diff options
author | Evgeniy Polyakov <johnpol@2ka.mipt.ru> | 2007-10-11 15:58:16 +0400 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2008-01-11 00:16:03 +0300 |
commit | c3041f9c93e31159f4e321abea7c1549d271e6a7 (patch) | |
tree | 12a4b27c2717f2935ccac0f1873c19e09492d4c7 | |
parent | 16d004a2eda7be2c6a2de63eca2ad3c6b57307b3 (diff) | |
download | linux-c3041f9c93e31159f4e321abea7c1549d271e6a7.tar.xz |
[CRYPTO] hifn_795x: Detect weak keys
HIFN driver update to use DES weak key checks (exported in this patch).
Signed-off-by: Evgeniy Polyakov <johnpol@2ka.mipt.ru>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r-- | crypto/des_generic.c | 9 | ||||
-rw-r--r-- | drivers/crypto/Kconfig | 2 | ||||
-rw-r--r-- | drivers/crypto/hifn_795x.c | 11 |
3 files changed, 17 insertions, 5 deletions
diff --git a/crypto/des_generic.c b/crypto/des_generic.c index f75eafe1a875..355ecb71cb0d 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -628,7 +628,7 @@ static const u32 S8[64] = { * Choice 1 has operated on the key. * */ -static unsigned long ekey(u32 *pe, const u8 *k) +unsigned long des_ekey(u32 *pe, const u8 *k) { /* K&R: long is at least 32 bits */ unsigned long a, b, c, d, w; @@ -703,6 +703,7 @@ static unsigned long ekey(u32 *pe, const u8 *k) /* Zero if weak key */ return w; } +EXPORT_SYMBOL_GPL(des_ekey); /* * Decryption key expansion @@ -786,7 +787,7 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key, int ret; /* Expand to tmp */ - ret = ekey(tmp, key); + ret = des_ekey(tmp, key); if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { *flags |= CRYPTO_TFM_RES_WEAK_KEY; @@ -873,9 +874,9 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, return -EINVAL; } - ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; + des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; - ekey(expkey, key); + des_ekey(expkey, key); return 0; } diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 1ef7697fc998..c2de1351819f 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -85,9 +85,9 @@ config ZCRYPT_MONOLITHIC config CRYPTO_DEV_HIFN_795X tristate "Driver HIFN 795x crypto accelerator chips" + select CRYPTO_DES select CRYPTO_ALGAPI select CRYPTO_ABLKCIPHER - select CRYPTO_BLKCIPHER help This option allows you to have support for HIFN 795x crypto adapters. diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c index e3376f2236b2..391c20a3dff8 100644 --- a/drivers/crypto/hifn_795x.c +++ b/drivers/crypto/hifn_795x.c @@ -29,6 +29,7 @@ #include <linux/crypto.h> #include <crypto/algapi.h> +#include <crypto/des.h> #include <asm/kmap_types.h> @@ -1924,6 +1925,16 @@ static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key, return -1; } + if (len == HIFN_DES_KEY_LENGTH) { + u32 tmp[DES_EXPKEY_WORDS]; + int ret = des_ekey(tmp, key); + + if (unlikely(ret == 0) && (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) { + tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; + return -EINVAL; + } + } + dev->flags &= ~HIFN_FLAG_OLD_KEY; memcpy(ctx->key, key, len); |