013508; Thu, 27 Jun 2019 05:03:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637013; cv=none; d=google.com; s=arc-20160816; b=wl58vPcZU9Rg8A5o6Al1RhDm6Hp97joOZruR5XSUzAeZB8tg8ABPa3rwfjqF2agIlI S31zYw+WB+31N2wYQ0iJ30Bk/ksBgXo7inq+f8h2Qf0xI7E0rPG2hi6dDSYoayjAxMbM DLWsM8Vn1HgvTCBoIdVL3qN+blplQl+B1TgNUsD0wH5XyFgAEECOIrW8PIFtLUg3vRoF Eg5wf+Urrs3AQZ7BIA/H9qC6Z9Sh/hO2YpXQaGnwH/5chGgBmyK6N7DZ4C8dZnvsoBix PKh9KgrtfB3kPLwTnsqN2DhIGe/bNp1INwGJvvw5sGI7S7T0B+NzGqfNnzpAPJX51/qA xmdA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Lqk2F1dMPirsNvZjMWj5/SEiKrPeSORVLu9mfIy1Vdg=; b=Y0W+zXmncUEac89SV2rFufj+hdDgG49U0voyKlTYBy4K6qsYQl2nTSQ10iK92ZD8bg baSZkVjTw+Bu+pHH8OKENCFQw4SCXVy8zOmkrdxMeXQw52MnNKq9Pixsp0xo2lKqQuLu VfJQvuEYM68Q9TF5Tc/xfeOTjw4GLhLdSLmTPh130f4zBr6Pzk6UrL1wlHotu4SczG87 /SWfgme85A9dHKipM1hp1UNbWsIYLi4puxq18cCyn31xj/z2KWaoVmvDTgVVfIGBS4i1 sZIc0MAjRCbxDco3/dNQgm+xTB/+oVu8RPWUepsWVmWwceWA7p+Ev7MmVLMBX6dUI6Ax D+9Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dCAg21RO; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.33; Thu, 27 Jun 2019 05:03:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=dCAg21RO; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726678AbfF0MDc (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:32 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:34713 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726542AbfF0MDc (ORCPT ); Thu, 27 Jun 2019 08:03:32 -0400 Received: by mail-wr1-f67.google.com with SMTP id k11so2278825wrl.1 for ; Thu, 27 Jun 2019 05:03:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Lqk2F1dMPirsNvZjMWj5/SEiKrPeSORVLu9mfIy1Vdg=; b=dCAg21ROvSB+gknzp2em+sIH7Qb46ioBPLXj3s/pE+23NZo1Oeo7mSr9bXa4ht15TS xFMXeknkgvT41TmduNY4HqrUzH+rU1krh6BinBibDKhZv++cEhQUo2ER0V0XQjcXPmnz nl+63nkOhLKXIC00B+sR2hSdO9X62FgqaAcT6wJPMpqjJeMPs7qPx3vAy670keL/hFWr vCCMWRht2MO3K63u6+U1t7mP/Gugjjmsmth8KX5ocYwwy2PfTlAvNBjJNqJVIILJh/Ub gi+anl5cTe0npLRhtwSO+fLhjOhOkPRTAp3L/V2mUKi7h+cIFYx2rqrzngr6kBqagAKo BfnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Lqk2F1dMPirsNvZjMWj5/SEiKrPeSORVLu9mfIy1Vdg=; b=PFOzx0g30IjT1RVHnAZ+2olCNXSff57Z74wU6XHITHHA3mRfQodcrCMF8t142GriqH hx8mV1X2Qv986nLUAurACNDOejuB02V3zNlZHrU92tG9zY3h20TYU4E8qpAttk9p2JiG qPSHSc5qOvnQsZpxA0q4zZkjawtQ2vc5fJ4uH1FABJmAqsalVmcc/Ei1du/M38beJu8E YND8GmXdVUJxYHVkADaJ3WOrDaH/7O3AetsCZZlFkzEN7mVs2fj18QvfO5O9a36hpIRr qtSiKhuqqmqizhiH3VteGx/3EaFnKg9upMG+Alw/73xj0yCJAhPBEarHdesn/ryiXNXR o9Eg== X-Gm-Message-State: APjAAAUdqp0JwC/bhEM/wk440RmrDXYSAvBLpTtUHK6B0Dh5hwKA3Ud+ RaBjmzv4RoB5jq8FG+K3XqoGSN0CRBbxzw== X-Received: by 2002:adf:e2c7:: with SMTP id d7mr2918197wrj.272.1561637009242; Thu, 27 Jun 2019 05:03:29 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.28 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:28 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 03/30] crypto: sparc/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:47 +0200 Message-Id: <20190627120314.7197-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/sparc/crypto/des_glue.c | 35 +++++++++----------- 1 file changed, 15 insertions(+), 20 deletions(-) -- 2.20.1 diff --git a/arch/sparc/crypto/des_glue.c b/arch/sparc/crypto/des_glue.c index 453a4cf5492a..8a35491d6656 100644 --- a/arch/sparc/crypto/des_glue.c +++ b/arch/sparc/crypto/des_glue.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include @@ -44,19 +44,15 @@ static int des_set_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des_sparc64_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; + int err; /* Even though we have special instructions for key expansion, - * we call des_ekey() so that we don't have to write our own + * we call des_verify_key() so that we don't have to write our own * weak key detection code. */ - ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (unlikely(err)) + return err; des_sparc64_key_expand((const u32 *) key, &dctx->encrypt_expkey[0]); encrypt_to_decrypt(&dctx->decrypt_expkey[0], &dctx->encrypt_expkey[0]); @@ -67,7 +63,7 @@ static int des_set_key(struct crypto_tfm *tfm, const u8 *key, extern void des_sparc64_crypt(const u64 *key, const u64 *input, u64 *output); -static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->encrypt_expkey; @@ -75,7 +71,7 @@ static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des_sparc64_crypt(K, (const u64 *) src, (u64 *) dst); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->decrypt_expkey; @@ -201,13 +197,12 @@ static int des3_ede_set_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_sparc64_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; u64 k1[DES_EXPKEY_WORDS / 2]; u64 k2[DES_EXPKEY_WORDS / 2]; u64 k3[DES_EXPKEY_WORDS / 2]; int err; - err = __des3_verify_key(flags, key); + err = crypto_des3_ede_verify_key(tfm, key); if (unlikely(err)) return err; @@ -234,7 +229,7 @@ static int des3_ede_set_key(struct crypto_tfm *tfm, const u8 *key, extern void des3_ede_sparc64_crypt(const u64 *key, const u64 *input, u64 *output); -static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des3_ede_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->encrypt_expkey; @@ -242,7 +237,7 @@ static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des3_ede_sparc64_crypt(K, (const u64 *) src, (u64 *) dst); } -static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { struct des3_ede_sparc64_ctx *ctx = crypto_tfm_ctx(tfm); const u64 *K = ctx->decrypt_expkey; @@ -389,8 +384,8 @@ static struct crypto_alg algs[] = { { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_set_key, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt } } }, { @@ -446,8 +441,8 @@ static struct crypto_alg algs[] = { { .cia_min_keysize = DES3_EDE_KEY_SIZE, .cia_max_keysize = DES3_EDE_KEY_SIZE, .cia_setkey = des3_ede_set_key, - .cia_encrypt = des3_ede_encrypt, - .cia_decrypt = des3_ede_decrypt + .cia_encrypt = crypto_des3_ede_encrypt, + .cia_decrypt = crypto_des3_ede_decrypt } } }, { From patchwork Thu Jun 27 12:02:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167937 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249404ilk; Thu, 27 Jun 2019 05:03:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqx2rtcM7h85WC3eHy3iRasUdo3JskzLt5EU/VT7b0AkOSasuyemFBA391Xz3ii4TrP9VlWr X-Received: by 2002:a17:902:42d:: with SMTP id 42mr4121608ple.228.1561637016094; Thu, 27 Jun 2019 05:03:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637016; cv=none; d=google.com; s=arc-20160816; b=oOicEMhv/oTtJeLhjANZwr/6vcvnJw8KgcLhc2RKm4txxM3H6hUdEuVMbEnO1VB+zg ZaKOfwKcGgdJ7267GDX/joVjyenvZZTQNM1PyeYRTljiasMcgykIbMgAqQEmnr6Y9xO2 nWXQ8T8u1nG/+Y364VO7pBw96spIMWV5TQoxY9XPvW5Cm8QjsQ9F8G7hWUY3Y4ceexCM 3G8TIPbFPiusq6INkcM8iPYL3cxdePfsELREoJcdyYXSHgkOJkEkhR8HQPgbVAXbPOdR iTOqSOuMri5OoVF5+PygXRPFuJyYuEFJl5R5jiJLQY2x85V6cBjPpjy8jepADMVfD0MY HhZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=SiK1utFZeFTC11vWPtZldu78CHZEvE7pPFtw9F0TrYw=; b=wttGcNH+07w0um3a+jr3vfafRjPVAZo4jvhr1uNNQHRMPkHCpFAXdC/4SvEYCrcC0C WxDQRMyKEAus4ewThTUFIwm3f2G6Pg8AcqsWgIEAOgaGp2pVfYT7JQGwNcwzsLEBxIMc qLtqJSABNke2fIz5OTM2/KYIejfpa7lvMtyp31ndr20aqplou1A7eZS0rkSUmUWxwcm+ 4kIxjSjBDLu5/7IXBMuMPfB+SYadlJMIS5wV5+LDuQXZMkotIwpyPKEkPuWAJTPr02Lz OT1GGWswWP4aIXLc21sEz5DeBYCLeSTeyyottxifiyOZ322uJMzTXBI3c31Lh44tigjc tiPw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WinQZvKG; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.35; Thu, 27 Jun 2019 05:03:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WinQZvKG; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726370AbfF0MDe (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:34 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:46299 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726571AbfF0MDc (ORCPT ); Thu, 27 Jun 2019 08:03:32 -0400 Received: by mail-wr1-f65.google.com with SMTP id n4so2223415wrw.13 for ; Thu, 27 Jun 2019 05:03:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=SiK1utFZeFTC11vWPtZldu78CHZEvE7pPFtw9F0TrYw=; b=WinQZvKG+F/zYaC3KkYq5eI+mDGuzRqQ3cpZNStbcNVVA70G+aoW6UtdCWLyFRd3tk kG6YAN2tz3t/zvsV1qo8u8nXlNH2xrh1g+qAa6WniZm0nPuIRg/YrET1BlUhUDqyXpa1 +rO8AP4Zp3iwbl8edXyTg9xGUQUkqFBtXmUXdPYP7sfPwiKFERq630cxxtFHzumqCJVX 9zIizvNl6FDSb9XRCoHgBKHxc54MAaDYufGr7gcd2rMEyDHnWG/tSVfkd5hYpqc+dQEQ QhrIOFW1btkTdsGkYnmjhBhSAxMsp0B6zPR2eR0UubveHNBso2tsYQo7tTvEmfJv+Vwf FuJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=SiK1utFZeFTC11vWPtZldu78CHZEvE7pPFtw9F0TrYw=; b=iAob2NQUESv5Ct09pXsT6VhCJtU80Mu7oEtFFOrUV8Jd6rQlKeSJ4Y3/WxrEUmvvgE 28+gvDd4qT3Ej9zvK929hs+o1rfs6UZpODlJZEuaZ13pGs1OoMmT0fMhUtobaYM7zEaW aKsbofvB6ca20mA++BbI9sDbu+6/2tQTebQbGOy5v3OUmKA+DUzf0UUspHGpW1+bpuvC d6fWlaNOtYZnPe3a8XUe90GR5n+8of5L08LCyjpohkcFdYBAGPV/QhXsuHc+aUq/1Zi4 QkzDqfs/fi7Pn57yuiI3la+gd8pka03kg9XaM91+nA1kFOgtwSCQxHv0TZOgXMVoP+fu 0W5w== X-Gm-Message-State: APjAAAXqqtzlaSdvVd6a39CD47H6FHvrO94rTh5WQRbjG5VdEaySWGfJ tBnSDTTUjGyNidwBaEXehN2cosM1i5aKgg== X-Received: by 2002:adf:ea88:: with SMTP id s8mr2918027wrm.68.1561637010606; Thu, 27 Jun 2019 05:03:30 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.29 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:29 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 04/30] crypto: atmel/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:48 +0200 Message-Id: <20190627120314.7197-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/atmel-tdes.c | 28 +++++--------------- 1 file changed, 7 insertions(+), 21 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/atmel-tdes.c b/drivers/crypto/atmel-tdes.c index fa76620281e8..3df8b3bb12a5 100644 --- a/drivers/crypto/atmel-tdes.c +++ b/drivers/crypto/atmel-tdes.c @@ -33,7 +33,7 @@ #include #include #include -#include +#include #include #include #include @@ -773,22 +773,12 @@ static void atmel_tdes_dma_cleanup(struct atmel_tdes_dev *dd) static int atmel_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - int err; - struct crypto_tfm *ctfm = crypto_ablkcipher_tfm(tfm); - struct atmel_tdes_ctx *ctx = crypto_ablkcipher_ctx(tfm); + int err; - if (keylen != DES_KEY_SIZE) { - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - err = des_ekey(tmp, key); - if (err == 0 && (ctfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - ctfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (unlikely(err)) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -800,15 +790,11 @@ static int atmel_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { struct atmel_tdes_ctx *ctx = crypto_ablkcipher_ctx(tfm); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(tfm, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (unlikely(err)) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Thu Jun 27 12:02:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167935 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249398ilk; Thu, 27 Jun 2019 05:03:35 -0700 (PDT) X-Google-Smtp-Source: APXvYqwYd4PT52MJSAet2CuJhwHJu4bXw4uXs11HwoUyBqeuwZ9IeMDnoWQ/MVd/FtdD70nKFfxS X-Received: by 2002:a17:902:b713:: with SMTP id d19mr4265194pls.267.1561637015715; Thu, 27 Jun 2019 05:03:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637015; cv=none; d=google.com; s=arc-20160816; b=Nf2QHkyKp9c5WkJvYe7brPwnrTBHFbxCJ2vmeCQc4+B1aahyg8NTbcFCyFxQ8qnO90 I8T16drnQ95Y3Vrrle7YAXeJklUqmbPTkaZuVSNtbR9QjNckEk7ADjZMxC3WKN28MrVG +RB/H/Bull/q2Jgit6w/hAZ8qEoisa9od0IJk5WZeqgY0RuI/F0yAxL9akeOiSRcuvW3 E2mL390Kclhxl902LfONkKg/srCgjKX+Mft5PLnSIIuSF8p6KBPZbUjIez6kpHVGJ/79 Y0fkjbDV4+izyJMsw5DW5aAvdxptRgkj3RBlWAVU+PAsYh051eosKpKCdOh1drEHHVqV GxYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=j1mRQgZhEVSPh2opm7CEW9MGSpAHZzLYocHpi9vXVhA=; b=al0ZGyi4fEwPt/hdOWCGygTqfcS7sK1RGk0ZkL5DyvbeRTrSoDIpp9c5W+qAY24EOB 061JOiU5bQvaXmJfbk2s6e9m5XAn8I7TEB5VX99z/GNoG4DaQsqqvWEGSPNMDsAMFQJl Ph5a53Yry67VxWrAH7KRAS3ISn4KOrysQz79jRb5/vb9TCsT2iVR9ZMZyj+yu5gt0oCQ /mqSGy6sh+1fVnIulac99NXb7XeXbuQkB+DlACHNHTAosvBTBBlSAH6kqTw45hBnAE4p v+w5i7v4Oid5sMjG0x+NBsW8eQqaxL0aigLZrQpdrH09J7s9/fEo+DtVt3F5jiyV4/v/ IYBw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=IuQR9FjV; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.35; Thu, 27 Jun 2019 05:03:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=IuQR9FjV; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726690AbfF0MDe (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:34 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:43605 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726370AbfF0MDd (ORCPT ); Thu, 27 Jun 2019 08:03:33 -0400 Received: by mail-wr1-f66.google.com with SMTP id p13so2235139wru.10 for ; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=j1mRQgZhEVSPh2opm7CEW9MGSpAHZzLYocHpi9vXVhA=; b=IuQR9FjV28obh9kejFUuADrMW+nbQSRoh/rCQkpHUQZy4fxMUz1VIFs2yhC9ZMRbFE 9ngofC4f201T6/zNCABrTeGibavlm53XnOm5C6cKnMUT0alBjR7JqmYN9x7BZ2fhzzJ/ hlo8pOhkbrfo+JzcDT3cI4o6d4lCU9BJzXBcH24uHy70FFNIBw77aPKgSPd+KOxmmc7S QloYY8S38Fa+lD0h9fyX/fAi83M2+G1+Isf2fDocZprBkc49Vf09sWg20yLxl29DZK8k 4w0hZbmzxl/859JniNbwGy1wAYfI57lqnq10Nse1YAeamHzeBlPTOOInTAK6hD0ii/DO JqlA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=j1mRQgZhEVSPh2opm7CEW9MGSpAHZzLYocHpi9vXVhA=; b=uMi/aIBlTHiu+R+kwXJ2tIfhhKO52FxJLUVvpzkQkpK5r1C2pN2HI5sPYHkgLRRB2b Ta68aSG4/4bVuxx/bbLUcBBp+7uSz3GigF2QgBMqC/CAtzZZpvHO1BT+UV7v/7RsFotm LkDCWDeX9Smlal5LPu0puWujXZsnhLD83kY+lVM3m/XIjoNrEHtMVRX90C1AjIt5/14D aypylUYUfkDK7G5EFmBFk769GSM3sFVYHycpXU0DYctu1miPVzbxcdtpWaFT8YqoOlMA A+Dg2RMpPRbmzAhXiqBUnJ2LYsvTyIrbhJCh+mN6FdkZqnKcZScsS55ZDaoYNSsIe3+G XBbw== X-Gm-Message-State: APjAAAVQVTwFIgVUen3Oe7rmuGSbDm9VEQLRxo9VsflN5yurOr/Y/tnB BHU2zzc7KwMP93k1SyMt1aw8qQHmkB9Eqw== X-Received: by 2002:adf:ea92:: with SMTP id s18mr2921647wrm.257.1561637011600; Thu, 27 Jun 2019 05:03:31 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.30 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:31 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 05/30] crypto: bcm/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:49 +0200 Message-Id: <20190627120314.7197-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/bcm/cipher.c | 82 +++++--------------- 1 file changed, 20 insertions(+), 62 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/bcm/cipher.c b/drivers/crypto/bcm/cipher.c index d972ffac779d..02006781528a 100644 --- a/drivers/crypto/bcm/cipher.c +++ b/drivers/crypto/bcm/cipher.c @@ -35,7 +35,7 @@ #include #include #include -#include +#include #include #include #include @@ -1813,24 +1813,13 @@ static int des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher); - u32 tmp[DES_EXPKEY_WORDS]; - - if (keylen == DES_KEY_SIZE) { - if (des_ekey(tmp, key) == 0) { - if (crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - u32 flags = CRYPTO_TFM_RES_WEAK_KEY; + int err; - crypto_ablkcipher_set_flags(cipher, flags); - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) + return err; - ctx->cipher_type = CIPHER_TYPE_DES; - } else { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + ctx->cipher_type = CIPHER_TYPE_DES; return 0; } @@ -1838,23 +1827,13 @@ static int threedes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct iproc_ctx_s *ctx = crypto_ablkcipher_ctx(cipher); + int err; - if (keylen == (DES_KEY_SIZE * 3)) { - u32 flags; - int ret; - - flags = crypto_ablkcipher_get_flags(cipher); - ret = __des3_verify_key(&flags, key); - if (unlikely(ret)) { - crypto_ablkcipher_set_flags(cipher, flags); - return ret; - } + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) + return err; - ctx->cipher_type = CIPHER_TYPE_3DES; - } else { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + ctx->cipher_type = CIPHER_TYPE_3DES; return 0; } @@ -2866,40 +2845,19 @@ static int aead_authenc_setkey(struct crypto_aead *cipher, switch (ctx->alg->cipher_info.alg) { case CIPHER_ALG_DES: - if (ctx->enckeylen == DES_KEY_SIZE) { - u32 tmp[DES_EXPKEY_WORDS]; - u32 flags = CRYPTO_TFM_RES_WEAK_KEY; - - if (des_ekey(tmp, keys.enckey) == 0) { - if (crypto_aead_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - crypto_aead_set_flags(cipher, flags); - return -EINVAL; - } - } + if (keys.enckeylen != DES_KEY_SIZE || + crypto_des_verify_key(crypto_aead_tfm(cipher), keys.enckey)) + return -EINVAL; - ctx->cipher_type = CIPHER_TYPE_DES; - } else { - goto badkey; - } + ctx->cipher_type = CIPHER_TYPE_DES; break; case CIPHER_ALG_3DES: - if (ctx->enckeylen == (DES_KEY_SIZE * 3)) { - u32 flags; - - flags = crypto_aead_get_flags(cipher); - ret = __des3_verify_key(&flags, keys.enckey); - if (unlikely(ret)) { - crypto_aead_set_flags(cipher, flags); - return ret; - } - - ctx->cipher_type = CIPHER_TYPE_3DES; - } else { - crypto_aead_set_flags(cipher, - CRYPTO_TFM_RES_BAD_KEY_LEN); + if (keys.enckeylen != DES3_EDE_KEY_SIZE || + crypto_des3_ede_verify_key(crypto_aead_tfm(cipher), + keys.enckey)) return -EINVAL; - } + + ctx->cipher_type = CIPHER_TYPE_3DES; break; case CIPHER_ALG_AES: switch (ctx->enckeylen) { From patchwork Thu Jun 27 12:02:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167939 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249486ilk; Thu, 27 Jun 2019 05:03:39 -0700 (PDT) X-Google-Smtp-Source: APXvYqzzIk5ZSJTVqafx0OwJrRfkanRbD1xYjkXj9vQQWsv4uHwRRwWAoO3ipl/EP6Y9wqlqxRMx X-Received: by 2002:a65:524b:: with SMTP id q11mr3393103pgp.384.1561637018898; Thu, 27 Jun 2019 05:03:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637018; cv=none; d=google.com; s=arc-20160816; b=UVxTibS9hB0ayztOQYJYOFW4AcHs+o5Et7wVz7ObOeQprVXx/XIcJqJLt4otx/plFB si/VqVWmHhhLQXXd51CRNXQRjUFzQiLxKpvB0IwBzW1+WbZVlTsCFYLm3thR2EpQK2c6 EhfIpcop0VkzQL+wKZZskTrOHCUx2ejtg+L/mytWM5lL6jrTc7cRZvbrWHIirt3Os9OF U8K+jfZITFOqF2BKetCAeI5SNxb03yP4RZ4McHWlc/KQ+oIxDlLBnzr12eK5CY2nZU9n F9DuM++EbvbrJkaZ1E2dmT8oKcj8SlKdRRdSe6ZXEf0NeN3cZNlgvJHn9tdw03dLQwfu PtYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=hai0Lu7faBG5mSfDAFgpAWqlovJTaNKDb9Ui/f2YGWE=; b=RdnjWUxoqFTvGKSZI+clfEcJrsSuPwc8EeOWBA7Fd8ivHQW0SSe+qDcLsW9/8GbylH x9gUsaSVmzF275JyJZmYyTs3FTiZphmbisYcB6OXwmYQbfQ6emPPMlYd0xB64FeGvMAJ jd2shTAdRnmxxGRHt/CD76KuLXLmmgsURmvzTD+RGFmd2vkH71W8i3hzNgr2eC1cAyJM 6/Hi3f3OHooNKK+Cp6Ramdom/cvcuV3lSsvD6ToLpV0NZPZ44Ng82frZbwEyL22jtgC9 hFnh8YELNmF08+9sIrDgQKcjmMU8YLpH/BlNyBtOsXq5ZAXauc6NuMc9Shj1oef5OXyU qbbg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bdL1sSFI; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.38; Thu, 27 Jun 2019 05:03:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bdL1sSFI; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726697AbfF0MDf (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:35 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:36993 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726542AbfF0MDf (ORCPT ); Thu, 27 Jun 2019 08:03:35 -0400 Received: by mail-wm1-f66.google.com with SMTP id f17so5403704wme.2 for ; Thu, 27 Jun 2019 05:03:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hai0Lu7faBG5mSfDAFgpAWqlovJTaNKDb9Ui/f2YGWE=; b=bdL1sSFIqH//pFaPnXFtH7QkVxPCKTCvt2xQDfSDQYMSH2A9wKAEQ/RK7mS6kRwZWb VgIY8WNsnjWrpJHYpMOCI3CaCtK2+JEzblkJ9DQ7z6EvHMmi8sLLHi3UDGiiuWAzhw35 tWAH6wVvK9PXHAE4xr02xQOXjA6tpd1B2lo/hjNQl8n7/sxtLfrAMl5ovdgswV3M6fH5 rTCUQvY1lD0FjUYZkq/611L6kjmwhRV0rQvuNCMivAHijD/Ag76PiFyjIUTjaA9JDvr6 YsAeNy5PIl+JjtQmFbumiMu2ymVeQRzKI1rRmXBY2aHb1KtcVHuq0kEhHatWHBQpa7Ei Qh2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hai0Lu7faBG5mSfDAFgpAWqlovJTaNKDb9Ui/f2YGWE=; b=FM5Wumy+3S5g3sqRCc9aG15ujA/4CHiII8AQLbg2HrL9UmctP040Udv295KeGHIFWo OKUaGsz+lVOfzsf7oFSjLKfSppNDdix3uUlYb3L2zaOIf+EQjZHwUVItMNx29ifSgpZ0 VH9b90kc3VwdaC6BHaY+OoH5yD8ouui846DCYqn7GOxCzvyod+Pkl0BIRCseZB7HFlpx 3bMyZ3yeBz437C+Ujmg3C4DOPIqfxaGZH/hxxIxqOsYmeYtvnqWeMKxA0Q/Af8DYQ/rJ 6bvEMf3TT4NKZ1Pn3Ks+l3DvcSrdOJ7Pbct12TTOttaoLYVo7Ozzqp0rWGxuCNGGz3VJ rRcA== X-Gm-Message-State: APjAAAUSt3OFE8q8SSA1L/yuNo98WRvxpQa1EzofcBRbQV4oAf5fU1/R OL2rMzAhJmmPsZjsY6JO7jtDshWPav1Gig== X-Received: by 2002:a1c:b604:: with SMTP id g4mr3095567wmf.111.1561637012557; Thu, 27 Jun 2019 05:03:32 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.31 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:31 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 06/30] crypto: caam/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:50 +0200 Message-Id: <20190627120314.7197-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/caam/caamalg.c | 39 ++++++++++---------- drivers/crypto/caam/caamalg_qi.c | 17 +++++---- drivers/crypto/caam/caamalg_qi2.c | 17 +++++---- drivers/crypto/caam/compat.h | 2 +- 4 files changed, 38 insertions(+), 37 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 43f18253e5b6..bc054c119cdf 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -633,7 +633,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -644,12 +643,9 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); @@ -785,20 +781,23 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES3_EDE_EXPKEY_WORDS]; - struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); + int err; - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) { - return -EINVAL; - } + err = crypto_des_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; - if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(skcipher, - CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + return skcipher_setkey(skcipher, key, keylen); +} + +static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, + const u8 *key, unsigned int keylen) +{ + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; return skcipher_setkey(skcipher, key, keylen); } @@ -1899,7 +1898,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "cbc-3des-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, @@ -2018,7 +2017,7 @@ static struct caam_skcipher_alg driver_algs[] = { .cra_driver_name = "ecb-des3-caam", .cra_blocksize = DES3_EDE_BLOCK_SIZE, }, - .setkey = des_skcipher_setkey, + .setkey = des3_skcipher_setkey, .encrypt = skcipher_encrypt, .decrypt = skcipher_decrypt, .min_keysize = DES3_EDE_KEY_SIZE, diff --git a/drivers/crypto/caam/caamalg_qi.c b/drivers/crypto/caam/caamalg_qi.c index 32f0f8a72067..3e29d4ba14e0 100644 --- a/drivers/crypto/caam/caamalg_qi.c +++ b/drivers/crypto/caam/caamalg_qi.c @@ -296,7 +296,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -307,12 +306,9 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); @@ -697,8 +693,13 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: - skcipher_setkey(skcipher, key, keylen); + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; + + return skcipher_setkey(skcipher, key, keylen); } static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, diff --git a/drivers/crypto/caam/caamalg_qi2.c b/drivers/crypto/caam/caamalg_qi2.c index 06bf32c32cbd..edf619f33b44 100644 --- a/drivers/crypto/caam/caamalg_qi2.c +++ b/drivers/crypto/caam/caamalg_qi2.c @@ -329,7 +329,6 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -340,12 +339,9 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey); + if (unlikely(err)) goto out; - } err = aead_setkey(aead, key, keylen); @@ -999,8 +995,13 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(skcipher, key)) ?: - skcipher_setkey(skcipher, key, keylen); + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; + + return skcipher_setkey(skcipher, key, keylen); } static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, diff --git a/drivers/crypto/caam/compat.h b/drivers/crypto/caam/compat.h index 8639b2df0371..60e2a54c19f1 100644 --- a/drivers/crypto/caam/compat.h +++ b/drivers/crypto/caam/compat.h @@ -32,7 +32,7 @@ #include #include #include -#include +#include #include #include #include From patchwork Thu Jun 27 12:02:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167938 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249452ilk; Thu, 27 Jun 2019 05:03:37 -0700 (PDT) X-Google-Smtp-Source: APXvYqxSmDfV3wp53tE16sHBKtmR7dyZJWpV+kLF2Qvz4ExbZADWBsh7F8teDJKiD9v7uymCUMxG X-Received: by 2002:a65:63d1:: with SMTP id n17mr3551873pgv.382.1561637017656; Thu, 27 Jun 2019 05:03:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637017; cv=none; d=google.com; s=arc-20160816; b=xFHv0630wJHAVsO2gwT2kSTeNmURRwKYMooe8fIBJED4/9GY2LUuFhenLeUBZTIqp7 tcLqdugxyhRyt9N7huy4+1xLA9III/6kYhrgBzwYS7pTlxFbqKstBCLJTKuU80mtJn9/ Jb+A86waWW2kWocJtwbss/7LSAAcmTvMNg+DzOJC/a1LS8HIxyGP585LVnVeQ7hKUTH1 iQ3S7aBlOKRF/VjgBLhwXcNDxborf39cLIG/KNQIP+2ES+mm3wWp/Hz7uCuytUh3K29B WYAfFcsCsytjyUXnQwHluj+RvEaqS98MsnEa3Tq+3Jl4Us2MiEfK5+VPPPeHidZ1seum orug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lw7IfSvEuxhbx4Wlk78c29jrNjDUKTz/yRyE8QUP9h8=; b=LZ5+fakNXUlu59wMcvUog010GQWqB2YBz7F8/n+ztukvsSdDmoKMJAOh2gnK9MBAM2 /9qxKmOGPU92x37ARWTagBW7CEPoV6SHF2NnkjLqO8E2vEW5guCmzcXBXqZYqg45bb7K SVXr1gpTy8sY8haUQdvpKGtZoGBKyG9WWQtpFVwrNui5HDdBqoJJaoCGswQ86nvJSUDC vU/5/BPz/0Ook+FtnOmV0Tibmtc/dbrQys9kP2aJAtMvuE2MLYNpFEkMDywnjjx9dk7m WbRV94LRyZ1ZNA3PstVnnUzWhk3LPvHLcKouNwdDk6u424ryHjbkrFhwcum5XjmGBcfu 3hbQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hIZgrMA7; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.36; Thu, 27 Jun 2019 05:03:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=hIZgrMA7; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726571AbfF0MDg (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:36 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:38972 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726682AbfF0MDf (ORCPT ); Thu, 27 Jun 2019 08:03:35 -0400 Received: by mail-wm1-f66.google.com with SMTP id z23so5412457wma.4 for ; Thu, 27 Jun 2019 05:03:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=lw7IfSvEuxhbx4Wlk78c29jrNjDUKTz/yRyE8QUP9h8=; b=hIZgrMA7BCMMKtpmuYsbI4pxMZK4jLiRMFaOsWlaBl3bxtr+MMkwryGKgwWyiYGltn VunsnzuNPRfjBRTey19Tzu+Idekf0dpmj2muspqLAiOwquqwzy7bhubQ1rvqXEZ1gw88 nG44Aih10JdebfWd6EMPY4zpnXeW9d8CAI65rPo+X5Vqlk0WEPl7KvjvY6WGRBp1SUlS haPswalJLeWGfqVj7n0Q3iPB7jSWDYW39wu74RA9rWa4iUP7cy9RTN2X0iG4giAjksQj N5IYmiPXF/fr9c2jZjoPEhj+1O63CDcrsRs0dbK7nizm0ivrM4nDKdz+SntoRWVbEwPC voJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=lw7IfSvEuxhbx4Wlk78c29jrNjDUKTz/yRyE8QUP9h8=; b=YzEueKrmme2wQ32QexzyrwEmdXfDb0ghNa9akN1FuSiBPiptSGla2v1bnAj3nUQv1s np4U6YotCQXbAtP1jYkHaW8v7Pnl+WG1EjYHVbxq0D/FaRxpd3+fXo81LMQdK73VG6AC ERpUN1RRov68ti8OVwlsLohFonB7009bbvXDk7/w83FAu+U+9wX1FzBlStNyHmvxNKGj YOIxLsUtZqZmQHD0EtdDRGLcCNMKU8Prz5ECwfX2zhJLTqfFElihtkUl4N6vlEGP9UpQ xHA9v8OZRw+6aZnoxHTuXsbfY5yj/dxn+CXYe/u6XNqZU0YK2JWylu7CUackJN0OOIMr u/Ow== X-Gm-Message-State: APjAAAWDZXs1IJHWJlTzPoJj2ESlTGwBwo0S8bwX+XJ0DgggYt75sbeB WChmyTlQYaIrojx7Oat1tn9/UiHl0+/zWQ== X-Received: by 2002:a7b:c148:: with SMTP id z8mr3078275wmi.142.1561637013653; Thu, 27 Jun 2019 05:03:33 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.32 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:32 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 07/30] crypto: cpt/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:51 +0200 Message-Id: <20190627120314.7197-8-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/cavium/cpt/cptvf_algs.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/cavium/cpt/cptvf_algs.c b/drivers/crypto/cavium/cpt/cptvf_algs.c index f6b0c9df12ed..f9b0ac792d6d 100644 --- a/drivers/crypto/cavium/cpt/cptvf_algs.c +++ b/drivers/crypto/cavium/cpt/cptvf_algs.c @@ -10,7 +10,7 @@ #include #include #include -#include +#include #include #include #include @@ -325,14 +325,11 @@ static int cvm_cfb_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, static int cvm_cbc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, u32 keylen) { - u32 flags = crypto_ablkcipher_get_flags(cipher); int err; - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) return err; - } return cvm_setkey(cipher, key, keylen, DES3_CBC); } @@ -340,14 +337,11 @@ static int cvm_cbc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, static int cvm_ecb_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, u32 keylen) { - u32 flags = crypto_ablkcipher_get_flags(cipher); int err; - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) return err; - } return cvm_setkey(cipher, key, keylen, DES3_ECB); } From patchwork Thu Jun 27 12:02:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167941 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249546ilk; Thu, 27 Jun 2019 05:03:42 -0700 (PDT) X-Google-Smtp-Source: APXvYqzEAp4Pq/QipH7Ifv03a0aw3yDnvEWJYoXGRkZFU4BxnLl0x8QEUTBOF5LaAIRahOKZ1NYn X-Received: by 2002:a65:5b43:: with SMTP id y3mr3482093pgr.346.1561637022215; Thu, 27 Jun 2019 05:03:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637022; cv=none; d=google.com; s=arc-20160816; b=rATwM1DR5NYGGotK2GOl+/vAf+9nIC9lfUKYNoTmSInsti44iHZScQLN499UPTBwSM VqSIEeEzO8WlSu2Rd8Vm3dTBWTDtLqU/H51TTJcjs2jJ08cy5bBAAlP3TqtTkQ2gU6ld OC/IX44f53xugKA/5e1YN1rW/oM7+5lHwdbpAfxCdaJUMtv2otltruvLrNf3BcgF2TYm 9IjLwK8qUIWQdpFD6bP7/UHStu4bWIRsnh5k32au6WjDe58ORVyk7n0YJKXjvJ65DjcS swOZmop8RuEeKlLytgEjWNKk9HuIsdD4NU2fdaxzbHex+vtwnp0VBifh+j9UD2t0uWhg FQhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=nRSkthjePIj7g4MPUvkNKe1xlTbjlaOSbMbpn6GWkys=; b=Cjkss09LyROouZ38ApwLBS2+pyMOvtLRIDmZgDmR02hc1MIPN5CNu3ApYxOrWQVcaX ytTn4DB9SqHfFlF9sghbpHiS/2PjhxXOexLCMWsIZX4rcjKCwyNC49bYpRylhOl1xCaN 8HTiIa3xL/O2NTUsU5nWo12ejAT8vDx6xRToKDlgOs6N4s0v+MdbeFp28U6zAVoLkhrx VuL5JUzWX3L/fzzgpoA8hD6zKswg9Ath7D87D/w1/UU5hMtiwwVYL3IE9WcCghyUMOMa C1M2u965mwAJgWNdnIWvlXJX5QDhuEOqB5CUs2HBsbTiAyomiWo8fPxl/cevC71jAhW3 pvYg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="eUw//aDf"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.41; Thu, 27 Jun 2019 05:03:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="eUw//aDf"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726754AbfF0MDl (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:41 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:33228 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726711AbfF0MDh (ORCPT ); Thu, 27 Jun 2019 08:03:37 -0400 Received: by mail-wm1-f65.google.com with SMTP id h19so6920241wme.0 for ; Thu, 27 Jun 2019 05:03:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=nRSkthjePIj7g4MPUvkNKe1xlTbjlaOSbMbpn6GWkys=; b=eUw//aDfanezv6Mu7JNEFlS8yfPy9YrpfjEmEwHF2u84mezCx8cXuN9i/Cw1//+mK6 y09QMp0fMIGyeY2yNsc1Ruy/CsutxsDPbv0SHRkKHb2KGiZq6UktbqjsS0VJv658sukX QcmeaLC8qKDLXhwgMEY48CDaVHxMxmDOSLxCLNzrOoFLRITvdY2j0X/AyUQFny2QaEux CKz+qOfodRGRYCePYbappm+sYCxHHZscra4bPum8wjrlR+tmI/co3Mst2cA5BQH4IFSi iE/DUkTGCPcNGihUK3i/aRTJ6g/p6dxuAOOy6G/of28Pq9EMPKq9FafobPx64NPwueA5 Rv8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nRSkthjePIj7g4MPUvkNKe1xlTbjlaOSbMbpn6GWkys=; b=RLO2z2tFslOzzBVIVAm7u54OwNMvU13qU+3wm+MIThhI1FaV6vgPg9XVKRIm7+M0x3 Bqe3gENw/dtsnJw5ePRXZn9YYdpKX1uwku+gjCKVhwFi78ba2L37kfik/WEAWpFlGU4x vuIj5v1ke+bMVxvxDVSWLyHNUA36H0RxTn+xEah5OUEEte/KNadMc8bZXwNgxuiNdWra CRp5OhPJTUBDMgg4gQMKDSo3RBxMcoicik81g2EhqR6EGk9/6+53g3ypW3WPWEIm65Da A8KAJdQJOJCsGehAeGD/gTI+owUvkN8jF5+Usn3ZaoKnQiLdtIlvb6ZZ+k/sr7ebN854 HrMg== X-Gm-Message-State: APjAAAWyhPwFPtxQswoDqa1Ndd+L4YqlDR2tC/s9PATjJZhJDiFjXBvx xaudeZlAyrPMZoKjiKAmFIQErZdlQW6Kng== X-Received: by 2002:a1c:e90f:: with SMTP id q15mr3161873wmc.89.1561637015092; Thu, 27 Jun 2019 05:03:35 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.33 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:34 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 08/30] crypto: nitrox/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:52 +0200 Message-Id: <20190627120314.7197-9-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/cavium/nitrox/nitrox_skcipher.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c index 7e4a5e69085e..ab8ac05f00a1 100644 --- a/drivers/crypto/cavium/nitrox/nitrox_skcipher.c +++ b/drivers/crypto/cavium/nitrox/nitrox_skcipher.c @@ -7,7 +7,7 @@ #include #include #include -#include +#include #include #include "nitrox_dev.h" @@ -257,8 +257,13 @@ static int nitrox_aes_decrypt(struct skcipher_request *skreq) static int nitrox_3des_setkey(struct crypto_skcipher *cipher, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(cipher, key)) ?: - nitrox_skcipher_setkey(cipher, 0, key, keylen); + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(cipher), key); + if (unlikely(err)) + return err; + + return nitrox_skcipher_setkey(cipher, 0, key, keylen); } static int nitrox_3des_encrypt(struct skcipher_request *skreq) From patchwork Thu Jun 27 12:02:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167940 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249536ilk; Thu, 27 Jun 2019 05:03:41 -0700 (PDT) X-Google-Smtp-Source: APXvYqy7NecJketf3qUOnGFgSkiwxi7R6SzSKmooEjK8tQr/h8AHO1iaz+JaClsVqIJSnDLqpgN6 X-Received: by 2002:a17:902:9041:: with SMTP id w1mr4405223plz.132.1561637021533; Thu, 27 Jun 2019 05:03:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637021; cv=none; d=google.com; s=arc-20160816; b=UIXeNQA7GuNV1Cx/7rrb8bUGfjZJs4du6Fc2HDK7LDRRzU2K+xbZYCxtcx7/HDuUNk Rm6fKelXrU9IzKVQbUPk7lxgLRY24GKKeXs//Q/cJQawHwPuVkGfriAV1ggXaig6Jgce cNPNns10V8GrpGdVDvemHvTv2uVO3nZoNlm56boxEOuv/prPnVldCn7UgIiL1pAXMHJa 0eSiX1G58bAvRu3m8+N2CVkHDqQP9tg9DivvaG3P+LOskZ2g349A9ic8n7ReZ4EEtvlW 36eZyMjJq6bkHUoAZSDOaWeYGLrC4E2rJ/VMOwB1KLUiCfHOBN/qjtnOpxqdn3BRB3Gk H6oA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lHSDR9hXz2RwY61iATw9G3CVofBqY/r65kgmZpFGRhg=; b=CtPx9Gl9ZZv44UZwhXCjXp9HPUM13G1a3w3F3Rl+crYr8Bdrc7g9p+yV+BWAEpL10c CYi2woAYVFfc+nOEmJPSMCwUIKJOftNvw7YpWuIO20XFrff44V+DjoqSYBkMbJ29eJbe ucmZoORYAJg8H4nVE7m8j4cKEpH6DFG3mOpKLfXUbX+0Xlfbh3OWEoHmIVtjXQ1CouLM 5WcTLnGzaz1GN4COEiTLZNgiR0KQ7VGttx+f2npOxG9sXi1QNapRzkGoiKht8eaQjyL5 RfC+4WFpfjegjFeyLSdMjwyo6xTLvH6mUlRiTLTl3E52Hbt05rlOXa0W9Kmz3NaXq22H byWw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=lxl9PrJn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.41; Thu, 27 Jun 2019 05:03:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=lxl9PrJn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726757AbfF0MDk (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:40 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:45076 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726682AbfF0MDi (ORCPT ); Thu, 27 Jun 2019 08:03:38 -0400 Received: by mail-wr1-f65.google.com with SMTP id f9so2222286wre.12 for ; Thu, 27 Jun 2019 05:03:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=lHSDR9hXz2RwY61iATw9G3CVofBqY/r65kgmZpFGRhg=; b=lxl9PrJnhI5+1RKLQdy37HaAxqgTejXCmY77oXYc9yYiUbVPn49XRaatmT+GGeI7du s5aPFueXIDzd9HvnqxGNEspbrLMasMqHr1k1p6jpQNZgEt3mFabaWX/n1DR75ppSHif+ Fy2LrQJIEl6XOqNF2YfJtN2ghAX0m1XfM7teupYfSZ/cGfcjI566xG3HUrJBzACTpEU1 DqoSNy/av/IqQjyBr05PVtLvVQ+erHXjthP3HG48zW0gX3gMvSBWKiVK/bXCA14Jrq0c rFtoQUqamSfQ9+i/Np1nrdnlroxrOMP4Xd3FQrEfMYsdiIvIue1mlUFTb993je4CIrJF nCwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=lHSDR9hXz2RwY61iATw9G3CVofBqY/r65kgmZpFGRhg=; b=UNHRkhb4ubSnx2VSg7mf5dmF8RqyEzzboVu730KCEdYIFyfD5PrKE7MAM6SpzfNmo5 OuwoEkECYWTufrLEt6srJX1p7+2jjWU7yFp6Z8st/m7jYNIps90pbsLoc0ylnyAdishQ e1hPDWvtaBKZyyafZS+PnhxiZYtxqIDOf850VNU7bJQ1a/wNsPbB4M0N9dL4K8X5syy1 peAECNziOMvUeqQAyTaQRT9EdSldRuX6sabJFvIPOKAxfPHl9zNX645Ir9PPrjMv3nKe 2/8tEvc50HV4WZB8V1Ea+sPObSPttKYoukpJ+okTgiYjmjdk48Cu3GGe4NONM/v34XoJ Scbg== X-Gm-Message-State: APjAAAVxL3kMTPv7wzZa15dt/fIJYHObV58GbnYaeJTQG7iTuBy1OLzW c1byDldxZbBU55MF6NuLN5UHvgJmeBNH8A== X-Received: by 2002:a5d:400f:: with SMTP id n15mr3117881wrp.312.1561637016060; Thu, 27 Jun 2019 05:03:36 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.35 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:35 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 09/30] crypto: ccp/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:53 +0200 Message-Id: <20190627120314.7197-10-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccp/ccp-crypto-des3.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ccp/ccp-crypto-des3.c b/drivers/crypto/ccp/ccp-crypto-des3.c index 91482ffcac59..0ca0469d7a1e 100644 --- a/drivers/crypto/ccp/ccp-crypto-des3.c +++ b/drivers/crypto/ccp/ccp-crypto-des3.c @@ -17,7 +17,7 @@ #include #include #include -#include +#include #include "ccp-crypto.h" @@ -42,10 +42,9 @@ static int ccp_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ablkcipher_tfm(tfm)); struct ccp_crypto_ablkcipher_alg *alg = ccp_crypto_ablkcipher_alg(crypto_ablkcipher_tfm(tfm)); - u32 *flags = &tfm->base.crt_flags; int err; - err = __des3_verify_key(flags, key); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key); if (unlikely(err)) return err; From patchwork Thu Jun 27 12:02:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167942 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249606ilk; Thu, 27 Jun 2019 05:03:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqxV8hfaTONcdVX6GI3tJ+cT3JHk8ZvG/DaHCLHXTnJXP3szsZfQe3ROPLNqH6XPtmjRH6oE X-Received: by 2002:a17:90b:f0f:: with SMTP id br15mr5682907pjb.101.1561637024402; Thu, 27 Jun 2019 05:03:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637024; cv=none; d=google.com; s=arc-20160816; b=y8mloiUS5zIwF5hXZbspL7KvdU/u4Qvdpj25sAUjo1pvv6TOkzzD0UuCe62pzlgKLx BXc+jgyXSFEbVf9FKYL59zbq+qhf3GOrLnAjOH55ugqrwgyXwULhaZe08AaVsJ6bNJXu zR3T5e56fJ+sd29V+geM9iuPjSpOYnTHU5brYLBNGgFqIhWDoMHo5s+gZnFEKbsb1Bn6 SjjUc56IXwx45NnOMaKd3UDymayNSGkai39Bt3e8EUaIjZpNNWJY2WcuibFIr6g3nb5N dMvRXR3CSl2TBx0U2OqkAfd3q8qzG9vHz0g536TApn/dN3isvOYI4RsfZO3Fo0X5mSAB 5vTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Bm6gxVeRS4kLY3SOsRGZrbNXMPbJj65KkESLS1B6pM0=; b=zUXD0TySaJFznE9iyFvL0A5WZWt/eSEDDeaiSxsAIUWKzWtPY7y6TzP2w/0UF9mDh1 uqPGx0qBvqlnkHSKKx80Yyt7PR4tuYjX7bDqonzFNePoTru4ClzlpMMzUmkS57BMQSQw X/mSiMz3+mqUe29iT7dZI0Hx5znpm2PCJkmc1SCQ/U3mqGEWDFEt/u9McsfjeOPdKvPR mF2cZ7oKlYF0rldk/7oWbLEKDWwzeTVpjCH3Gqb+d1lDfZiqffgfOOfv5hj39MJ+RMZT qtE1YyKxrbhSoRn/yhcZ7xW08RpofOZfJR+j+orw/9kE3nqvtHD1AZNAWhfqgDKge3g8 rGqw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=iNyT9wsz; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.44; Thu, 27 Jun 2019 05:03:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=iNyT9wsz; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726682AbfF0MDl (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:41 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:38981 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726734AbfF0MDi (ORCPT ); Thu, 27 Jun 2019 08:03:38 -0400 Received: by mail-wm1-f65.google.com with SMTP id z23so5412611wma.4 for ; Thu, 27 Jun 2019 05:03:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Bm6gxVeRS4kLY3SOsRGZrbNXMPbJj65KkESLS1B6pM0=; b=iNyT9wszUH7E0/vIO9JSmmoeE2OJImcnnsfMErA+jjBFD1g8zMboiSwWXBxCHVHVGI LUWK9e7VDUZeBpdWRYJoMqTvf4OdW3qyWck/CB4UI9DK+Mk8Ua8sRMf3y4yROQ+/MnCs 81onjmbASe68efkzssbGLk48kAy1iy8BSw88Y91rQRYfGvbxLQaWyxNpTkJx3aiIc/L7 vUVpYpCh7idrXypRxYLlWxnrl0DoziCZUi+D5eiZ3cPpTO5MByVjUUDFkmQkaWsVolT4 39D7wSKQzd4pSvN91m9AY8xiXXjp9ZJI290R5uXryY0PWzIngO3trDVqi9lyJsMrPRJP nfYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Bm6gxVeRS4kLY3SOsRGZrbNXMPbJj65KkESLS1B6pM0=; b=RpR/qriYjsJ+pSohhOVzDtUvibKP86Aqfb0nc+83vLDknGXDxFzOJj7R/eH7+oU4+h 30lv/TgZJquIk2Fg56lvoHRGRBBECEWjwsM/zMJ6T606rldTKVJ9aYJxy1oIZuYcWPaM QzxhTc1m39/611hGagFs5VDju6vUKZMJxri3uKW7qWt8bFfdRpDktFgDx8O/zJ6QsIGa y3YTw51ehH+BSOLWjl4tonPHxiPyhJfFvWepslBBQooHwKDDLOjMDN45SOIiPcJe11BA dWdAO68QyyOoi1aGoLkkrrs5qaehfk/HAvVmic2NEnQTimAVo7U+WJyX95JnCbT8UyzM Y6eQ== X-Gm-Message-State: APjAAAVTVMGVAsUPMNASMzEbnC1vK8cu74i8NQCxVVACsVPSQi9MIhGI 28UjaO1yhPPlVNDw0NZt1PjdV7vlvqzYUg== X-Received: by 2002:a7b:c347:: with SMTP id l7mr2909276wmj.163.1561637017011; Thu, 27 Jun 2019 05:03:37 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.36 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:36 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 10/30] crypto: ccree/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:54 +0200 Message-Id: <20190627120314.7197-11-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ccree/cc_aead.c | 10 +++------- drivers/crypto/ccree/cc_cipher.c | 15 ++++----------- 2 files changed, 7 insertions(+), 18 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c index 7aa4cbe19a86..44c621030adc 100644 --- a/drivers/crypto/ccree/cc_aead.c +++ b/drivers/crypto/ccree/cc_aead.c @@ -6,7 +6,7 @@ #include #include #include -#include +#include #include #include "cc_driver.h" #include "cc_buffer_mgr.h" @@ -663,7 +663,6 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, unsigned int keylen) { struct crypto_authenc_keys keys; - u32 flags; int err; err = crypto_authenc_extractkeys(&keys, key, keylen); @@ -674,12 +673,9 @@ static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(aead); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(aead, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey); + if (unlikely(err)) goto out; - } err = cc_aead_setkey(aead, key, keylen); diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index 5b58226ea24d..dc30f5aeca10 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -5,7 +5,7 @@ #include #include #include -#include +#include #include #include #include @@ -411,16 +411,9 @@ static int cc_cipher_setkey(struct crypto_skcipher *sktfm, const u8 *key, * HW does the expansion on its own. */ if (ctx_p->flow_mode == S_DIN_to_DES) { - u32 tmp[DES3_EDE_EXPKEY_WORDS]; - if (keylen == DES3_EDE_KEY_SIZE && - __des3_ede_setkey(tmp, &tfm->crt_flags, key, - DES3_EDE_KEY_SIZE)) { - dev_dbg(dev, "weak 3DES key"); - return -EINVAL; - } else if (!des_ekey(tmp, key) && - (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; + if ((keylen == DES3_EDE_KEY_SIZE && + crypto_des3_ede_verify_key(tfm, key)) || + crypto_des_verify_key(tfm, key)) { dev_dbg(dev, "weak DES key"); return -EINVAL; } From patchwork Thu Jun 27 12:02:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167958 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249551ilk; Thu, 27 Jun 2019 05:03:42 -0700 (PDT) X-Google-Smtp-Source: APXvYqwiGzbw1pvPZyFhEnPaD9lq1XYLYvTzhG448nDYo5PwbsvpHTIiTRV97lRnqZieO7zHt/gq X-Received: by 2002:a17:90a:2385:: with SMTP id g5mr5839168pje.12.1561637022574; Thu, 27 Jun 2019 05:03:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637022; cv=none; d=google.com; s=arc-20160816; b=Se2/LzHMbguhABY6E2I85wLHcUFJCmPYBqRIwft4N9IF1hMdknuhlDYLT66E8tIGY5 pBndQ0IZUyv3RODfOGSpn9GyzguS0llPIXgyKJ8gyEvoW/vHk8n5GSovL9mwHswD6tir lH0D2VkZevzxIxc6e7VWuQ/t60MqfKt+qrydLDpGMsj+jkewfRmF6V+HPG1PvlfsYBq8 GgIfwxoVMaA30awIO0x+hoF/TxsdgYb7bKucyDSlX7gg61YfxIm5kWnctJlJhHAUSkBn IKtgLkJNjIROOKfPX1GTmhN5o2xEaKkqMsIVUw3O2pb+sZrqtw66VcROpAOfQzRTDLsP Ap8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=0BmAQ2xBY6YvXGaq2o5vjDuCRmHdlrsYW9+Mlp1M+vM=; b=FqUysQ46BxMsDHzPYDq4PaclabwshUyYXGp3e2W84Al758t9MYeH+TtNwXBwsCD7VZ /rlbzv6CkLkRIhF8+Wc14L8I5hYqfNbfuoXJT+RupoHK7UYBtdK3n+9r3n8I0uQP3Dq2 CUfWp9ypjYOw9jlXsjKL4DKgDq/s/lh9zz6N9lcweo7Z4PHgOp32RY7das+lObukSyh5 TrU028F4EUcAfnyAFtfzSJv6LV7ZnCnRlbkDD9m+nyH4kjGozcvg5M9p2K0y26CB4Cgx IQOFkLOzdxo1ihs+5/kuLbpyzi+RDUbU+3FB/NBBvfhCn6q0mrImkHfj6apOv6em4cVS y0JA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=b1OjzH+i; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.42; Thu, 27 Jun 2019 05:03:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=b1OjzH+i; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726711AbfF0MDl (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:41 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:34914 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726748AbfF0MDl (ORCPT ); Thu, 27 Jun 2019 08:03:41 -0400 Received: by mail-wm1-f65.google.com with SMTP id c6so5427968wml.0 for ; Thu, 27 Jun 2019 05:03:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=0BmAQ2xBY6YvXGaq2o5vjDuCRmHdlrsYW9+Mlp1M+vM=; b=b1OjzH+iNBCvpUvpJm9oA8voc14pDPqhn1XM5euaGAbwZnzuDSu0IIQfGaObCMQaUX A6H9o4qZ3wAPn17/eb24RZfcRmiO0LV4D9PlSlAwq5OzLHdC71R1pMEE4oXvHbcYTrJc aE1BjMvoM+StJfklpMlELp6bopgpWQB3kgQ1v9sp2wtpW8jLgvRlrcCxAQ3kX5f8V83g tg4YSioxp6tw6ShbqpIDbQh4T8GU8Rrm/dHbPpXwzsFnVw/1eAnpYX9KewEH8y9SN6zS fa98+B/yssJ6gffgvzqtffu1g4unzVXJDeo72QZ6L7PGM6IjTR7RNrZe2ZIS5udMfUJx ozZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=0BmAQ2xBY6YvXGaq2o5vjDuCRmHdlrsYW9+Mlp1M+vM=; b=g9vhulc3bIHyOXYoSm5CIQmA4ZZxAALVnNtkoLs7WT3lGc5BbsSOGmm8M6Yfp5Uwd+ 6fZVw+XjRSR8ESgaJ+XXZPJhCz1kh+rdU9ZJeci0R64R/UD0++zacD5ftGEsg2o+Symc SODnclen7iZFlFD2Kblg5oOuZWaO30fN9pdeuDJvFioSkK4+e02cOi+H/0W+yGvfEgrJ joFlTSL8DflvNijKGlbSDI/limYMdRfEdcGZwclbeM6G0gLK5zHijl9Wpj3X3GgY0wEz xHqYKPrFqhhH7D0GPYzC/KnLHRrxmS3VPVW8Dmu+i38nR7m13BJEQbsCQ0OIfliEdzc5 PyyA== X-Gm-Message-State: APjAAAVeeQHTb1yxSb7yU9Vtcv13WKsYl6lWR75iL7JSfTqYHSKCX3cE WAJyglcwoj3mVJpeY08xy5S6f96Unoj0cA== X-Received: by 2002:a05:600c:20c3:: with SMTP id y3mr3136453wmm.3.1561637018471; Thu, 27 Jun 2019 05:03:38 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.37 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:37 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 11/30] crypto: hifn/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:55 +0200 Message-Id: <20190627120314.7197-12-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/hifn_795x.c | 30 +++++--------------- 1 file changed, 7 insertions(+), 23 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c index d656be0a142b..000477e4a429 100644 --- a/drivers/crypto/hifn_795x.c +++ b/drivers/crypto/hifn_795x.c @@ -30,7 +30,7 @@ #include #include -#include +#include static char hifn_pll_ref[sizeof("extNNN")] = "ext"; module_param_string(hifn_pll_ref, hifn_pll_ref, sizeof(hifn_pll_ref), 0444); @@ -1948,25 +1948,13 @@ static void hifn_flush(struct hifn_device *dev) static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len) { - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct hifn_context *ctx = crypto_tfm_ctx(tfm); struct hifn_device *dev = ctx->dev; + int err; - if (len > HIFN_MAX_CRYPT_KEY_LENGTH) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -1; - } - - if (len == HIFN_DES_KEY_LENGTH) { - u32 tmp[DES_EXPKEY_WORDS]; - int ret = des_ekey(tmp, key); - - if (unlikely(ret == 0) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) + return err; dev->flags &= ~HIFN_FLAG_OLD_KEY; @@ -1981,15 +1969,11 @@ static int hifn_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, { struct hifn_context *ctx = crypto_ablkcipher_ctx(cipher); struct hifn_device *dev = ctx->dev; - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) return err; - } dev->flags &= ~HIFN_FLAG_OLD_KEY; From patchwork Thu Jun 27 12:02:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167945 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249642ilk; Thu, 27 Jun 2019 05:03:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqwKSFLLizbD5d96isyBuAfi9j/arWuMuB7Hbi0rzH7EvCcf6JV77v9AjgjKaGwbIhd8SXD8 X-Received: by 2002:a65:5c0a:: with SMTP id u10mr3573558pgr.412.1561637025909; Thu, 27 Jun 2019 05:03:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637025; cv=none; d=google.com; s=arc-20160816; b=M3I+to1S9yuxw/vr5M2lFbt73cjP92zdjOzUpHSr55HuzbaoZkAKU/pDKNRNKgqXwy l6dgRK6jWDzknyajA0uxh6FsdQ1XJmE8OSQAssdlbx5OF7KQQLy7FlkggHqYpp8NqSSn yH89sqkmNnRI84q81suNWciUnZY6TXBqE4grP0VUnDmz+XHuJaFwblM2WxGTcWsL0TxM W6L3zX3nD7i5u9L5s21vHS0unGs47DC19U+ZFJjrWHgGuFdKJSXPzEYhflC98gddGRNL f38phaGB0ePcvyXaImoLTK32qnc3X+i+FK3lECyAuXmAfSjMWQY6AnsFcAkPNXCrmDIn F1Ww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=5HboD4VROuuvSQnBndoFi8xj33eFhhiW3nT7m1ffU7k=; b=htmWSiEOcOvxPIf1tdOKnrikHhNtII1xBhS5eKlGYD9I9zyJo2Em3MW1BHHYSL2HCJ hMk4Z1hMFk+oK9X4VejngtGg2QcTu1k+DLZ7L76tA5KXpRL3iy5swtTaJYgJiEqqEaTO 6mBzf5Au2KI1SvZNeFxSfMe2Tk4BFUmub6gUrbEjF+tH7VVgN8VqGRXBwGkk8f9FMxlc syBIU44/ctorV4n7Iha+jH8kkULhu9nJyOIkCQm4lLjlH4fOVvfcbmoTL+ZyjC6sNAp9 c4xyUBUdICyoPifv9bfrAuhf+8jtm8Ppyf1pbWxwDuNjjUg0VQm3VDP3vpqQsWT/dpKC ErvA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=GJhQ+Fpq; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.45; Thu, 27 Jun 2019 05:03:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=GJhQ+Fpq; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726681AbfF0MDo (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:44 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:38009 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726781AbfF0MDm (ORCPT ); Thu, 27 Jun 2019 08:03:42 -0400 Received: by mail-wm1-f66.google.com with SMTP id s15so5396632wmj.3 for ; Thu, 27 Jun 2019 05:03:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=5HboD4VROuuvSQnBndoFi8xj33eFhhiW3nT7m1ffU7k=; b=GJhQ+FpqiHab2q5JhLnWlOyLkAry3iAr9aalzJlVBsh1Hcjxv325F1Bf9LzD/qa0Ea 4rPX2/Vxhz/pWtDM396oz6BFsNIazAXKh7qW+Z7pzZmyQ5L/rJUc7qzA3hCOEQ+PkoDz C+rn1fpBNo5ZTMccCSSFAkyaZgRm8jTHG3FejczhsXeymnD6ruiTuh1fLc+Ye2L+johb 7wrzfuz5zh9WEaQfyG3DFuH25HJDeRosEI3E0gSx1gHoXIQj76YjKiIbybzQmbizzN8q hO7Xv8Lt8MpC5MlYcbv5j37b5ynKWQVLUCjUikNQ/kqsOfOZEJF/f5rM4N7f4fRxMo3J nPUQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5HboD4VROuuvSQnBndoFi8xj33eFhhiW3nT7m1ffU7k=; b=oDizvcdMuAj1fS58AjTWNntq5qlANn2XqDGBxZsFrfZ46hpZlM89ye7PM3QJ4OmlA1 8A7UvIODkPwl57x/9Jf+zcd6xc3oDmGCNT6lwmFKsKk3JdBNbegEj6cYlgs4CzNpcTBe 5fg1vA/M6/omP8JcZEBkci6v5+ABEeawQkeVCesIgyR2Bqj3ha1QzFyNFa5undmTw119 h635Qx1ktR7hXNZYS0aMtyWt07Cb+/Lw6mG4cSgFDazapxOMvQYJOU22zI2rAZkH2O/e owsQW5mmdWHUNUKm+cyhOm+vSlw/9G3MmbXILPagcS3DLDx4PQ6ZmlQYgMZuTC8EIi88 jleg== X-Gm-Message-State: APjAAAUUWl0OP4vKKrtLid+zEagSn8Wrb9nQU1Ns6drtwNjBHvOyrfSd CaNhbAMgtSw1nrTiIa5Nho5wOsNyrN8hgg== X-Received: by 2002:a1c:a483:: with SMTP id n125mr2957518wme.3.1561637019648; Thu, 27 Jun 2019 05:03:39 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.38 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:38 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 12/30] crypto: hisilicon/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:56 +0200 Message-Id: <20190627120314.7197-13-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/hisilicon/sec/sec_algs.c | 34 ++++++++++++++------ 1 file changed, 25 insertions(+), 9 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/hisilicon/sec/sec_algs.c b/drivers/crypto/hisilicon/sec/sec_algs.c index 02768af0dccd..0dc828b9c4a1 100644 --- a/drivers/crypto/hisilicon/sec/sec_algs.c +++ b/drivers/crypto/hisilicon/sec/sec_algs.c @@ -9,7 +9,7 @@ #include #include -#include +#include #include #include #include @@ -347,8 +347,11 @@ static int sec_alg_skcipher_setkey_aes_xts(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_des_ecb(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - if (keylen != DES_KEY_SIZE) - return -EINVAL; + int err; + + err = crypto_des_verify_key(crypto_skcipher_tfm(tfm), key); + if (unlikely(err)) + return err; return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_ECB_64); } @@ -356,8 +359,11 @@ static int sec_alg_skcipher_setkey_des_ecb(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_des_cbc(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - if (keylen != DES_KEY_SIZE) - return -EINVAL; + int err; + + err = crypto_des_verify_key(crypto_skcipher_tfm(tfm), key); + if (unlikely(err)) + return err; return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_DES_CBC_64); } @@ -365,16 +371,26 @@ static int sec_alg_skcipher_setkey_des_cbc(struct crypto_skcipher *tfm, static int sec_alg_skcipher_setkey_3des_ecb(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(tfm, key)) ?: - sec_alg_skcipher_setkey(tfm, key, keylen, + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key); + if (unlikely(err)) + return err; + + return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_3DES_ECB_192_3KEY); } static int sec_alg_skcipher_setkey_3des_cbc(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { - return unlikely(des3_verify_key(tfm, key)) ?: - sec_alg_skcipher_setkey(tfm, key, keylen, + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key); + if (unlikely(err)) + return err; + + return sec_alg_skcipher_setkey(tfm, key, keylen, SEC_C_3DES_CBC_192_3KEY); } From patchwork Thu Jun 27 12:02:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167943 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249616ilk; Thu, 27 Jun 2019 05:03:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqx9d//AQbifqYRgYxxnCwf/MuVGp6XRekAFM0A/4OS0DKZLId0S2xy3J/Yn3bQ8PUUT/QDN X-Received: by 2002:a17:902:7787:: with SMTP id o7mr3996513pll.120.1561637024802; Thu, 27 Jun 2019 05:03:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637024; cv=none; d=google.com; s=arc-20160816; b=npkzjb3Wcz1uSWxwInjr8XvOArZAHcZspMEgiooL2+M4i3D9LsB+58MpEdxGmVIMoS RGv+BABAAkurA8sz/xd9FqUKGLjYApLb5vA5WSsf3b6z3iBYxVDN+McqZ5Vc7O+97Iz3 +EL3QvHFsn46K1px2C/urCjx/pM6mS9LGYWjh18txxEAClAlrI4E7R638Fgt8/QtuTBh T6g0hy1N1cQaNcM7jj6atmWUC7lBlINsWBO73MQzsCvGF11iqVCxvcfN3QY8FqVpUsm3 MDxXNWb9kmvQJ0SpeOlGqkFXubpzmSRRSK84QrGrfvtRRkLR8gzVn16wnItGahP7WW9p yh9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1NLX7Ssyb/ZRxNU0BkyKxeA/jE2yVM/zXDvF/QseuEc=; b=sFn/q1EbpGouj1Bi3+ecxEIchSqMI8dVOSWaOUVbzMYfIONj4AGIqhGOgCCOoI3WLN Mj+zFgFMEDeYRsceTX/5niGRzpDiu+PBLs9y/AmEZeUf8NS+Z8aw2Sq/ESnTiOw3gLPi wcYdp5+0r/qxUGa4q47sVuRUjK7LS8N3TVYPqMD2UiLmpcBndofghwLp6MJkwOG8Dpkf rCYVaqJ0T6JxkszFjw1VfIgNMSjZN6Zx0GukxXBtJHPNotwJsPVjiDKdidnqIrvWjvTN HsXZRUOALFJ55SvqHgpVR+QL3dNebw2QSYu4GfC9+aAi09Zl5LDQ5eEpTHXscUpbnXwQ tmhQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LAQBgYmw; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.44; Thu, 27 Jun 2019 05:03:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LAQBgYmw; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726807AbfF0MDn (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:43 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:38011 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726748AbfF0MDm (ORCPT ); Thu, 27 Jun 2019 08:03:42 -0400 Received: by mail-wm1-f65.google.com with SMTP id s15so5396678wmj.3 for ; Thu, 27 Jun 2019 05:03:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=1NLX7Ssyb/ZRxNU0BkyKxeA/jE2yVM/zXDvF/QseuEc=; b=LAQBgYmwtP4sWR8noB3cdXUnjN20iabZXLL0X6sYXdfj5VetQoLy2EiVY3kAr0YcpT wIbaMxQBhESZ8wXt75FZ+FOfSFNqLyHze/yHqT38qSHM9YV2Ctjre40+7XOMcMCjwkrf ZokHTBB5saMNSpfmoZXu2ndC1Rr0cwVxrtUl+O0JMZ8Uc86GOK5cGGjOFgLPoF3FKbnf rn707bfGaf9tpDN7HwamTuPOisWjdd6o7KCdj0hZZesJbfniSElbQDaQjSOeEEKoLgaG mVoV/oLN+tUexz7eeg6AorIipjkDjNj/zGpbPKwBAfPEUpdHls4lkAAMblZxMQJf36dm upcQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=1NLX7Ssyb/ZRxNU0BkyKxeA/jE2yVM/zXDvF/QseuEc=; b=NLcVsswUDLNOYgUbX1zxo17bTeTvTmO6uuXWs3Zp7LYrJN6OXuoYRCo+qU+PeKMKTd ZJY3EWViu0aGkKslyFnB71paISjJmkRefv1L+93REwN6ZtRFjETkaKD8bcTMkPpT2DhX 1oJ4NVpGXsYW2iMm+x3OipANsVk7sKY8RpwQDHdLb2udlGOx9tuox9nF4JZhamlJQmWj ftaZ1AwmIF7a2D0ks0F7qduYzLDV0I8XUZpfDJSN6ujtmCv3EScfpWvxZJjrpC/EagND QPRx5F83ExzkLxuuBVVVJwTjQ/4Ib8pcf8d8+Vnsjsxxkt/zr9ykK2VLSgplpsgz8HBB RRAA== X-Gm-Message-State: APjAAAXXrrXF8EqTYM6ceWMUEU1qs36nzsER0O+WAFgZTeghASGYTtgq rK2we2j6kMoXsAaGHu1Wjkh/xBeBW0k6Dw== X-Received: by 2002:a1c:b146:: with SMTP id a67mr2951463wmf.124.1561637020766; Thu, 27 Jun 2019 05:03:40 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.39 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:39 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 13/30] crypto: safexcel/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:57 +0200 Message-Id: <20190627120314.7197-14-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/inside-secure/safexcel_cipher.