LinuxLists.cc - [RFC PATCH 02/30] crypto: s390/des - switch to new verification routines

2019-06-22 00:32:14

Subject: [RFC PATCH 02/30] crypto: s390/des - switch to new verification routines

Signed-off-by: Ard Biesheuvel <[email protected]>
---
arch/s390/crypto/des_s390.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c
index 1f9ab24dc048..4e4061885b0d 100644
--- a/arch/s390/crypto/des_s390.c
+++ b/arch/s390/crypto/des_s390.c
@@ -15,7 +15,7 @@
#include <linux/crypto.h>
#include <linux/fips.h>
#include <crypto/algapi.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
#include <asm/cpacf.h>

#define DES3_KEY_SIZE (3 * DES_KEY_SIZE)
@@ -34,14 +34,11 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
unsigned int key_len)
{
struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
- u32 tmp[DES_EXPKEY_WORDS];
+ int err;

- /* check for weak keys */
- if (!des_ekey(tmp, key) &&
- (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
- tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
- return -EINVAL;
- }
+ err = des_verify_key(tfm, key, key_len);
+ if (unlikely(err))
+ return err;

memcpy(ctx->key, key, key_len);
return 0;
@@ -226,7 +223,7 @@ static int des3_setkey(struct crypto_tfm *tfm, const u8 *key,
struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
int err;

- err = __des3_verify_key(&tfm->crt_flags, key);
+ err = crypto_des3_ede_verify_key(tfm, key, key_len);
if (unlikely(err))
return err;

--
2.20.1

2019-06-24 10:11:11

by Harald Freudenberger

[permalink] [raw]

Subject: Re: [RFC PATCH 02/30] crypto: s390/des - switch to new verification routines

On 22.06.19 02:30, Ard Biesheuvel wrote:
> Signed-off-by: Ard Biesheuvel <[email protected]>
> ---
> arch/s390/crypto/des_s390.c | 15 ++++++---------
> 1 file changed, 6 insertions(+), 9 deletions(-)
>
> diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c
> index 1f9ab24dc048..4e4061885b0d 100644
> --- a/arch/s390/crypto/des_s390.c
> +++ b/arch/s390/crypto/des_s390.c
> @@ -15,7 +15,7 @@
> #include <linux/crypto.h>
> #include <linux/fips.h>
> #include <crypto/algapi.h>
> -#include <crypto/des.h>
> +#include <crypto/internal/des.h>
> #include <asm/cpacf.h>
>
> #define DES3_KEY_SIZE (3 * DES_KEY_SIZE)
> @@ -34,14 +34,11 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
> unsigned int key_len)
> {
> struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
> - u32 tmp[DES_EXPKEY_WORDS];
> + int err;
>
> - /* check for weak keys */
> - if (!des_ekey(tmp, key) &&
> - (tfm->crt_flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
> - tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
> - return -EINVAL;
> - }
> + err = des_verify_key(tfm, key, key_len);
> + if (unlikely(err))
> + return err;
>
> memcpy(ctx->key, key, key_len);
> return 0;
> @@ -226,7 +223,7 @@ static int des3_setkey(struct crypto_tfm *tfm, const u8 *key,
> struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm);
> int err;
>
> - err = __des3_verify_key(&tfm->crt_flags, key);
> + err = crypto_des3_ede_verify_key(tfm, key, key_len);
> if (unlikely(err))
> return err;
>
Fine with me, Thanks,
Acked-by: Harald Freudenberger <[email protected]>