Le 05/08/2019 à 19:00, Ard Biesheuvel a écrit :
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
Reviewed-by: Christophe Leroy <christophe.leroy@xxxxxx>
---
drivers/crypto/talitos.c | 34 ++++----------------
1 file changed, 7 insertions(+), 27 deletions(-)
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index c9d686a0e805..890cf52007f2 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -30,7 +30,7 @@
#include <crypto/algapi.h>
#include <crypto/aes.h>
-#include <crypto/des.h>
+#include <crypto/internal/des.h>
#include <crypto/sha.h>
#include <crypto/md5.h>
#include <crypto/internal/aead.h>
@@ -939,12 +939,9 @@ static int aead_des3_setkey(struct crypto_aead *authenc,
if (keys.enckeylen != DES3_EDE_KEY_SIZE)
goto badkey;
- flags = crypto_aead_get_flags(authenc);
- err = __des3_verify_key(&flags, keys.enckey);
- if (unlikely(err)) {
- crypto_aead_set_flags(authenc, flags);
+ err = crypto_des3_ede_verify_key(crypto_aead_tfm(authenc), keys.enckey);
+ if (err)
goto out;
- }
if (ctx->keylen)
dma_unmap_single(dev, ctx->dma_key, ctx->keylen, DMA_TO_DEVICE);
@@ -1517,32 +1514,15 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher,
static int ablkcipher_des_setkey(struct crypto_ablkcipher *cipher,
const u8 *key, unsigned int keylen)
{
- u32 tmp[DES_EXPKEY_WORDS];
-
- if (unlikely(crypto_ablkcipher_get_flags(cipher) &
- CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) &&
- !des_ekey(tmp, key)) {
- crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
- return -EINVAL;
- }
-
- return ablkcipher_setkey(cipher, key, keylen);
+ return crypto_des_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
+ ablkcipher_setkey(cipher, key, keylen);
}
static int ablkcipher_des3_setkey(struct crypto_ablkcipher *cipher,
const u8 *key, unsigned int keylen)
{
- u32 flags;
- int err;
-
- flags = crypto_ablkcipher_get_flags(cipher);
- err = __des3_verify_key(&flags, key);
- if (unlikely(err)) {
- crypto_ablkcipher_set_flags(cipher, flags);
- return err;
- }
-
- return ablkcipher_setkey(cipher, key, keylen);
+ return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(cipher), key) ?:
+ ablkcipher_setkey(cipher, key, keylen);
}
static int ablkcipher_aes_setkey(struct crypto_ablkcipher *cipher,