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index 8cdbdbe35681..e6f00b56f063 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -963,19 +963,11 @@ static int safexcel_des_setkey(struct crypto_skcipher *ctfm, const u8 *key, { struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm); struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; int ret; - if (len != DES_KEY_SIZE) { - crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - ret = des_ekey(tmp, key); - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + ret = crypto_des_verify_key(tfm, key); + if (unlikely(ret)) + return ret; /* if context exits and key changed, need to invalidate it */ if (ctx->base.ctxr_dma) @@ -1074,7 +1066,7 @@ static int safexcel_des3_ede_setkey(struct crypto_skcipher *ctfm, struct safexcel_cipher_ctx *ctx = crypto_skcipher_ctx(ctfm); int err; - err = des3_verify_key(ctfm, key); + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(ctfm), key); if (unlikely(err)) return err; From patchwork Thu Jun 27 12:02:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167944 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249635ilk; Thu, 27 Jun 2019 05:03:45 -0700 (PDT) X-Google-Smtp-Source: APXvYqynm9TGSOw9SEJIKIvwuDFsycoUckj1USCzNf+cD2A4UBAQ+GxWitRxyRiuTpLnN2/TnWmI X-Received: by 2002:a65:5b43:: with SMTP id y3mr3482337pgr.346.1561637025542; Thu, 27 Jun 2019 05:03:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637025; cv=none; d=google.com; s=arc-20160816; b=IWf8NXpuHd0Lpv39fXTCIv33Gm5zN+pQPt5mc6nmL9n9FG90rx8RrCszmfZj6TP6CP TfJXwHFUZMLXto1tGOIP+RqlD5X7kdKhMyqogUKLuocbPx6gZTzdpbFgZXlG9N580svP ZC8NTsPN4OdW0hWv6H/gbASp4Uirz7jSwVcKWiYWPocbgby4tMZgP2czr3g5zLaHSTMC oDChD47dfSWG9Fyih8rxoYL3g/lH0vfGHDNOf1l9/bOkx6kHTClBuWNos5B068w0EYsB bpEB/CLhp+2MTfRqI/ixVeOhpG4rlmErrTq9jQ8HmNvjqaAa9u0iwnj/Oavv9BBUkB6K TjnQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=nrs4B81hCM9/q01U+UWQiaDxCfGgsj9EqtgRRqSeyuA=; b=0U6B0SVWEEZSAZEYC/r0FQGT85wXjvuVbufnnIpIdxFOFLFyisWnDFyoISJ/wUwwd4 +Im+aGVBqMU07JWXJPmJVgo5cyL4krOIc4twxerEGc+TmbSQg21m48/zxaw5WXTQoPPO 66L8HQj+XF59cnqnVc7H7pOLxSNkQ6W/gVmzrw7UUgO9A8g56wEGnB4tszb4Quom06yJ KkVsje/6qkAXwibNQ/tWIsgZAWPSxqde/qLnx4xRqNZboYi3RoU7KiLwck3orT/cL/PZ IKVvv1y1BRaL47OJkXylawC406yK8G3igpPZFP1XBYvxgPV5y9BbYxNRv2fB4b2IeUmj hbDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=kNHW3hqr; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.45; Thu, 27 Jun 2019 05:03:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=kNHW3hqr; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726425AbfF0MDo (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:44 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:43631 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726798AbfF0MDn (ORCPT ); Thu, 27 Jun 2019 08:03:43 -0400 Received: by mail-wr1-f65.google.com with SMTP id p13so2235827wru.10 for ; Thu, 27 Jun 2019 05:03:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=nrs4B81hCM9/q01U+UWQiaDxCfGgsj9EqtgRRqSeyuA=; b=kNHW3hqrFhAgO6KQp6qVROcqY+QRGLDp8O9vZdpQrsbW+4kdXs9ha0nTT74ZR8CKMM qZKoJHcRcQ6KQKUf2u+E4nFSg6wXZwjIgxFKL2hH3r+U1/ol4xPijth//D4F5itXLv/+ PsfBnFurbsaElezKrdSNiAsrCzTxg1dneIRCP+tOOkUYvp+TugVEMkdrhHrRVOJmI6pV 2JrdI+lnoFdBHalq7VexnvAlSgHazj9k+M7wH4EG94MIpbCkV77x+tPifJ+FDnkeWd7H nXUPaEE+xZ66MjtkbSAZuR/BpOta7xd+jQsz1XUZgfrbA2x3driw5h0s05r3+HGK4uvZ QFag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nrs4B81hCM9/q01U+UWQiaDxCfGgsj9EqtgRRqSeyuA=; b=rzRr8m3h2nC9Oqb2wXfNYlVoXIXGfgBPaoDo+i0q5agfsZVCZsLxlWMHy64hdzqzC5 BSdbShkaG5g33MRzaBQbWjxWjAjypgJc8ca6ntPASDTftyLGOP/Yd3oftxkPtXarH2je WzP6oVEXgp4uEGBAw8CpvpHpv1NJPhwgnwlfs/M0ZgMk2h0v/WuoJxfpj1BriJg87i8c u/R7UA3h1ZyybtKP4jSEgCFw7FVX5D4ToF8iOplbhulS0Wh0BCDtxRLcz2HYOvVY5YBj BDTZYNG9zndLbps16W/AMPyCk/FugzIu/D/veV0REb+SBQFNOBvo1ktOXR1m5NEp/Y+f 2ClQ== X-Gm-Message-State: APjAAAX5rHjIWgxTVopeVbaKiyiCnI6HuYAXSOBCco7K3ifpch5RbL50 jl1Re/gach/0lrmraFbB/lCTwSG5JPuNpQ== X-Received: by 2002:a5d:4302:: with SMTP id h2mr2730993wrq.137.1561637021834; Thu, 27 Jun 2019 05:03:41 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.40 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:41 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 14/30] crypto: ixp4xx/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:58 +0200 Message-Id: <20190627120314.7197-15-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ixp4xx_crypto.c | 21 ++++++++------------ 1 file changed, 8 insertions(+), 13 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ixp4xx_crypto.c b/drivers/crypto/ixp4xx_crypto.c index 3f40be34ac95..f7642e3848b8 100644 --- a/drivers/crypto/ixp4xx_crypto.c +++ b/drivers/crypto/ixp4xx_crypto.c @@ -21,7 +21,7 @@ #include #include -#include +#include #include #include #include @@ -760,10 +760,7 @@ static int setup_cipher(struct crypto_tfm *tfm, int encrypt, } cipher_cfg |= keylen_cfg; } else { - u32 tmp[DES_EXPKEY_WORDS]; - if (des_ekey(tmp, key) == 0) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - } + crypto_des_verify_key(tfm, key, key_len); } /* write cfg word to cryptinfo */ *(u32*)cinfo = cpu_to_be32(cipher_cfg); @@ -855,12 +852,11 @@ static int ablk_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int ablk_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int key_len) { - u32 flags = crypto_ablkcipher_get_flags(tfm); int err; - err = __des3_verify_key(&flags, key); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key); if (unlikely(err)) - crypto_ablkcipher_set_flags(tfm, flags); + return err; return ablk_setkey(tfm, key, key_len); } @@ -1185,7 +1181,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen) { struct ixp_ctx *ctx = crypto_aead_ctx(tfm); - u32 flags = CRYPTO_TFM_RES_BAD_KEY_LEN; struct crypto_authenc_keys keys; int err; @@ -1197,11 +1192,12 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, if (keys.authkeylen > sizeof(ctx->authkey)) goto badkey; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) + if (keys.enckeylen != DES3_EDE_KEY_SIZE) { + crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); goto badkey; + } - flags = crypto_aead_get_flags(tfm); - err = __des3_verify_key(&flags, keys.enckey); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(tfm), keys.enckey); if (unlikely(err)) goto badkey; @@ -1213,7 +1209,6 @@ static int des3_aead_setkey(struct crypto_aead *tfm, const u8 *key, memzero_explicit(&keys, sizeof(keys)); return aead_setup(tfm, crypto_aead_authsize(tfm)); badkey: - crypto_aead_set_flags(tfm, flags); memzero_explicit(&keys, sizeof(keys)); return err; } From patchwork Thu Jun 27 12:02:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167946 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249653ilk; Thu, 27 Jun 2019 05:03:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqzo2B2nSje1tLcjbSEGREQs/o1HCezUNTDd8wJZFOrZlGOiB2D6/qrcVeEjQV7lbYzhu7OG X-Received: by 2002:a63:fd0d:: with SMTP id d13mr3562419pgh.423.1561637026297; Thu, 27 Jun 2019 05:03:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637026; cv=none; d=google.com; s=arc-20160816; b=gEeAzJxmYiDj0xq8YdlxFnehj9lK6bT1zgdIUa6xIzppoWiAOAszkS8ygyI3vnCCB/ YqpQuCZKxYFvmRlQEpD41scFfJdDvBue5PkrAnPay716XKbV7+GD8GFSUkkwqbqkK9xa Lt9mpPIW9WzPfRG2uvRwWjASYkkza/Ggb9er8nUTlVBmbL3O8k+N9DguvaOPSJNqQttH gLxKEuE5SKH2pP5Zn36sCPJD5aYrfRac6I5PsL8GqS4tTRe+gottZfXOfz5SZHOiEDa4 qF/9erMB/as5KlG8NqBtI0INcua7aKUuplI+D1WQPtb5NEmfpJrNeSKAHZixpD9f6BlV p7fQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Etn4shY5XiZq8od7GrHPK2vvKa6M5pcmxZ0giOOWz20=; b=nbkImEHIoGemGZYn/JGcCSaUZszRailgm8PT5bsOdOw4MUld5wSse1Bd3o4BxV0VNg Hai0c1zi31ysPR8FIc9eynSE6JKwb4RC2Pzd22g9Nn91aeG3clRwUgSYItr+uJrY5Mx6 w47y+2foV3J6fAt4NwyN7eFw0DAEK9PrJyAap7WGJuOrmqiGbiQHdTQ6c1Erp9TZD5PZ cyhOAqBC1rKsdpEd4RZBxVHBRIOezptf/Yfcpe3OZl7UKHyp4FNXOqZbQQq2YKk70ocw fPRpcY1pgkNMe/R8xvGQN3BSET6q+BzFKhphq5zknihuW6KZQ0u2FS2Y7E247b5Jh1P0 uC4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=qjTNGrzP; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.46; Thu, 27 Jun 2019 05:03:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=qjTNGrzP; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726748AbfF0MDp (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:45 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:34048 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726801AbfF0MDo (ORCPT ); Thu, 27 Jun 2019 08:03:44 -0400 Received: by mail-wm1-f68.google.com with SMTP id w9so6904525wmd.1 for ; Thu, 27 Jun 2019 05:03:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Etn4shY5XiZq8od7GrHPK2vvKa6M5pcmxZ0giOOWz20=; b=qjTNGrzPjTtuzb/QCfw+Oyux3V8GyRR95w4QWt++x527g9L9iLBtrZJoR3wWyhg1lI oMDgDn5teZTAa1GMYPfWMUx+80saTcbuYWSXc6eEnl7AOIshWY09Nnxt9lPtVjL/8eo7 Yel1T5MsZOJSLYzubqeHWQdxz/tgka5LKZ/flf7w47Sqv0PRC0vgJ7uGPnfAEG3frkg1 1WSF/M7yKp6RE4hDndlvlxeoWSHZm0S6ri01jPT2nqkd31UBy57b7IEYpQe+azo1reWG i1UTNL4JJDKaoHPMGlQRZIdajbePavAdKnznz+U5cU9FabdbFeUtyDgtqXhcHl5A3xLL JgQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Etn4shY5XiZq8od7GrHPK2vvKa6M5pcmxZ0giOOWz20=; b=t8DSs0NPSKGF38ZuMpGAv+1iC0yV8xat3crhvsQTaIsX+f1b5uamasEJyxIuKp8Hv5 hCc4toUFNsKH3kKyOtAFjFAlmmsaUYv3yR6c2o+V+rlq1yaP1JRhiEd6gs5fqOWytqRK hBKa6SEXuSIYEoQPwnJSQs6FbcZ5hGwpa0Au/LCJUMy8L2rICIOI9eDrV/K/13rh5U4G tNubejSizN5bL++O6MFvTKCPLEhp7a7MVvER14D1YBB8npfdSlsgqWrTLUsGJLm3xjdV CYIOTyjsBL6Tvd19J+AgaO1ibX2B6615CbrqxrzojaD5XM6iga3VUQOcD7T3js3K08lj xpeA== X-Gm-Message-State: APjAAAVSD49lcj29tKjYoQiDWneCWwttH+MiqDhaw0Vhy8iRxq/2Nphk WbscSIsd/gSFRe41YDB7LgcEnFAcHOngwg== X-Received: by 2002:a1c:eb0a:: with SMTP id j10mr3226971wmh.1.1561637022720; Thu, 27 Jun 2019 05:03:42 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.41 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:42 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 15/30] crypto: cesa/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:02:59 +0200 Message-Id: <20190627120314.7197-16-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/marvell/cipher.c | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/marvell/cipher.c b/drivers/crypto/marvell/cipher.c index 2fd936b19c6d..718b51675638 100644 --- a/drivers/crypto/marvell/cipher.c +++ b/drivers/crypto/marvell/cipher.c @@ -13,7 +13,7 @@ */ #include -#include +#include #include "cesa.h" @@ -277,19 +277,11 @@ static int mv_cesa_des_setkey(struct crypto_skcipher *cipher, const u8 *key, { struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); struct mv_cesa_des_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - if (len != DES_KEY_SIZE) { - crypto_skcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + int err; - ret = des_ekey(tmp, key); - if (!ret && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (unlikely(err)) + return err; memcpy(ctx->key, key, DES_KEY_SIZE); @@ -302,7 +294,7 @@ static int mv_cesa_des3_ede_setkey(struct crypto_skcipher *cipher, struct mv_cesa_des_ctx *ctx = crypto_skcipher_ctx(cipher); int err; - err = des3_verify_key(cipher, key); + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(cipher), key); if (unlikely(err)) return err; From patchwork Thu Jun 27 12:03:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167947 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249668ilk; Thu, 27 Jun 2019 05:03:47 -0700 (PDT) X-Google-Smtp-Source: APXvYqyFDNlpbQ98jO4r1SMN3l7mrA+dAVmsHK9afvTj+cSMyGH2NSVD4esLGmCb6EUbEmTD0BtF X-Received: by 2002:a17:90a:ae12:: with SMTP id t18mr5807941pjq.32.1561637027011; Thu, 27 Jun 2019 05:03:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637027; cv=none; d=google.com; s=arc-20160816; b=bKOFIn8Goam+FQ8S8g3s0hr3fXhICZhqb/m1Zj78qhpJI1nnrTYkxTpIb3VWVLUKJD hDpLuKaWuGAugeZqDWSZIxAoro3Rs6PLWRmpx9KixGpZwEw+75y+aI3W1URlJRl1JGKB JM3QgS+Pe3DPNIPaA1kDNkhOE39+w9jxnxNbGf+E6HflrofNTA1KEnWGDeG2LpXHh53+ wWhTB2Bfmm3aBlXsvj6O1uL/Ch3JN/bZgmyaEzm4yglUPTyBYzaDWy75CFOO8BO0mvE+ NjU2+x6DrwrVyNx8kjet4w6zcx34cVjD6A8+y8BJZMALIXKgeYsYFlWUfnzgrusSloCK 1I8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=oG9DTc9EahpQGLRdj2tQuSEAjZr8slfDrgTwwpr3SnQ=; b=hOhbgH5R9CPkq5Hm1+FLLmDmLUKoItlY+puYdLj/8ed7CJ1PE+7Ba4o1xzUe8ZLTm4 vxOtXsKqlK0PbGl2tfVJbw4xAjNC1XZtgZnECqKFSXc/kromWdUU17q+MKWfyafONtv7 YZgb+lFzlkc54n8KSUUw2I1DzhibZFyyGfzY8K8amZqcWe960OHkntNpQYonw9tfaNyY xgPvbZO+9aTyEhlSm28z0cEO7y3MqXzFQGJ9psuGluggPuRk5YlmfZjlLb+LsR0vjq2k SFwTgRKgS1uArdJlRVSbC1RgjwT6f0io83cN5zBBct2gGfQxNY656YlvP/HjeXs75PfA UC6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=OibWrrWJ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.46; Thu, 27 Jun 2019 05:03:47 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=OibWrrWJ; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726827AbfF0MDq (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:46 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:53961 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726441AbfF0MDp (ORCPT ); Thu, 27 Jun 2019 08:03:45 -0400 Received: by mail-wm1-f68.google.com with SMTP id x15so5471747wmj.3 for ; Thu, 27 Jun 2019 05:03:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=oG9DTc9EahpQGLRdj2tQuSEAjZr8slfDrgTwwpr3SnQ=; b=OibWrrWJc4eJTybBU/L/T5IjE3SEoyzhROe0PHfBSbZ0BGN/SKA6TC36DmtSZvxTah nHWrEVHbJPZLsXz0o2TLwV164IP5dOCCPInAmH4kkL4NtCG0HBJawbHEaeSWKhf30pIb 85WnRLV/v4q6opXspSDF09Y83eWEk3o2A82J2xkbuMMph52Ja4BE4yYvmhNX+A4lvKX6 CiZ2CvUAl0ty+MWENzla4YcHaDcVstf03ucBm2ev0O5YB40WUXkeU51veafg3Fi5siVK jP2dzfmyDb53dVxBE9G/Pjrtavii2d1Of3ugOczYzPsrBL2Y2xfNS/tT/ubYcZeHX5Jh KTAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=oG9DTc9EahpQGLRdj2tQuSEAjZr8slfDrgTwwpr3SnQ=; b=Bqr+ZWdjxCv0pLGRIxAvRVJs1FkKheSjOFD19XamdG5HNn4nECoFP03H/iTDrTs5j6 aUPRFYiQOi9WbPF3vyR0SCrgvDL377XndMgmphU2NQF7cOm0fkH57ljeG661wNGDzNsv n/34GOK4N0VaStRASge96S82E4O+VO8gpS8Jw9qQ8MbUTwWNJviskQrM8MuYLmCAdrOW lO9dVhGKS7cWG9zI0JWrakBJknJWLXKl2/xgmoPIkkT+w7Xxq8j7Eqi33fyy/0JAsPJg TnwEJI8la3hMDH7z9XKkpIMCQ186ErhVcleN1SuUBUBmqBvSjfCanmAT7wSy+hvHjlsJ xFvA== X-Gm-Message-State: APjAAAX5zyjLfWA7c0aaP+CCziKnm24qx+0KbUa9BkD7l1xwGKZ4RlR+ ARLb1I4cwPCdj7k4Xal+iUgaBrYgyh62PA== X-Received: by 2002:a1c:e90f:: with SMTP id q15mr3162485wmc.89.1561637023784; Thu, 27 Jun 2019 05:03:43 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.42 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:43 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 16/30] crypto: n2/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:00 +0200 Message-Id: <20190627120314.7197-17-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/n2_core.c | 26 ++++++-------------- 1 file changed, 7 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/n2_core.c b/drivers/crypto/n2_core.c index 0d5d3d8eb680..d313958d09a9 100644 --- a/drivers/crypto/n2_core.c +++ b/drivers/crypto/n2_core.c @@ -16,7 +16,7 @@ #include #include #include -#include +#include #include #include #include @@ -759,21 +759,13 @@ static int n2_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct n2_cipher_context *ctx = crypto_tfm_ctx(tfm); struct n2_cipher_alg *n2alg = n2_cipher_alg(tfm); - u32 tmp[DES_EXPKEY_WORDS]; int err; - ctx->enc_type = n2alg->enc_type; - - if (keylen != DES_KEY_SIZE) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (unlikely(err)) + return err; - err = des_ekey(tmp, key); - if (err == 0 && (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + ctx->enc_type = n2alg->enc_type; ctx->key_len = keylen; memcpy(ctx->key.des, key, keylen); @@ -786,15 +778,11 @@ static int n2_3des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct n2_cipher_context *ctx = crypto_tfm_ctx(tfm); struct n2_cipher_alg *n2alg = n2_cipher_alg(tfm); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(tfm, key); + if (unlikely(err)) return err; - } ctx->enc_type = n2alg->enc_type; From patchwork Thu Jun 27 12:03:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167948 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249732ilk; Thu, 27 Jun 2019 05:03:49 -0700 (PDT) X-Google-Smtp-Source: APXvYqzzFNsoMVj1XM+CimuA4kiJPajxJPk2Vbp0vdNVXqQcCUgwafKGT3WnEC9UXH/Ul+DrBbh0 X-Received: by 2002:a17:90a:1904:: with SMTP id 4mr5795231pjg.116.1561637029686; Thu, 27 Jun 2019 05:03:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637029; cv=none; d=google.com; s=arc-20160816; b=s7tokDgV1kG8PXY1gD0wf6eBWkQ2TO0jOy7Htp2EQNmBBETV/W1dOmW7w/MwBQZO4X uxcQJnypXiCRlw5DUKNrtIbeoRIlLypbtZziTqX/BME6k5Og9368quIL1WgiKIzNupa6 wDWv7Y+PS/VGkmUfic5+sqPm2VICMGFvZG1aD7qDzkGFLinB30YH3VcHLBFUrq9jxDZv JTVqSwSQ1FmKD7LlxnsQN9VqSJxEYBLYp8m7yU4ZRFtdo5piMNK/sq2Nymn5jQjbFmFC bsfu08R6bw3IYgDOJmmazudktxSneLINlolnfMXejjh5z8WBI77OGhWKF5nf2AsvwoES /16w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Oh1/+FMGZflC6/DL3pe6jxXhkPYRcs3ldpzq2tGNxco=; b=b6hEIk70FNj7A/PXRhSnZvcWlQtUiLHLZ218pfkxc3hczWiX9h8crhvblrXni6zUvn keqHFM+HwTv/iYn2NUqcuLdA9qfNhUt/SPh3QGPoViODOS2NyObiWcUkkshlUjBkqAcQ mN/h4+QF4y6asLr0kVfQKa+mEqJud6fshHS5Iu46naLfu2z/S541ype4d4koyF/ExdHQ htqz0Y178+klzbzBDhZ852VU0wCMSan81Nr/CfjR6W1gbFLHiDOlI6Y+OkQS23HMxuEk booSP37fDKH9KLhqXW4LD5xsikJrZuVoqBgtJykFLpg72otrLMXdWHhWLca7uOA/rcC/ JYnQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="Cncw1z/5"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.49; Thu, 27 Jun 2019 05:03:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="Cncw1z/5"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726809AbfF0MDr (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:47 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:38022 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726816AbfF0MDq (ORCPT ); Thu, 27 Jun 2019 08:03:46 -0400 Received: by mail-wm1-f67.google.com with SMTP id s15so5396883wmj.3 for ; Thu, 27 Jun 2019 05:03:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Oh1/+FMGZflC6/DL3pe6jxXhkPYRcs3ldpzq2tGNxco=; b=Cncw1z/5KJG2n52yi9NLffCPP8LW3dkFAn8f7GZXrSwKtH8qbQrV9FGNuh2TI2MFhd UAiiQksV6AnjMUXE7Cg78nceiP2HscxigSb2REn9ObbdYnLpygoo2ESfPrQVCf9FATiy ZOnl7CBYJn94IvpFqaEgNOgZ6hvG1eKNdL/3Qri/C5+O5tORKcSiW1jp8Q/F5aMFYtC7 fMb3MQNGI3y+vciYpM0Ot9PPm2jqo8ygf/jpPOGPBjUYw6dVi2DoAhmxcaBnx5/SM03X tPTmn1t4roldIELIqJNXhBACGpjr9AylYgU40lNK3ccOSq5HOxw7dBrPqHoD3VYxrnPL Oxbg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Oh1/+FMGZflC6/DL3pe6jxXhkPYRcs3ldpzq2tGNxco=; b=hdf80zw45hcV76vuZDoIzZH37zH+TeSbuoIKv6ZkD5C8SXxEMgkxVm8yHOHhkGGsfE MCVXRxoqHu6MZNS/6FtvFEDB0anGNs8jeIS/eK7TTUF9J7/czUnBKvPsw7KN/4tHfVGM 12/TeOT6phWOOkY2N3yq+LkpV80LPvKUhTSQHqa1bs+G2PXk61xwbHbrVveXMZbCYEfZ eP3SXJ0dmMeT6vzRu/7Ua22EOS8cSlPNj8UNkdfJQ7W8fapZaq+kFUrnyVwULvwckcn1 eppRBsp8iMNJAa2hBKTvS1HGsJwgm5HBND6aIQTg4++D7dnxnNwkMTj7LByhAsGdsnL5 EGpw== X-Gm-Message-State: APjAAAUqfCHhWabBkbgSwYlG3pUltmFreCAh37upg0K/fMmGXts8oebm p88dOsSIPARGX7Qv5vDAPkDknOou80gQvQ== X-Received: by 2002:a7b:c776:: with SMTP id x22mr2951521wmk.55.1561637024969; Thu, 27 Jun 2019 05:03:44 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.43 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:44 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 17/30] crypto: omap/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:01 +0200 Message-Id: <20190627120314.7197-18-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/omap-des.c | 25 ++++++-------------- 1 file changed, 7 insertions(+), 18 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c index 3d82d18ff810..103b3293c113 100644 --- a/drivers/crypto/omap-des.c +++ b/drivers/crypto/omap-des.c @@ -37,7 +37,7 @@ #include #include #include -#include +#include #include #include @@ -654,20 +654,13 @@ static int omap_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); + int err; pr_debug("enter, keylen: %d\n", keylen); - /* Do we need to test against weak key? */ - if (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { - u32 tmp[DES_EXPKEY_WORDS]; - int ret = des_ekey(tmp, key); - - if (!ret) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -679,17 +672,13 @@ static int omap_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; pr_debug("enter, keylen: %d\n", keylen); - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Thu Jun 27 12:03:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167959 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249752ilk; Thu, 27 Jun 2019 05:03:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqxvxBG7rO4vdGIn7uzcGS7olkGyLGfmMCf10eGd55EKj8JsZSinlVuZSFFbgX/HEHm2eTXJ X-Received: by 2002:a17:90a:2666:: with SMTP id l93mr5609749pje.16.1561637030322; Thu, 27 Jun 2019 05:03:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637030; cv=none; d=google.com; s=arc-20160816; b=eGaP03bDCkjZ5P9GkU2aqadkFdp9V+MJEbYWBjIQBrKQbp+73aobsisUzIZT4PHoWp kzFzMTgMVCwEzT69mjr0mRnZS5oCFsfHxqiIP0XI82yfxlGWcswtq3dz2+bY95iAdh09 ClLly+tNDl4LIkUtmWm5w9W+AiBZT5dw2ABa5RSUsPUKySQy+YHXr4bhdLRd3SmEtS4V rarkECZVvHMaq0FGaAZCMW3QlzDhMnTKEY0gCXAUSVcdsJ9qtxtCR52mxvLA88iYEh9U bd8lxe1D+/YzyxNPmkW45FCtwzJPb1sM+sJ1zcvY6vyzikhpyiFYwXecnSraK0Bjgsxy wJtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=4vzvpbNlXM/Hw5w4oquVPslvZ9C6Vbq9J597bSq4ZXo=; b=ZeqfGCN4PYRBTMHg9lZ4lV0g3NSppz1Ek9paK7gfTwNbWm/qVABx7ZhpjSL+0XK0V6 zE6g1/FFjC0eU9YH0m1LWHPl+PQQKfsNZM/CrMGqkQnnhwFvWCPHEWbEdaSx1paBXxss wnXSds3We1F9QFTwh5dT2/Lh7S9OVU0BGFd+9sCqh/OjqyUxh8hGyMUlHTE2QwTlQAT7 7C8Mx88zUSZw+qNqOeaNrz4FZNLlgFd1nozqPCSw2sXFu5ZWZgylUKvvKqb7ZoFpOFrL Qk7whZZp150Pw1OpAYbjoowIZHXBzNKPpSAamH1S0JhKO7FwQEWnejVfXSGHnzvYQ9PN Fe3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=nQNVnBc+; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m39si2229121plg.155.2019.06.27.05.03.49; Thu, 27 Jun 2019 05:03:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=nQNVnBc+; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726833AbfF0MDt (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:49 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:39862 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726441AbfF0MDs (ORCPT ); Thu, 27 Jun 2019 08:03:48 -0400 Received: by mail-wr1-f67.google.com with SMTP id x4so2256461wrt.6 for ; Thu, 27 Jun 2019 05:03:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4vzvpbNlXM/Hw5w4oquVPslvZ9C6Vbq9J597bSq4ZXo=; b=nQNVnBc++IKzmx+GBKKOODwi6wdMe/pZl/5pyH/5aDmHZ7kgYz5zrpcPmhAzl4gKCz CnBXNSm+XZY0ra6N8UJNVHXxJNw7Sz3tc7vua7CpfUlh7wc4Hs7lBoMxxETLH76FKFJK VSZD3I5SfaAIJJ5lHTQbu5+hvh++ly1DoWAjloTBq7bFaE/1Ei+c62bvAQ+jF6UYaDsf DMtjorNOZUIC5GfHtyh2YOSzsQKsuCimJrmw4UXk1kIUSLPjawYVzQxae7YWcV5QLYio bjF/F4b3rC4qcI2UJfSVMFQwDyRrxxZU9hWFV53OqmVvG0onWfEd/W3Zt5sxfk/1ernJ pToQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4vzvpbNlXM/Hw5w4oquVPslvZ9C6Vbq9J597bSq4ZXo=; b=I08tuTUFwblQnDBc4xB38Jrx/okfYfgK8lAzdJuWRwVTQhqDhYV5KFb36KD9w0hFvW EXxI+UU9Sn5oy1Egw4yNTnQZCRMJncXW61ve98tItPrkoERRDu1ZL5+9FEp/Jb8ntnJy xVJ3EH1eJgvNo+k+TXv8WBO8y1IWevz/wy7ymQjlTF0mEQKrzyuwbYE93jt6tHkqA5qF wBnAXVPOrRy8biXcXt/UceYgF+Oki2zi+PSC0vuIIC4aKCksi0y3pI2914ARnX88KYP9 RAolJHrxzEAMAvFyjHoRzjqLSEoquQgdeUopmpx3YwMoeAC7qbqLQhRfyIWaPbBvnK5G 2EUg== X-Gm-Message-State: APjAAAVsrcFH4azkq24ph3i+RoOLyBV9H4334CjmxdqVPiBynywHGm2s mBkBWQ5xwRV++Ch8QbYsIQkTWD7d58mVfg== X-Received: by 2002:a05:6000:114b:: with SMTP id d11mr2915244wrx.167.1561637025942; Thu, 27 Jun 2019 05:03:45 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.45 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:45 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 18/30] crypto: picoxcell/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:02 +0200 Message-Id: <20190627120314.7197-19-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/picoxcell_crypto.c | 21 +++++++------------- 1 file changed, 7 insertions(+), 14 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/picoxcell_crypto.c b/drivers/crypto/picoxcell_crypto.c index 05b89e703903..31bc23665400 100644 --- a/drivers/crypto/picoxcell_crypto.c +++ b/drivers/crypto/picoxcell_crypto.c @@ -19,7 +19,7 @@ #include #include #include -#include +#include #include #include #include @@ -751,14 +751,11 @@ static int spacc_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + int err; - if (unlikely(!des_ekey(tmp, key)) && - (crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(tfm, key); + if (unlikely(err)) + return err; memcpy(ctx->key, key, len); ctx->key_len = len; @@ -774,15 +771,11 @@ static int spacc_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int len) { struct spacc_ablk_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) return err; - } memcpy(ctx->key, key, len); ctx->key_len = len; From patchwork Thu Jun 27 12:03:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167952 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249866ilk; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqx18dQyC5tf/pIA6/iga3QkO1esuKTHARzzUI0fkEBNGr8J0QHCKnt2vsqs2R22griEP3V4 X-Received: by 2002:a17:902:8f81:: with SMTP id z1mr4176664plo.290.1561637034531; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637034; cv=none; d=google.com; s=arc-20160816; b=c90bd2KvB5tjZjRq4vRLfRbGjYu5TsgMTGLxWT5DoV5wPeWSllDzTBLutCUAMpI3Vz NjhdwKLpXXrsUoWpKuVOFqctQ4HLVvTGyAg6inEU9+vTBU08PdaE9e2RqDK8vsP1Rm1n 9D80Q6UcTOjc0ueJ4T+ps9HPIXRXjn5ZFbtWzlafb8B1h6Hbu08K4QSJmqxwzBGgvJU1 62BuvxqXTIT8yujHcgKn1qj3R9+vhCBozPfKN7vMOVwXUvZxZUHuD7CN3lxpEhEgEdp/ YLufh6lZTJxtAwxyK8fU/ZldZduRWRsiSjMoDdZqw2Jst6Uut/fpWDSyLIriHMVMEwcN 3tJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=VeolJNzqAbHR2k5+QLOu5yeDuXFXjA87uwpAg7wCVgs=; b=l0YpZ1IdBULNcfs0K+I6kav1zelmRGTJO96dLSjMOkDUOJdbmlEQSQ0wq92342TEzk JynoHWMF4uSgVZ8VNgrvgAzuWdc446Uh6kTtW/Rh1jrUubY3iS12xR1PK0nvAE/oLAGh