leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

crypto: hifn_795x - Forbid 2-key 3DES in FIPS mode

Browse Source 
This patch forbids the use of 2-key 3DES (K1 == K3) in FIPS mode.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Herbert Xu 2019-04-11 16:51:07 +08:00
parent 9fbfcefc9a
commit 270e21da48
1 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
drivers/crypto/hifn_795x.c
View File

@ -1976,6 +1976,29 @@ static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
return 0; return 0;
} }
static int hifn_des3_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
unsigned int len)
{
struct hifn_context *ctx = crypto_ablkcipher_ctx(cipher);
struct hifn_device *dev = ctx->dev;
u32 flags;
int err;
flags = crypto_ablkcipher_get_flags(cipher);
err = __des3_verify_key(&flags, key);
if (unlikely(err)) {
crypto_ablkcipher_set_flags(cipher, flags);
return err;
}
dev->flags &= ~HIFN_FLAG_OLD_KEY;
memcpy(ctx->key, key, len);
ctx->keysize = len;
return 0;
}
static int hifn_handle_req(struct ablkcipher_request *req) static int hifn_handle_req(struct ablkcipher_request *req)
{ {
struct hifn_context *ctx = crypto_tfm_ctx(req->base.tfm); struct hifn_context *ctx = crypto_tfm_ctx(req->base.tfm);
@ -2240,7 +2263,7 @@ static struct hifn_alg_template hifn_alg_templates[] = {
.ablkcipher = { .ablkcipher = {
.min_keysize = HIFN_3DES_KEY_LENGTH, .min_keysize = HIFN_3DES_KEY_LENGTH,
.max_keysize = HIFN_3DES_KEY_LENGTH, .max_keysize = HIFN_3DES_KEY_LENGTH,
.setkey = hifn_setkey, .setkey = hifn_des3_setkey,
.encrypt = hifn_encrypt_3des_cfb, .encrypt = hifn_encrypt_3des_cfb,
.decrypt = hifn_decrypt_3des_cfb, .decrypt = hifn_decrypt_3des_cfb,
}, },
@ -2250,7 +2273,7 @@ static struct hifn_alg_template hifn_alg_templates[] = {
.ablkcipher = { .ablkcipher = {
.min_keysize = HIFN_3DES_KEY_LENGTH, .min_keysize = HIFN_3DES_KEY_LENGTH,
.max_keysize = HIFN_3DES_KEY_LENGTH, .max_keysize = HIFN_3DES_KEY_LENGTH,
.setkey = hifn_setkey, .setkey = hifn_des3_setkey,
.encrypt = hifn_encrypt_3des_ofb, .encrypt = hifn_encrypt_3des_ofb,
.decrypt = hifn_decrypt_3des_ofb, .decrypt = hifn_decrypt_3des_ofb,
}, },
@ -2261,7 +2284,7 @@ static struct hifn_alg_template hifn_alg_templates[] = {
.ivsize = HIFN_IV_LENGTH, .ivsize = HIFN_IV_LENGTH,
.min_keysize = HIFN_3DES_KEY_LENGTH, .min_keysize = HIFN_3DES_KEY_LENGTH,
.max_keysize = HIFN_3DES_KEY_LENGTH, .max_keysize = HIFN_3DES_KEY_LENGTH,
.setkey = hifn_setkey, .setkey = hifn_des3_setkey,
.encrypt = hifn_encrypt_3des_cbc, .encrypt = hifn_encrypt_3des_cbc,
.decrypt = hifn_decrypt_3des_cbc, .decrypt = hifn_decrypt_3des_cbc,
}, },
@ -2271,7 +2294,7 @@ static struct hifn_alg_template hifn_alg_templates[] = {
.ablkcipher = { .ablkcipher = {
.min_keysize = HIFN_3DES_KEY_LENGTH, .min_keysize = HIFN_3DES_KEY_LENGTH,
.max_keysize = HIFN_3DES_KEY_LENGTH, .max_keysize = HIFN_3DES_KEY_LENGTH,
.setkey = hifn_setkey, .setkey = hifn_des3_setkey,
.encrypt = hifn_encrypt_3des_ecb, .encrypt = hifn_encrypt_3des_ecb,
.decrypt = hifn_decrypt_3des_ecb, .decrypt = hifn_decrypt_3des_ecb,
}, },