diff options
author | Radu Solea <radu.solea@nxp.com> | 2017-04-13 15:12:27 +0300 |
---|---|---|
committer | Leonard Crestez <leonard.crestez@nxp.com> | 2018-08-24 12:41:33 +0300 |
commit | cbcbcab313a49ea520f957c234f521092666fb1d (patch) | |
tree | a4bc62180e375362609dd011417258cb2a0138d7 /drivers/crypto/caam | |
parent | 6313ba82080813a0c09e86fc69bac0240de7f562 (diff) |
MLK-14611 Add DES key complexity validation
Signed-off-by: Radu Solea <radu.solea@nxp.com>
Diffstat (limited to 'drivers/crypto/caam')
-rw-r--r-- | drivers/crypto/caam/Kconfig | 1 | ||||
-rw-r--r-- | drivers/crypto/caam/caamalg.c | 29 |
2 files changed, 29 insertions, 1 deletions
diff --git a/drivers/crypto/caam/Kconfig b/drivers/crypto/caam/Kconfig index 58b505392c50..6741be76b20b 100644 --- a/drivers/crypto/caam/Kconfig +++ b/drivers/crypto/caam/Kconfig @@ -79,6 +79,7 @@ config CRYPTO_DEV_FSL_CAAM_CRYPTO_API select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_BLKCIPHER + select CRYPTO_DES help Selecting this will offload crypto for users of the scatterlist crypto API (such as the linux native IPSec diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 52af827a3a62..7ca01d82084b 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -1755,6 +1755,33 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, return ret; } + +static int ablkcipher_des_setkey(struct crypto_ablkcipher *ablkcipher, + const u8 *key, unsigned int keylen) +{ + u32 tmp[DES_EXPKEY_WORDS]; + u32 flags; + int ret; + + if (keylen != DES_KEY_SIZE) { + crypto_ablkcipher_set_flags(ablkcipher, + CRYPTO_TFM_RES_BAD_KEY_LEN); + return -EINVAL; + } + + ret = des_ekey(tmp, key); + + flags = crypto_ablkcipher_get_flags(ablkcipher); + if (!ret && (flags & CRYPTO_TFM_REQ_WEAK_KEY)) { + crypto_ablkcipher_set_flags(ablkcipher, + CRYPTO_TFM_RES_WEAK_KEY); + return -EINVAL; + } + + return ablkcipher_setkey(ablkcipher, key, keylen); +} + + static int xts_ablkcipher_setkey(struct crypto_ablkcipher *ablkcipher, const u8 *key, unsigned int keylen) { @@ -3027,7 +3054,7 @@ static struct caam_alg_template driver_algs[] = { .blocksize = DES_BLOCK_SIZE, .type = CRYPTO_ALG_TYPE_ABLKCIPHER, .template_ablkcipher = { - .setkey = ablkcipher_setkey, + .setkey = ablkcipher_des_setkey, .encrypt = ablkcipher_encrypt, .decrypt = ablkcipher_decrypt, .geniv = "eseqiv", |