Received: by 2002:a25:b794:0:0:0:0:0 with SMTP id n20csp3149677ybh;
        Mon, 5 Aug 2019 13:01:19 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzYa6tMNF7AigKtSNxQzVQi3MEMiSt3OOICRHxaKkpfAz6ES+nwMu9v09et9wiMFJuOJ1K7
X-Received: by 2002:a65:690e:: with SMTP id s14mr125680131pgq.47.1565035279290;
        Mon, 05 Aug 2019 13:01:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1565035279; cv=none;
        d=google.com; s=arc-20160816;
        b=XlDA3StSefYfhB9Z5VjSTmLckSDBHo6NGzaJIqiptZ0W6/+Ly81SZpCxX/QhSjnvKI
         YeoEmX5izgPPx3icSw/pCDyNJsU71G15ntHhRJy/4DDVZH4sBv+3VuzY02a1UQilzp5p
         baygK1WFH5/ssKGSswb7xsNl/R8/rdCupBHqsP9KwQFfbdfCMqMXlazn+cKugMeBLbFI
         ySTUxKy1ScZN957NjSBq5GiOWOJrmkUEU7Ffkx9EgpY8/foirLYi1RqYqN+eRHjMkr7b
         piKn9Sanm1ye8iTRn55DNlKGQf9va3Q/lFdoCHJMDjG7KBEz2RL1B08Bj1loCEq+H4/i
         xC/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature;
        bh=rwMfEg/bO0WFaZBML2KPkLXU25VS1HK0tM4ZHGyTba8=;
        b=rfsQQmN3HKatRiRVh8V4d4Kh8ItM0ln3JUYDCN4uQ3ilHJhy93GQ/IpvDEVG3n4w6v
         CKKrQlYchZliJ/NKPCqMGHF6xxolgyTzEWGknfrknRBE4XrmMfR7nSBSjzOYFDRCF9/H
         4Y7dyb2nvzKpM8iEpFHKg0hLxy9Wo0TLt/sNpxcpK/yvy6TSLuCIafG0QRnsYGQ0TCBl
         5IDesN2wumAlAy2EBHWde5gigNoSxrphX7ByoHOV+U01j4tbxOvtgZIY1twFMUVMyOGf
         YdVk7J+nP6lDP1x4hLF42pnihDwA8KeC2ZCWtoXqQQw0XDa70nFhRk1pY6AyZdzLUDm+
         IsCQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@c-s.fr header.s=mail header.b=SURmVZ86;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o3si46115635pld.102.2019.08.05.13.00.55;
        Mon, 05 Aug 2019 13:01:19 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@c-s.fr header.s=mail header.b=SURmVZ86;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728831AbfHEUAx (ORCPT <rfc822;cvimail81@gmail.com> + 99 others);
        Mon, 5 Aug 2019 16:00:53 -0400
Received: from pegase1.c-s.fr ([93.17.236.30]:12231 "EHLO pegase1.c-s.fr"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727830AbfHEUAx (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Mon, 5 Aug 2019 16:00:53 -0400
Received: from localhost (mailhub1-int [192.168.12.234])
        by localhost (Postfix) with ESMTP id 462TCg5rBbz9ty2B;
        Mon,  5 Aug 2019 22:00:47 +0200 (CEST)
Authentication-Results: localhost; dkim=pass
        reason="1024-bit key; insecure key"
        header.d=c-s.fr header.i=@c-s.fr header.b=SURmVZ86; dkim-adsp=pass;
        dkim-atps=neutral
X-Virus-Scanned: Debian amavisd-new at c-s.fr
Received: from pegase1.c-s.fr ([192.168.12.234])
        by localhost (pegase1.c-s.fr [192.168.12.234]) (amavisd-new, port 10024)
        with ESMTP id g9geWnIk7yUW; Mon,  5 Aug 2019 22:00:47 +0200 (CEST)
Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192])
        by pegase1.c-s.fr (Postfix) with ESMTP id 462TCg4g8rz9ty26;
        Mon,  5 Aug 2019 22:00:47 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=c-s.fr; s=mail;
        t=1565035247; bh=rwMfEg/bO0WFaZBML2KPkLXU25VS1HK0tM4ZHGyTba8=;
        h=Subject:To:Cc:References:From:Date:In-Reply-To:From;
        b=SURmVZ86Xzt7rfSr5dvqWCmhTXzo0XOWhZA6lCrS1Dz8c5vbfp4rjBhcM1OPsOk++
         sr25OfHGONW6KD/xe4N/A9OO5OlBoiL5hnXNmIsAZU48jqZD/BXSIiE1av4zD0oNHz
         iqAYm+Nzte5oxy9ksGOgbBTGe15bpYRM7BLtybo0=
Received: from localhost (localhost [127.0.0.1])
        by messagerie.si.c-s.fr (Postfix) with ESMTP id CC0DC8B7D1;
        Mon,  5 Aug 2019 22:00:47 +0200 (CEST)
X-Virus-Scanned: amavisd-new at c-s.fr
Received: from messagerie.si.c-s.fr ([127.0.0.1])
        by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023)
        with ESMTP id rnxZG8YdvVpZ; Mon,  5 Aug 2019 22:00:47 +0200 (CEST)
Received: from [192.168.4.90] (unknown [192.168.4.90])
        by messagerie.si.c-s.fr (Postfix) with ESMTP id 722098B7B7;
        Mon,  5 Aug 2019 22:00:47 +0200 (CEST)
Subject: Re: [PATCH v4 23/30] crypto: talitos/des - switch to new verification
 routines
To:     Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        linux-crypto@vger.kernel.org
Cc:     herbert@gondor.apana.org.au, ebiggers@kernel.org,
        horia.geanta@nxp.com
References: <20190805170037.31330-1-ard.biesheuvel@linaro.org>
 <20190805170037.31330-24-ard.biesheuvel@linaro.org>
From:   Christophe Leroy <christophe.leroy@c-s.fr>
Message-ID: <bb4e8b45-93cc-e849-bd1b-60660da85c21@c-s.fr>
Date:   Mon, 5 Aug 2019 22:00:47 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101
 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <20190805170037.31330-24-ard.biesheuvel@linaro.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: fr
Content-Transfer-Encoding: 8bit
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org



