projects / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ab753fe)
MLK-14611 Add DES key complexity validation
authorRadu Solea <radu.solea@nxp.com>
Thu, 13 Apr 2017 12:12:27 +0000 (15:12 +0300)
committerNitin Garg <nitin.garg@nxp.com>
Mon, 19 Mar 2018 20:22:00 +0000 (15:22 -0500)
Signed-off-by: Radu Solea <radu.solea@nxp.com>
drivers/crypto/caam/Kconfig patch | blob | history
drivers/crypto/caam/caamalg.c patch | blob | history

diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig
index 58b5053..6741be7 100644 (file)
--- a/drivers/crypto/caam/Kconfig
+++ b/drivers/crypto/caam/Kconfig
@@ -79,6 +79,7 @@ config CRYPTO_DEV_FSL_CAAM_CRYPTO_API
        select CRYPTO_AEAD
        select CRYPTO_AUTHENC
        select CRYPTO_BLKCIPHER
+       select CRYPTO_DES
        help
          Selecting this will offload crypto for users of the
          scatterlist crypto API (such as the linux native IPSec
diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c
index 52af827..7ca01d8 100644 (file)
--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -1755,6 +1755,33 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
        return ret;
 }
 
+
+static int ablkcipher_des_setkey(struct crypto_ablkcipher *ablkcipher,
+                                const u8 *key, unsigned int keylen)
+{
+       u32 tmp[DES_EXPKEY_WORDS];
+       u32 flags;
+       int ret;
+
+       if (keylen != DES_KEY_SIZE) {
+               crypto_ablkcipher_set_flags(ablkcipher,
+                                           CRYPTO_TFM_RES_BAD_KEY_LEN);
+               return -EINVAL;
+       }
+
+       ret = des_ekey(tmp, key);
+
+       flags = crypto_ablkcipher_get_flags(ablkcipher);
+       if (!ret && (flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
+               crypto_ablkcipher_set_flags(ablkcipher,
+                                           CRYPTO_TFM_RES_WEAK_KEY);
+               return -EINVAL;
+       }
+
+       return ablkcipher_setkey(ablkcipher, key, keylen);
+}
+
+
 static int xts_ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher,
                                 const u8 *key, unsigned int keylen)
 {
@@ -3027,7 +3054,7 @@ static struct caam_alg_template driver_algs[] = {
                .blocksize = DES_BLOCK_SIZE,
                .type = CRYPTO_ALG_TYPE_ABLKCIPHER,
                .template_ablkcipher = {
-                       .setkey = ablkcipher_setkey,
+                       .setkey = ablkcipher_des_setkey,
                        .encrypt = ablkcipher_encrypt,
                        .decrypt = ablkcipher_decrypt,
                        .geniv = "eseqiv",