ExN4CI1+uTJ4N7AJHxFapQGQnwsHAV7BnRp3PjrQXFj4DfpLAbEuXzpwJ/iX/S/TnEQM lz3N1zYF0bzk/Vz+FUEc4QPhq0JcPIOF7zxciMs72t5Gz233EmYHxIhrc1G5aNR6f7nh 12RK5MHD0sxbspWCSmh7gdf6YXDeEaiv3UwjvdyMTTUlZMUkb+5XC9lMT4ZhrM1WTIHS OxrA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=F27JwnaN; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 100si2163460pla.158.2019.06.27.05.03.54; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=F27JwnaN; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726851AbfF0MDt (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:49 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:36698 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726830AbfF0MDt (ORCPT ); Thu, 27 Jun 2019 08:03:49 -0400 Received: by mail-wm1-f66.google.com with SMTP id u8so5406485wmm.1 for ; Thu, 27 Jun 2019 05:03:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=VeolJNzqAbHR2k5+QLOu5yeDuXFXjA87uwpAg7wCVgs=; b=F27JwnaNdipTYbq5Clhv0zgBjhElTxTxy1x/wB6AlZuuvuV/GG277jRm307TXIROuZ dTIoZexNYXz41wrDqfb0FPT29ExOEkz3LweiNoX81MrFSw5q0oFigMScBTFrT4CcxE/m tyajpEN7kZdmbS7inDN0+Phqgp3DpS27GyMlYEABI5/7e8psK3nGgH1O0sepKP9D9hns hQuB4WXF5naesBIkI4HFZ/ZbxCCoTuRHXkNfOLtMLHwNKz65DAFwbWOfZwSQlc83d1bM 8WmgJLNJWFJoqXSe9klGHyZNKB9k7KwNpKXRWxa2Z1FhRL8KLSdB3qbnYGJs2QJCPKHT qGYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=VeolJNzqAbHR2k5+QLOu5yeDuXFXjA87uwpAg7wCVgs=; b=uAwODw6H3gSEbBOwkIJdNTLfMqCnGOgGlMtb8lG9K+yPdCW7U5P3rCJEqWb6poQgZb cXGhK/N6pSmS2nNKhn+ZI7m1ADcVYl4NMmUdw4gzPqm64OKkpIR+3Uct1PqIYi5pH9cc qHtMjxBm21moeB5Bz+vofIKrljMe/2+ljw74zDFYDWV/VjGVBuw7Z5m+RrgCcx2UR3qR xYmOGBO57YwT8x2Z3E+Dm8/OI7ApmyFKt+vMKHSpajPliodw6y0GY+zpSa5o8zpVqhHr E03YbfOUUatX/pwgo6xwcNpeZkuujVDujzpiuwAobAJsm4OlcaiRHoU/nz7JhvBkl5qC mz5Q== X-Gm-Message-State: APjAAAXjnXYKbmYIvxpGxVQVk3kFHKSUPIaaT2eU5OsuoD7vKR+N49MI p58L87FG4R5JN3IFv+lSfG95b6IGZ3vRzg== X-Received: by 2002:a1c:2907:: with SMTP id p7mr2980170wmp.100.1561637026831; Thu, 27 Jun 2019 05:03:46 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.45 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:46 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 19/30] crypto: qce/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:03 +0200 Message-Id: <20190627120314.7197-20-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/qce/ablkcipher.c | 55 ++++++++++---------- 1 file changed, 27 insertions(+), 28 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/qce/ablkcipher.c b/drivers/crypto/qce/ablkcipher.c index 8d3493855a70..3003603f1872 100644 --- a/drivers/crypto/qce/ablkcipher.c +++ b/drivers/crypto/qce/ablkcipher.c @@ -15,7 +15,7 @@ #include #include #include -#include +#include #include #include "cipher.h" @@ -162,27 +162,17 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, { struct crypto_tfm *tfm = crypto_ablkcipher_tfm(ablk); struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - unsigned long flags = to_cipher_tmpl(tfm)->alg_flags; int ret; if (!key || !keylen) return -EINVAL; - if (IS_AES(flags)) { - switch (keylen) { - case AES_KEYSIZE_128: - case AES_KEYSIZE_256: - break; - default: - goto fallback; - } - } else if (IS_DES(flags)) { - u32 tmp[DES_EXPKEY_WORDS]; - - ret = des_ekey(tmp, key); - if (!ret && (crypto_ablkcipher_get_flags(ablk) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) - goto weakkey; + switch (keylen) { + case AES_KEYSIZE_128: + case AES_KEYSIZE_256: + break; + default: + goto fallback; } ctx->enc_keylen = keylen; @@ -193,24 +183,32 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, if (!ret) ctx->enc_keylen = keylen; return ret; -weakkey: - crypto_ablkcipher_set_flags(ablk, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; +} + +static int qce_des_setkey(struct crypto_ablkcipher *ablk, const u8 *key, + unsigned int keylen) +{ + struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk); + int err; + + err = crypto_des_verify_key(crypto_ablkcipher_tfm(ablk), key); + if (unlikely(err)) + return err; + + ctx->enc_keylen = keylen; + memcpy(ctx->enc_key, key, keylen); + return 0; } static int qce_des3_setkey(struct crypto_ablkcipher *ablk, const u8 *key, unsigned int keylen) { struct qce_cipher_ctx *ctx = crypto_ablkcipher_ctx(ablk); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(ablk); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(ablk, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(ablk), key); + if (unlikely(err)) return err; - } ctx->enc_keylen = keylen; memcpy(ctx->enc_key, key, keylen); @@ -382,8 +380,9 @@ static int qce_ablkcipher_register_one(const struct qce_ablkcipher_def *def, alg->cra_ablkcipher.ivsize = def->ivsize; alg->cra_ablkcipher.min_keysize = def->min_keysize; alg->cra_ablkcipher.max_keysize = def->max_keysize; - alg->cra_ablkcipher.setkey = IS_3DES(def->flags) ? - qce_des3_setkey : qce_ablkcipher_setkey; + alg->cra_ablkcipher.setkey = IS_3DES(def->flags) ? qce_des3_setkey : + IS_DES(def->flags) ? qce_des_setkey : + qce_ablkcipher_setkey; alg->cra_ablkcipher.encrypt = qce_ablkcipher_encrypt; alg->cra_ablkcipher.decrypt = qce_ablkcipher_decrypt; From patchwork Thu Jun 27 12:03:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167949 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249829ilk; Thu, 27 Jun 2019 05:03:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqxmhZKTxomyIDYcVdvqUo8HdvQ29gLykx9Mf90jxp+izzb1pAm6EiwqBCmS1NbkMtP0dIda X-Received: by 2002:a17:90a:c596:: with SMTP id l22mr5734587pjt.46.1561637033337; Thu, 27 Jun 2019 05:03:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637033; cv=none; d=google.com; s=arc-20160816; b=F2H6EdDXATK3OV+xc6idUOgzxbmjpdGkTlnFew6YHUHwg8TEdPb5mGcan4WBCj2Hp1 B4tPfUJcvvb8TLZ+Xwsn2x8sEapbUT0bMokC+4xbisIWpWMcgsVTMmhis411kSKxPpI9 6eWQFUgUVvBkfKki7DJsU6h/5m5Uj9HnAjw1G5sbJHIXYAWDbvRoV8AP5fHtPdBqvheA qdsH63DTFjcxPLSnHM9sGjXGnZgm8tGJ4SSWamIbAOXSS78dQbzJiH2zsuOL1vpbJn5x heR6zZj9NX9p1nXrcVsa2YGOLDdvgHE7uyzAwcqCpKPLyAg3hCX7X30PeCS3IVW5Sc61 KC3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Q25PpZzJYl69vPoE9WmxVzLyhHRn/eQiQv/nA2MhMqo=; b=TSDXTqONfNEWF1tUrCSxiGPoHEdt8hruKMZeVYpB3+hiz4KlYmCItOxmLcRPYAyMv9 AcxTZTH4CNRK2ZwQYVrPDHliJeH1Gasg41fwQZpYsHONEH8d5gqxACAtHauHCr49oyx7 8Op2ewadIemwk0fCdwH3ndq4b/4n/bQQtOkQCNIxY54PsyfPCu67Jt5KDMseM5+bRC5k gOpPJPfkKi9AORUV1kLjKlI5yf0Du5uUcjw1BOYCL81o3dHAIoyRYEGV/9iZvCuou/ud /QKbREd0yeR+TOf4ZbBeVRnFOOTzKenmxkiNErj2F5TVOrJBcTTlqOC2Q2t+32+OvTAo nd9A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WqbQsLf4; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 100si2163460pla.158.2019.06.27.05.03.53; Thu, 27 Jun 2019 05:03:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=WqbQsLf4; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726872AbfF0MDv (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:51 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:56154 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726832AbfF0MDu (ORCPT ); Thu, 27 Jun 2019 08:03:50 -0400 Received: by mail-wm1-f65.google.com with SMTP id a15so5465893wmj.5 for ; Thu, 27 Jun 2019 05:03:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Q25PpZzJYl69vPoE9WmxVzLyhHRn/eQiQv/nA2MhMqo=; b=WqbQsLf4i+Zc+IfQ5qJfmnEXS5HvXVLHPBm6UR9r5wy7sLYF8HuKSR3XB2oT6CQulv QS5DD3LmlrbO/mJ15O0jot0DvvBHcaeFhW7z+biSDf+YGFaitpteHi8SfT0RMrbPqcz0 QW/uumO4uMKrqQ7Ffx7m3q0VJz6d64orRTVmPchUKPy7pllC64aKSZSsZozlaggH0a+9 o3j1obGiUkUopsJip/gpWOqjB2/mp52jY+oTz19zwPS+lgyEnnHycY1X2Yz0WBoXXND0 9mJChZmRgsaO2cyF9Ww3PvuqD/sSqtCnC5kfDXbPJLndGHSWlD4UzM3sR+LwgPTwnYew jTrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Q25PpZzJYl69vPoE9WmxVzLyhHRn/eQiQv/nA2MhMqo=; b=iPrp8MJs7mD5fYVWe0nZ37kh4qtni8HzQRtkZE0ZBswwDEEwehC0GYQi4ONPV92Nh6 uMsaKAQBb68dMxUZzBSzLp8ULV2/C2z4rhCzpK16UW5X7iqn9+sKdI/eHM+pXDVIbONT lnUGxWF3z6q1KhR1tdqK6qbWBux7U4a0aiwTQompiXESJDjislqnQYy0rzQtwBOgws3U 3p8c8zcoH0XURzAtlQN4qmw42wyLSZuYnTBojq9xIVBmD+qHLdMbLYumD3R6m86HTk4q 6n5WAM9DApTHnn5sg7mk6LDLjYHc44P3j6bJRaUszE88FadP2jYIFyDgrCKqKWUB8jet C36A== X-Gm-Message-State: APjAAAXZA4nDx+oaN/GBkI5l/boylmkJqjU/3+ZwuRNptxywZieFa9qK rhtsKO28fXs6jYuCI7YLjmMWlsti1dOjAw== X-Received: by 2002:a7b:c148:: with SMTP id z8mr3079238wmi.142.1561637028191; Thu, 27 Jun 2019 05:03:48 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.46 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:47 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 20/30] crypto: rk3288/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:04 +0200 Message-Id: <20190627120314.7197-21-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/rockchip/rk3288_crypto.h | 2 +- drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 21 +++++++------------- 2 files changed, 8 insertions(+), 15 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/rockchip/rk3288_crypto.h b/drivers/crypto/rockchip/rk3288_crypto.h index 54ee5b3ed9db..18e2b3f29336 100644 --- a/drivers/crypto/rockchip/rk3288_crypto.h +++ b/drivers/crypto/rockchip/rk3288_crypto.h @@ -3,7 +3,7 @@ #define __RK3288_CRYPTO_H__ #include -#include +#include #include #include #include diff --git a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c index 313759521a0f..c4ddabb7bc5e 100644 --- a/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c +++ b/drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c @@ -49,15 +49,12 @@ static int rk_aes_setkey(struct crypto_ablkcipher *cipher, static int rk_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); - struct rk_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - u32 tmp[DES_EXPKEY_WORDS]; + struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(cipher); + int err; - if (!des_ekey(tmp, key) && - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) + return err; ctx->keylen = keylen; memcpy_toio(ctx->dev->reg + RK_CRYPTO_TDES_KEY1_0, key, keylen); @@ -68,15 +65,11 @@ static int rk_tdes_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct rk_cipher_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) return err; - } ctx->keylen = keylen; memcpy_toio(ctx->dev->reg + RK_CRYPTO_TDES_KEY1_0, key, keylen); From patchwork Thu Jun 27 12:03:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167950 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249847ilk; Thu, 27 Jun 2019 05:03:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqxSK0+o7Lvvua+khFuFSaPHIbRcCjHDITisqtElzkoZmJM4s/ExToQVOzgFaeyCMJrx6cbH X-Received: by 2002:a17:90a:8d0d:: with SMTP id c13mr5389515pjo.137.1561637033783; Thu, 27 Jun 2019 05:03:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637033; cv=none; d=google.com; s=arc-20160816; b=Y53kf5Z9+s5XIKj3Hkm/ttCTqMKg+WXg1ieaLiybrzYaF+bPYhsxPEsd0nUQGXHaMP hQOnw4g/26Y52bZ16IhCi17L/lk+QTDG0UVaFQeRvQ5eHZvWo1s9ZNytc08Oau32W0Ey aYrybh9YR9grV/PvI/LBWfVabq8CH4YpeEN3WuluQWcEOpM6Q4ovP4JyEBJFmEe58JQk 1XmRkco0+MlHzxiTmPN/oklfYUg0MCXY4fOotrXJWozrrXuHCzgJ2FGW3GiEgfCs3y8o JBHoy4WlyHACpCPBU5OFrNd32Q1DJTsgu8I55shToO/0F1/dFnl6Zvzj8MrhJM77qjal gWVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=wZ7h7T6D7FriYQJyTTKDn8ZPwN76Sl1Op9utn1sqOJI=; b=yDYUM2rE42dFHlscHSN+EHJDRHVhPalUeWvQYUui9Oz1v431xXCaizUhnHoz0RxbrL +2FyVcTNZteNeEU5jf3wDMN4CU5PPz/jJbcTcTSrmhU7a/cmlOt85pssmgoV5QpuuFUx b69x4ESDvUdLZiHwMcYEtLxFyCl03A0PBpYnmCCtzYMo1Eijivom2fzf9YExt3EqmHHC TEWhnyOelmJgHozejOKmlJZOruLK83Qypd7n1qIa0+FAXBNYU1Qw4bDswihzI46VDoZu dZMxoTJEUy3JvjGIis7Ez+rt7GSRgJEzON+fCSeP1888T1kPXZdhbjjelZXu6vEN+Bc9 FvlA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aI7XcIar; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 100si2163460pla.158.2019.06.27.05.03.53; Thu, 27 Jun 2019 05:03:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aI7XcIar; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726832AbfF0MDw (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:52 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:52416 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726816AbfF0MDv (ORCPT ); Thu, 27 Jun 2019 08:03:51 -0400 Received: by mail-wm1-f68.google.com with SMTP id s3so5468165wms.2 for ; Thu, 27 Jun 2019 05:03:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=wZ7h7T6D7FriYQJyTTKDn8ZPwN76Sl1Op9utn1sqOJI=; b=aI7XcIarY98WRTvPq7tz5Nm6GmwQ1NW6C0S3zIpW9B5X5B6Bak2XRtfySkDtw4K2al 3mz9+o24QCgHzD+df5or7VH5p/MygeL1U2H/Kjn4U+nbzi7FH4DVSy7KcRLXS/KkTItO us2MnJzyFkYUvK3gy9Ith38H9LCaZ845ek7bgyfPoW9CPaJDEWq2FEcrNrcvlf61f4sr zgG7aaEA8zhp8Adnkr3bckZeo5pAqjxy01UAzzgn/17Xh7tDgAg58XhGu4x0gAFxzJej oiDhhI06ImK6pMTErkBSV31Nipwh3QrzhW7uKQjK2gp6n5vRbNsfCgkVOD4InAy0xFMU 7Z+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=wZ7h7T6D7FriYQJyTTKDn8ZPwN76Sl1Op9utn1sqOJI=; b=fSTt1CyUQVusIrtcP+IuaoLRNfG/e7DEI/nHiTauCevNLHgrQ3bpZvqbjVCWy03gMv EUDzD6Cnx9m6XvPP2hxqZC6Ofrf8HBaXwzp4WeI/0Ahh3+9LQjP1iB6lJ/3penCncriS 7eEj3egt5MgQ63i2jhGDoOxbFty/aHM3EFY4E4yoq38rIdfLaVt0rigXLXNepAUP83PH dhprxUrOfjoZ0zx3QxX17CoKsCNznQB9L+PJQmK+Ggpj5+s+TXXRfBblEnFukagNvVO7 tNcqcZb+DA74UH49Ninxp1SxSSELD12EPUCStZjhtrwfVrVPuEODbEJGX4zqaJgMWexs WeRg== X-Gm-Message-State: APjAAAUjZU9T++w5lJr4rcaE2837H5qHf1rp/nbOycneGVbxrODlA7MJ tcjkYnzFgITMH+8ZSwnQxreeBcqbE+Io6Q== X-Received: by 2002:a1c:3942:: with SMTP id g63mr2709158wma.61.1561637029136; Thu, 27 Jun 2019 05:03:49 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.48 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:48 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 21/30] crypto: stm32/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:05 +0200 Message-Id: <20190627120314.7197-22-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/stm32/stm32-cryp.c | 24 ++++++-------------- 1 file changed, 7 insertions(+), 17 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c index cddcc97875b2..c1c7124c44aa 100644 --- a/drivers/crypto/stm32/stm32-cryp.c +++ b/drivers/crypto/stm32/stm32-cryp.c @@ -15,7 +15,7 @@ #include #include -#include +#include #include #include #include @@ -767,17 +767,11 @@ static int stm32_cryp_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int stm32_cryp_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; - - if (keylen != DES_KEY_SIZE) - return -EINVAL; + int err; - if ((crypto_ablkcipher_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - unlikely(!des_ekey(tmp, key))) { - crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (unlikely(err)) + return err; return stm32_cryp_setkey(tfm, key, keylen); } @@ -785,15 +779,11 @@ static int stm32_cryp_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int stm32_cryp_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(tfm, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key); + if (unlikely(err)) return err; - } return stm32_cryp_setkey(tfm, key, keylen); } From patchwork Thu Jun 27 12:03:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167951 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249856ilk; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqwIlIN8uSg6XLOS32UFDkD4xY6lSIuCLHxxSmToX79ynI33SeOD31/r0N+Z0W6YpYaIsl5J X-Received: by 2002:a65:6401:: with SMTP id a1mr64568pgv.42.1561637034050; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637034; cv=none; d=google.com; s=arc-20160816; b=As19v2TegEXaAtr6ahqTfgzHJ2brNJTG5W3qsAdeABprb5xPgclD+5qj92H6BfX2xW lAvXOzMvo150sVD2ftfITaaV1jbYaAlfr3nXfG4i5hOvZcoRQv8nbtld1eZsfOouu8rL I6/awxAAQO58HfiFsbSS2lhBwRNrU0QQxmR2wAeR06G/eqW/10EsWrJB4Bzn5NHGTKY+ 8zMz4BR5hH5HujKT45q6ERWlCyPFtF61cAhfK7qejDr3liwWftTsTww906FL8vH9A4RX g3mfM22OCNAFkz8dexfBkA3tMde2W2djJCoia4xKZ/d8nvhRRA6tJ/DUiQlXNU9D0FVt riYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=T/RYEPQWF2x5irsNjj88sVD+R/k06WJQGdA2A6mcj7A=; b=1LWQFT7O3TDiB29OUqUPHoXuPKnRIQ+fR6KD7XwIObIf84pTu3IwV/bYBSj7RniJrD p+d2KCB2cQ+mTmu6n/ChTaq++95JNT2k73Hl84+kwx29bkYEeu6ghsTDJbx9pSp78WMk uTHF1cQ4DcyQStNMLoLXGMXVjz+NIz943XQOFD7AfccilmENQNY7vY99PIbOd1hVY/6t PCdaUSqDpLFwc0MkA68E3V26PJamCYB5uQcrQ9oaOuh/QhT54fgRsLKtZtuvF/hZhoaF eKUGRcx9bezdy4bVJ+2Ng/ztYZYTiJhNVrmtIbEecPjXmTIjM6ZczxBwwXRPSyuST6uR r6qA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KdfJVun+; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 100si2163460pla.158.2019.06.27.05.03.53; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KdfJVun+; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726816AbfF0MDw (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:52 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:42826 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726867AbfF0MDw (ORCPT ); Thu, 27 Jun 2019 08:03:52 -0400 Received: by mail-wr1-f67.google.com with SMTP id x17so2242081wrl.9 for ; Thu, 27 Jun 2019 05:03:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=T/RYEPQWF2x5irsNjj88sVD+R/k06WJQGdA2A6mcj7A=; b=KdfJVun+quBw9qR4nnbl3wKtXzuyxIXQwcGvKS41w51CnAbrVpOafWkopLjSzh/Vfr U2aohhPdP605iXjBgOH9ufQpojNiTHQ1ITv4JUqnRek1pq+FOosn2EUkojqan9Yvfr2a WUmGy3zl1iosLZIv13192esmORPRPdx6ua2AigC7mYu1yZUOm1Yl6wuY1LoIJszO7e/9 7OjTdeUZhoFeEyESJYNCKSzyRoUGkgbYpNpPvuRbuvj5vh/7yaEMzGTE4ZkHwJO/mG+C 8xCQpmZv2wS78ynWlEVVcmm27DcsUQRHcjaY/zxjOPglYROh7hpUj17SCjQlPqxe2DuS Mfqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=T/RYEPQWF2x5irsNjj88sVD+R/k06WJQGdA2A6mcj7A=; b=PEuIrRg15Y00NtsS80ikXVNv95h85s05zqym3eCm74TfdgdTkx2KjY/jR6HxJaURgQ IASzvtYvkwKPDA5rkzZBwFDpgDKDfM8zhAC5Xot3up2zYgDtqlYUlPnsqDM4a1S/sS8Q 4Vkasa28i5AycFC5dADt+CiAssj+eQEwha+cWSp8ydezReEsrmWW43/KUZR6njWiFqBq kH8v7rXikhDnhEeBU3sB96/Q2xkF7JbIAyJRT/kox0gNh6X1r80G42Fm01Yc7OAYEBOe lkYW60dyc6WXHU6kFxoR2AydZx6jCSVqBSVlajjHshMhMSta7GdvHdtNx29tBIgk5O6V RJuA== X-Gm-Message-State: APjAAAWvmnwPpOkopez4J/jJgTjIhJDrXsJevgX29AJ0c6gfDRczXZG8 dSi4yHw16JxXQsplUBVjrukwjo02cx0HWw== X-Received: by 2002:adf:f649:: with SMTP id x9mr2787180wrp.86.1561637030056; Thu, 27 Jun 2019 05:03:50 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.49 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:49 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 22/30] crypto: sun4i/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:06 +0200 Message-Id: <20190627120314.7197-23-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 22 ++++---------------- drivers/crypto/sunxi-ss/sun4i-ss.h | 2 +- 2 files changed, 5 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c index b060a0810934..93b383654af0 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c +++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c @@ -533,25 +533,11 @@ int sun4i_ss_des_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { struct sun4i_tfm_ctx *op = crypto_skcipher_ctx(tfm); - struct sun4i_ss_ctx *ss = op->ss; - u32 flags; - u32 tmp[DES_EXPKEY_WORDS]; int ret; - if (unlikely(keylen != DES_KEY_SIZE)) { - dev_err(ss->dev, "Invalid keylen %u\n", keylen); - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); - return -EINVAL; - } - - flags = crypto_skcipher_get_flags(tfm); - - ret = des_ekey(tmp, key); - if (unlikely(!ret) && (flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - dev_dbg(ss->dev, "Weak key %u\n", keylen); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_skcipher_tfm(tfm), key); + if (unlikely(err)) + return err; op->keylen = keylen; memcpy(op->key, key, keylen); @@ -569,7 +555,7 @@ int sun4i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key, struct sun4i_tfm_ctx *op = crypto_skcipher_ctx(tfm); int err; - err = des3_verify_key(tfm, key); + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key); if (unlikely(err)) return err; diff --git a/drivers/crypto/sunxi-ss/sun4i-ss.h b/drivers/crypto/sunxi-ss/sun4i-ss.h index 8c4ec9e93565..3c62624d8faa 100644 --- a/drivers/crypto/sunxi-ss/sun4i-ss.h +++ b/drivers/crypto/sunxi-ss/sun4i-ss.h @@ -30,7 +30,7 @@ #include #include #include -#include +#include #include #include From patchwork Thu Jun 27 12:03:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167960 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2249872ilk; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqxuMyA4xnYiUMJA5BJxnQwg6RDV1JR4dzETI6TB0qDIdj/D/WtnpCoijniYK8b3ewTxuah1 X-Received: by 2002:a17:902:7448:: with SMTP id e8mr4357412plt.222.1561637034808; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637034; cv=none; d=google.com; s=arc-20160816; b=UbM9ejLzQS2PqsoqoWdET+nnwneUQMNsV3UBKBXzmsBgSOIIXzOBnmLtuOEO1Q4fgy tEUxq1Sdzvpe4TuS8uIijN7uN8sceWIhAc9E8liAOP+SW80P8RRA3rfEH//YnINy9Asy yGq5El872AfcBfghFmkclt4uNvMLWCNQ/xqnvH967Cm4Dsk+zvuY3DXKbN595Tlt+zaa KBD0VZhVFef+GRv9kqTUzxjVizJu+x3xmRXxQ/OPndHhf9zzfvsGPZONoFdUEDzduBLP XcoSfPwZ3a3w1BiafendmAAzNvnjMKx4zC7m1gkpoP9W+/GCt0SUNJy2zzdEvcUXEglN I4oA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=K+e75pqvyX8YF44FDsxuzr3TRtIJEnQtyvl35LqdHDo=; b=ilvVTi1bhnu+IOoqi8ap7FjQOpzkmay3T/N4lcTXkkwnnFVH/pDqiz0w2gFPWA55bV LfdhRj60LPBbC4xhyn2X5gJ0UESEGOfnrc8+kASdDOmFoJxzqWnKcUoMecKNTU4SWaoY sLDamxKMgKpDZGSBxmHWZN9oCYAvr6jdE2yE3Z4b2z0IsMpLPiigEMi5r0XBgO+TpLUc HAMPXjUtjmSLiskjbbPc+MwSCaznDhX5SAZS+GmluQw1lusuEI/kxSBP34rHGGzpfZAO uAgbxeK57p1C9pxvF7UUIilX1pPv28xIb+e5pE8VoTBC8CwyIeyN+554ecXmfNwwqS5s Xkng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MZZmIZvX; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 100si2163460pla.158.2019.06.27.05.03.54; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MZZmIZvX; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726867AbfF0MDx (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:53 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:40678 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726873AbfF0MDw (ORCPT ); Thu, 27 Jun 2019 08:03:52 -0400 Received: by mail-wm1-f65.google.com with SMTP id v19so5399139wmj.5 for ; Thu, 27 Jun 2019 05:03:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=K+e75pqvyX8YF44FDsxuzr3TRtIJEnQtyvl35LqdHDo=; b=MZZmIZvX5I7gzj2TvovtkfJh2LpPobIOIvy3y/rOcoR4z8HzpGrDMeW2I3eWAYhWnY OpvoVzF7CnplEpEzTQmJVFgdIp9CUwxKuwhhZnREfp6mYMmoFUg/pjwxz4qsv20fIZhD N0LGjNBKX3Fwp3RNJRxPzX5Bhzxpk3ZhhBn8RjSzcPT/dRViT1ECmxTtJBlGDy4Om7L8 immsLupNgMR5Urs5spn3nVktSrkzHyeH8W/pzMVB6x5cHTKEXhKbk0q+J+9kh/bgdXUY Qy3sk4dmOTv/8WvhIV9zEEaLEnDYEA8jXRzxCrJ4Sh8Js1v3ogWZkHsXuRH8GqV1QDca K3oA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=K+e75pqvyX8YF44FDsxuzr3TRtIJEnQtyvl35LqdHDo=; b=p9p6WrP+iyHTDZY6Msot4AGpo0Ik0466OQSGaWmb5cuzkcc4UPks5UYf3E7j9oZNrB 37J1yLHfQZhB+uRINFIOZnYEc39AOubi5lEqNlzo/Lg6HAdKuYGtKdQx3dmZdReQAL9M YHF4KgwDsNKwPHEA+MoZ6JxlKvQ8VZiiDEQ6ZeuxlPfz1YfQBTn8s/jvxs7o7xE5o3eV sTlDhVo0OC+KRoWmUQ0xUHVyUBWXHoY0BXFbXsXAxdhfs0ZYqXF/iEqVz5ofU7dJ9ESh Eb+0FbCSJF9hCtkTdyRBgbRVl4TGt7DQ5tsr1AlgB6opDBEzTQ3K9rY/l63OVAZyge1T ZpCg== X-Gm-Message-State: APjAAAXUWKWWYfL/tojbqIvxdGVypanU+hb7oZBafpI7aeOqQ1oTXfmJ 7OjnWenWDbAMEdx6P4THReqfNtpF2npowA== X-Received: by 2002:a7b:c347:: with SMTP id l7mr2910218wmj.163.1561637031148; Thu, 27 Jun 2019 05:03:51 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.50 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:50 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 23/30] crypto: talitos/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:07 +0200 Message-Id: <20190627120314.7197-24-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/talitos.c | 28 +++++++------------- 1 file changed, 9 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index c865f5d5eaba..022292aed9f9 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -30,7 +30,7 @@ #include #include -#include +#include #include #include #include @@ -923,12 +923,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc, if (keys.enckeylen != DES3_EDE_KEY_SIZE) goto badkey; - flags = crypto_aead_get_flags(authenc); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(authenc, flags); + err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey); + if (unlikely(err)) goto out; - } if (ctx->keylen) dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE); @@ -1538,14 +1535,11 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; + int err; - if (unlikely(crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - !des_ekey(tmp, key)) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) + return err; return ablkcipher_setkey(cipher, key, keylen); } @@ -1553,15 +1547,11 @@ static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) return err; - } return ablkcipher_setkey(cipher, key, keylen); } From patchwork Thu Jun 27 12:03:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167961 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2251869ilk; Thu, 27 Jun 2019 05:05:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqzwUlkO+dUwD0I9wgRcrR3A7ttFmFLbxueB6x/A6ZX9GGbbTvKITkIJkxyaM7qGIF4tBTsQ X-Received: by 2002:a63:4d4a:: with SMTP id n10mr3402157pgl.396.1561637037457; Thu, 27 Jun 2019 05:03:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637037; cv=none; d=google.com; s=arc-20160816; b=GX3BGmIANiW5XA6Ehoz66URWAlQdSAnRZx+P2zrZzRvmC5BvuV35RcaBonFjOSiIX2 jxWDXBYiyxyODs3XxGcLEw7poR85hAPdYu+wCVjew3KAynfuuscZ1xae6zmJkj2MuybZ t/lWpjUTyHeMXHob5mnMFxJe0tvuGIi6Xn1Yundse7tx1XQNApInAR3m4/yep6hM0xRp HNr05Qe6dqZZEq2CfyR3/BZhE5grwdhIlbVCVbC5w1y6PfHtAt9V97XgqZ5NbigmQRIV nL/KTi7AGvUstLQMx8XGnfXxXur9FpA1h/omoSG4QywvwHzA/XynWqKscFtCXIs+gklS 6tlQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=3jS478ttYwvYZg/uCBgId5hMyypjMuzMWsJAXYXWARw=; b=PLuuAVnSb2rOIrsyqRzFKfXtOFmow9rg5KOjtIgJmSC3o8xJzvyW4+aUsbH5uiPIsA 8isNJXk2Q3eFmwWXXyUm5Xn8rE+6/xkw8bv7ZohtNMmCiLWjwWk4go3WIpXpAk2koBfT +kV++8x69D9ke4cxfTnNGxlolhzM7xTvRa6zM0BG/MW5Hh/lKG2Sp3GtPmibKFpZVXuH p61mQlJwkGv3qqdaLaiJcmp9ltkZaIjx37A14/ZbzEpKN+woD3KFRQLlBq7NgOskKc63 PFBRl2cUsSiQqIRLY4FMJhy7VIELovGCISi5C5JeV0X1JDXQ9UFQZOIqrHrJ4skfT+Bp fQlg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=z23P99xO; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f72si2632585pfa.67.2019.06.27.05.03.57; Thu, 27 Jun 2019 05:03:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=z23P99xO; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726874AbfF0MDz (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:55 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:42832 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726876AbfF0MDy (ORCPT ); Thu, 27 Jun 2019 08:03:54 -0400 Received: by mail-wr1-f66.google.com with SMTP id x17so2242216wrl.9 for ; Thu, 27 Jun 2019 05:03:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=3jS478ttYwvYZg/uCBgId5hMyypjMuzMWsJAXYXWARw=; b=z23P99xOEKsqgIO0KRsNTbwiDdIHkrmLdA2iLWUL0VM5xiw1ilEG8X4BN2mPi9DOZ4 QpRyupsaBG3plICWP+HXIm9CN5mqfKrZ9CHxs/+c0DfIfLyKnlmMmFvbHheDgkq8or73 8Ea4JxNQhhQsJSTer7k/6A3yZgDOsP93L84zKFU7oi1VjMViCEyZONQ/mkeHUohVQBrv SVmgHYjgnUfBrdVFgUP8sB+uODvbK2Wp5Z8vCIjxbZAqIdRy7U1TpmT+As8Lx7c/V6nK lSYoKs33j7MApU0zi+O61y8BGuCbpFq/bnesF3P2kVsFUftt3cR5VsRxThbkqMwYl605 Ny+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3jS478ttYwvYZg/uCBgId5hMyypjMuzMWsJAXYXWARw=; b=ufVX64meYjIjpViSNoUI5g9wW2NJUqESyl/tql5vESM3tnxGLTl7q+VrW0tUfVHjlo HMrYJD2g6Y8FRGOiWTMe/7pwJO02Hv8/emvZhJI6KECI9KxcfbLt6emtQzNL+Mii5aHW 65A/w6QTm7IxDv50WH/tw2ScAVDZz6e6j6i4p5DAgYrSumO4ZHIC5oJhHnS0SMazHMGz 