From: Tero Kristo Date: Wed, 24 May 2017 07:35:24 +0000 (+0300) Subject: crypto: omap-des - add check for weak keys X-Git-Tag: v4.14-rc1~453^2~106 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=a636fdce55c6ad12b07436424ceffad1045714db;p=platform%2Fkernel%2Flinux-rpi.git crypto: omap-des - add check for weak keys OMAP DES crypto accelerator itself is unable to detect weak keys, so add a specific call to the generic des driver to check the key strength if requested. Signed-off-by: Tero Kristo Signed-off-by: Herbert Xu --- diff --git a/drivers/crypto/omap-des.c b/drivers/crypto/omap-des.c index a6f6553..0d68f77 100644 --- a/drivers/crypto/omap-des.c +++ b/drivers/crypto/omap-des.c @@ -699,16 +699,28 @@ static int omap_des_crypt(struct ablkcipher_request *req, unsigned long mode) /* ********************** ALG API ************************************ */ -static int omap_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, +static int omap_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(tfm); + struct omap_des_ctx *ctx = crypto_ablkcipher_ctx(cipher); + struct crypto_tfm *tfm = crypto_ablkcipher_tfm(cipher); if (keylen != DES_KEY_SIZE && keylen != (3*DES_KEY_SIZE)) return -EINVAL; pr_debug("enter, keylen: %d\n", keylen); + /* Do we need to test against weak key? */ + if (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY) { + u32 tmp[DES_EXPKEY_WORDS]; + int ret = des_ekey(tmp, key); + + if (!ret) { + tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; + return -EINVAL; + } + } + memcpy(ctx->key, key, keylen); ctx->keylen = keylen;