On Thu, Oct 11, 2007 at 03:30:03PM +0400, Evgeniy Polyakov (johnpol@xxxxxxxxxxx) wrote:
> On Thu, Oct 11, 2007 at 06:52:02PM +0800, Herbert Xu (herbert@xxxxxxxxxxxxxxxxxxx) wrote:
> > On Thu, Oct 11, 2007 at 02:43:14PM +0400, Evgeniy Polyakov wrote:
> > >
> > > Attached patch fixes that with following tcrypt output:
> >
> > That was quick :)
> >
> > Unfortunately it doesn't apply because des.c has been renamed
> > to des_generic.c in cryptodev-2.6. Could you please fix that
> > up and also move the prototype into a header file, say
> > include/crypto/des.h?
HIFN driver update to use DES weak key checks (exported in this patch).
Signed-off-by: Evgeniy Polyakov <johnpol@xxxxxxxxxxx>
--- linux-2.6.mainline/crypto/des.c 2007-10-11 05:05:35.000000000 +0400
+++ linux-2.6.cryptodev-2.6/crypto/des_generic.c 2007-10-11 15:20:02.000000000 +0400
@@ -20,13 +20,7 @@
#include <linux/crypto.h>
#include <linux/types.h>
-#define DES_KEY_SIZE 8
-#define DES_EXPKEY_WORDS 32
-#define DES_BLOCK_SIZE 8
-
-#define DES3_EDE_KEY_SIZE (3 * DES_KEY_SIZE)
-#define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS)
-#define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE
+#include <crypto/des.h>
#define ROL(x, r) ((x) = rol32((x), (r)))
#define ROR(x, r) ((x) = ror32((x), (r)))
@@ -634,7 +628,7 @@
* Choice 1 has operated on the key.
*
*/
-static unsigned long ekey(u32 *pe, const u8 *k)
+unsigned long des_ekey(u32 *pe, const u8 *k)
{
/* K&R: long is at least 32 bits */
unsigned long a, b, c, d, w;
@@ -709,6 +703,7 @@
/* Zero if weak key */
return w;
}
+EXPORT_SYMBOL_GPL(des_ekey);
/*
* Decryption key expansion
@@ -792,7 +787,7 @@
int ret;
/* Expand to tmp */
- ret = ekey(tmp, key);
+ ret = des_ekey(tmp, key);
if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
*flags |= CRYPTO_TFM_RES_WEAK_KEY;
@@ -879,9 +874,9 @@
return -EINVAL;
}
- ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
+ des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
- ekey(expkey, key);
+ des_ekey(expkey, key);
return 0;
}
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index e3d01da..52b5bb4 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -90,9 +90,9 @@ config ZCRYPT_MONOLITHIC
config CRYPTO_DEV_HIFN_795X
tristate "Driver HIFN 795x crypto accelerator chips"
+ select DES
select CRYPTO_ALGAPI
select CRYPTO_ABLKCIPHER
- select CRYPTO_BLKCIPHER
help
This option allows you to have support for HIFN 795x crypto adapters.
diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c
index b6c1ee1..c3479b0 100644
--- a/drivers/crypto/hifn_795x.c
+++ b/drivers/crypto/hifn_795x.c
@@ -29,6 +29,7 @@
#include <linux/crypto.h>
#include <crypto/algapi.h>
+#include <crypto/des.h>
#include <asm/kmap_types.h>
@@ -1927,6 +1928,16 @@ static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
return -1;
}
+ if (len == HIFN_DES_KEY_LENGTH) {
+ u32 tmp[DES_EXPKEY_WORDS];
+ int ret = des_ekey(tmp, key);
+
+ if (unlikely(ret == 0) && (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
+ tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
+ return -EINVAL;
+ }
+ }
+
dev->flags &= ~HIFN_FLAG_OLD_KEY;
memcpy(ctx->key, key, len);
--
Evgeniy Polyakov
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