0zjtJPst73XBle3qoXHgWYy8W1WcXQ8b0/WF1nwXwQ0VCiP8D7CiU+pAAtvY9j3HYCKc DHDSuM63bC0evNEcs2WBNdjlqhdDdoScLpVM+6AKAV6Ggndmg2ncgYjaK+1FM3Xew/Gj APBQ== X-Gm-Message-State: APjAAAUzfc3jEjjtt9xQkfPv3efsTMNC+n1xrtYBsf7wdxHzaLiAlETl 3c6ijYNbMX8pQDM7Um4lCx/0l/6VET8qKQ== X-Received: by 2002:adf:ea88:: with SMTP id s8mr2919766wrm.68.1561637032419; Thu, 27 Jun 2019 05:03:52 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.51 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:51 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 24/30] crypto: ux500/des - switch to new verification routines Date: Thu, 27 Jun 2019 14:03:08 +0200 Message-Id: <20190627120314.7197-25-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- drivers/crypto/ux500/cryp/cryp_core.c | 31 +++++--------------- 1 file changed, 7 insertions(+), 24 deletions(-) -- 2.20.1 diff --git a/drivers/crypto/ux500/cryp/cryp_core.c b/drivers/crypto/ux500/cryp/cryp_core.c index 7a93cba0877f..447bddd72fe7 100644 --- a/drivers/crypto/ux500/cryp/cryp_core.c +++ b/drivers/crypto/ux500/cryp/cryp_core.c @@ -29,7 +29,7 @@ #include #include #include -#include +#include #include #include @@ -987,26 +987,13 @@ static int des_ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct cryp_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 *flags = &cipher->base.crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; + int err; pr_debug(DEV_DBG_NAME " [%s]", __func__); - if (keylen != DES_KEY_SIZE) { - *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_BAD_KEY_LEN", - __func__); - return -EINVAL; - } - ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && - (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - pr_debug(DEV_DBG_NAME " [%s]: CRYPTO_TFM_RES_WEAK_KEY", - __func__); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) + return err; memcpy(ctx->key, key, keylen); ctx->keylen = keylen; @@ -1019,17 +1006,13 @@ static int des3_ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct cryp_ctx *ctx = crypto_ablkcipher_ctx(cipher); - u32 flags; int err; pr_debug(DEV_DBG_NAME " [%s]", __func__); - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key); + if (unlikely(err)) return err; - } memcpy(ctx->key, key, keylen); ctx->keylen = keylen; From patchwork Thu Jun 27 12:03:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167962 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2252615ilk; Thu, 27 Jun 2019 05:05:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqy9wO5GOXd92vuQPMhgz23RLp5aAeMj0B1kOiAQDIj8SWg45CxkTfYi3DtCZWd5513cVMJZ X-Received: by 2002:a17:90a:9281:: with SMTP id n1mr5482875pjo.25.1561637037838; Thu, 27 Jun 2019 05:03:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637037; cv=none; d=google.com; s=arc-20160816; b=y3XxPNkK9BPJauoKCTQ4A3+V12cdwyCIvuT3cR/h1rEWsMByQPI8LGr9wCLHQyFBa7 XDBnVLlBTo3kFTnJdpiST1mnItFyEqSfsUYY9hz0TJYksIZOUdSh8QVSlyt7R9w5Zke9 zkHGY3ETKBZharYvsomL2hPYQhcKXOiyBzohOtGAPGRC46IP1g+rQ6bqbByw178ZPWGU 2C2IYpOUXCFAS7XgNC8fJA6LXOG9bqtK2KGYVPjGxfyYnH0P3mtNaahy25mqMDcDDq9P VXXJn0ztKovKlArKfBMcL9i+yf+XHo1p1dtOV26PlFjd1ltx/rRL4DZBRdeYL2zMhFZ3 Kyaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=2ioky3fpyGzGrutebcm9SiIqrDnulKn3sb2MnhR7QvI=; b=Uno5KO7JXseVa5C/upaX/mc70yiFdy/DAaiY61x8wapw4jmwc6JSHgGp/OGMnOXj4V cABZZy7K/1GIUHCH0scyGpF2Xw0Mdw8wDBCseA/RxlnZhM8p533atnKOBDDaU6oXzXT8 I9ZR1CjgTQu0GRSyF7jzBTwJaXjzimjd3R1oZNyODBIALgZ1PqgTwjTAhzK//nDQ0jjG loETHONQGQ1N+YcFiPjJuVrAaQvaG+EvrDRMtUhpjYiE1x39z20zhlvxLg1QAcO6Nq9x AgSLXmkztrl0AOxe5xi+7MtNdRNw+NSd+ZF4lkP91OBYxKPJIT2f22SiYYqjUufQEqLI NkWg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gaJMvy1d; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f72si2632585pfa.67.2019.06.27.05.03.57; Thu, 27 Jun 2019 05:03:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gaJMvy1d; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726903AbfF0MDz (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:55 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:34778 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726882AbfF0MDz (ORCPT ); Thu, 27 Jun 2019 08:03:55 -0400 Received: by mail-wr1-f67.google.com with SMTP id k11so2280267wrl.1 for ; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=2ioky3fpyGzGrutebcm9SiIqrDnulKn3sb2MnhR7QvI=; b=gaJMvy1d4pog6kqA8ImpHgejwkmq3ZUKh0j2/sL895rzLUP+msW5h2AnsZUJ5R5H6z KqtLkBmOnFRp/PwIv2Nhbk21QgeRtZeB2fn9mje9RANOXsjwk/f84SDiwCHyu1TDpyte ICZ3f2vIh6+Bxo+ch+iYToDomYOfiqsB6yry9TeJU56nZE4yTo+yR6DY/ZdH+RPyAFFC 8wK2GwfiXlAVAyLlfEhBs7DfjweRnqq+ZgzAB/6QF8ge6/TyL+2K8XbOGswZ9velF/u2 LWPT/8uv8EIn/PxkVMYkUahZ7lZ5b20a/U8vvIkZdpGN4daZdaobbICUvCO4/nsyvtwf NCbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=2ioky3fpyGzGrutebcm9SiIqrDnulKn3sb2MnhR7QvI=; b=YwqWkVfFolgvtLN4HBUnCMt/qIMJ2xcfEnvPLMi7L+BJvdkf8qpd6C2ZI//CxtorSH Y8TK3ACJLCor65BPyGrTirQU8mxycYqA7OTdZ36PH1IYBGM6nMvyEM1bvbdVNGXPCj5r Uj8azUDGn2vTwQGTflcEWWGgd1AQ1+IdQdw/FduHqytpOqT/BfofQRIo1qKu9oeZWVu5 uG5uNS72EOyQmQmPyX88PsH5ezppJS5NlX+UCDJ7zy1wuNo30HWk0jO2nouPYp1lIBog R7NCk+2JbvPkS1SgWjESsLp3uvIg/TYvBFhIDDSdn93cuNe8yzFwO/Mk3ikWN1jLa1Yo 3KFQ== X-Gm-Message-State: APjAAAWStMuLv2jZzvMs00cf6DSLqHXMOv9/6DI48jMRntd5OfwbeACe UCbpwwZt8wJfVtUoCcVDds9Dwel/Hia3Jg== X-Received: by 2002:a5d:56cb:: with SMTP id m11mr2986899wrw.255.1561637033424; Thu, 27 Jun 2019 05:03:53 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.52 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:52 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 25/30] crypto: 3des - move verification out of exported routine Date: Thu, 27 Jun 2019 14:03:09 +0200 Message-Id: <20190627120314.7197-26-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org In preparation of moving the shared key expansion routine into the DES library, move the verification done by __des3_ede_setkey() into its callers. Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 4 ++++ crypto/des_generic.c | 10 +++++----- 2 files changed, 9 insertions(+), 5 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index 5c610d4ef9fc..df1b81f06764 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -358,6 +358,10 @@ static int des3_ede_x86_setkey(struct crypto_tfm *tfm, const u8 *key, u32 i, j, tmp; int err; + err = crypto_des3_ede_verify_key(tfm, key); + if (unlikely(err)) + return err; + /* Generate encryption context using generic implementation. */ err = __des3_ede_setkey(ctx->enc_expkey, &tfm->crt_flags, key, keylen); if (err < 0) diff --git a/crypto/des_generic.c b/crypto/des_generic.c index c94a303da4dd..ce482fb5abee 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -851,10 +851,6 @@ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, { int err; - err = __des3_verify_key(flags, key); - if (unlikely(err)) - return err; - des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; des_ekey(expkey, key); @@ -867,8 +863,12 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; u32 *expkey = dctx->expkey; + int err; + + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); + if (unlikely(err)) + return err; return __des3_ede_setkey(expkey, flags, key, keylen); } From patchwork Thu Jun 27 12:03:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167953 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2250025ilk; Thu, 27 Jun 2019 05:04:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqw9qpNF2C7QiKaZXWLq2xwbJRiqWVF7frD40RKxwPgl+f0JMd6B5Xr3wTHtOG2ikt/vLmcJ X-Received: by 2002:a17:90a:24ac:: with SMTP id i41mr5613513pje.124.1561637040299; Thu, 27 Jun 2019 05:04:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637040; cv=none; d=google.com; s=arc-20160816; b=YOmMHCdf6Bf95axpQbXbCbqhSjxr538bkBnuUEZO8IpgjqcBmACNVeZV8c8Xo/8tEB tpIUeaMx+oKX22kLzjZyUwbRdt923Rt9G/adi3VpjiyD4VLGi7DY8Bs3ulQ3jhYGUUc0 lCgKYT9SDWD/3uGUM4marNDhlfyNiBVMecNX53bckUyLGEy4/H51bFrSMtt3YSgaRcbD Gd8oBvOpqmrSJYDed7HmwEv6PysGorZzesE/Bb3UKH1cHMlN5qc6GSFUqQGbl/3WSl11 VAmE2G8vjHNB3+qKGmVZY2UaBlSXrspsMIx0HVcnSnKcVC75BpT6KlSW2P+RblWgHnAn RgNQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=fkUeTHB5uAILqS6QVf4B5BT7qsIPmB21o7BxEfOtFYieCEZqd/GaC+v5XaqWDZ/m6c 0h3SOJ7dWlzXOefwa6AwbjiEVBCAmhkyXNpvruU2feFdwLFbdpNJyUHPqgFl1MnPx56y y2/66mVxOSPJ88zkC/4YIQky0xADVp591muNGuldj8Yob5chs+u/zlSoGSPDj0H5fELQ 7Shhf1iMxhgPBnmENR0zym0SWvDKn1DyYPgEctVNawJX46/ILAy4ff0k0b9fjViboxVS 6sbI18/H0l6O+oA1Sd2E3OHb2L/T1pbCugBeoUZzhYNGA6cgbCDNbT9ZJwxEjvz8CZBp dT9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="OMfsU/JS"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f72si2632585pfa.67.2019.06.27.05.04.00; Thu, 27 Jun 2019 05:04:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="OMfsU/JS"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726906AbfF0MD7 (ORCPT + 3 others); Thu, 27 Jun 2019 08:03:59 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:52430 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726876AbfF0MD5 (ORCPT ); Thu, 27 Jun 2019 08:03:57 -0400 Received: by mail-wm1-f67.google.com with SMTP id s3so5468462wms.2 for ; Thu, 27 Jun 2019 05:03:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=OMfsU/JSW0SMZatZZnAJHpMGi3CUDPeclFT1aeZiYANbvksi3yWKt1kKFJrIaUhYvl mhS2oNAu33hK8o9oU/6hy/z0NGoq4MCKkPnVYRcTi/uWKnZWjbQ7sOdycFY/MuUbRIMg v55kEg1lsf7WkRrG8CaCu7r32gxlECR27jokVcPMG197u/vhdGNip9B6cA7s62rfM+P4 1lTvLVKMQEz1RpiJUR64IzGvKu75SCo/FlJFIwLhLCcJ7A/Fxe2T1zwrKku3mY+AP8+X zghFAKEBVOEOpgV4sUKxAWeTPf/ZJCvnNfSyRRuL3ig3jkwN4WVizDZTMXS7XLL7N4OR 8Yng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=GlTPPuF7VX+eSXKr9xKNOwcbjbSTX6Pw4/5JxljOKbg=; b=HKRbq6JfHTqpWxcpyinvPMjBfhIQsNrcpdaLkcgLdToGiZrNF4kio4trGSCuq9DY2a ODQmAA3TSFOpJCm6XxcvIysp1Kwknzpj5JNgYs29neK+qo9FT1NXocIZAe3voefaJRAb MBdFsJ8HZPkaj2xaa4XBUSD+tOD6mQ0FQ8HMlSkj3XQdygdLwwWjvWnh4fPzXiw5Iw/C 7wDDtj/40vbaU41wJJgg9OPVKMIknhhBhNfAN5FzYtnFWUWaYhPOWMGSZALrPZ+an+tU aMa4j/RXl4tZPy2w6ApZvv8S4BTeR8VFTAoPtvXsxmIVYsFqmOQHpLOewURytLLXwNTk OQUA== X-Gm-Message-State: APjAAAUwlrCgWUOs7tWIJD0D/LKaEzpwu30JVorgUNpBzSO4CUBkVitP nrnnYEhefPV5lK5B5KCSw/ND1VojGvTyOQ== X-Received: by 2002:a1c:2907:: with SMTP id p7mr2980719wmp.100.1561637034837; Thu, 27 Jun 2019 05:03:54 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.53 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:54 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 26/30] crypto: des - remove unused function Date: Thu, 27 Jun 2019 14:03:10 +0200 Message-Id: <20190627120314.7197-27-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Remove the old DES3 verification functions that are no longer used. Signed-off-by: Ard Biesheuvel --- include/crypto/des.h | 41 -------------------- 1 file changed, 41 deletions(-) -- 2.20.1 diff --git a/include/crypto/des.h b/include/crypto/des.h index 72c7c8e5a5a7..31b04ba835b1 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -19,47 +19,6 @@ #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE -static inline int __des3_verify_key(u32 *flags, const u8 *key) -{ - int err = -EINVAL; - u32 K[6]; - - memcpy(K, key, DES3_EDE_KEY_SIZE); - - if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || - !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (fips_enabled || - (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) - goto bad; - - if (unlikely(!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) - goto bad; - - err = 0; - -out: - memzero_explicit(K, DES3_EDE_KEY_SIZE); - - return err; - -bad: - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - goto out; -} - -static inline int des3_verify_key(struct crypto_skcipher *tfm, const u8 *key) -{ - u32 flags; - int err; - - flags = crypto_skcipher_get_flags(tfm); - err = __des3_verify_key(&flags, key); - crypto_skcipher_set_flags(tfm, flags); - return err; -} - -extern unsigned long des_ekey(u32 *pe, const u8 *k); - extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen); From patchwork Thu Jun 27 12:03:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167957 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2250123ilk; Thu, 27 Jun 2019 05:04:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqwjhKx6dMRcvj6jfBmTr3YQ3WVdyyjYYHdJ9RVkjmMrmL1MIOTMbQDYVZJNL1ntSc0NgxFi X-Received: by 2002:a17:90a:36e4:: with SMTP id t91mr5505006pjb.22.1561637044416; Thu, 27 Jun 2019 05:04:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637044; cv=none; d=google.com; s=arc-20160816; b=dzrE/swgXyV498M2V1zmkph1IdO6FFnraTLHWKqFp425q2t1AeBW7uFLskjqPap1QJ VCKvWBmyPxE9uptCKifhnj8mNWpW2pEa+7gDmGGXEnzXAx0nhXsC5bB5RVdutOrAdivn wZXScWTPPraNzc1UWnmHYzO4dmTabzhgoUSl8d3RzxN19MbBHE8K6ggsLaOhj4oS1Z+9 usFXDihJELWFTT+B82FxNKotbIjbI82E1hOYDkxciOHnvjNvHCaxcbVrkZiZOHy8cZci GHMJObLRbT57pO4qg11RgavySly9CFT2GpcD8s60mjWKLcQIhAyZHxXatcFE/wWTtSWh UjKw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=A+9f96kl/eLWlXCssH6YOQHW6clU0rVvqs0fyAsz8Kc=; b=hiylYIlUvtgioIp2k+Qq+p4BqAfEGnbYnOgaClSkghNjtpxHJS05sU0DR17VBCwB0g E55baKii9vw0QgtJA3fxoJ8PbId1ABc7byHS1rDeZL7kIEfnRbIfINo8dqWTlbO/f9hz ndB4A8bkHpf0sTcgBRf+5qVQ834INGU9bxQe7RJMzSm8Z5iGBCxlj6jGtofocNFuZqhm DCYdIyhPdrOoGZLK+/vkJVWNlOQ/uGrotOzXwxcQeEP5cZXo7NqVDU6JmyHL6BTv7iq2 DZXrz2/pmoMsxGVBT0wKv9P1MoR4O6jYIxKPNjQuWVUWXAt3juwia3d9nRKMErbUWDDy ajqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="M1m/xEyR"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f72si2632585pfa.67.2019.06.27.05.04.04; Thu, 27 Jun 2019 05:04:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="M1m/xEyR"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726876AbfF0MED (ORCPT + 3 others); Thu, 27 Jun 2019 08:04:03 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:34964 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726882AbfF0MEC (ORCPT ); Thu, 27 Jun 2019 08:04:02 -0400 Received: by mail-wm1-f66.google.com with SMTP id c6so5429059wml.0 for ; Thu, 27 Jun 2019 05:03:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=A+9f96kl/eLWlXCssH6YOQHW6clU0rVvqs0fyAsz8Kc=; b=M1m/xEyR/zgMYVUa7R7exz5SpcWG1RRtz4Do9kUzij6QgpE68f2zNK2bfDgJyOxJdW p4wW4RVqY8HSYbR3ZWQC4rlbmxghW91WlgSnz3E6OLTLVOWdkWZB+lfvY35Wpisw9oM+ lSSTSc+mpte5vji+UYkNjEtfl5HUeq2jgrKRtrYjUTZlVul+KB9zstDX89yZ7uuVDJAz OlTjeZZbNMH7Whw4nOVC4WF1GlpJQrfUvlU3ISYNJJL6E5jPA2Va6EkHandKnNQbZUCJ qA2jMlQutjKCbNgGIhYiJXtiod0JWzNk3uDw8C8oM8InGeixOBk03K8jr/4BIPuPNIfS xXtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=A+9f96kl/eLWlXCssH6YOQHW6clU0rVvqs0fyAsz8Kc=; b=AstRPDjQ4GZlHEDbL7d9N4abpmm218bip0M1RHKIcldxIGwCrbMN5OqNFd5uyDz37g kVd9IuDgkXwW+ZnrXr2dqAFw5ruLuxn6tjoWmF7q42Ons/sKCkEawp1qqtMlVdvxKkPo Q+en61IQmJEZveuVk7YFYuMJgvj/5dLHgrnVHfLzAbE1X8uhEQ5c+KSFWoAn8EHKCHt8 vpGflPhVgixsDMNW3PagNSsCRAl6GZ87o5XBWvNFRtWj+G7tf2EkHKb73aISgcPKDj08 JLaJ7JVwn9uZcR4At2aDlooRUp6JyzPjHw+uHBqkU1bvC2G+a1v176e4Q/PYS4WqllmG AC4w== X-Gm-Message-State: APjAAAVDwCoMkoEIBLfLSXp+vCvQgW8gbmsAVAs1PBDdXmgbPixd3MC8 TZaA1CUhlYqy+hZVPUsgMBTLjHctht1zUA== X-Received: by 2002:a1c:67c3:: with SMTP id b186mr2856690wmc.34.1561637036019; Thu, 27 Jun 2019 05:03:56 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.54 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:55 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 27/30] crypto: des - split off DES library from generic DES cipher driver Date: Thu, 27 Jun 2019 14:03:11 +0200 Message-Id: <20190627120314.7197-28-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Another one for the cipher museum: split off DES core processing into a separate module so other drivers (mostly for crypto accelerators) can reuse the code without pulling in the generic DES cipher itself. This will also permit the cipher interface to be made private to the crypto API itself once we move the only user in the kernel (CIFS) to this library interface. The resulting code is an attempt at walking the fine line between sanity and the peculiarities of the existing API (which is already used as a library interface to some extent). For instance, des_ekey() is already widely used by drivers, and so the newly introduced key expansion routine for triple-DES is called des3_ede_ekey(), and returns a 1 on success and 0 if a weak key is encountered. Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 2 +- crypto/Kconfig | 8 +- crypto/des_generic.c | 917 +------------------- drivers/crypto/Kconfig | 28 +- drivers/crypto/caam/Kconfig | 2 +- drivers/crypto/cavium/nitrox/Kconfig | 2 +- drivers/crypto/inside-secure/safexcel_cipher.c | 2 +- drivers/crypto/stm32/Kconfig | 2 +- drivers/crypto/ux500/Kconfig | 2 +- include/crypto/des.h | 43 +- include/crypto/internal/des.h | 65 +- lib/crypto/Makefile | 3 + lib/crypto/des.c | 902 +++++++++++++++++++ 13 files changed, 1049 insertions(+), 929 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index df1b81f06764..ff6cca8d69eb 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -21,7 +21,7 @@ */ #include -#include +#include #include #include #include diff --git a/crypto/Kconfig b/crypto/Kconfig index e801450bcb1c..ba0c0ab62ee4 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1426,9 +1426,13 @@ config CRYPTO_CAST6_AVX_X86_64 This module provides the Cast6 cipher algorithm that processes eight blocks parallel using the AVX instruction set. +config CRYPTO_LIB_DES + tristate + config CRYPTO_DES tristate "DES and Triple DES EDE cipher algorithms" select CRYPTO_ALGAPI + select CRYPTO_LIB_DES help DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). @@ -1436,7 +1440,7 @@ config CRYPTO_DES_SPARC64 tristate "DES and Triple DES EDE cipher algorithms (SPARC64)" depends on SPARC64 select CRYPTO_ALGAPI - select CRYPTO_DES + select CRYPTO_LIB_DES help DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3), optimized using SPARC64 crypto opcodes. @@ -1445,7 +1449,7 @@ config CRYPTO_DES3_EDE_X86_64 tristate "Triple DES EDE cipher algorithm (x86-64)" depends on X86 && 64BIT select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help Triple DES EDE (FIPS 46-3) algorithm. diff --git a/crypto/des_generic.c b/crypto/des_generic.c index ce482fb5abee..8669423886aa 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -18,832 +18,42 @@ #include #include #include -#include -#include - -#define ROL(x, r) ((x) = rol32((x), (r))) -#define ROR(x, r) ((x) = ror32((x), (r))) - -struct des_ctx { - u32 expkey[DES_EXPKEY_WORDS]; -}; - -struct des3_ede_ctx { - u32 expkey[DES3_EDE_EXPKEY_WORDS]; -}; - -/* Lookup tables for key expansion */ - -static const u8 pc1[256] = { - 0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14, - 0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54, - 0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16, - 0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56, - 0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c, - 0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c, - 0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e, - 0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e, - 0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34, - 0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74, - 0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36, - 0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76, - 0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c, - 0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c, - 0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e, - 0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e, - 0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94, - 0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4, - 0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96, - 0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6, - 0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c, - 0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc, - 0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e, - 0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde, - 0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4, - 0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4, - 0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6, - 0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6, - 0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc, - 0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc, - 0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe, - 0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe -}; - -static const u8 rs[256] = { - 0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82, - 0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86, - 0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a, - 0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e, - 0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92, - 0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96, - 0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a, - 0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e, - 0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2, - 0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6, - 0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa, - 0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae, - 0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2, - 0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6, - 0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba, - 0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe, - 0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2, - 0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6, - 0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca, - 0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce, - 0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2, - 0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6, - 0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda, - 0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde, - 0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2, - 0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6, - 0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea, - 0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee, - 0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2, - 0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6, - 0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa, - 0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe -}; - -static const u32 pc2[1024] = { - 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00040000, 0x00000000, 0x04000000, 0x00100000, - 0x00400000, 0x00000008, 0x00000800, 0x40000000, - 0x00440000, 0x00000008, 0x04000800, 0x40100000, - 0x00000400, 0x00000020, 0x08000000, 0x00000100, - 0x00040400, 0x00000020, 0x0c000000, 0x00100100, - 0x00400400, 0x00000028, 0x08000800, 0x40000100, - 0x00440400, 0x00000028, 0x0c000800, 0x40100100, - 0x80000000, 0x00000010, 0x00000000, 0x00800000, - 0x80040000, 0x00000010, 0x04000000, 0x00900000, - 0x80400000, 0x00000018, 0x00000800, 0x40800000, - 0x80440000, 0x00000018, 0x04000800, 0x40900000, - 0x80000400, 0x00000030, 0x08000000, 0x00800100, - 0x80040400, 0x00000030, 0x0c000000, 0x00900100, - 0x80400400, 0x00000038, 0x08000800, 0x40800100, - 0x80440400, 0x00000038, 0x0c000800, 0x40900100, - 0x10000000, 0x00000000, 0x00200000, 0x00001000, - 0x10040000, 0x00000000, 0x04200000, 0x00101000, - 0x10400000, 0x00000008, 0x00200800, 0x40001000, - 0x10440000, 0x00000008, 0x04200800, 0x40101000, - 0x10000400, 0x00000020, 0x08200000, 0x00001100, - 0x10040400, 0x00000020, 0x0c200000, 0x00101100, - 0x10400400, 0x00000028, 0x08200800, 0x40001100, - 0x10440400, 0x00000028, 0x0c200800, 0x40101100, - 0x90000000, 0x00000010, 0x00200000, 0x00801000, - 0x90040000, 0x00000010, 0x04200000, 0x00901000, - 0x90400000, 0x00000018, 0x00200800, 0x40801000, - 0x90440000, 0x00000018, 0x04200800, 0x40901000, - 0x90000400, 0x00000030, 0x08200000, 0x00801100, - 0x90040400, 0x00000030, 0x0c200000, 0x00901100, - 0x90400400, 0x00000038, 0x08200800, 0x40801100, - 0x90440400, 0x00000038, 0x0c200800, 0x40901100, - 0x00000200, 0x00080000, 0x00000000, 0x00000004, - 0x00040200, 0x00080000, 0x04000000, 0x00100004, - 0x00400200, 0x00080008, 0x00000800, 0x40000004, - 0x00440200, 0x00080008, 0x04000800, 0x40100004, - 0x00000600, 0x00080020, 0x08000000, 0x00000104, - 0x00040600, 0x00080020, 0x0c000000, 0x00100104, - 0x00400600, 0x00080028, 0x08000800, 0x40000104, - 0x00440600, 0x00080028, 0x0c000800, 0x40100104, - 0x80000200, 0x00080010, 0x00000000, 0x00800004, - 0x80040200, 0x00080010, 0x04000000, 0x00900004, - 0x80400200, 0x00080018, 0x00000800, 0x40800004, - 0x80440200, 0x00080018, 0x04000800, 0x40900004, - 0x80000600, 0x00080030, 0x08000000, 0x00800104, - 0x80040600, 0x00080030, 0x0c000000, 0x00900104, - 0x80400600, 0x00080038, 0x08000800, 0x40800104, - 0x80440600, 0x00080038, 0x0c000800, 0x40900104, - 0x10000200, 0x00080000, 0x00200000, 0x00001004, - 0x10040200, 0x00080000, 0x04200000, 0x00101004, - 0x10400200, 0x00080008, 0x00200800, 0x40001004, - 0x10440200, 0x00080008, 0x04200800, 0x40101004, - 0x10000600, 0x00080020, 0x08200000, 0x00001104, - 0x10040600, 0x00080020, 0x0c200000, 0x00101104, - 0x10400600, 0x00080028, 0x08200800, 0x40001104, - 0x10440600, 0x00080028, 0x0c200800, 0x40101104, - 0x90000200, 0x00080010, 0x00200000, 0x00801004, - 0x90040200, 0x00080010, 0x04200000, 0x00901004, - 0x90400200, 0x00080018, 0x00200800, 0x40801004, - 0x90440200, 0x00080018, 0x04200800, 0x40901004, - 0x90000600, 0x00080030, 0x08200000, 0x00801104, - 0x90040600, 0x00080030, 0x0c200000, 0x00901104, - 0x90400600, 0x00080038, 0x08200800, 0x40801104, - 0x90440600, 0x00080038, 0x0c200800, 0x40901104, - 0x00000002, 0x00002000, 0x20000000, 0x00000001, - 0x00040002, 0x00002000, 0x24000000, 0x00100001, - 0x00400002, 0x00002008, 0x20000800, 0x40000001, - 0x00440002, 0x00002008, 0x24000800, 0x40100001, - 0x00000402, 0x00002020, 0x28000000, 0x00000101, - 0x00040402, 0x00002020, 0x2c000000, 0x00100101, - 0x00400402, 0x00002028, 0x28000800, 0x40000101, - 0x00440402, 0x00002028, 0x2c000800, 0x40100101, - 0x80000002, 0x00002010, 0x20000000, 0x00800001, - 0x80040002, 0x00002010, 0x24000000, 0x00900001, - 0x80400002, 0x00002018, 0x20000800, 0x40800001, - 0x80440002, 0x00002018, 0x24000800, 0x40900001, - 0x80000402, 0x00002030, 0x28000000, 0x00800101, - 0x80040402, 0x00002030, 0x2c000000, 0x00900101, - 0x80400402, 0x00002038, 0x28000800, 0x40800101, - 0x80440402, 0x00002038, 0x2c000800, 0x40900101, - 0x10000002, 0x00002000, 0x20200000, 0x00001001, - 0x10040002, 0x00002000, 0x24200000, 0x00101001, - 0x10400002, 0x00002008, 0x20200800, 0x40001001, - 0x10440002, 0x00002008, 0x24200800, 0x40101001, - 0x10000402, 0x00002020, 0x28200000, 0x00001101, - 0x10040402, 0x00002020, 0x2c200000, 0x00101101, - 0x10400402, 0x00002028, 0x28200800, 0x40001101, - 0x10440402, 0x00002028, 0x2c200800, 0x40101101, - 0x90000002, 0x00002010, 0x20200000, 0x00801001, - 0x90040002, 0x00002010, 0x24200000, 0x00901001, - 0x90400002, 0x00002018, 0x20200800, 0x40801001, - 0x90440002, 0x00002018, 0x24200800, 