Re: [PATCH v2 00/30] crypto: DES/3DES cleanup

Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> · Thu, 27 Jun 2019 16:54:05 +0200

On Thu, 27 Jun 2019 at 16:50, Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:
>
> On Thu, 27 Jun 2019 at 16:44, Horia Geanta <horia.geanta@xxxxxxx> wrote:
> >
> > On 6/27/2019 3:03 PM, Ard Biesheuvel wrote:
> > > n my effort to remove crypto_alloc_cipher() invocations from non-crypto
> > > code, i ran into a DES call in the CIFS driver. This is addressed in
> > > patch #30.
> > >
> > > The other patches are cleanups for the quirky DES interface, and lots
> > > of duplication of the weak key checks etc.
> > >
> > > Changes since vpub/scm/linux/kernel/git/arm64/linux.git/log/?h=for-next/fixes1/RFC:
> > > - fix build errors in various drivers that i failed to catch in my
> > >   initial testing
> > > - put all caam changes into the correct patch
> > > - fix weak key handling error flagged by the self tests, as reported
> > >   by Eric.
> > I am seeing a similar (?) issue:
> > alg: skcipher: ecb-des-caam setkey failed on test vector 4; expected_error=-22, actual_error=-126, flags=0x100101
> >
> > crypto_des_verify_key() in include/crypto/internal/des.h returns -ENOKEY,
> > while testmgr expects -EINVAL (setkey_error = -EINVAL in the test vector).
> >
> > I assume crypto_des_verify_key() should return -EINVAL, not -ENOKEY.
> >
>
> Yes, but I tried to keep handling of the crypto_tfm flags out of the
> library interface.
>
> I will try to find a way to solve this cleanly.

Actually, it should be as simple as

diff --git a/include/crypto/internal/des.h b/include/crypto/internal/des.h
index dfe5e8f92270..522c09c08002 100644
--- a/include/crypto/internal/des.h
+++ b/include/crypto/internal/des.h
@@ -27,10 +27,12 @@ static inline int crypto_des_verify_key(struct
crypto_tfm *tfm, const u8 *key)
        int err;

        err = des_expand_key(&tmp, key, DES_KEY_SIZE);
-       if (err == -ENOKEY &&
-           !(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))
-               err = 0;
-
+       if (err == -ENOKEY) {
+               if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
+                       err = -EINVAL;
+               else
+                       err = 0;
+       }
        if (err)
                crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);






