diff options
author | LEROY Christophe <christophe.leroy@c-s.fr> | 2017-10-06 13:04:37 (GMT) |
---|---|---|
committer | Xie Xiaobo <xiaobo.xie@nxp.com> | 2017-12-13 03:23:11 (GMT) |
commit | b557de50eff1274ff922038a134cd4684f77f89a (patch) | |
tree | 5d21edc2889d13573058455cab84c70ea4791eb0 /drivers/crypto/talitos.c | |
parent | 256a6a59b168d4124fea3f63b618bce583de22c9 (diff) | |
download | linux-b557de50eff1274ff922038a134cd4684f77f89a.tar.xz |
crypto: talitos - fix setkey to check key weakness
Crypto manager test report the following failures:
[ 3.061081] alg: skcipher: setkey failed on test 5 for ecb-des-talitos: flags=100
[ 3.069342] alg: skcipher-ddst: setkey failed on test 5 for ecb-des-talitos: flags=100
[ 3.077754] alg: skcipher-ddst: setkey failed on test 5 for ecb-des-talitos: flags=100
This is due to setkey being expected to detect weak keys.
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(cherry picked from commit f384cdc4faf350fdb6ad93c5f26952b9ba7c7566)
Diffstat (limited to 'drivers/crypto/talitos.c')
-rw-r--r-- | drivers/crypto/talitos.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c index 3cfd100..cc596bd 100644 --- a/drivers/crypto/talitos.c +++ b/drivers/crypto/talitos.c @@ -1507,12 +1507,20 @@ static int ablkcipher_setkey(struct crypto_ablkcipher *cipher, const u8 *key, unsigned int keylen) { struct talitos_ctx *ctx = crypto_ablkcipher_ctx(cipher); + u32 tmp[DES_EXPKEY_WORDS]; if (keylen > TALITOS_MAX_KEY_SIZE) { crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN); return -EINVAL; } + if (unlikely(crypto_ablkcipher_get_flags(cipher) & + CRYPTO_TFM_REQ_WEAK_KEY) && + !des_ekey(tmp, key)) { + crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_WEAK_KEY); + return -EINVAL; + } + memcpy(&ctx->key, key, keylen); ctx->keylen = keylen; |