0x40901001, - 0x90000402, 0x00002030, 0x28200000, 0x00801101, - 0x90040402, 0x00002030, 0x2c200000, 0x00901101, - 0x90400402, 0x00002038, 0x28200800, 0x40801101, - 0x90440402, 0x00002038, 0x2c200800, 0x40901101, - 0x00000202, 0x00082000, 0x20000000, 0x00000005, - 0x00040202, 0x00082000, 0x24000000, 0x00100005, - 0x00400202, 0x00082008, 0x20000800, 0x40000005, - 0x00440202, 0x00082008, 0x24000800, 0x40100005, - 0x00000602, 0x00082020, 0x28000000, 0x00000105, - 0x00040602, 0x00082020, 0x2c000000, 0x00100105, - 0x00400602, 0x00082028, 0x28000800, 0x40000105, - 0x00440602, 0x00082028, 0x2c000800, 0x40100105, - 0x80000202, 0x00082010, 0x20000000, 0x00800005, - 0x80040202, 0x00082010, 0x24000000, 0x00900005, - 0x80400202, 0x00082018, 0x20000800, 0x40800005, - 0x80440202, 0x00082018, 0x24000800, 0x40900005, - 0x80000602, 0x00082030, 0x28000000, 0x00800105, - 0x80040602, 0x00082030, 0x2c000000, 0x00900105, - 0x80400602, 0x00082038, 0x28000800, 0x40800105, - 0x80440602, 0x00082038, 0x2c000800, 0x40900105, - 0x10000202, 0x00082000, 0x20200000, 0x00001005, - 0x10040202, 0x00082000, 0x24200000, 0x00101005, - 0x10400202, 0x00082008, 0x20200800, 0x40001005, - 0x10440202, 0x00082008, 0x24200800, 0x40101005, - 0x10000602, 0x00082020, 0x28200000, 0x00001105, - 0x10040602, 0x00082020, 0x2c200000, 0x00101105, - 0x10400602, 0x00082028, 0x28200800, 0x40001105, - 0x10440602, 0x00082028, 0x2c200800, 0x40101105, - 0x90000202, 0x00082010, 0x20200000, 0x00801005, - 0x90040202, 0x00082010, 0x24200000, 0x00901005, - 0x90400202, 0x00082018, 0x20200800, 0x40801005, - 0x90440202, 0x00082018, 0x24200800, 0x40901005, - 0x90000602, 0x00082030, 0x28200000, 0x00801105, - 0x90040602, 0x00082030, 0x2c200000, 0x00901105, - 0x90400602, 0x00082038, 0x28200800, 0x40801105, - 0x90440602, 0x00082038, 0x2c200800, 0x40901105, - - 0x00000000, 0x00000000, 0x00000000, 0x00000000, - 0x00000000, 0x00000008, 0x00080000, 0x10000000, - 0x02000000, 0x00000000, 0x00000080, 0x00001000, - 0x02000000, 0x00000008, 0x00080080, 0x10001000, - 0x00004000, 0x00000000, 0x00000040, 0x00040000, - 0x00004000, 0x00000008, 0x00080040, 0x10040000, - 0x02004000, 0x00000000, 0x000000c0, 0x00041000, - 0x02004000, 0x00000008, 0x000800c0, 0x10041000, - 0x00020000, 0x00008000, 0x08000000, 0x00200000, - 0x00020000, 0x00008008, 0x08080000, 0x10200000, - 0x02020000, 0x00008000, 0x08000080, 0x00201000, - 0x02020000, 0x00008008, 0x08080080, 0x10201000, - 0x00024000, 0x00008000, 0x08000040, 0x00240000, - 0x00024000, 0x00008008, 0x08080040, 0x10240000, - 0x02024000, 0x00008000, 0x080000c0, 0x00241000, - 0x02024000, 0x00008008, 0x080800c0, 0x10241000, - 0x00000000, 0x01000000, 0x00002000, 0x00000020, - 0x00000000, 0x01000008, 0x00082000, 0x10000020, - 0x02000000, 0x01000000, 0x00002080, 0x00001020, - 0x02000000, 0x01000008, 0x00082080, 0x10001020, - 0x00004000, 0x01000000, 0x00002040, 0x00040020, - 0x00004000, 0x01000008, 0x00082040, 0x10040020, - 0x02004000, 0x01000000, 0x000020c0, 0x00041020, - 0x02004000, 0x01000008, 0x000820c0, 0x10041020, - 0x00020000, 0x01008000, 0x08002000, 0x00200020, - 0x00020000, 0x01008008, 0x08082000, 0x10200020, - 0x02020000, 0x01008000, 0x08002080, 0x00201020, - 0x02020000, 0x01008008, 0x08082080, 0x10201020, - 0x00024000, 0x01008000, 0x08002040, 0x00240020, - 0x00024000, 0x01008008, 0x08082040, 0x10240020, - 0x02024000, 0x01008000, 0x080020c0, 0x00241020, - 0x02024000, 0x01008008, 0x080820c0, 0x10241020, - 0x00000400, 0x04000000, 0x00100000, 0x00000004, - 0x00000400, 0x04000008, 0x00180000, 0x10000004, - 0x02000400, 0x04000000, 0x00100080, 0x00001004, - 0x02000400, 0x04000008, 0x00180080, 0x10001004, - 0x00004400, 0x04000000, 0x00100040, 0x00040004, - 0x00004400, 0x04000008, 0x00180040, 0x10040004, - 0x02004400, 0x04000000, 0x001000c0, 0x00041004, - 0x02004400, 0x04000008, 0x001800c0, 0x10041004, - 0x00020400, 0x04008000, 0x08100000, 0x00200004, - 0x00020400, 0x04008008, 0x08180000, 0x10200004, - 0x02020400, 0x04008000, 0x08100080, 0x00201004, - 0x02020400, 0x04008008, 0x08180080, 0x10201004, - 0x00024400, 0x04008000, 0x08100040, 0x00240004, - 0x00024400, 0x04008008, 0x08180040, 0x10240004, - 0x02024400, 0x04008000, 0x081000c0, 0x00241004, - 0x02024400, 0x04008008, 0x081800c0, 0x10241004, - 0x00000400, 0x05000000, 0x00102000, 0x00000024, - 0x00000400, 0x05000008, 0x00182000, 0x10000024, - 0x02000400, 0x05000000, 0x00102080, 0x00001024, - 0x02000400, 0x05000008, 0x00182080, 0x10001024, - 0x00004400, 0x05000000, 0x00102040, 0x00040024, - 0x00004400, 0x05000008, 0x00182040, 0x10040024, - 0x02004400, 0x05000000, 0x001020c0, 0x00041024, - 0x02004400, 0x05000008, 0x001820c0, 0x10041024, - 0x00020400, 0x05008000, 0x08102000, 0x00200024, - 0x00020400, 0x05008008, 0x08182000, 0x10200024, - 0x02020400, 0x05008000, 0x08102080, 0x00201024, - 0x02020400, 0x05008008, 0x08182080, 0x10201024, - 0x00024400, 0x05008000, 0x08102040, 0x00240024, - 0x00024400, 0x05008008, 0x08182040, 0x10240024, - 0x02024400, 0x05008000, 0x081020c0, 0x00241024, - 0x02024400, 0x05008008, 0x081820c0, 0x10241024, - 0x00000800, 0x00010000, 0x20000000, 0x00000010, - 0x00000800, 0x00010008, 0x20080000, 0x10000010, - 0x02000800, 0x00010000, 0x20000080, 0x00001010, - 0x02000800, 0x00010008, 0x20080080, 0x10001010, - 0x00004800, 0x00010000, 0x20000040, 0x00040010, - 0x00004800, 0x00010008, 0x20080040, 0x10040010, - 0x02004800, 0x00010000, 0x200000c0, 0x00041010, - 0x02004800, 0x00010008, 0x200800c0, 0x10041010, - 0x00020800, 0x00018000, 0x28000000, 0x00200010, - 0x00020800, 0x00018008, 0x28080000, 0x10200010, - 0x02020800, 0x00018000, 0x28000080, 0x00201010, - 0x02020800, 0x00018008, 0x28080080, 0x10201010, - 0x00024800, 0x00018000, 0x28000040, 0x00240010, - 0x00024800, 0x00018008, 0x28080040, 0x10240010, - 0x02024800, 0x00018000, 0x280000c0, 0x00241010, - 0x02024800, 0x00018008, 0x280800c0, 0x10241010, - 0x00000800, 0x01010000, 0x20002000, 0x00000030, - 0x00000800, 0x01010008, 0x20082000, 0x10000030, - 0x02000800, 0x01010000, 0x20002080, 0x00001030, - 0x02000800, 0x01010008, 0x20082080, 0x10001030, - 0x00004800, 0x01010000, 0x20002040, 0x00040030, - 0x00004800, 0x01010008, 0x20082040, 0x10040030, - 0x02004800, 0x01010000, 0x200020c0, 0x00041030, - 0x02004800, 0x01010008, 0x200820c0, 0x10041030, - 0x00020800, 0x01018000, 0x28002000, 0x00200030, - 0x00020800, 0x01018008, 0x28082000, 0x10200030, - 0x02020800, 0x01018000, 0x28002080, 0x00201030, - 0x02020800, 0x01018008, 0x28082080, 0x10201030, - 0x00024800, 0x01018000, 0x28002040, 0x00240030, - 0x00024800, 0x01018008, 0x28082040, 0x10240030, - 0x02024800, 0x01018000, 0x280020c0, 0x00241030, - 0x02024800, 0x01018008, 0x280820c0, 0x10241030, - 0x00000c00, 0x04010000, 0x20100000, 0x00000014, - 0x00000c00, 0x04010008, 0x20180000, 0x10000014, - 0x02000c00, 0x04010000, 0x20100080, 0x00001014, - 0x02000c00, 0x04010008, 0x20180080, 0x10001014, - 0x00004c00, 0x04010000, 0x20100040, 0x00040014, - 0x00004c00, 0x04010008, 0x20180040, 0x10040014, - 0x02004c00, 0x04010000, 0x201000c0, 0x00041014, - 0x02004c00, 0x04010008, 0x201800c0, 0x10041014, - 0x00020c00, 0x04018000, 0x28100000, 0x00200014, - 0x00020c00, 0x04018008, 0x28180000, 0x10200014, - 0x02020c00, 0x04018000, 0x28100080, 0x00201014, - 0x02020c00, 0x04018008, 0x28180080, 0x10201014, - 0x00024c00, 0x04018000, 0x28100040, 0x00240014, - 0x00024c00, 0x04018008, 0x28180040, 0x10240014, - 0x02024c00, 0x04018000, 0x281000c0, 0x00241014, - 0x02024c00, 0x04018008, 0x281800c0, 0x10241014, - 0x00000c00, 0x05010000, 0x20102000, 0x00000034, - 0x00000c00, 0x05010008, 0x20182000, 0x10000034, - 0x02000c00, 0x05010000, 0x20102080, 0x00001034, - 0x02000c00, 0x05010008, 0x20182080, 0x10001034, - 0x00004c00, 0x05010000, 0x20102040, 0x00040034, - 0x00004c00, 0x05010008, 0x20182040, 0x10040034, - 0x02004c00, 0x05010000, 0x201020c0, 0x00041034, - 0x02004c00, 0x05010008, 0x201820c0, 0x10041034, - 0x00020c00, 0x05018000, 0x28102000, 0x00200034, - 0x00020c00, 0x05018008, 0x28182000, 0x10200034, - 0x02020c00, 0x05018000, 0x28102080, 0x00201034, - 0x02020c00, 0x05018008, 0x28182080, 0x10201034, - 0x00024c00, 0x05018000, 0x28102040, 0x00240034, - 0x00024c00, 0x05018008, 0x28182040, 0x10240034, - 0x02024c00, 0x05018000, 0x281020c0, 0x00241034, - 0x02024c00, 0x05018008, 0x281820c0, 0x10241034 -}; - -/* S-box lookup tables */ - -static const u32 S1[64] = { - 0x01010400, 0x00000000, 0x00010000, 0x01010404, - 0x01010004, 0x00010404, 0x00000004, 0x00010000, - 0x00000400, 0x01010400, 0x01010404, 0x00000400, - 0x01000404, 0x01010004, 0x01000000, 0x00000004, - 0x00000404, 0x01000400, 0x01000400, 0x00010400, - 0x00010400, 0x01010000, 0x01010000, 0x01000404, - 0x00010004, 0x01000004, 0x01000004, 0x00010004, - 0x00000000, 0x00000404, 0x00010404, 0x01000000, - 0x00010000, 0x01010404, 0x00000004, 0x01010000, - 0x01010400, 0x01000000, 0x01000000, 0x00000400, - 0x01010004, 0x00010000, 0x00010400, 0x01000004, - 0x00000400, 0x00000004, 0x01000404, 0x00010404, - 0x01010404, 0x00010004, 0x01010000, 0x01000404, - 0x01000004, 0x00000404, 0x00010404, 0x01010400, - 0x00000404, 0x01000400, 0x01000400, 0x00000000, - 0x00010004, 0x00010400, 0x00000000, 0x01010004 -}; - -static const u32 S2[64] = { - 0x80108020, 0x80008000, 0x00008000, 0x00108020, - 0x00100000, 0x00000020, 0x80100020, 0x80008020, - 0x80000020, 0x80108020, 0x80108000, 0x80000000, - 0x80008000, 0x00100000, 0x00000020, 0x80100020, - 0x00108000, 0x00100020, 0x80008020, 0x00000000, - 0x80000000, 0x00008000, 0x00108020, 0x80100000, - 0x00100020, 0x80000020, 0x00000000, 0x00108000, - 0x00008020, 0x80108000, 0x80100000, 0x00008020, - 0x00000000, 0x00108020, 0x80100020, 0x00100000, - 0x80008020, 0x80100000, 0x80108000, 0x00008000, - 0x80100000, 0x80008000, 0x00000020, 0x80108020, - 0x00108020, 0x00000020, 0x00008000, 0x80000000, - 0x00008020, 0x80108000, 0x00100000, 0x80000020, - 0x00100020, 0x80008020, 0x80000020, 0x00100020, - 0x00108000, 0x00000000, 0x80008000, 0x00008020, - 0x80000000, 0x80100020, 0x80108020, 0x00108000 -}; - -static const u32 S3[64] = { - 0x00000208, 0x08020200, 0x00000000, 0x08020008, - 0x08000200, 0x00000000, 0x00020208, 0x08000200, - 0x00020008, 0x08000008, 0x08000008, 0x00020000, - 0x08020208, 0x00020008, 0x08020000, 0x00000208, - 0x08000000, 0x00000008, 0x08020200, 0x00000200, - 0x00020200, 0x08020000, 0x08020008, 0x00020208, - 0x08000208, 0x00020200, 0x00020000, 0x08000208, - 0x00000008, 0x08020208, 0x00000200, 0x08000000, - 0x08020200, 0x08000000, 0x00020008, 0x00000208, - 0x00020000, 0x08020200, 0x08000200, 0x00000000, - 0x00000200, 0x00020008, 0x08020208, 0x08000200, - 0x08000008, 0x00000200, 0x00000000, 0x08020008, - 0x08000208, 0x00020000, 0x08000000, 0x08020208, - 0x00000008, 0x00020208, 0x00020200, 0x08000008, - 0x08020000, 0x08000208, 0x00000208, 0x08020000, - 0x00020208, 0x00000008, 0x08020008, 0x00020200 -}; - -static const u32 S4[64] = { - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802080, 0x00800081, 0x00800001, 0x00002001, - 0x00000000, 0x00802000, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00800080, 0x00800001, - 0x00000001, 0x00002000, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002001, 0x00002080, - 0x00800081, 0x00000001, 0x00002080, 0x00800080, - 0x00002000, 0x00802080, 0x00802081, 0x00000081, - 0x00800080, 0x00800001, 0x00802000, 0x00802081, - 0x00000081, 0x00000000, 0x00000000, 0x00802000, - 0x00002080, 0x00800080, 0x00800081, 0x00000001, - 0x00802001, 0x00002081, 0x00002081, 0x00000080, - 0x00802081, 0x00000081, 0x00000001, 0x00002000, - 0x00800001, 0x00002001, 0x00802080, 0x00800081, - 0x00002001, 0x00002080, 0x00800000, 0x00802001, - 0x00000080, 0x00800000, 0x00002000, 0x00802080 -}; - -static const u32 S5[64] = { - 0x00000100, 0x02080100, 0x02080000, 0x42000100, - 0x00080000, 0x00000100, 0x40000000, 0x02080000, - 0x40080100, 0x00080000, 0x02000100, 0x40080100, - 0x42000100, 0x42080000, 0x00080100, 0x40000000, - 0x02000000, 0x40080000, 0x40080000, 0x00000000, - 0x40000100, 0x42080100, 0x42080100, 0x02000100, - 0x42080000, 0x40000100, 0x00000000, 0x42000000, - 0x02080100, 0x02000000, 0x42000000, 0x00080100, - 0x00080000, 0x42000100, 0x00000100, 0x02000000, - 0x40000000, 0x02080000, 0x42000100, 0x40080100, - 0x02000100, 0x40000000, 0x42080000, 0x02080100, - 0x40080100, 0x00000100, 0x02000000, 0x42080000, - 0x42080100, 0x00080100, 0x42000000, 0x42080100, - 0x02080000, 0x00000000, 0x40080000, 0x42000000, - 0x00080100, 0x02000100, 0x40000100, 0x00080000, - 0x00000000, 0x40080000, 0x02080100, 0x40000100 -}; - -static const u32 S6[64] = { - 0x20000010, 0x20400000, 0x00004000, 0x20404010, - 0x20400000, 0x00000010, 0x20404010, 0x00400000, - 0x20004000, 0x00404010, 0x00400000, 0x20000010, - 0x00400010, 0x20004000, 0x20000000, 0x00004010, - 0x00000000, 0x00400010, 0x20004010, 0x00004000, - 0x00404000, 0x20004010, 0x00000010, 0x20400010, - 0x20400010, 0x00000000, 0x00404010, 0x20404000, - 0x00004010, 0x00404000, 0x20404000, 0x20000000, - 0x20004000, 0x00000010, 0x20400010, 0x00404000, - 0x20404010, 0x00400000, 0x00004010, 0x20000010, - 0x00400000, 0x20004000, 0x20000000, 0x00004010, - 0x20000010, 0x20404010, 0x00404000, 0x20400000, - 0x00404010, 0x20404000, 0x00000000, 0x20400010, - 0x00000010, 0x00004000, 0x20400000, 0x00404010, - 0x00004000, 0x00400010, 0x20004010, 0x00000000, - 0x20404000, 0x20000000, 0x00400010, 0x20004010 -}; - -static const u32 S7[64] = { - 0x00200000, 0x04200002, 0x04000802, 0x00000000, - 0x00000800, 0x04000802, 0x00200802, 0x04200800, - 0x04200802, 0x00200000, 0x00000000, 0x04000002, - 0x00000002, 0x04000000, 0x04200002, 0x00000802, - 0x04000800, 0x00200802, 0x00200002, 0x04000800, - 0x04000002, 0x04200000, 0x04200800, 0x00200002, - 0x04200000, 0x00000800, 0x00000802, 0x04200802, - 0x00200800, 0x00000002, 0x04000000, 0x00200800, - 0x04000000, 0x00200800, 0x00200000, 0x04000802, - 0x04000802, 0x04200002, 0x04200002, 0x00000002, - 0x00200002, 0x04000000, 0x04000800, 0x00200000, - 0x04200800, 0x00000802, 0x00200802, 0x04200800, - 0x00000802, 0x04000002, 0x04200802, 0x04200000, - 0x00200800, 0x00000000, 0x00000002, 0x04200802, - 0x00000000, 0x00200802, 0x04200000, 0x00000800, - 0x04000002, 0x04000800, 0x00000800, 0x00200002 -}; - -static const u32 S8[64] = { - 0x10001040, 0x00001000, 0x00040000, 0x10041040, - 0x10000000, 0x10001040, 0x00000040, 0x10000000, - 0x00040040, 0x10040000, 0x10041040, 0x00041000, - 0x10041000, 0x00041040, 0x00001000, 0x00000040, - 0x10040000, 0x10000040, 0x10001000, 0x00001040, - 0x00041000, 0x00040040, 0x10040040, 0x10041000, - 0x00001040, 0x00000000, 0x00000000, 0x10040040, - 0x10000040, 0x10001000, 0x00041040, 0x00040000, - 0x00041040, 0x00040000, 0x10041000, 0x00001000, - 0x00000040, 0x10040040, 0x00001000, 0x00041040, - 0x10001000, 0x00000040, 0x10000040, 0x10040000, - 0x10040040, 0x10000000, 0x00040000, 0x10001040, - 0x00000000, 0x10041040, 0x00040040, 0x10000040, - 0x10040000, 0x10001000, 0x10001040, 0x00000000, - 0x10041040, 0x00041000, 0x00041000, 0x00001040, - 0x00001040, 0x00040040, 0x10000000, 0x10041000 -}; - -/* Encryption components: IP, FP, and round function */ - -#define IP(L, R, T) \ - ROL(R, 4); \ - T = L; \ - L ^= R; \ - L &= 0xf0f0f0f0; \ - R ^= L; \ - L ^= T; \ - ROL(R, 12); \ - T = L; \ - L ^= R; \ - L &= 0xffff0000; \ - R ^= L; \ - L ^= T; \ - ROR(R, 14); \ - T = L; \ - L ^= R; \ - L &= 0xcccccccc; \ - R ^= L; \ - L ^= T; \ - ROL(R, 6); \ - T = L; \ - L ^= R; \ - L &= 0xff00ff00; \ - R ^= L; \ - L ^= T; \ - ROR(R, 7); \ - T = L; \ - L ^= R; \ - L &= 0xaaaaaaaa; \ - R ^= L; \ - L ^= T; \ - ROL(L, 1); - -#define FP(L, R, T) \ - ROR(L, 1); \ - T = L; \ - L ^= R; \ - L &= 0xaaaaaaaa; \ - R ^= L; \ - L ^= T; \ - ROL(R, 7); \ - T = L; \ - L ^= R; \ - L &= 0xff00ff00; \ - R ^= L; \ - L ^= T; \ - ROR(R, 6); \ - T = L; \ - L ^= R; \ - L &= 0xcccccccc; \ - R ^= L; \ - L ^= T; \ - ROL(R, 14); \ - T = L; \ - L ^= R; \ - L &= 0xffff0000; \ - R ^= L; \ - L ^= T; \ - ROR(R, 12); \ - T = L; \ - L ^= R; \ - L &= 0xf0f0f0f0; \ - R ^= L; \ - L ^= T; \ - ROR(R, 4); - -#define ROUND(L, R, A, B, K, d) \ - B = K[0]; A = K[1]; K += d; \ - B ^= R; A ^= R; \ - B &= 0x3f3f3f3f; ROR(A, 4); \ - L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \ - L ^= S6[0xff & (B >> 8)]; B >>= 16; \ - L ^= S7[0xff & A]; \ - L ^= S5[0xff & (A >> 8)]; A >>= 16; \ - L ^= S4[0xff & B]; \ - L ^= S2[0xff & (B >> 8)]; \ - L ^= S3[0xff & A]; \ - L ^= S1[0xff & (A >> 8)]; - -/* - * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved - * tables of 128 elements. One set is for C_i and the other for D_i, while - * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i. - * - * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i - * or D_i in bits 7-1 (bit 0 being the least significant). - */ - -#define T1(x) pt[2 * (x) + 0] -#define T2(x) pt[2 * (x) + 1] -#define T3(x) pt[2 * (x) + 2] -#define T4(x) pt[2 * (x) + 3] - -#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) - -/* - * Encryption key expansion - * - * RFC2451: Weak key checks SHOULD be performed. - * - * FIPS 74: - * - * Keys having duals are keys which produce all zeros, all ones, or - * alternating zero-one patterns in the C and D registers after Permuted - * Choice 1 has operated on the key. - * - */ -unsigned long des_ekey(u32 *pe, const u8 *k) -{ - /* K&R: long is at least 32 bits */ - unsigned long a, b, c, d, w; - const u32 *pt = pc2; - - d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; - c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; - b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; - a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; - - pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; - pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; - pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); - - /* Check if first half is weak */ - w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); - - /* Skip to next table set */ - pt += 512; - - d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; - c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; - b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; - a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; - - /* Check if second half is weak */ - w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); - - pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; - pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; - pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); - - /* Fixup: 2413 5768 -> 1357 2468 */ - for (d = 0; d < 16; ++d) { - a = pe[2 * d]; - b = pe[2 * d + 1]; - c = a ^ b; - c &= 0xffff0000; - a ^= c; - b ^= c; - ROL(b, 18); - pe[2 * d] = a; - pe[2 * d + 1] = b; - } - - /* Zero if weak key */ - return w; -} -EXPORT_SYMBOL_GPL(des_ekey); - -/* - * Decryption key expansion - * - * No weak key checking is performed, as this is only used by triple DES - * - */ -static void dkey(u32 *pe, const u8 *k) -{ - /* K&R: long is at least 32 bits */ - unsigned long a, b, c, d; - const u32 *pt = pc2; - - d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; - c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; - b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; - a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; - - pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; - pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; - pe[15 * 2] = DES_PC2(b, c, d, a); - - /* Skip to next table set */ - pt += 512; - - d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; - c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; - b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; - a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; - - pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; - pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; - pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; - pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; - pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; - pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; - pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; - pe[15 * 2 + 1] = DES_PC2(b, c, d, a); - - /* Fixup: 2413 5768 -> 1357 2468 */ - for (d = 0; d < 16; ++d) { - a = pe[2 * d]; - b = pe[2 * d + 1]; - c = a ^ b; - c &= 0xffff0000; - a ^= c; - b ^= c; - ROL(b, 18); - pe[2 * d] = a; - pe[2 * d + 1] = b; - } -} +#include static int des_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *flags = &tfm->crt_flags; - u32 tmp[DES_EXPKEY_WORDS]; - int ret; - - /* Expand to tmp */ - ret = des_ekey(tmp, key); + int err; - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { - *flags |= CRYPTO_TFM_RES_WEAK_KEY; - return -EINVAL; + err = des_expand_key(dctx, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; } - /* Copy to output */ - memcpy(dctx->expkey, tmp, sizeof(dctx->expkey)); - - return 0; + if (err) { + memzero_explicit(dctx, sizeof(*dctx)); + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + } + return err; } -static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { - struct des_ctx *ctx = crypto_tfm_ctx(tfm); - const u32 *K = ctx->expkey; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); - - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - FP(R, L, A); + const struct des_ctx *dctx = crypto_tfm_ctx(tfm); - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des_encrypt(dctx, dst, src); } -static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) { - struct des_ctx *ctx = crypto_tfm_ctx(tfm); - const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + const struct des_ctx *dctx = crypto_tfm_ctx(tfm); - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des_decrypt(dctx, dst, src); } int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, @@ -863,76 +73,37 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - u32 *expkey = dctx->expkey; int err; - err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); - if (unlikely(err)) - return err; + err = des3_ede_expand_key(dctx, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; + } - return __des3_ede_setkey(expkey, flags, key, keylen); + if (err) { + memzero_explicit(dctx, sizeof(*dctx)); + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + } + return err; } -static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, + const u8 *src) { - struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - const u32 *K = dctx->expkey; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); + const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - for (i = 0; i < 8; i++) { - ROUND(R, L, A, B, K, 2); - ROUND(L, R, A, B, K, 2); - } - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, 2); - ROUND(R, L, A, B, K, 2); - } - FP(R, L, A); - - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des3_ede_encrypt(dctx, dst, src); } -static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) +static void crypto_des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, + const u8 *src) { - struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2; - const __le32 *s = (const __le32 *)src; - __le32 *d = (__le32 *)dst; - u32 L, R, A, B; - int i; - - L = le32_to_cpu(s[0]); - R = le32_to_cpu(s[1]); - - IP(L, R, A); - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - for (i = 0; i < 8; i++) { - ROUND(R, L, A, B, K, -2); - ROUND(L, R, A, B, K, -2); - } - for (i = 0; i < 8; i++) { - ROUND(L, R, A, B, K, -2); - ROUND(R, L, A, B, K, -2); - } - FP(R, L, A); + const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm); - d[0] = cpu_to_le32(R); - d[1] = cpu_to_le32(L); + des3_ede_decrypt(dctx, dst, src); } static struct crypto_alg des_algs[2] = { { @@ -943,13 +114,12 @@ static struct crypto_alg des_algs[2] = { { .cra_blocksize = DES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct des_ctx), .cra_module = THIS_MODULE, - .cra_alignmask = 3, .cra_u = { .cipher = { .cia_min_keysize = DES_KEY_SIZE, .cia_max_keysize = DES_KEY_SIZE, .cia_setkey = des_setkey, - .cia_encrypt = des_encrypt, - .cia_decrypt = des_decrypt } } + .cia_encrypt = crypto_des_encrypt, + .cia_decrypt = crypto_des_decrypt } } }, { .cra_name = "des3_ede", .cra_driver_name = "des3_ede-generic", @@ -958,13 +128,12 @@ static struct crypto_alg des_algs[2] = { { .cra_blocksize = DES3_EDE_BLOCK_SIZE, .cra_ctxsize = sizeof(struct des3_ede_ctx), .cra_module = THIS_MODULE, - .cra_alignmask = 3, .cra_u = { .cipher = { .cia_min_keysize = DES3_EDE_KEY_SIZE, .cia_max_keysize = DES3_EDE_KEY_SIZE, .cia_setkey = des3_ede_setkey, - .cia_encrypt = des3_ede_encrypt, - .cia_decrypt = des3_ede_decrypt } } + .cia_encrypt = crypto_des3_ede_encrypt, + .cia_decrypt = crypto_des3_ede_decrypt } } } }; static int __init des_generic_mod_init(void) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 67af688d7d84..ef4d2db69837 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -149,7 +149,7 @@ config CRYPTO_DES_S390 depends on S390 select CRYPTO_ALGAPI select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help This is the s390 hardware accelerated implementation of the DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). @@ -214,7 +214,7 @@ config CRYPTO_DEV_MARVELL_CESA tristate "Marvell's Cryptographic Engine driver" depends on PLAT_ORION || ARCH_MVEBU select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_HASH select SRAM @@ -226,7 +226,7 @@ config CRYPTO_DEV_MARVELL_CESA config CRYPTO_DEV_NIAGARA2 tristate "Niagara2 Stream Processing Unit driver" - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_HASH select CRYPTO_MD5 @@ -243,7 +243,7 @@ config CRYPTO_DEV_NIAGARA2 config CRYPTO_DEV_HIFN_795X tristate "Driver HIFN 795x crypto accelerator chips" - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select HW_RANDOM if CRYPTO_DEV_HIFN_795X_RNG depends on PCI @@ -299,7 +299,7 @@ config CRYPTO_DEV_TALITOS2 config CRYPTO_DEV_IXP4XX tristate "Driver for IXP4xx crypto hardware acceleration" depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER @@ -365,7 +365,7 @@ config CRYPTO_DEV_OMAP_AES config CRYPTO_DEV_OMAP_DES tristate "Support for OMAP DES/3DES hw engine" depends on ARCH_OMAP2PLUS - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER select CRYPTO_ENGINE help @@ -383,7 +383,7 @@ config CRYPTO_DEV_PICOXCELL select CRYPTO_AES select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_CBC select CRYPTO_ECB select CRYPTO_SEQIV @@ -496,7 +496,7 @@ config CRYPTO_DEV_ATMEL_AES config CRYPTO_DEV_ATMEL_TDES tristate "Support for Atmel DES/TDES hw accelerator" depends on ARCH_AT91 || COMPILE_TEST - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER help Some Atmel processors have DES/TDES hw accelerator. @@ -594,7 +594,7 @@ config CRYPTO_DEV_QCE depends on ARCH_QCOM || COMPILE_TEST depends on HAS_IOMEM select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_ECB select CRYPTO_CBC