diff options
author | Lionel Debieve <lionel.debieve@st.com> | 2019-04-24 15:34:51 +0200 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-05-03 14:03:29 +0800 |
commit | 7ee27f5a3f8020124017624c010e9a8473bfbb14 (patch) | |
tree | b060ae698a5614e8c8ae210e1c439c8ca66707be /drivers/crypto/stm32 | |
parent | 6bbc3936a4559590567ba902f817907576fe34d0 (diff) |
crypto: stm32/cryp - add weak key check for DES
Add weak key test for des functions calling the generic
des_ekey.
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers/crypto/stm32')
-rw-r--r-- | drivers/crypto/stm32/Kconfig | 1 | ||||
-rw-r--r-- | drivers/crypto/stm32/stm32-cryp.c | 13 |
2 files changed, 12 insertions, 2 deletions
diff --git a/drivers/crypto/stm32/Kconfig b/drivers/crypto/stm32/Kconfig index 63aa78c0b12b..4491e2197d9f 100644 --- a/drivers/crypto/stm32/Kconfig +++ b/drivers/crypto/stm32/Kconfig @@ -24,6 +24,7 @@ config CRYPTO_DEV_STM32_CRYP depends on ARCH_STM32 select CRYPTO_HASH select CRYPTO_ENGINE + select CRYPTO_DES help This enables support for the CRYP (AES/DES/TDES) hw accelerator which can be found on STMicroelectronics STM32 SOC. diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c index 5785f3e235ce..cfcb640c20d0 100644 --- a/drivers/crypto/stm32/stm32-cryp.c +++ b/drivers/crypto/stm32/stm32-cryp.c @@ -753,10 +753,19 @@ static int stm32_cryp_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, static int stm32_cryp_des_setkey(struct crypto_ablkcipher *tfm, const u8 *key, unsigned int keylen) { + u32 tmp[DES_EXPKEY_WORDS]; + if (keylen != DES_KEY_SIZE) return -EINVAL; - else - return stm32_cryp_setkey(tfm, key, keylen); + + if ((crypto_ablkcipher_get_flags(tfm) & + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS) && + unlikely(!des_ekey(tmp, key))) { + crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY); + return -EINVAL; + } + + return stm32_cryp_setkey(tfm, key, keylen); } static int stm32_cryp_tdes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, |