Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
phyus
/
linux-vybrid_public
8
0
Салаа 0
Файлууд Асуудлууд 0 Хуулах хүсэлтүүд 0 Мэдлэгийн сан
Эх сурвалжийг харах

[CRYPTO] hifn_795x: Detect weak keys

HIFN driver update to use DES weak key checks (exported in this patch).

Signed-off-by: Evgeniy Polyakov <johnpol@2ka.mipt.ru>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Evgeniy Polyakov 17 жил өмнө
parent
16d004a2ed
commit
c3041f9c93
3 өөрчлөгдсөн 17 нэмэгдсэн , 5 устгасан
Өөрчлөллтийг нэгтгэж харах Өөрчлөлтийн статистик харах
  1. 5 4
      crypto/des_generic.c
  2. 1 1
      drivers/crypto/Kconfig
  3. 11 0
      drivers/crypto/hifn_795x.c

+ 5 - 4
crypto/des_generic.c
Файл харах 

@@ -628,7 +628,7 @@ static const u32 S8[64] = {
 
  *   Choice 1 has operated on the key.
 
  *   Choice 1 has operated on the key.
 
  *
 
  *
 
  */
 
  */
 
-static unsigned long ekey(u32 *pe, const u8 *k)
 
+unsigned long des_ekey(u32 *pe, const u8 *k)
 
 {
 
 {
 
 	/* K&R: long is at least 32 bits */
 
 	/* K&R: long is at least 32 bits */
 
 	unsigned long a, b, c, d, w;
 
 	unsigned long a, b, c, d, w;
 
@@ -703,6 +703,7 @@ static unsigned long ekey(u32 *pe, const u8 *k)
 
 	/* Zero if weak key */
 
 	/* Zero if weak key */
 
 	return w;
 
 	return w;
 
 }
 
 }
 
+EXPORT_SYMBOL_GPL(des_ekey);
 
 
 
 /*
 
 /*
 
  * Decryption key expansion
 
  * Decryption key expansion
 
@@ -786,7 +787,7 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
 
 	int ret;
 
 	int ret;
 
 
 
 	/* Expand to tmp */
 
 	/* Expand to tmp */
 
-	ret = ekey(tmp, key);
 
+	ret = des_ekey(tmp, key);
 
 
 
 	if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
 
 	if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
 
 		*flags |= CRYPTO_TFM_RES_WEAK_KEY;
 
 		*flags |= CRYPTO_TFM_RES_WEAK_KEY;
 
@@ -873,9 +874,9 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key,
 
 		return -EINVAL;
 
 		return -EINVAL;
 
 	}
 
 	}
 
 
 
-	ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
 
+	des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
 
 	dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
 
 	dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
 
-	ekey(expkey, key);
 
+	des_ekey(expkey, key);
 
 
 
 	return 0;
 
 	return 0;
 
 }
 
 }

+ 1 - 1
drivers/crypto/Kconfig
Файл харах 

@@ -85,9 +85,9 @@ config ZCRYPT_MONOLITHIC
 
 
 
 config CRYPTO_DEV_HIFN_795X
 
 config CRYPTO_DEV_HIFN_795X
 
 	tristate "Driver HIFN 795x crypto accelerator chips"
 
 	tristate "Driver HIFN 795x crypto accelerator chips"
 
+	select CRYPTO_DES
 
 	select CRYPTO_ALGAPI
 
 	select CRYPTO_ALGAPI
 
 	select CRYPTO_ABLKCIPHER
 
 	select CRYPTO_ABLKCIPHER
 
-	select CRYPTO_BLKCIPHER
 
 	help
 
 	help
 
 	  This option allows you to have support for HIFN 795x crypto adapters.
 
 	  This option allows you to have support for HIFN 795x crypto adapters.

+ 11 - 0
drivers/crypto/hifn_795x.c
Файл харах 

@@ -29,6 +29,7 @@
 
 #include <linux/crypto.h>
 
 #include <linux/crypto.h>
 
 
 
 #include <crypto/algapi.h>
 
 #include <crypto/algapi.h>
 
+#include <crypto/des.h>
 
 
 
 #include <asm/kmap_types.h>
 
 #include <asm/kmap_types.h>
 
 
 
@@ -1924,6 +1925,16 @@ static int hifn_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
 
 		return -1;
 
 		return -1;
 
 	}
 
 	}
 
 
 
+	if (len == HIFN_DES_KEY_LENGTH) {
 
+		u32 tmp[DES_EXPKEY_WORDS];
 
+		int ret = des_ekey(tmp, key);
 
+		
+		if (unlikely(ret == 0) && (tfm->crt_flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
 
+			tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
 
+			return -EINVAL;
 
+		}
 
+	}
 
+
 
 	dev->flags &= ~HIFN_FLAG_OLD_KEY;
 
 	dev->flags &= ~HIFN_FLAG_OLD_KEY;
 
 
 
 	memcpy(ctx->key, key, len);
 
 	memcpy(ctx->key, key, len);