tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: remove CRYPTO_TFM_RES_WEAK_KEY

The CRYPTO_TFM_RES_WEAK_KEY flag was apparently meant as a way to make
the ->setkey() functions provide more information about errors.

However, no one actually checks for this flag, which makes it pointless.
There are also no tests that verify that all algorithms actually set (or
don't set) it correctly.

This is also the last remaining CRYPTO_TFM_RES_* flag, which means that
it's the only thing still needing all the boilerplate code which
propagates these flags around from child => parent tfms.

And if someone ever needs to distinguish this error in the future (which
is somewhat unlikely, as it's been unneeded for a long time), it would
be much better to just define a new return value like -EKEYREJECTED.
That would be much simpler, less error-prone, and easier to test.

So just remove this flag.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Eric Biggers and committed by
Herbert Xu c4c4db0d 674f368a

+11 -54
+2 -8
crypto/des_generic.c
··· 29 29 else 30 30 err = 0; 31 31 } 32 - 33 - if (err) { 32 + if (err) 34 33 memset(dctx, 0, sizeof(*dctx)); 35 - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); 36 - } 37 34 return err; 38 35 } 39 36 ··· 61 64 else 62 65 err = 0; 63 66 } 64 - 65 - if (err) { 67 + if (err) 66 68 memset(dctx, 0, sizeof(*dctx)); 67 - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); 68 - } 69 69 return err; 70 70 } 71 71
+4 -24
drivers/crypto/ixp4xx_crypto.c
··· 740 740 u32 keylen_cfg = 0; 741 741 struct ix_sa_dir *dir; 742 742 struct ixp_ctx *ctx = crypto_tfm_ctx(tfm); 743 + int err; 743 744 744 745 dir = encrypt ? &ctx->encrypt : &ctx->decrypt; 745 746 cinfo = dir->npe_ctx; ··· 761 760 } 762 761 cipher_cfg |= keylen_cfg; 763 762 } else { 764 - crypto_des_verify_key(tfm, key); 763 + err = crypto_des_verify_key(tfm, key); 764 + if (err) 765 + return err; 765 766 } 766 767 /* write cfg word to cryptinfo */ 767 768 *(u32*)cinfo = cpu_to_be32(cipher_cfg); ··· 820 817 unsigned int key_len) 821 818 { 822 819 struct ixp_ctx *ctx = crypto_skcipher_ctx(tfm); 823 - u32 *flags = &tfm->base.crt_flags; 824 820 int ret; 825 821 826 822 init_completion(&ctx->completion); ··· 835 833 if (ret) 836 834 goto out; 837 835 ret = setup_cipher(&tfm->base, 1, key, key_len); 838 - if (ret) 839 - goto out; 840 - 841 - if (*flags & CRYPTO_TFM_RES_WEAK_KEY) { 842 - if (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { 843 - ret = -EINVAL; 844 - } else { 845 - *flags &= ~CRYPTO_TFM_RES_WEAK_KEY; 846 - } 847 - } 848 836 out: 849 837 if (!atomic_dec_and_test(&ctx->configuring)) 850 838 wait_for_completion(&ctx->completion); ··· 1086 1094 static int aead_setup(struct crypto_aead *tfm, unsigned int authsize) 1087 1095 { 1088 1096 struct ixp_ctx *ctx = crypto_aead_ctx(tfm); 1089 - u32 *flags = &tfm->base.crt_flags; 1090 1097 unsigned digest_len = crypto_aead_maxauthsize(tfm); 1091 1098 int ret; 1092 1099 ··· 1109 1118 goto out; 1110 1119 ret = setup_auth(&tfm->base, 1, authsize, ctx->authkey, 1111 1120 ctx->authkey_len, digest_len); 1112 - if (ret) 1113 - goto out; 1114 - 1115 - if (*flags & CRYPTO_TFM_RES_WEAK_KEY) { 1116 - if (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) { 1117 - ret = -EINVAL; 1118 - goto out; 1119 - } else { 1120 - *flags &= ~CRYPTO_TFM_RES_WEAK_KEY; 1121 - } 1122 - } 1123 1121 out: 1124 1122 if (!atomic_dec_and_test(&ctx->configuring)) 1125 1123 wait_for_completion(&ctx->completion);
+3 -12
include/crypto/internal/des.h
··· 35 35 else 36 36 err = 0; 37 37 } 38 - 39 - if (err) 40 - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); 41 - 42 38 memzero_explicit(&tmp, sizeof(tmp)); 43 39 return err; 44 40 } ··· 91 95 static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm, 92 96 const u8 *key) 93 97 { 94 - int err; 95 - 96 - err = des3_ede_verify_key(key, DES3_EDE_KEY_SIZE, 97 - crypto_tfm_get_flags(tfm) & 98 - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 99 - if (err) 100 - crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); 101 - return err; 98 + return des3_ede_verify_key(key, DES3_EDE_KEY_SIZE, 99 + crypto_tfm_get_flags(tfm) & 100 + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 102 101 } 103 102 104 103 static inline int verify_skcipher_des_key(struct crypto_skcipher *tfm,
+2 -9
include/crypto/xts.h
··· 11 11 static inline int xts_check_key(struct crypto_tfm *tfm, 12 12 const u8 *key, unsigned int keylen) 13 13 { 14 - u32 *flags = &tfm->crt_flags; 15 - 16 14 /* 17 15 * key consists of keys of equal size concatenated, therefore 18 16 * the length must be even. ··· 19 21 return -EINVAL; 20 22 21 23 /* ensure that the AES and tweak key are not identical */ 22 - if (fips_enabled && 23 - !crypto_memneq(key, key + (keylen / 2), keylen / 2)) { 24 - *flags |= CRYPTO_TFM_RES_WEAK_KEY; 24 + if (fips_enabled && !crypto_memneq(key, key + (keylen / 2), keylen / 2)) 25 25 return -EINVAL; 26 - } 27 26 28 27 return 0; 29 28 } ··· 38 43 /* ensure that the AES and tweak key are not identical */ 39 44 if ((fips_enabled || (crypto_skcipher_get_flags(tfm) & 40 45 CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) && 41 - !crypto_memneq(key, key + (keylen / 2), keylen / 2)) { 42 - crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); 46 + !crypto_memneq(key, key + (keylen / 2), keylen / 2)) 43 47 return -EINVAL; 44 - } 45 48 46 49 return 0; 47 50 }
-1
include/linux/crypto.h
··· 112 112 #define CRYPTO_TFM_REQ_FORBID_WEAK_KEYS 0x00000100 113 113 #define CRYPTO_TFM_REQ_MAY_SLEEP 0x00000200 114 114 #define CRYPTO_TFM_REQ_MAY_BACKLOG 0x00000400 115 - #define CRYPTO_TFM_RES_WEAK_KEY 0x00100000 116 115 117 116 /* 118 117 * Miscellaneous stuff.