Le 05/08/2019 à 19:00, Ard Biesheuvel a écrit :
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

Reviewed-by: Christophe Leroy <christophe.leroy@c-s.fr>

> ---
>   drivers/crypto/talitos.c | 34 ++++----------------
>   1 file changed, 7 insertions(+), 27 deletions(-)
> 
> diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
> index c9d686a0e805..890cf52007f2 100644
> --- a/drivers/crypto/talitos.c
> +++ b/drivers/crypto/talitos.c
> @@ -30,7 +30,7 @@
>   
>   #include <crypto/algapi.h>
>   #include <crypto/aes.h>
> -#include <crypto/des.h>
> +#include <crypto/internal/des.h>
>   #include <crypto/sha.h>
>   #include <crypto/md5.h>
>   #include <crypto/internal/aead.h>
> @@ -939,12 +939,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc,
>   	if (keys.enckeylen != DES3_EDE_KEY_SIZE)
>   		goto badkey;
>   
> -	flags = crypto_aead_get_flags(authenc);
> -	err = __des3_verify_key(&flags, keys.enckey);
> -	if (unlikely(err)) {
> -		crypto_aead_set_flags(authenc, flags);
> +	err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey);
> +	if (err)
>   		goto out;
> -	}
>   
>   	if (ctx->keylen)
>   		dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
> @@ -1517,32 +1514,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
>   static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher,
>   				 const u8 *key, unsigned int keylen)
>   {
> -	u32 tmp[DES_EXPKEY_WORDS];
> -
> -	if (unlikely(crypto_ablkcipher_get_flags(cipher) &
> -		     CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) &&
> -	    !des_ekey(tmp, key)) {
> -		crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
> -		return -EINVAL;
> -	}
> -
> -	return ablkcipher_setkey(cipher, key, keylen);
> +	return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
> +	       ablkcipher_setkey(cipher, key, keylen);
>   }
>   
>   static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher,
>   				  const u8 *key, unsigned int keylen)
>   {
> -	u32 flags;
> -	int err;
> -
> -	flags = crypto_ablkcipher_get_flags(cipher);
> -	err = __des3_verify_key(&flags, key);
> -	if (unlikely(err)) {
> -		crypto_ablkcipher_set_flags(cipher, flags);
> -		return err;
> -	}
> -
> -	return ablkcipher_setkey(cipher, key, keylen);
> +	return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
> +	       ablkcipher_setkey(cipher, key, keylen);
>   }
>   
>   static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,
>