Patch "crypto: talitos - fix setkey to check key weakness" has been added to the 4.14-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Tue, 12 Dec 2017 09:31:08 +0100

This is a note to let you know that I've just added the patch titled

    crypto: talitos - fix setkey to check key weakness

to the 4.14-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     crypto-talitos-fix-setkey-to-check-key-weakness.patch
and it can be found in the queue-4.14 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From f384cdc4faf350fdb6ad93c5f26952b9ba7c7566 Mon Sep 17 00:00:00 2001
From: LEROY Christophe <christophe.leroy@xxxxxx>
Date: Fri, 6 Oct 2017 15:04:37 +0200
Subject: crypto: talitos - fix setkey to check key weakness

From: LEROY Christophe <christophe.leroy@xxxxxx>

commit f384cdc4faf350fdb6ad93c5f26952b9ba7c7566 upstream.

Crypto manager test report the following failures:
[    3.061081] alg: skcipher: setkey failed on test 5 for ecb-des-talitos: flags=100
[    3.069342] alg: skcipher-ddst: setkey failed on test 5 for ecb-des-talitos: flags=100
[    3.077754] alg: skcipher-ddst: setkey failed on test 5 for ecb-des-talitos: flags=100

This is due to setkey being expected to detect weak keys.

Signed-off-by: Christophe Leroy <christophe.leroy@xxxxxx>
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 drivers/crypto/talitos.c |    8 ++++++++
 1 file changed, 8 insertions(+)

--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -1507,12 +1507,20 @@ static int ablkcipher_setkey(struct cryp
 			     const u8 *key, unsigned int keylen)
 {
 	struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher);
+	u32 tmp[DES_EXPKEY_WORDS];
 
 	if (keylen > TALITOS_MAX_KEY_SIZE) {
 		crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
 		return -EINVAL;
 	}
 
+	if (unlikely(crypto_ablkcipher_get_flags(cipher) &
+		     CRYPTO_TFM_REQ_WEAK_KEY) &&
+	    !des_ekey(tmp, key)) {
+		crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY);
+		return -EINVAL;
+	}
+
 	memcpy(&ctx->key, key, keylen);
 	ctx->keylen = keylen;
 


Patches currently in stable-queue which might be from christophe.leroy@xxxxxx are

queue-4.14/crypto-talitos-fix-aead-for-sha224-on-non-sha224-capable-chips.patch
queue-4.14/crypto-talitos-fix-memory-corruption-on-sec2.patch
queue-4.14/crypto-talitos-fix-use-of-sg_link_tbl_len.patch
queue-4.14/crypto-talitos-fix-setkey-to-check-key-weakness.patch
queue-4.14/crypto-talitos-fix-aead-test-failures.patch
queue-4.14/crypto-talitos-fix-ctr-aes-talitos.patch






