diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2019-04-11 16:51:07 +0800 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-04-18 22:15:00 +0800 |
commit | 270e21da4890afedddec48a626e1a07ff6595fc6 (patch) | |
tree | fc36e3d3487699c207e2ddca1f7c3c34e709d800 /drivers | |
parent | 9fbfcefc9a41d3a481d0c1e484bb503c2cf86674 (diff) | |
download | lwn-270e21da4890afedddec48a626e1a07ff6595fc6.tar.gz lwn-270e21da4890afedddec48a626e1a07ff6595fc6.zip |
crypto: hifn_795x - Forbid 2-key 3DES in FIPS mode
This patch forbids the use of 2-key 3DES (K1 == K3) in FIPS mode.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers')
-rw-r--r-- | drivers/crypto/hifn_795x.c | 31 |
1 files changed, 27 insertions, 4 deletions
diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c index dad212cabe63..d656be0a142b 100644 --- a/drivers/crypto/hifn_795x.c +++ b/drivers/crypto/hifn_795x.c @@ -1976,6 +1976,29 @@ static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key, return 0; } +static int hifn_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, + unsigned int len) +{ + struct hifn_context *ctx = crypto_ablkcipher_ctx(cipher); + struct hifn_device *dev = ctx->dev; + u32 flags; + int err; + + flags = crypto_ablkcipher_get_flags(cipher); + err = __des3_verify_key(&flags, key); + if (unlikely(err)) { + crypto_ablkcipher_set_flags(cipher, flags); + return err; + } + + dev->flags &= ~HIFN_FLAG_OLD_KEY; + + memcpy(ctx->key, key, len); + ctx->keysize = len; + + return 0; +} + static int hifn_handle_req(struct ablkcipher_request *req) { struct hifn_context *ctx = crypto_tfm_ctx(req->base.tfm); @@ -2240,7 +2263,7 @@ static struct hifn_alg_template hifn_alg_templates[] = { .ablkcipher = { .min_keysize = HIFN_3DES_KEY_LENGTH, .max_keysize = HIFN_3DES_KEY_LENGTH, - .setkey = hifn_setkey, + .setkey = hifn_des3_setkey, .encrypt = hifn_encrypt_3des_cfb, .decrypt = hifn_decrypt_3des_cfb, }, @@ -2250,7 +2273,7 @@ static struct hifn_alg_template hifn_alg_templates[] = { .ablkcipher = { .min_keysize = HIFN_3DES_KEY_LENGTH, .max_keysize = HIFN_3DES_KEY_LENGTH, - .setkey = hifn_setkey, + .setkey = hifn_des3_setkey, .encrypt = hifn_encrypt_3des_ofb, .decrypt = hifn_decrypt_3des_ofb, }, @@ -2261,7 +2284,7 @@ static struct hifn_alg_template hifn_alg_templates[] = { .ivsize = HIFN_IV_LENGTH, .min_keysize = HIFN_3DES_KEY_LENGTH, .max_keysize = HIFN_3DES_KEY_LENGTH, - .setkey = hifn_setkey, + .setkey = hifn_des3_setkey, .encrypt = hifn_encrypt_3des_cbc, .decrypt = hifn_decrypt_3des_cbc, }, @@ -2271,7 +2294,7 @@ static struct hifn_alg_template hifn_alg_templates[] = { .ablkcipher = { .min_keysize = HIFN_3DES_KEY_LENGTH, .max_keysize = HIFN_3DES_KEY_LENGTH, - .setkey = hifn_setkey, + .setkey = hifn_des3_setkey, .encrypt = hifn_encrypt_3des_ecb, .decrypt = hifn_decrypt_3des_ecb, }, |