select CRYPTO_XTS @@ -642,7 +642,7 @@ config CRYPTO_DEV_SUN4I_SS select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_BLKCIPHER help Some Allwinner SoC have a crypto accelerator named @@ -665,7 +665,7 @@ config CRYPTO_DEV_ROCKCHIP tristate "Rockchip's Cryptographic Engine driver" depends on OF && ARCH_ROCKCHIP select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 @@ -702,7 +702,7 @@ config CRYPTO_DEV_BCM_SPU depends on MAILBOX default m select CRYPTO_AUTHENC - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 @@ -721,7 +721,7 @@ config CRYPTO_DEV_SAFEXCEL select CRYPTO_AES select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_HASH select CRYPTO_HMAC select CRYPTO_MD5 @@ -759,7 +759,7 @@ config CRYPTO_DEV_CCREE default n select CRYPTO_HASH select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_SHA1 diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig index 3720ddabb507..4a358391b6cb 100644 --- a/drivers/crypto/caam/Kconfig +++ b/drivers/crypto/caam/Kconfig @@ -98,7 +98,7 @@ config CRYPTO_DEV_FSL_CAAM_CRYPTO_API select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help Selecting this will offload crypto for users of the scatterlist crypto API (such as the linux native IPSec diff --git a/drivers/crypto/cavium/nitrox/Kconfig b/drivers/crypto/cavium/nitrox/Kconfig index 181a1dfec932..1a6b51563154 100644 --- a/drivers/crypto/cavium/nitrox/Kconfig +++ b/drivers/crypto/cavium/nitrox/Kconfig @@ -5,7 +5,7 @@ config CRYPTO_DEV_NITROX tristate select CRYPTO_BLKCIPHER select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES select FW_LOADER config CRYPTO_DEV_NITROX_CNN55XX diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c index e6f00b56f063..eb59d37f6e9f 100644 --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -12,7 +12,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig index 4491e2197d9f..ceeaa10b2829 100644 --- a/drivers/crypto/stm32/Kconfig +++ b/drivers/crypto/stm32/Kconfig @@ -24,7 +24,7 @@ config CRYPTO_DEV_STM32_CRYP depends on ARCH_STM32 select CRYPTO_HASH select CRYPTO_ENGINE - select CRYPTO_DES + select CRYPTO_LIB_DES help This enables support for the CRYP (AES/DES/TDES) hw accelerator which can be found on STMicroelectronics STM32 SOC. diff --git a/drivers/crypto/ux500/Kconfig b/drivers/crypto/ux500/Kconfig index 0e338bf6dfb7..cbb16d6a9aa9 100644 --- a/drivers/crypto/ux500/Kconfig +++ b/drivers/crypto/ux500/Kconfig @@ -9,7 +9,7 @@ config CRYPTO_DEV_UX500_CRYP depends on CRYPTO_DEV_UX500 select CRYPTO_ALGAPI select CRYPTO_BLKCIPHER - select CRYPTO_DES + select CRYPTO_LIB_DES help This selects the crypto driver for the UX500_CRYP hardware. It supports AES-ECB, CBC and CTR with keys sizes of 128, 192 and 256 bit sizes. diff --git a/include/crypto/des.h b/include/crypto/des.h index 31b04ba835b1..2c864a4e6707 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -6,10 +6,7 @@ #ifndef __CRYPTO_DES_H #define __CRYPTO_DES_H -#include -#include -#include -#include +#include #define DES_KEY_SIZE 8 #define DES_EXPKEY_WORDS 32 @@ -19,6 +16,44 @@ #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE +struct des_ctx { + u32 expkey[DES_EXPKEY_WORDS]; +}; + +struct des3_ede_ctx { + u32 expkey[DES3_EDE_EXPKEY_WORDS]; +}; + +void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src); +void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src); + +void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src); +void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src); + +/** + * des_expand_key - Expand a DES input key into a key schedule + * @ctx: the key schedule + * @key: buffer containing the input key + * @len: size of the buffer contents + * + * Returns 0 on success, -EINVAL if the input key is rejected and -ENOKEY if + * the key is accepted but has been found to be weak. + */ +int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen); + +/** + * des3_ede_expand_key - Expand a triple DES input key into a key schedule + * @ctx: the key schedule + * @key: buffer containing the input key + * @len: size of the buffer contents + * + * Returns 0 on success, -EINVAL if the input key is rejected and -ENOKEY if + * the key is accepted but has been found to be weak. Note that weak keys will + * be rejected (and -EINVAL will be returned) when running in FIPS mode. + */ +int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, + unsigned int keylen); + extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen); diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h index 53dffa0667ca..dfe5e8f92270 100644 --- a/include/crypto/internal/des.h +++ b/include/crypto/internal/des.h @@ -23,19 +23,18 @@ */ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) { - u32 tmp[DES_EXPKEY_WORDS]; - int err = 0; + struct des_ctx tmp; + int err; - if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) - return 0; + err = des_expand_key(&tmp, key, DES_KEY_SIZE); + if (err == -ENOKEY && + !(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) + err = 0; - if (!des_ekey(tmp, key)) { + if (err) crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - err = -EINVAL; - } - err = 0; - memzero_explicit(tmp, sizeof(tmp)); + memzero_explicit(&tmp, sizeof(tmp)); return err; } @@ -52,6 +51,28 @@ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) * property. * */ +static inline int des3_ede_verify_key(const u8 *key, unsigned int key_len, + bool check_weak) +{ + int ret = fips_enabled ? -EINVAL : -ENOKEY; + u32 K[6]; + + memcpy(K, key, DES3_EDE_KEY_SIZE); + + if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || + !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && + (fips_enabled || check_weak)) + goto bad; + + if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) + goto bad; + + ret = 0; +bad: + memzero_explicit(K, DES3_EDE_KEY_SIZE); + + return ret; +} /** * crypto_des3_ede_verify_key - Check whether a DES3-EDE is weak @@ -69,28 +90,14 @@ static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key) static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, const u8 *key) { - int err = -EINVAL; - u32 K[6]; - - memcpy(K, key, DES3_EDE_KEY_SIZE); - - if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) || - !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (fips_enabled || (crypto_tfm_get_flags(tfm) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) - goto bad; + int err; - if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) - goto bad; - - err = 0; -out: - memzero_explicit(K, DES3_EDE_KEY_SIZE); + err = des3_ede_verify_key(key, DES3_EDE_KEY_SIZE, + crypto_tfm_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); + if (err) + crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); return err; - -bad: - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); - goto out; } #endif /* __CRYPTO_INTERNAL_DES_H */ diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index 88195c34932d..b9ea19a1c6ef 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -2,3 +2,6 @@ obj-$(CONFIG_CRYPTO_LIB_ARC4) += libarc4.o libarc4-y := arc4.o + +obj-$(CONFIG_CRYPTO_LIB_DES) += libdes.o +libdes-y := des.o diff --git a/lib/crypto/des.c b/lib/crypto/des.c new file mode 100644 index 000000000000..ef5bb8822aba --- /dev/null +++ b/lib/crypto/des.c @@ -0,0 +1,902 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Cryptographic API. + * + * DES & Triple DES EDE Cipher Algorithms. + * + * Copyright (c) 2005 Dag Arne Osvik + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include + +#define ROL(x, r) ((x) = rol32((x), (r))) +#define ROR(x, r) ((x) = ror32((x), (r))) + +/* Lookup tables for key expansion */ + +static const u8 pc1[256] = { + 0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14, + 0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54, + 0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16, + 0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56, + 0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c, + 0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c, + 0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e, + 0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e, + 0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34, + 0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74, + 0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36, + 0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76, + 0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c, + 0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c, + 0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e, + 0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e, + 0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94, + 0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4, + 0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96, + 0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6, + 0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c, + 0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc, + 0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e, + 0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde, + 0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4, + 0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4, + 0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6, + 0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6, + 0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc, + 0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc, + 0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe, + 0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe +}; + +static const u8 rs[256] = { + 0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82, + 0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86, + 0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a, + 0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e, + 0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92, + 0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96, + 0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a, + 0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e, + 0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2, + 0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6, + 0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa, + 0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae, + 0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2, + 0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6, + 0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba, + 0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe, + 0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2, + 0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6, + 0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca, + 0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce, + 0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2, + 0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6, + 0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda, + 0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde, + 0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2, + 0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6, + 0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea, + 0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee, + 0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2, + 0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6, + 0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa, + 0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe +}; + +static const u32 pc2[1024] = { + 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00040000, 0x00000000, 0x04000000, 0x00100000, + 0x00400000, 0x00000008, 0x00000800, 0x40000000, + 0x00440000, 0x00000008, 0x04000800, 0x40100000, + 0x00000400, 0x00000020, 0x08000000, 0x00000100, + 0x00040400, 0x00000020, 0x0c000000, 0x00100100, + 0x00400400, 0x00000028, 0x08000800, 0x40000100, + 0x00440400, 0x00000028, 0x0c000800, 0x40100100, + 0x80000000, 0x00000010, 0x00000000, 0x00800000, + 0x80040000, 0x00000010, 0x04000000, 0x00900000, + 0x80400000, 0x00000018, 0x00000800, 0x40800000, + 0x80440000, 0x00000018, 0x04000800, 0x40900000, + 0x80000400, 0x00000030, 0x08000000, 0x00800100, + 0x80040400, 0x00000030, 0x0c000000, 0x00900100, + 0x80400400, 0x00000038, 0x08000800, 0x40800100, + 0x80440400, 0x00000038, 0x0c000800, 0x40900100, + 0x10000000, 0x00000000, 0x00200000, 0x00001000, + 0x10040000, 0x00000000, 0x04200000, 0x00101000, + 0x10400000, 0x00000008, 0x00200800, 0x40001000, + 0x10440000, 0x00000008, 0x04200800, 0x40101000, + 0x10000400, 0x00000020, 0x08200000, 0x00001100, + 0x10040400, 0x00000020, 0x0c200000, 0x00101100, + 0x10400400, 0x00000028, 0x08200800, 0x40001100, + 0x10440400, 0x00000028, 0x0c200800, 0x40101100, + 0x90000000, 0x00000010, 0x00200000, 0x00801000, + 0x90040000, 0x00000010, 0x04200000, 0x00901000, + 0x90400000, 0x00000018, 0x00200800, 0x40801000, + 0x90440000, 0x00000018, 0x04200800, 0x40901000, + 0x90000400, 0x00000030, 0x08200000, 0x00801100, + 0x90040400, 0x00000030, 0x0c200000, 0x00901100, + 0x90400400, 0x00000038, 0x08200800, 0x40801100, + 0x90440400, 0x00000038, 0x0c200800, 0x40901100, + 0x00000200, 0x00080000, 0x00000000, 0x00000004, + 0x00040200, 0x00080000, 0x04000000, 0x00100004, + 0x00400200, 0x00080008, 0x00000800, 0x40000004, + 0x00440200, 0x00080008, 0x04000800, 0x40100004, + 0x00000600, 0x00080020, 0x08000000, 0x00000104, + 0x00040600, 0x00080020, 0x0c000000, 0x00100104, + 0x00400600, 0x00080028, 0x08000800, 0x40000104, + 0x00440600, 0x00080028, 0x0c000800, 0x40100104, + 0x80000200, 0x00080010, 0x00000000, 0x00800004, + 0x80040200, 0x00080010, 0x04000000, 0x00900004, + 0x80400200, 0x00080018, 0x00000800, 0x40800004, + 0x80440200, 0x00080018, 0x04000800, 0x40900004, + 0x80000600, 0x00080030, 0x08000000, 0x00800104, + 0x80040600, 0x00080030, 0x0c000000, 0x00900104, + 0x80400600, 0x00080038, 0x08000800, 0x40800104, + 0x80440600, 0x00080038, 0x0c000800, 0x40900104, + 0x10000200, 0x00080000, 0x00200000, 0x00001004, + 0x10040200, 0x00080000, 0x04200000, 0x00101004, + 0x10400200, 0x00080008, 0x00200800, 0x40001004, + 0x10440200, 0x00080008, 0x04200800, 0x40101004, + 0x10000600, 0x00080020, 0x08200000, 0x00001104, + 0x10040600, 0x00080020, 0x0c200000, 0x00101104, + 0x10400600, 0x00080028, 0x08200800, 0x40001104, + 0x10440600, 0x00080028, 0x0c200800, 0x40101104, + 0x90000200, 0x00080010, 0x00200000, 0x00801004, + 0x90040200, 0x00080010, 0x04200000, 0x00901004, + 0x90400200, 0x00080018, 0x00200800, 0x40801004, + 0x90440200, 0x00080018, 0x04200800, 0x40901004, + 0x90000600, 0x00080030, 0x08200000, 0x00801104, + 0x90040600, 0x00080030, 0x0c200000, 0x00901104, + 0x90400600, 0x00080038, 0x08200800, 0x40801104, + 0x90440600, 0x00080038, 0x0c200800, 0x40901104, + 0x00000002, 0x00002000, 0x20000000, 0x00000001, + 0x00040002, 0x00002000, 0x24000000, 0x00100001, + 0x00400002, 0x00002008, 0x20000800, 0x40000001, + 0x00440002, 0x00002008, 0x24000800, 0x40100001, + 0x00000402, 0x00002020, 0x28000000, 0x00000101, + 0x00040402, 0x00002020, 0x2c000000, 0x00100101, + 0x00400402, 0x00002028, 0x28000800, 0x40000101, + 0x00440402, 0x00002028, 0x2c000800, 0x40100101, + 0x80000002, 0x00002010, 0x20000000, 0x00800001, + 0x80040002, 0x00002010, 0x24000000, 0x00900001, + 0x80400002, 0x00002018, 0x20000800, 0x40800001, + 0x80440002, 0x00002018, 0x24000800, 0x40900001, + 0x80000402, 0x00002030, 0x28000000, 0x00800101, + 0x80040402, 0x00002030, 0x2c000000, 0x00900101, + 0x80400402, 0x00002038, 0x28000800, 0x40800101, + 0x80440402, 0x00002038, 0x2c000800, 0x40900101, + 0x10000002, 0x00002000, 0x20200000, 0x00001001, + 0x10040002, 0x00002000, 0x24200000, 0x00101001, + 0x10400002, 0x00002008, 0x20200800, 0x40001001, + 0x10440002, 0x00002008, 0x24200800, 0x40101001, + 0x10000402, 0x00002020, 0x28200000, 0x00001101, + 0x10040402, 0x00002020, 0x2c200000, 0x00101101, + 0x10400402, 0x00002028, 0x28200800, 0x40001101, + 0x10440402, 0x00002028, 0x2c200800, 0x40101101, + 0x90000002, 0x00002010, 0x20200000, 0x00801001, + 0x90040002, 0x00002010, 0x24200000, 0x00901001, + 0x90400002, 0x00002018, 0x20200800, 0x40801001, + 0x90440002, 0x00002018, 0x24200800, 0x40901001, + 0x90000402, 0x00002030, 0x28200000, 0x00801101, + 0x90040402, 0x00002030, 0x2c200000, 0x00901101, + 0x90400402, 0x00002038, 0x28200800, 0x40801101, + 0x90440402, 0x00002038, 0x2c200800, 0x40901101, + 0x00000202, 0x00082000, 0x20000000, 0x00000005, + 0x00040202, 0x00082000, 0x24000000, 0x00100005, + 0x00400202, 0x00082008, 0x20000800, 0x40000005, + 0x00440202, 0x00082008, 0x24000800, 0x40100005, + 0x00000602, 0x00082020, 0x28000000, 0x00000105, + 0x00040602, 0x00082020, 0x2c000000, 0x00100105, + 0x00400602, 0x00082028, 0x28000800, 0x40000105, + 0x00440602, 0x00082028, 0x2c000800, 0x40100105, + 0x80000202, 0x00082010, 0x20000000, 0x00800005, + 0x80040202, 0x00082010, 0x24000000, 0x00900005, + 0x80400202, 0x00082018, 0x20000800, 0x40800005, + 0x80440202, 0x00082018, 0x24000800, 0x40900005, + 0x80000602, 0x00082030, 0x28000000, 0x00800105, + 0x80040602, 0x00082030, 0x2c000000, 0x00900105, + 0x80400602, 0x00082038, 0x28000800, 0x40800105, + 0x80440602, 0x00082038, 0x2c000800, 0x40900105, + 0x10000202, 0x00082000, 0x20200000, 0x00001005, + 0x10040202, 0x00082000, 0x24200000, 0x00101005, + 0x10400202, 0x00082008, 0x20200800, 0x40001005, + 0x10440202, 0x00082008, 0x24200800, 0x40101005, + 0x10000602, 0x00082020, 0x28200000, 0x00001105, + 0x10040602, 0x00082020, 0x2c200000, 0x00101105, + 0x10400602, 0x00082028, 0x28200800, 0x40001105, + 0x10440602, 0x00082028, 0x2c200800, 0x40101105, + 0x90000202, 0x00082010, 0x20200000, 0x00801005, + 0x90040202, 0x00082010, 0x24200000, 0x00901005, + 0x90400202, 0x00082018, 0x20200800, 0x40801005, + 0x90440202, 0x00082018, 0x24200800, 0x40901005, + 0x90000602, 0x00082030, 0x28200000, 0x00801105, + 0x90040602, 0x00082030, 0x2c200000, 0x00901105, + 0x90400602, 0x00082038, 0x28200800, 0x40801105, + 0x90440602, 0x00082038, 0x2c200800, 0x40901105, + + 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00000000, 0x00000008, 0x00080000, 0x10000000, + 0x02000000, 0x00000000, 0x00000080, 0x00001000, + 0x02000000, 0x00000008, 0x00080080, 0x10001000, + 0x00004000, 0x00000000, 0x00000040, 0x00040000, + 0x00004000, 0x00000008, 0x00080040, 0x10040000, + 0x02004000, 0x00000000, 0x000000c0, 0x00041000, + 0x02004000, 0x00000008, 0x000800c0, 0x10041000, + 0x00020000, 0x00008000, 0x08000000, 0x00200000, + 0x00020000, 0x00008008, 0x08080000, 0x10200000, + 0x02020000, 0x00008000, 0x08000080, 0x00201000, + 0x02020000, 0x00008008, 0x08080080, 0x10201000, + 0x00024000, 0x00008000, 0x08000040, 0x00240000, + 0x00024000, 0x00008008, 0x08080040, 0x10240000, + 0x02024000, 0x00008000, 0x080000c0, 0x00241000, + 0x02024000, 0x00008008, 0x080800c0, 0x10241000, + 0x00000000, 0x01000000, 0x00002000, 0x00000020, + 0x00000000, 0x01000008, 0x00082000, 0x10000020, + 0x02000000, 0x01000000, 0x00002080, 0x00001020, + 0x02000000, 0x01000008, 0x00082080, 0x10001020, + 0x00004000, 0x01000000, 0x00002040, 0x00040020, + 0x00004000, 0x01000008, 0x00082040, 0x10040020, + 0x02004000, 0x01000000, 0x000020c0, 0x00041020, + 0x02004000, 0x01000008, 0x000820c0, 0x10041020, + 0x00020000, 0x01008000, 0x08002000, 0x00200020, + 0x00020000, 0x01008008, 0x08082000, 0x10200020, + 0x02020000, 0x01008000, 0x08002080, 0x00201020, + 0x02020000, 0x01008008, 0x08082080, 0x10201020, + 0x00024000, 0x01008000, 0x08002040, 0x00240020, + 0x00024000, 0x01008008, 0x08082040, 0x10240020, + 0x02024000, 0x01008000, 0x080020c0, 0x00241020, + 0x02024000, 0x01008008, 0x080820c0, 0x10241020, + 0x00000400, 0x04000000, 0x00100000, 0x00000004, + 0x00000400, 0x04000008, 0x00180000, 0x10000004, + 0x02000400, 0x04000000, 0x00100080, 0x00001004, + 0x02000400, 0x04000008, 0x00180080, 0x10001004, + 0x00004400, 0x04000000, 0x00100040, 0x00040004, + 0x00004400, 0x04000008, 0x00180040, 0x10040004, + 0x02004400, 0x04000000, 0x001000c0, 0x00041004, + 0x02004400, 0x04000008, 0x001800c0, 0x10041004, + 0x00020400, 0x04008000, 0x08100000, 0x00200004, + 0x00020400, 0x04008008, 0x08180000, 0x10200004, + 0x02020400, 0x04008000, 0x08100080, 0x00201004, + 0x02020400, 0x04008008, 0x08180080, 0x10201004, + 0x00024400, 0x04008000, 0x08100040, 0x00240004, + 0x00024400, 0x04008008, 0x08180040, 0x10240004, + 0x02024400, 0x04008000, 0x081000c0, 0x00241004, + 0x02024400, 0x04008008, 0x081800c0, 0x10241004, + 0x00000400, 0x05000000, 0x00102000, 0x00000024, + 0x00000400, 0x05000008, 0x00182000, 0x10000024, + 0x02000400, 0x05000000, 0x00102080, 0x00001024, + 0x02000400, 0x05000008, 0x00182080, 0x10001024, + 0x00004400, 0x05000000, 0x00102040, 0x00040024, + 0x00004400, 0x05000008, 0x00182040, 0x10040024, + 0x02004400, 0x05000000, 0x001020c0, 0x00041024, + 0x02004400, 0x05000008, 0x001820c0, 0x10041024, + 0x00020400, 0x05008000, 0x08102000, 0x00200024, + 0x00020400, 0x05008008, 0x08182000, 0x10200024, + 0x02020400, 0x05008000, 0x08102080, 0x00201024, + 0x02020400, 0x05008008, 0x08182080, 0x10201024, + 0x00024400, 0x05008000, 0x08102040, 0x00240024, + 0x00024400, 0x05008008, 0x08182040, 0x10240024, + 0x02024400, 0x05008000, 0x081020c0, 0x00241024, + 0x02024400, 0x05008008, 0x081820c0, 0x10241024, + 0x00000800, 0x00010000, 0x20000000, 0x00000010, + 0x00000800, 0x00010008, 0x20080000, 0x10000010, + 0x02000800, 0x00010000, 0x20000080, 0x00001010, + 0x02000800, 0x00010008, 0x20080080, 0x10001010, + 0x00004800, 0x00010000, 0x20000040, 0x00040010, + 0x00004800, 0x00010008, 0x20080040, 0x10040010, + 0x02004800, 0x00010000, 0x200000c0, 0x00041010, + 0x02004800, 0x00010008, 0x200800c0, 0x10041010, + 0x00020800, 0x00018000, 0x28000000, 0x00200010, + 0x00020800, 0x00018008, 0x28080000, 0x10200010, + 0x02020800, 0x00018000, 0x28000080, 0x00201010, + 0x02020800, 0x00018008, 0x28080080, 0x10201010, + 0x00024800, 0x00018000, 0x28000040, 0x00240010, + 0x00024800, 0x00018008, 0x28080040, 0x10240010, + 0x02024800, 0x00018000, 0x280000c0, 0x00241010, + 0x02024800, 0x00018008, 0x280800c0, 0x10241010, + 0x00000800, 0x01010000, 0x20002000, 0x00000030, + 0x00000800, 0x01010008, 0x20082000, 0x10000030, + 0x02000800, 0x01010000, 0x20002080, 0x00001030, + 0x02000800, 0x01010008, 0x20082080, 0x10001030, + 0x00004800, 0x01010000, 0x20002040, 0x00040030, + 0x00004800, 0x01010008, 0x20082040, 0x10040030, + 0x02004800, 0x01010000, 0x200020c0, 0x00041030, + 0x02004800, 0x01010008, 0x200820c0, 0x10041030, + 0x00020800, 0x01018000, 0x28002000, 0x00200030, + 0x00020800, 0x01018008, 0x28082000, 0x10200030, + 0x02020800, 0x01018000, 0x28002080, 0x00201030, + 0x02020800, 0x01018008, 0x28082080, 0x10201030, + 0x00024800, 0x01018000, 0x28002040, 0x00240030, + 0x00024800, 0x01018008, 0x28082040, 0x10240030, + 0x02024800, 0x01018000, 0x280020c0, 0x00241030, + 0x02024800, 0x01018008, 0x280820c0, 0x10241030, + 0x00000c00, 0x04010000, 0x20100000, 0x00000014, + 0x00000c00, 0x04010008, 0x20180000, 0x10000014, + 0x02000c00, 0x04010000, 0x20100080, 0x00001014, + 0x02000c00, 0x04010008, 0x20180080, 0x10001014, + 0x00004c00, 0x04010000, 0x20100040, 0x00040014, + 0x00004c00, 0x04010008, 0x20180040, 0x10040014, + 0x02004c00, 0x04010000, 0x201000c0, 0x00041014, + 0x02004c00, 0x04010008, 0x201800c0, 0x10041014, + 0x00020c00, 0x04018000, 0x28100000, 0x00200014, + 0x00020c00, 0x04018008, 0x28180000, 0x10200014, + 0x02020c00, 0x04018000, 0x28100080, 0x00201014, + 0x02020c00, 0x04018008, 0x28180080, 0x10201014, + 0x00024c00, 0x04018000, 0x28100040, 0x00240014, + 0x00024c00, 0x04018008, 0x28180040, 0x10240014, + 0x02024c00, 0x04018000, 0x281000c0, 0x00241014, + 0x02024c00, 0x04018008, 0x281800c0, 0x10241014, + 0x00000c00, 0x05010000, 0x20102000, 0x00000034, + 0x00000c00, 0x05010008, 0x20182000, 0x10000034, + 0x02000c00, 0x05010000, 0x20102080, 0x00001034, + 0x02000c00, 0x05010008, 0x20182080, 0x10001034, + 0x00004c00, 0x05010000, 0x20102040, 0x00040034, + 0x00004c00, 0x05010008, 0x20182040, 0x10040034, + 0x02004c00, 0x05010000, 0x201020c0, 0x00041034, + 0x02004c00, 0x05010008, 0x201820c0, 0x10041034, + 0x00020c00, 0x05018000, 0x28102000, 0x00200034, + 0x00020c00, 0x05018008, 0x28182000, 0x10200034, + 0x02020c00, 0x05018000, 0x28102080, 0x00201034, + 0x02020c00, 0x05018008, 0x28182080, 0x10201034, + 0x00024c00, 0x05018000, 0x28102040, 0x00240034, + 0x00024c00, 0x05018008, 0x28182040, 0x10240034, + 0x02024c00, 0x05018000, 0x281020c0, 0x00241034, + 0x02024c00, 0x05018008, 0x281820c0, 0x10241034 +}; + +/* S-box lookup tables */ + +static const u32 S1[64] = { + 0x01010400, 0x00000000, 0x00010000, 0x01010404, + 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, + 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, + 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, + 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, + 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, + 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, + 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, + 0x00010004, 0x00010400, 0x00000000, 0x01010004 +}; + +static const u32 S2[64] = { + 0x80108020, 0x80008000, 0x00008000, 0x00108020, + 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, + 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, + 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, + 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, + 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, + 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, + 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, + 0x80000000, 0x80100020, 0x80108020, 0x00108000 +}; + +static const u32 S3[64] = { + 0x00000208, 0x08020200, 0x00000000, 0x08020008, + 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, + 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, + 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, + 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, + 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, + 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, + 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, + 0x00020208, 0x00000008, 0x08020008, 0x00020200 +}; + +static const u32 S4[64] = { + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, + 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, + 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002000, 0x00802080 +}; + +static const u32 S5[64] = { + 0x00000100, 0x02080100, 0x02080000, 0x42000100, + 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, + 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, + 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, + 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, + 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, + 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, + 