add boot partition size

hc

2023-12-11 d2ccde1c8e90d38cee87a1b0309ad2827f3fd30d

 kernel/include/crypto/internal/des.h
..
..
@@ -25,18 +25,17 @@
25
25
  */
26
26
 static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key)
27
27
 {
28
-	u32 tmp[DES_EXPKEY_WORDS];
29
-	int err = 0;
28
+	struct des_ctx tmp;
29
+	int err;
30
30
 
31
-	if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))
32
-		return 0;
33
-
34
-	if (!des_ekey(tmp, key)) {
35
-		crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
36
-		err = -EINVAL;
31
+	err = des_expand_key(&tmp, key, DES_KEY_SIZE);
32
+	if (err == -ENOKEY) {
33
+		if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
34
+			err = -EINVAL;
35
+		else
36
+			err = 0;
37
37
 	}
38
-
39
-	memzero_explicit(tmp, sizeof(tmp));
38
+	memzero_explicit(&tmp, sizeof(tmp));
40
39
 	return err;
41
40
 }
42
41
 
..
..
@@ -53,6 +52,28 @@
53
52
  *   property.
54
53
  *
55
54
  */
55
+static inline int des3_ede_verify_key(const u8 *key, unsigned int key_len,
56
+				      bool check_weak)
57
+{
58
+	int ret = fips_enabled ? -EINVAL : -ENOKEY;
59
+	u32 K[6];
60
+
61
+	memcpy(K, key, DES3_EDE_KEY_SIZE);
62
+
63
+	if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
64
+	     !((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
65
+	    (fips_enabled || check_weak))
66
+		goto bad;
67
+
68
+	if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled)
69
+		goto bad;
70
+
71
+	ret = 0;
72
+bad:
73
+	memzero_explicit(K, DES3_EDE_KEY_SIZE);
74
+
75
+	return ret;
76
+}
56
77
 
57
78
 /**
58
79
  * crypto_des3_ede_verify_key - Check whether a DES3-EDE key is weak
..
..
@@ -70,28 +91,9 @@
70
91
 static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm,
71
92
 					     const u8 *key)
72
93
 {
73
-	int err = -EINVAL;
74
-	u32 K[6];
75
-
76
-	memcpy(K, key, DES3_EDE_KEY_SIZE);
77
-
78
-	if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
79
-	     !((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
80
-	    (fips_enabled || (crypto_tfm_get_flags(tfm) &
81
-		              CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)))
82
-		goto bad;
83
-
84
-	if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled)
85
-		goto bad;
86
-
87
-	err = 0;
88
-out:
89
-	memzero_explicit(K, DES3_EDE_KEY_SIZE);
90
-	return err;
91
-
92
-bad:
93
-	crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
94
-	goto out;
94
+	return des3_ede_verify_key(key, DES3_EDE_KEY_SIZE,
95
+				   crypto_tfm_get_flags(tfm) &
96
+				   CRYPTO_TFM_REQ_FORBID_WEAK_KEYS);
95
97
 }
96
98
 
97
99
 static inline int verify_skcipher_des_key(struct crypto_skcipher *tfm,
..
..
@@ -106,35 +108,19 @@
106
108
 	return crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key);
107
109
 }
108
110
 
109
-static inline int verify_ablkcipher_des_key(struct crypto_ablkcipher *tfm,
110
-					    const u8 *key)
111
-{
112
-	return crypto_des_verify_key(crypto_ablkcipher_tfm(tfm), key);
113
-}
114
-
115
-static inline int verify_ablkcipher_des3_key(struct crypto_ablkcipher *tfm,
116
-					     const u8 *key)
117
-{
118
-	return crypto_des3_ede_verify_key(crypto_ablkcipher_tfm(tfm), key);
119
-}
120
-
121
111
 static inline int verify_aead_des_key(struct crypto_aead *tfm, const u8 *key,
122
112
 				      int keylen)
123
113
 {
124
-	if (keylen != DES_KEY_SIZE) {
125
-		crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
114
+	if (keylen != DES_KEY_SIZE)
126
115
 		return -EINVAL;
127
-	}
128
116
 	return crypto_des_verify_key(crypto_aead_tfm(tfm), key);
129
117
 }
130
118
 
131
119
 static inline int verify_aead_des3_key(struct crypto_aead *tfm, const u8 *key,
132
120
 				       int keylen)
133
121
 {
134
-	if (keylen != DES3_EDE_KEY_SIZE) {
135
-		crypto_aead_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
122
+	if (keylen != DES3_EDE_KEY_SIZE)
136
123
 		return -EINVAL;
137
-	}
138
124
 	return crypto_des3_ede_verify_key(crypto_aead_tfm(tfm), key);
139
125
 }
140
126