diff options
author | Jan Glauber <jang@linux.vnet.ibm.com> | 2010-05-21 22:04:46 +1000 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2010-05-21 22:04:46 +1000 |
commit | 1efbd15c3bc2b79d33e033e898211109c32159fa (patch) | |
tree | e64b3b66f138ebad2b128ca86c544bfa24af3353 /arch | |
parent | 80d663a42127b839e820ed934cead51cff6196d3 (diff) | |
download | op-kernel-dev-1efbd15c3bc2b79d33e033e898211109c32159fa.zip op-kernel-dev-1efbd15c3bc2b79d33e033e898211109c32159fa.tar.gz |
crypto: des_s390: use generic weak key check
Get rid of the des_s390 specific key check module and use the generic DES
weak key check instead. Also use the generic DES header and remove the
weak key check in 3DES mode, as RFC2451 mentions that the DES weak keys
are not relevant for 3DES.
Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'arch')
-rw-r--r-- | arch/s390/crypto/Makefile | 2 | ||||
-rw-r--r-- | arch/s390/crypto/des_s390.c | 47 |
2 files changed, 21 insertions, 28 deletions
diff --git a/arch/s390/crypto/Makefile b/arch/s390/crypto/Makefile index 6a1157f..1cf81d7 100644 --- a/arch/s390/crypto/Makefile +++ b/arch/s390/crypto/Makefile @@ -5,6 +5,6 @@ obj-$(CONFIG_CRYPTO_SHA1_S390) += sha1_s390.o sha_common.o obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o sha_common.o obj-$(CONFIG_CRYPTO_SHA512_S390) += sha512_s390.o sha_common.o -obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o des_check_key.o +obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o obj-$(CONFIG_CRYPTO_AES_S390) += aes_s390.o obj-$(CONFIG_S390_PRNG) += prng.o diff --git a/arch/s390/crypto/des_s390.c b/arch/s390/crypto/des_s390.c index a1a18b30..cc54201 100644 --- a/arch/s390/crypto/des_s390.c +++ b/arch/s390/crypto/des_s390.c @@ -14,18 +14,15 @@ * */ -#include <crypto/algapi.h> #include <linux/init.h> #include <linux/module.h> +#include <linux/crypto.h> +#include <crypto/algapi.h> +#include <crypto/des.h> #include "crypt_s390.h" -#include "crypto_des.h" - -#define DES_BLOCK_SIZE 8 -#define DES_KEY_SIZE 8 #define DES3_192_KEY_SIZE (3 * DES_KEY_SIZE) -#define DES3_192_BLOCK_SIZE DES_BLOCK_SIZE struct crypt_s390_des_ctx { u8 iv[DES_BLOCK_SIZE]; @@ -42,13 +39,16 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key, { struct crypt_s390_des_ctx *dctx = crypto_tfm_ctx(tfm); u32 *flags = &tfm->crt_flags; - int ret; + u32 tmp[DES_EXPKEY_WORDS]; - /* test if key is valid (not a weak key) */ - ret = crypto_des_check_key(key, keylen, flags); - if (ret == 0) - memcpy(dctx->key, key, keylen); - return ret; + /* check for weak keys */ + if (!des_ekey(tmp, key) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { + *flags |= CRYPTO_TFM_RES_WEAK_KEY; + return -EINVAL; + } + + memcpy(dctx->key, key, keylen); + return 0; } static void des_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) @@ -238,9 +238,7 @@ static struct crypto_alg cbc_des_alg = { static int des3_192_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { - int i, ret; struct crypt_s390_des3_192_ctx *dctx = crypto_tfm_ctx(tfm); - const u8 *temp_key = key; u32 *flags = &tfm->crt_flags; if (!(memcmp(key, &key[DES_KEY_SIZE], DES_KEY_SIZE) && @@ -250,11 +248,6 @@ static int des3_192_setkey(struct crypto_tfm *tfm, const u8 *key, *flags |= CRYPTO_TFM_RES_WEAK_KEY; return -EINVAL; } - for (i = 0; i < 3; i++, temp_key += DES_KEY_SIZE) { - ret = crypto_des_check_key(temp_key, DES_KEY_SIZE, flags); - if (ret < 0) - return ret; - } memcpy(dctx->key, key, keylen); return 0; } @@ -264,7 +257,7 @@ static void des3_192_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) struct crypt_s390_des3_192_ctx *dctx = crypto_tfm_ctx(tfm); crypt_s390_km(KM_TDEA_192_ENCRYPT, dctx->key, dst, (void*)src, - DES3_192_BLOCK_SIZE); + DES_BLOCK_SIZE); } static void des3_192_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) @@ -272,7 +265,7 @@ static void des3_192_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) struct crypt_s390_des3_192_ctx *dctx = crypto_tfm_ctx(tfm); crypt_s390_km(KM_TDEA_192_DECRYPT, dctx->key, dst, (void*)src, - DES3_192_BLOCK_SIZE); + DES_BLOCK_SIZE); } static struct crypto_alg des3_192_alg = { @@ -280,7 +273,7 @@ static struct crypto_alg des3_192_alg = { .cra_driver_name = "des3_ede-s390", .cra_priority = CRYPT_S390_PRIORITY, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, - .cra_blocksize = DES3_192_BLOCK_SIZE, + .cra_blocksize = DES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct crypt_s390_des3_192_ctx), .cra_module = THIS_MODULE, .cra_list = LIST_HEAD_INIT(des3_192_alg.cra_list), @@ -322,7 +315,7 @@ static struct crypto_alg ecb_des3_192_alg = { .cra_driver_name = "ecb-des3_ede-s390", .cra_priority = CRYPT_S390_COMPOSITE_PRIORITY, .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, - .cra_blocksize = DES3_192_BLOCK_SIZE, + .cra_blocksize = DES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct crypt_s390_des3_192_ctx), .cra_type = &crypto_blkcipher_type, .cra_module = THIS_MODULE, @@ -366,7 +359,7 @@ static struct crypto_alg cbc_des3_192_alg = { .cra_driver_name = "cbc-des3_ede-s390", .cra_priority = CRYPT_S390_COMPOSITE_PRIORITY, .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, - .cra_blocksize = DES3_192_BLOCK_SIZE, + .cra_blocksize = DES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct crypt_s390_des3_192_ctx), .cra_type = &crypto_blkcipher_type, .cra_module = THIS_MODULE, @@ -376,7 +369,7 @@ static struct crypto_alg cbc_des3_192_alg = { .blkcipher = { .min_keysize = DES3_192_KEY_SIZE, .max_keysize = DES3_192_KEY_SIZE, - .ivsize = DES3_192_BLOCK_SIZE, + .ivsize = DES_BLOCK_SIZE, .setkey = des3_192_setkey, .encrypt = cbc_des3_192_encrypt, .decrypt = cbc_des3_192_decrypt, @@ -427,7 +420,7 @@ des_err: goto out; } -static void __exit des_s390_fini(void) +static void __exit des_s390_exit(void) { crypto_unregister_alg(&cbc_des3_192_alg); crypto_unregister_alg(&ecb_des3_192_alg); @@ -438,7 +431,7 @@ static void __exit des_s390_fini(void) } module_init(des_s390_init); -module_exit(des_s390_fini); +module_exit(des_s390_exit); MODULE_ALIAS("des"); MODULE_ALIAS("des3_ede"); |