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, + 0x00000000, 0x40080000, 0x02080100, 0x40000100 +}; + +static const u32 S6[64] = { + 0x20000010, 0x20400000, 0x00004000, 0x20404010, + 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, + 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, + 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, + 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, + 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, + 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, + 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, + 0x20404000, 0x20000000, 0x00400010, 0x20004010 +}; + +static const u32 S7[64] = { + 0x00200000, 0x04200002, 0x04000802, 0x00000000, + 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, + 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, + 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, + 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, + 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, + 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, + 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, + 0x04000002, 0x04000800, 0x00000800, 0x00200002 +}; + +static const u32 S8[64] = { + 0x10001040, 0x00001000, 0x00040000, 0x10041040, + 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, + 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, + 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, + 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, + 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, + 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, + 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, + 0x00001040, 0x00040040, 0x10000000, 0x10041000 +}; + +/* Encryption components: IP, FP, and round function */ + +#define IP(L, R, T) \ + ROL(R, 4); \ + T = L; \ + L ^= R; \ + L &= 0xf0f0f0f0; \ + R ^= L; \ + L ^= T; \ + ROL(R, 12); \ + T = L; \ + L ^= R; \ + L &= 0xffff0000; \ + R ^= L; \ + L ^= T; \ + ROR(R, 14); \ + T = L; \ + L ^= R; \ + L &= 0xcccccccc; \ + R ^= L; \ + L ^= T; \ + ROL(R, 6); \ + T = L; \ + L ^= R; \ + L &= 0xff00ff00; \ + R ^= L; \ + L ^= T; \ + ROR(R, 7); \ + T = L; \ + L ^= R; \ + L &= 0xaaaaaaaa; \ + R ^= L; \ + L ^= T; \ + ROL(L, 1); + +#define FP(L, R, T) \ + ROR(L, 1); \ + T = L; \ + L ^= R; \ + L &= 0xaaaaaaaa; \ + R ^= L; \ + L ^= T; \ + ROL(R, 7); \ + T = L; \ + L ^= R; \ + L &= 0xff00ff00; \ + R ^= L; \ + L ^= T; \ + ROR(R, 6); \ + T = L; \ + L ^= R; \ + L &= 0xcccccccc; \ + R ^= L; \ + L ^= T; \ + ROL(R, 14); \ + T = L; \ + L ^= R; \ + L &= 0xffff0000; \ + R ^= L; \ + L ^= T; \ + ROR(R, 12); \ + T = L; \ + L ^= R; \ + L &= 0xf0f0f0f0; \ + R ^= L; \ + L ^= T; \ + ROR(R, 4); + +#define ROUND(L, R, A, B, K, d) \ + B = K[0]; A = K[1]; K += d; \ + B ^= R; A ^= R; \ + B &= 0x3f3f3f3f; ROR(A, 4); \ + L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \ + L ^= S6[0xff & (B >> 8)]; B >>= 16; \ + L ^= S7[0xff & A]; \ + L ^= S5[0xff & (A >> 8)]; A >>= 16; \ + L ^= S4[0xff & B]; \ + L ^= S2[0xff & (B >> 8)]; \ + L ^= S3[0xff & A]; \ + L ^= S1[0xff & (A >> 8)]; + +/* + * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved + * tables of 128 elements. One set is for C_i and the other for D_i, while + * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i. + * + * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i + * or D_i in bits 7-1 (bit 0 being the least significant). + */ + +#define T1(x) pt[2 * (x) + 0] +#define T2(x) pt[2 * (x) + 1] +#define T3(x) pt[2 * (x) + 2] +#define T4(x) pt[2 * (x) + 3] + +#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) + +/* + * Encryption key expansion + * + * RFC2451: Weak key checks SHOULD be performed. + * + * FIPS 74: + * + * Keys having duals are keys which produce all zeros, all ones, or + * alternating zero-one patterns in the C and D registers after Permuted + * Choice 1 has operated on the key. + * + */ +static unsigned long des_ekey(u32 *pe, const u8 *k) +{ + /* K&R: long is at least 32 bits */ + unsigned long a, b, c, d, w; + const u32 *pt = pc2; + + d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; + c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; + b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; + a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; + + pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; + pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; + pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); + + /* Check if first half is weak */ + w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); + + /* Skip to next table set */ + pt += 512; + + d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; + c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; + b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; + a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; + + /* Check if second half is weak */ + w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); + + pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; + pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; + pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); + + /* Fixup: 2413 5768 -> 1357 2468 */ + for (d = 0; d < 16; ++d) { + a = pe[2 * d]; + b = pe[2 * d + 1]; + c = a ^ b; + c &= 0xffff0000; + a ^= c; + b ^= c; + ROL(b, 18); + pe[2 * d] = a; + pe[2 * d + 1] = b; + } + + /* Zero if weak key */ + return w; +} + +int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen) +{ + if (keylen != DES_KEY_SIZE) + return -EINVAL; + + return des_ekey(ctx->expkey, key) ? 0 : -ENOKEY; +} +EXPORT_SYMBOL_GPL(des_expand_key); + +/* + * Decryption key expansion + * + * No weak key checking is performed, as this is only used by triple DES + * + */ +static void dkey(u32 *pe, const u8 *k) +{ + /* K&R: long is at least 32 bits */ + unsigned long a, b, c, d; + const u32 *pt = pc2; + + d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; + c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; + b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; + a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; + + pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; + pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; + pe[15 * 2] = DES_PC2(b, c, d, a); + + /* Skip to next table set */ + pt += 512; + + d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; + c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; + b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; + a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; + + pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; + pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; + pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; + pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; + pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; + pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; + pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; + pe[15 * 2 + 1] = DES_PC2(b, c, d, a); + + /* Fixup: 2413 5768 -> 1357 2468 */ + for (d = 0; d < 16; ++d) { + a = pe[2 * d]; + b = pe[2 * d + 1]; + c = a ^ b; + c &= 0xffff0000; + a ^= c; + b ^= c; + ROL(b, 18); + pe[2 * d] = a; + pe[2 * d + 1] = b; + } +} + +void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src) +{ + const u32 *K = ctx->expkey; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des_encrypt); + +void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src) +{ + const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des_decrypt); + +int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, + unsigned int keylen) +{ + u32 *pe = ctx->expkey; + int err; + + if (keylen != DES3_EDE_KEY_SIZE) + return -EINVAL; + + err = des3_ede_verify_key(key, keylen, true); + if (err && err != -ENOKEY) + return err; + + des_ekey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + dkey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + des_ekey(pe, key); + + return err; +} +EXPORT_SYMBOL_GPL(des3_ede_expand_key); + +void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src) +{ + const u32 *K = dctx->expkey; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + for (i = 0; i < 8; i++) { + ROUND(R, L, A, B, K, 2); + ROUND(L, R, A, B, K, 2); + } + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, 2); + ROUND(R, L, A, B, K, 2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des3_ede_encrypt); + +void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src) +{ + const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2; + u32 L, R, A, B; + int i; + + L = get_unaligned_le32(src); + R = get_unaligned_le32(src + 4); + + IP(L, R, A); + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + for (i = 0; i < 8; i++) { + ROUND(R, L, A, B, K, -2); + ROUND(L, R, A, B, K, -2); + } + for (i = 0; i < 8; i++) { + ROUND(L, R, A, B, K, -2); + ROUND(R, L, A, B, K, -2); + } + FP(R, L, A); + + put_unaligned_le32(R, dst); + put_unaligned_le32(L, dst + 4); +} +EXPORT_SYMBOL_GPL(des3_ede_decrypt); + +MODULE_LICENSE("GPL"); From patchwork Thu Jun 27 12:03:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167955 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2250089ilk; Thu, 27 Jun 2019 05:04:02 -0700 (PDT) X-Google-Smtp-Source: APXvYqw92gJLRC72JTSGBcTtu5mq6Og1Xen8xDZ/3nB9MdrooUh7B2RNc4JMwuVMKnLDMsxL+ty6 X-Received: by 2002:a17:902:29e6:: with SMTP id h93mr4057204plb.297.1561637042677; Thu, 27 Jun 2019 05:04:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637042; cv=none; d=google.com; s=arc-20160816; b=QYykJdMt4Da19PqPHDHlEsPgaKey99ZlJ+WjqkktqY/Leg/zhPNRynhRPIubudmmWC /xDYhaXi4ckrNKtwTN2vAabQnR0EqrLF+266lYQzIMAJK14QKgzcTEuP8WbTlLD9BS8Y NqAx+h12kiaaZo+vVTddENxlSQ9SGC7Hk664Gf5kBXVGeceZJDSb4T1ycpL0nFYbqX69 nF+7v/G3f3fJx3gxM4WxeWMqw0GF4oaZyIci5AhxK9sBFxcrj93vxKlHptLg3L1FH+N9 ViKojj4ZwNAVa/YQQg93I2IjJSsUxqdOBSUpQ94/po89QDEYopNnAZlZ+9Dwv3BO4DNw x0qQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=QoUaherJ4F3F3g9tyzF2ERxp8zs0Ke+hm33rT1mESmo=; b=pdly/33cLC5O5ixaxPAaqbeScFbDe4gTusOe04zGaL5nDiLCGgdxPz5tTzEkJahO3z PTWMbfZmoks0346/mM9bIbait8MD1C+miTyKcce4gtfzyr5V483dzKL5kbDiX/IP6YS+ xtnZ3yBf/eueshY7aZUHPMZdC9uVbVqU/34Rd0NsCjKnMVq5Jgx8Tu/512djcgVbkCzr WVcViv9VIsI1F5oQvetR/nZpyA4jUs2QpERJNcT/UGMtGR3vYsN+Ifh4ZRoLlqUzFAD/ nxvd9/w2M+Z/iFPCjzkp3Y5rHbSwoBJb3HdKztTcGI/hhCPHOO+oL5t8OiEDjfjFEZj7 KyQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ofcK2UZE; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f72si2632585pfa.67.2019.06.27.05.04.02; Thu, 27 Jun 2019 05:04:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ofcK2UZE; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726907AbfF0MEB (ORCPT + 3 others); Thu, 27 Jun 2019 08:04:01 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:42842 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726648AbfF0MEA (ORCPT ); Thu, 27 Jun 2019 08:04:00 -0400 Received: by mail-wr1-f67.google.com with SMTP id x17so2242463wrl.9 for ; Thu, 27 Jun 2019 05:03:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=QoUaherJ4F3F3g9tyzF2ERxp8zs0Ke+hm33rT1mESmo=; b=ofcK2UZEkqhdTXRFOtqG74JI3NMc8mKubxVGoCg+reiDXkLB8T1WLmFotv/kzsR84y NXCw+AOcwt+EppJ7OjPfBfg6z2ARXbJt5ye3Us5JT9Vr1y7y2UNaMuha99euUUuDp8TT PDCH2nV8W/xhOmBpDNjR4d+S24PishygY0+B6EU1o6q+tM36MfjyQDVjE3IyDLovKYCX w+vD97OjUoVfWogwwEhK6mfiswGONLQ2GkgCbwdU8LtjSdsVGSfg8WiL4O3ayzIyNQY2 Qt9XCMODH7gGW0ZdwTU35K65/2ITas+ST4FMGJGnn5uBECQplcRXmfo7xpw7Y7WUy/kn j4wA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=QoUaherJ4F3F3g9tyzF2ERxp8zs0Ke+hm33rT1mESmo=; b=qUu712KSxsKhFpe6o9mvQaY+0EFuzGJJCBYtThw6nmySHF8ZuoX398V0U4RvbURuEe pKNbSkprzq2T4RnczL+2XbYeouebNWc/P07+jkckr51QThExT4C/GbWVMXFZz//3hBpK wf1IcjGY/p3an5PgqQw1NWJFBmBKfDR3xcwha0/xup+O5CaWZZZy299AhIhQmwfReS7Q BLNPGnLkT4uG+2AGTAz4IQ91ZwslGTAu2fa/Jvs3mktzWaRZ3D/LKSOYfo1CQWf3jZCP /Lzq83klzepLOkdMpjH8cjnHjCbwmGBOcKFm+OzMw3xUMn166RH1MAPr1DlSnX9t3y4X ONxg== X-Gm-Message-State: APjAAAWFRst58PNoh7UNFtuk2mCUV0RuBQnydGQbBSZS9HBnCYi2aNBA ac6v4xeqvMg5CTh37rddxn6scxizO2y0nA== X-Received: by 2002:a5d:4909:: with SMTP id x9mr2823052wrq.226.1561637036942; Thu, 27 Jun 2019 05:03:56 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.56 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:56 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 28/30] crypto: x86/des - switch to library interface Date: Thu, 27 Jun 2019 14:03:12 +0200 Message-Id: <20190627120314.7197-29-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- arch/x86/crypto/des3_ede_glue.c | 42 +++++++++++--------- 1 file changed, 23 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/arch/x86/crypto/des3_ede_glue.c b/arch/x86/crypto/des3_ede_glue.c index ff6cca8d69eb..cce329b188d1 100644 --- a/arch/x86/crypto/des3_ede_glue.c +++ b/arch/x86/crypto/des3_ede_glue.c @@ -21,7 +21,7 @@ */ #include -#include +#include #include #include #include @@ -29,8 +29,8 @@ #include struct des3_ede_x86_ctx { - u32 enc_expkey[DES3_EDE_EXPKEY_WORDS]; - u32 dec_expkey[DES3_EDE_EXPKEY_WORDS]; + struct des3_ede_ctx enc; + struct des3_ede_ctx dec; }; /* regular block cipher functions */ @@ -44,7 +44,7 @@ asmlinkage void des3_ede_x86_64_crypt_blk_3way(const u32 *expkey, u8 *dst, static inline void des3_ede_enc_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *enc_ctx = ctx->enc_expkey; + u32 *enc_ctx = ctx->enc.expkey; des3_ede_x86_64_crypt_blk(enc_ctx, dst, src); } @@ -52,7 +52,7 @@ static inline void des3_ede_enc_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_dec_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *dec_ctx = ctx->dec_expkey; + u32 *dec_ctx = ctx->dec.expkey; des3_ede_x86_64_crypt_blk(dec_ctx, dst, src); } @@ -60,7 +60,7 @@ static inline void des3_ede_dec_blk(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_enc_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *enc_ctx = ctx->enc_expkey; + u32 *enc_ctx = ctx->enc.expkey; des3_ede_x86_64_crypt_blk_3way(enc_ctx, dst, src); } @@ -68,7 +68,7 @@ static inline void des3_ede_enc_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, static inline void des3_ede_dec_blk_3way(struct des3_ede_x86_ctx *ctx, u8 *dst, const u8 *src) { - u32 *dec_ctx = ctx->dec_expkey; + u32 *dec_ctx = ctx->dec.expkey; des3_ede_x86_64_crypt_blk_3way(dec_ctx, dst, src); } @@ -132,7 +132,7 @@ static int ecb_encrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct des3_ede_x86_ctx *ctx = crypto_skcipher_ctx(tfm); - return ecb_crypt(req, ctx->enc_expkey); + return ecb_crypt(req, ctx->enc.expkey); } static int ecb_decrypt(struct skcipher_request *req) @@ -140,7 +140,7 @@ static int ecb_decrypt(struct skcipher_request *req) struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct des3_ede_x86_ctx *ctx = crypto_skcipher_ctx(tfm); - return ecb_crypt(req, ctx->dec_expkey); + return ecb_crypt(req, ctx->dec.expkey); } static unsigned int __cbc_encrypt(struct des3_ede_x86_ctx *ctx, @@ -358,24 +358,28 @@ static int des3_ede_x86_setkey(struct crypto_tfm *tfm, const u8 *key, u32 i, j, tmp; int err; - err = crypto_des3_ede_verify_key(tfm, key); - if (unlikely(err)) - return err; + err = des3_ede_expand_key(&ctx->enc, key, keylen); + if (err == -ENOKEY) { + if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) + err = -EINVAL; + else + err = 0; + } - /* Generate encryption context using generic implementation. */ - err = __des3_ede_setkey(ctx->enc_expkey, &tfm->crt_flags, key, keylen); - if (err < 0) + if (err) { + memzero_explicit(ctx, sizeof(*ctx)); return err; + } /* Fix encryption context for this implementation and form decryption * context. */ j = DES3_EDE_EXPKEY_WORDS - 2; for (i = 0; i < DES3_EDE_EXPKEY_WORDS; i += 2, j -= 2) { - tmp = ror32(ctx->enc_expkey[i + 1], 4); - ctx->enc_expkey[i + 1] = tmp; + tmp = ror32(ctx->enc.expkey[i + 1], 4); + ctx->enc.expkey[i + 1] = tmp; - ctx->dec_expkey[j + 0] = ctx->enc_expkey[i + 0]; - ctx->dec_expkey[j + 1] = tmp; + ctx->dec.expkey[j + 0] = ctx->enc.expkey[i + 0]; + ctx->dec.expkey[j + 1] = tmp; } return 0; From patchwork Thu Jun 27 12:03:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167954 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2250078ilk; Thu, 27 Jun 2019 05:04:02 -0700 (PDT) X-Google-Smtp-Source: APXvYqxRmbp7zMWhi4IVvgqxfEXuJT/yZ7NsWWP//UD17mVU0JqC/3ZUpwL0IC9Ioe+bxLCz86it X-Received: by 2002:a17:90a:d817:: with SMTP id a23mr5588677pjv.54.1561637042400; Thu, 27 Jun 2019 05:04:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637042; cv=none; d=google.com; s=arc-20160816; b=m7IgOXnVgHIXgg+o802pFErB0Hz/kg+3qGlxevGZEcK3G5PrNgY8eXAXHttgnP7IOA 0rUhgGsVKkzs2tEUOAOPeXvObcePtKLbdXUqIZe6XmQ4dRo8UoX5t4cFcBApYsYpD+r/ AYy86gg4S7c9R8yaB9CEYmZLQWszUUDIrPJWpOWdRvbgEVhyS1hEVzMDyQ5srRCJ3aK2 vPrs5p/DBN10GPaMJlKdAoevKFKMaiP0kPtnZGUdFdSPYiBHUbp+ehvly/7LtFqEm1eH xNwBQvQKT7a/LRdGpoIIVmY5ocheBGXRuKeWU6UbBfVj17C4swyhu6BKCeM191Y+CoYD PsPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=HMxEFfI7tJ6A3Lxij+jWi/muPaKRgiRph4XGCcI4O/0=; b=jFBKsWN35c/EfSChKTLLBEa2W6ZHM3Akx4ReCSjft9Ip3/RaY3f+bZdSmCQcl61Dqs lYW0X7AtVyY28cut7Ie/Na9q2/1OefWoa9mp29BRzbfmn1qf3IARHm23jcrSqnVKZqEK p5kdQpA1QBCuql6sCiaAFa7PJqAfpBGdqqodRpXEhRiy2t2HyTQjt5H8loM+K6qzjN6n FP5bpAb2LO7x1RrS9V/507AJuvzQ1aohb+8DblcKr7ezCbMG/ED46ZWV4Je3FHP+4cqe 0rtE0su3X/JG3khHg4SMpnjGK4/utIgecEu4GWwimWEz37Q0hQwXH+iggiJ8HotptiB0 tWNw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="wLh/8hue"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f72si2632585pfa.67.2019.06.27.05.04.02; Thu, 27 Jun 2019 05:04:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="wLh/8hue"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726648AbfF0MEB (ORCPT + 3 others); Thu, 27 Jun 2019 08:04:01 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:55106 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726905AbfF0MEA (ORCPT ); Thu, 27 Jun 2019 08:04:00 -0400 Received: by mail-wm1-f68.google.com with SMTP id g135so5464548wme.4 for ; Thu, 27 Jun 2019 05:03:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=HMxEFfI7tJ6A3Lxij+jWi/muPaKRgiRph4XGCcI4O/0=; b=wLh/8hue28aVYJN153iWSXFQC6z6dcOhvOsueBxpfXF5HOwY3BY0gnAYHzKt3geR9l O+hoIGDVIwjeriTvdayL+YvO2oB1Ln6XnL25zjGAhv0E6WgMKaAdlp6SJ0PHetV7gweu tVhhxrmD5N1X62E4LMhotmz3YtlEjHo7fA6DtOJJI5c/SWq3EPKc+cZwlPRhuRvTGtqw BVJ0TeH7m7Hn/2yDcDW0wnFC9rvK93Rz6LD04UW+SIg35/cZaGc9adkRGC2bgYzKSZyw NxjyrE73ll2psaWlgrvJE/1OsUw0TQYJ6Pz/p/WbnhgD38O4YTJDdxjfH7QWEUhTLf1a mL5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HMxEFfI7tJ6A3Lxij+jWi/muPaKRgiRph4XGCcI4O/0=; b=r78IHChlUyWif2e2Y+9z8ZSGgVBk8nVo0RAdlHazviLnkhyG054CPIh06mx6NJye7D qRlb4IxAxj9ynw3r/ACrSUs0yiZTM33rM34RBt8oG4Sg2zkwJglr65gvE2OKfPIzOXRV zV1Pzs03wP+PovkcCNKepBTw/Dp0Rv4yndnc/to87SsWqSbBcR2ctKT6knnNcOGmN4Bk fYJ6mvTeGeOdfWKyRZtAzYZJ7SxL4s2Uou6fqfuj+8XrJD2lM4icNCpdBTtFKTfTfQPD 0bpkZ0iKI/wSj+k3mmRInl7wNEr/ilshJXTZZVFNUYVb+0GdDhX3WPQRzC39Dfo9fmZJ JFKw== X-Gm-Message-State: APjAAAXGgNB0oc1xSnGUJnAaskozHUhJ94EXk77PVQ8Y+kL3XFmzGgMC CGMkUotsQagfNLeuUTw7sXWRl3M5Y8sDMA== X-Received: by 2002:a05:600c:118a:: with SMTP id i10mr2949860wmf.162.1561637037905; Thu, 27 Jun 2019 05:03:57 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.56 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:57 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 29/30] crypto: des - remove now unused __des3_ede_setkey() Date: Thu, 27 Jun 2019 14:03:13 +0200 Message-Id: <20190627120314.7197-30-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Signed-off-by: Ard Biesheuvel --- crypto/des_generic.c | 13 ------------- include/crypto/des.h | 3 --- 2 files changed, 16 deletions(-) -- 2.20.1 diff --git a/crypto/des_generic.c b/crypto/des_generic.c index 8669423886aa..201caf22b881 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -56,19 +56,6 @@ static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) des_decrypt(dctx, dst, src); } -int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, - unsigned int keylen) -{ - int err; - - des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - des_ekey(expkey, key); - - return 0; -} -EXPORT_SYMBOL_GPL(__des3_ede_setkey); - static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/des.h b/include/crypto/des.h index 2c864a4e6707..7812b4331ae4 100644 --- a/include/crypto/des.h +++ b/include/crypto/des.h @@ -54,7 +54,4 @@ int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen); int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key, unsigned int keylen); -extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, - unsigned int keylen); - #endif /* __CRYPTO_DES_H */ From patchwork Thu Jun 27 12:03:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 167956 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2250106ilk; Thu, 27 Jun 2019 05:04:03 -0700 (PDT) X-Google-Smtp-Source: APXvYqwy1EnypJ1pmRPpCYdy+Jm2cWbibnrg+Md6Uri83sHSnbjk3SCLrhlbcsYPdC28h9sn5HSF X-Received: by 2002:a17:90b:d8b:: with SMTP id bg11mr5665387pjb.30.1561637043653; Thu, 27 Jun 2019 05:04:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561637043; cv=none; d=google.com; s=arc-20160816; b=TWDZILfaPsP/Ffs8VXsaJclTNtNqUE9tv2CVEfziJoUGF/LZ5c1EHiqB9bD+2c/5NM PqcxozwTa1dovlL1LOLAE1T+K9g+fkj0zH2nTTp73X3cr6ydREuYIMd/l6PkeRltpben le6IV2whx/SaIvGc2FZ9kGDj1d833Jq7KfSNXsmXM60PPGeCBu2XlhuQ3vxb39RyerXH znBIa+C3KQj8S92wnRnq5tUzvTb0tBr430bjwi+JqegAKZiLiQp2RzLt93QckcaK26jT 5fkZQW2NRXspZwpcjXvwyQ+NwoWNgGaeF2pj8wfnynkUznbtBHRxkU7uQcr/OQAyxK/q efWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=JECSO/bEpbkseNS0KKB92/HftgO7GU1wpPzeVM070Yw=; b=WD3KaAhPdqXW2/wQUj9A2gzDTZ/2mHSOFs6fYKyZBuJ756f/wCE+UeA06S+BiYrITX q0We/0IJ8PJqpmE7zD2uEz+DG2Us41UNIazptTflhJP9a2uzQ/mOThI4bNLLLgzt18Wx bx3Zz8iCU7+mHim5hc2c3gOOh3nRUOXH7pyTrssYfE1spkKeHrNYMH4QolI4Q3HCejQL 8nFXOw8CUp0UZnEohHuYGR0Uw9jrL7I9upruLr/NF1CWeU3vFL5OypDlGrBLLEJlR1HN S2LEwijWl3bb/RXQ1usim2541yCrsILzdZw03t9R79XlSb1MVl9VFVBq8k6wWqgPxbNm gwVg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZAcK2nlw; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f72si2632585pfa.67.2019.06.27.05.04.03; Thu, 27 Jun 2019 05:04:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZAcK2nlw; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726795AbfF0MEC (ORCPT + 3 others); Thu, 27 Jun 2019 08:04:02 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:50815 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726876AbfF0MEC (ORCPT ); Thu, 27 Jun 2019 08:04:02 -0400 Received: by mail-wm1-f67.google.com with SMTP id c66so5474412wmf.0 for ; Thu, 27 Jun 2019 05:04:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=JECSO/bEpbkseNS0KKB92/HftgO7GU1wpPzeVM070Yw=; b=ZAcK2nlwd7nE2u1VzolngiDy5WZV49PtW7B9sRIZiYINoYR56ehr2hSy81OMcZMxtT 3bd646J8JJuUxrc9ogwItMSYd3Bgga0iYrq60V7YVNI/8pT9O2fuj9H17wVfovYgNaRJ RJne5vWKOkUIvZPwYqgYIT1EE73yWdWzvxOwgBUCk2hLO9+wQkTTgOStFsxZDyE0Q4Sx eoXGuGREuns2Cj3txzjEJ0j3wR44+O1hNCsrE506lAoOvHTNbrisQQkQSqwYZ5lZFttM Qn1Jjz/iyN7OcCAZIYiW49Sf9CLMg3Z7MwZQfUzMdJ7ZCJhzleUSsnjaH23Kn5Jix5Ng mzBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=JECSO/bEpbkseNS0KKB92/HftgO7GU1wpPzeVM070Yw=; b=QLHP9L03xWrQYCusdSMxyGkVx5kUVvapEwB7yBmcX0sLzLSs7sbF1NHQ/EZhjwRHEB rXtxTE+obuwNroaJWA3/9crzIv1Y+PvsMO/pwkGq+dW3CLIvJ8iSFQfOhD0Ud02QxF9m qjcu7uSJS10SW03Pcu+8hC6Z1IJSef8KvNJkMKUfw3Vhc87J+7uB4PEnIyXrMgAZgcDy u1lTl83/7zmoV3kVi/rUnmH5Q/el718IeUY4W6i1jK3xq1O5df9XO6OeN56Rq/uNJrAR Rh7T8bmGBM/NLCvSMC2PCMpXzw5pHf1azOUFORGFBoTMb1N8DNqN5VZdhnxu/NkM/pwB B2jA== X-Gm-Message-State: APjAAAWt4TGyqbQDXKmMPHUgwTi7wz1TN5EWHR+zgpFokDYVu/bhvAsn 6L9SuUzJAttEpUUYc8irvN7e2UY5gDSllg== X-Received: by 2002:a1c:96c7:: with SMTP id y190mr2751564wmd.87.1561637039257; Thu, 27 Jun 2019 05:03:59 -0700 (PDT) Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr. [92.154.90.120]) by smtp.gmail.com with ESMTPSA id z126sm7732431wmb.32.2019.06.27.05.03.57 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Thu, 27 Jun 2019 05:03:58 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, horia.geanta@nxp.com, Ard Biesheuvel Subject: [PATCH v2 30/30] fs: cifs: move from the crypto cipher API to the new DES library interface Date: Thu, 27 Jun 2019 14:03:14 +0200 Message-Id: <20190627120314.7197-31-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190627120314.7197-1-ard.biesheuvel@linaro.org> References: <20190627120314.7197-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Some legacy code in the CIFS driver uses single DES to calculate some password hash, and uses the crypto cipher API to do so. Given that there is no point in invoking an accelerated cipher for doing 56-bit symmetric encryption on a single 8-byte block of input, the flexibility of the crypto cipher API does not add much value here, and so we're much better off using a library call into the generic C implementation. Signed-off-by: Ard Biesheuvel --- fs/cifs/Kconfig | 2 +- fs/cifs/cifsfs.c | 1 - fs/cifs/smbencrypt.c | 18 +++++++++--------- 3 files changed, 10 insertions(+), 11 deletions(-) -- 2.20.1 diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index 3da294231dcc..dedab8f79ee8 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig @@ -14,7 +14,7 @@ config CIFS select CRYPTO_CCM select CRYPTO_ECB select CRYPTO_AES - select CRYPTO_DES + select CRYPTO_LIB_DES help This is the client VFS module for the SMB3 family of NAS protocols, (including support for the most recent, most secure dialect SMB3.1.1) diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index e55afaf9e5a3..44f4cc160197 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -1590,7 +1590,6 @@ MODULE_DESCRIPTION ("VFS to access SMB3 servers e.g. Samba, Macs, Azure and Windows (and " "also older servers complying with the SNIA CIFS Specification)"); MODULE_VERSION(CIFS_VERSION); -MODULE_SOFTDEP("pre: des"); MODULE_SOFTDEP("pre: ecb"); MODULE_SOFTDEP("pre: hmac"); MODULE_SOFTDEP("pre: md4"); diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c index a0b80ac651a6..5c55c35f47d6 100644 --- a/fs/cifs/smbencrypt.c +++ b/fs/cifs/smbencrypt.c @@ -23,13 +23,14 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#include #include #include +#include #include #include #include #include +#include #include "cifs_fs_sb.h" #include "cifs_unicode.h" #include "cifspdu.h" @@ -70,19 +71,18 @@ static int smbhash(unsigned char *out, const unsigned char *in, unsigned char *key) { unsigned char key2[8]; - struct crypto_cipher *tfm_des; + struct des_ctx ctx; str_to_key(key, key2); - tfm_des = crypto_alloc_cipher("des", 0, 0); - if (IS_ERR(tfm_des)) { - cifs_dbg(VFS, "could not allocate des crypto API\n"); - return PTR_ERR(tfm_des); + if (fips_enabled) { + cifs_dbg(VFS, "FIPS compliance enabled: DES not permitted\n"); + return -ENOENT; } - crypto_cipher_setkey(tfm_des, key2, 8); - crypto_cipher_encrypt_one(tfm_des, out, in); - crypto_free_cipher(tfm_des); + des_expand_key(&ctx, key2, DES_KEY_SIZE); + des_encrypt(&ctx, out, in); + memzero_explicit(&ctx, sizeof(ctx)); return 0; }