Re: [PATCH 10/24] crypto: ccree - Forbid 2-key 3DES in FIPS mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Apr 11, 2019 at 11:27:54AM +0200, Stephan Mueller wrote:
> Am Donnerstag, 11. April 2019, 10:51:06 CEST schrieb Herbert Xu:
> 
> Hi Herbert,
> 
> > This patch forbids the use of 2-key 3DES (K1 == K3) in FIPS mode.
> > 
> > Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> > ---
> > 
> >  drivers/crypto/ccree/cc_aead.c |   37 +++++++++++++++++++++++++++++++++++--
> > 1 file changed, 35 insertions(+), 2 deletions(-)
> > 
> > diff --git a/drivers/crypto/ccree/cc_aead.c b/drivers/crypto/ccree/cc_aead.c
> > index a3527c00b29a..c5cde327cf1f 100644
> > --- a/drivers/crypto/ccree/cc_aead.c
> > +++ b/drivers/crypto/ccree/cc_aead.c
> > @@ -650,6 +650,39 @@ static int cc_aead_setkey(struct crypto_aead *tfm,
> > const u8 *key, return rc;
> >  }
> > 
> > +static int cc_des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
> > +			       unsigned int keylen)
> 
> This function looks very similar to des3_aead_setkey in the different caam 
> code changes.
> 
> Thus, wouldn't it be better to have common service function?

Sure, we can do that on top of this patch-series.

Thanks,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux