~hc/RK356X_SDK_RELEASE.git

..	..	@@ -25,18 +25,17 @@
25	25	*/
26	26	static inline int crypto_des_verify_key(struct crypto_tfm tfm, const u8 key)
27	27	{
28		- u32 tmp[DES_EXPKEY_WORDS];
29		- int err = 0;
	28	+ struct des_ctx tmp;
	29	+ int err;
30	30
31		- if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))
32		- return 0;
33		-
34		- if (!des_ekey(tmp, key)) {
35		- crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
36		- err = -EINVAL;
	31	+ err = des_expand_key(&tmp, key, DES_KEY_SIZE);
	32	+ if (err == -ENOKEY) {
	33	+ if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
	34	+ err = -EINVAL;
	35	+ else
	36	+ err = 0;
37	37	}
38		-
39		- memzero_explicit(tmp, sizeof(tmp));
	38	+ memzero_explicit(&tmp, sizeof(tmp));
40	39	return err;
41	40	}
42	41
..	..	@@ -53,6 +52,28 @@
53	52	* property.
54	53	*
55	54	*/
	55	+static inline int des3_ede_verify_key(const u8 *key, unsigned int key_len,
	56	+ bool check_weak)
	57	+{
	58	+ int ret = fips_enabled ? -EINVAL : -ENOKEY;
	59	+ u32 K[6];
	60	+
	61	+ memcpy(K, key, DES3_EDE_KEY_SIZE);
	62	+
	63	+ if ((!((K[0] ^ K[2]) \| (K[1] ^ K[3])) \|\|
	64	+ !((K[2] ^ K[4]) \| (K[3] ^ K[5]))) &&
	65	+ (fips_enabled \|\| check_weak))
	66	+ goto bad;
	67	+
	68	+ if ((!((K[0] ^ K[4]) \| (K[1] ^ K[5]))) && fips_enabled)
	69	+ goto bad;
	70	+
	71	+ ret = 0;
	72	+bad:
	73	+ memzero_explicit(K, DES3_EDE_KEY_SIZE);
	74	+
	75	+ return ret;
	76	+}
56	77
57	78	/**
58	79	* crypto_des3_ede_verify_key - Check whether a DES3-EDE key is weak
..	..	@@ -70,28 +91,9 @@
70	91	static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm,
71	92	const u8 *key)
72	93	{
73		- int err = -EINVAL;
74		- u32 K[6];
75		-
76		- memcpy(K, key, DES3_EDE_KEY_SIZE);
77		-
78		- if ((!((K[0] ^ K[2]) \| (K[1] ^ K[3])) \|\|
79		- !((K[2] ^ K[4]) \| (K[3] ^ K[5]))) &&
80		- (fips_enabled \|\| (crypto_tfm_get_flags(tfm) &
81		- CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)))
82		- goto bad;
83		-
84		- if ((!((K[0] ^ K[4]) \| (K[1] ^ K[5]))) && fips_enabled)
85		- goto bad;
86		-
87		- err = 0;
88		-out:
89		- memzero_explicit(K, DES3_EDE_KEY_SIZE);
90		- return err;
91		-
92		-bad:
93		- crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
94		- goto out;
	94	+ return des3_ede_verify_key(key, DES3_EDE_KEY_SIZE,
	95	+ crypto_tfm_get_flags(tfm) &
	96	+ CRYPTO_TFM_REQ_FORBID_WEAK_KEYS);
95	97	}
96	98
97	99	static inline int verify_skcipher_des_key(struct crypto_skcipher *tfm,
..	..	@@ -106,35 +108,19 @@
106	108	return crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key);
107	109	}
108	110
109		-static inline int verify_ablkcipher_des_key(struct crypto_ablkcipher *tfm,
110		- const u8 *key)
111		-{
112		- return crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key);
113		-}
114		-
115		-static inline int verify_ablkcipher_des3_key(struct crypto_ablkcipher *tfm,
116		- const u8 *key)
117		-{
118		- return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key);
119		-}
120		-
121	111	static inline int verify_aead_des_key(struct crypto_aead tfm, const u8 key,
122	112	int keylen)
123	113	{
124		- if (keylen != DES_KEY_SIZE) {
125		- crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
	114	+ if (keylen != DES_KEY_SIZE)
126	115	return -EINVAL;
127		- }
128	116	return crypto_des_verify_key(crypto_aead_tfm(tfm), key);
129	117	}
130	118
131	119	static inline int verify_aead_des3_key(struct crypto_aead tfm, const u8 key,
132	120	int keylen)
133	121	{
134		- if (keylen != DES3_EDE_KEY_SIZE) {
135		- crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
	122	+ if (keylen != DES3_EDE_KEY_SIZE)
136	123	return -EINVAL;
137		- }
138	124	return crypto_des3_ede_verify_key(crypto_aead_tfm(tfm), key);
139	125	}
140	126