diff options
author | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2019-08-15 12:00:43 +0300 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-08-22 14:39:37 +1000 |
commit | 6ee41e5420d0afa8cddf09aa7384dabe570f8dc7 (patch) | |
tree | adaf9488cfc99fde2a383fdb077c1fb55a3a4bc0 /crypto/des_generic.c | |
parent | 220f67917ae649336b5fef4dec8024fed4b177f3 (diff) | |
download | lwn-6ee41e5420d0afa8cddf09aa7384dabe570f8dc7.tar.gz lwn-6ee41e5420d0afa8cddf09aa7384dabe570f8dc7.zip |
crypto: des/3des_ede - add new helpers to verify keys
The recently added helper routine to perform key strength validation
of triple DES keys is slightly inadequate, since it comes in two versions,
neither of which are highly useful for anything other than skciphers (and
many drivers still use the older blkcipher interfaces).
So let's add a new helper and, considering that this is a helper function
that is only intended to be used by crypto code itself, put it in a new
des.h header under crypto/internal.
While at it, implement a similar helper for single DES, so that we can
start replacing the pattern of calling des_ekey() into a temp buffer
that occurs in many drivers in drivers/crypto.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/des_generic.c')
-rw-r--r-- | crypto/des_generic.c | 13 |
1 files changed, 0 insertions, 13 deletions
diff --git a/crypto/des_generic.c b/crypto/des_generic.c index dc085514408a..c4d8ecda4ddf 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -841,19 +841,6 @@ static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) d[1] = cpu_to_le32(L); } -/* - * RFC2451: - * - * For DES-EDE3, there is no known need to reject weak or - * complementation keys. Any weakness is obviated by the use of - * multiple keys. - * - * However, if the first two or last two independent 64-bit keys are - * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the - * same as DES. Implementers MUST reject keys that exhibit this - * property. - * - */ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, unsigned int keylen) { |