Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> --- drivers/crypto/talitos.c | 33 +++++++------------- 1 file changed, 11 insertions(+), 22 deletions(-) diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index c865f5d5eaba..ec759576ebd3 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -30,7 +30,7 @@ #include <crypto/algapi.h> #include <crypto/aes.h> -#include <crypto/des.h> +#include <crypto/internal/des.h> #include <crypto/sha.h> #include <crypto/md5.h> #include <crypto/internal/aead.h> @@ -920,16 +920,11 @@ static int aead_des3_setkey(struct crypto_aead *authenc, if (keys.authkeylen + keys.enckeylen > TALITOS_MAX_KEY_SIZE) goto badkey; - if (keys.enckeylen != DES3_EDE_KEY_SIZE) + err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey, + keys.enckeylen); + if (unlikely(err)) goto badkey; - flags = crypto_aead_get_flags(authenc); - err = __des3_verify_key(&flags, keys.enckey); - if (unlikely(err)) { - crypto_aead_set_flags(authenc, flags); - goto out; - } - if (ctx->keylen) dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE); @@ -1538,14 +1533,11 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 tmp[DES_EXPKEY_WORDS]; + int err; - if (unlikely(crypto_ablkcipher_get_flags(cipher) & - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && - !des_ekey(tmp, key)) { - crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); - return -EINVAL; - } + err = crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key, keylen); + if (unlikely(err)) + return err; return ablkcipher_setkey(cipher, key, keylen); } @@ -1553,15 +1545,12 @@ static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher, static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { - u32 flags; int err; - flags = crypto_ablkcipher_get_flags(cipher); - err = __des3_verify_key(&flags, key); - if (unlikely(err)) { - crypto_ablkcipher_set_flags(cipher, flags); + err = crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key, + keylen); + if (unlikely(err)) return err; - } return ablkcipher_setkey(cipher, key, keylen); } -- 2.20.1