Skip to content

Commit 1b52c40

Browse files
herbertxherbertx
committed
crypto: caam - Forbid 2-key 3DES in FIPS mode
This patch forbids the use of 2-key 3DES (K1 == K3) in FIPS mode. Signed-off-by: Herbert Xu <[email protected]> Reviewed-by: Horia Geantă <[email protected]> Tested-by: Iuliana Prodan <[email protected]> Signed-off-by: Herbert Xu <[email protected]>
1 parent a660824 commit 1b52c40

File tree

3 files changed

+151
-38
lines changed

3 files changed

+151
-38
lines changed

drivers/crypto/caam/caamalg.c

Lines changed: 45 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -638,6 +638,39 @@ static int aead_setkey(struct crypto_aead *aead,
638638
return -EINVAL;
639639
}
640640

641+
static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
642+
unsigned int keylen)
643+
{
644+
struct crypto_authenc_keys keys;
645+
u32 flags;
646+
int err;
647+
648+
err = crypto_authenc_extractkeys(&keys, key, keylen);
649+
if (unlikely(err))
650+
goto badkey;
651+
652+
err = -EINVAL;
653+
if (keys.enckeylen != DES3_EDE_KEY_SIZE)
654+
goto badkey;
655+
656+
flags = crypto_aead_get_flags(aead);
657+
err = __des3_verify_key(&flags, keys.enckey);
658+
if (unlikely(err)) {
659+
crypto_aead_set_flags(aead, flags);
660+
goto out;
661+
}
662+
663+
err = aead_setkey(aead, key, keylen);
664+
665+
out:
666+
memzero_explicit(&keys, sizeof(keys));
667+
return err;
668+
669+
badkey:
670+
crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
671+
goto out;
672+
}
673+
641674
static int gcm_setkey(struct crypto_aead *aead,
642675
const u8 *key, unsigned int keylen)
643676
{
@@ -2457,7 +2490,7 @@ static struct caam_aead_alg driver_aeads[] = {
24572490
"cbc-des3_ede-caam",
24582491
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
24592492
},
2460-
.setkey = aead_setkey,
2493+
.setkey = des3_aead_setkey,
24612494
.setauthsize = aead_setauthsize,
24622495
.encrypt = aead_encrypt,
24632496
.decrypt = aead_decrypt,
@@ -2479,7 +2512,7 @@ static struct caam_aead_alg driver_aeads[] = {
24792512
"cbc-des3_ede-caam",
24802513
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
24812514
},
2482-
.setkey = aead_setkey,
2515+
.setkey = des3_aead_setkey,
24832516
.setauthsize = aead_setauthsize,
24842517
.encrypt = aead_encrypt,
24852518
.decrypt = aead_decrypt,
@@ -2502,7 +2535,7 @@ static struct caam_aead_alg driver_aeads[] = {
25022535
"cbc-des3_ede-caam",
25032536
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
25042537
},
2505-
.setkey = aead_setkey,
2538+
.setkey = des3_aead_setkey,
25062539
.setauthsize = aead_setauthsize,
25072540
.encrypt = aead_encrypt,
25082541
.decrypt = aead_decrypt,
@@ -2525,7 +2558,7 @@ static struct caam_aead_alg driver_aeads[] = {
25252558
"cbc-des3_ede-caam",
25262559
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
25272560
},
2528-
.setkey = aead_setkey,
2561+
.setkey = des3_aead_setkey,
25292562
.setauthsize = aead_setauthsize,
25302563
.encrypt = aead_encrypt,
25312564
.decrypt = aead_decrypt,
@@ -2548,7 +2581,7 @@ static struct caam_aead_alg driver_aeads[] = {
25482581
"cbc-des3_ede-caam",
25492582
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
25502583
},
2551-
.setkey = aead_setkey,
2584+
.setkey = des3_aead_setkey,
25522585
.setauthsize = aead_setauthsize,
25532586
.encrypt = aead_encrypt,
25542587
.decrypt = aead_decrypt,
@@ -2571,7 +2604,7 @@ static struct caam_aead_alg driver_aeads[] = {
25712604
"cbc-des3_ede-caam",
25722605
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
25732606
},
2574-
.setkey = aead_setkey,
2607+
.setkey = des3_aead_setkey,
25752608
.setauthsize = aead_setauthsize,
25762609
.encrypt = aead_encrypt,
25772610
.decrypt = aead_decrypt,
@@ -2594,7 +2627,7 @@ static struct caam_aead_alg driver_aeads[] = {
25942627
"cbc-des3_ede-caam",
25952628
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
25962629
},
2597-
.setkey = aead_setkey,
2630+
.setkey = des3_aead_setkey,
25982631
.setauthsize = aead_setauthsize,
25992632
.encrypt = aead_encrypt,
26002633
.decrypt = aead_decrypt,
@@ -2617,7 +2650,7 @@ static struct caam_aead_alg driver_aeads[] = {
26172650
"cbc-des3_ede-caam",
26182651
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
26192652
},
2620-
.setkey = aead_setkey,
2653+
.setkey = des3_aead_setkey,
26212654
.setauthsize = aead_setauthsize,
26222655
.encrypt = aead_encrypt,
26232656
.decrypt = aead_decrypt,
@@ -2640,7 +2673,7 @@ static struct caam_aead_alg driver_aeads[] = {
26402673
"cbc-des3_ede-caam",
26412674
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
26422675
},
2643-
.setkey = aead_setkey,
2676+
.setkey = des3_aead_setkey,
26442677
.setauthsize = aead_setauthsize,
26452678
.encrypt = aead_encrypt,
26462679
.decrypt = aead_decrypt,
@@ -2663,7 +2696,7 @@ static struct caam_aead_alg driver_aeads[] = {
26632696
"cbc-des3_ede-caam",
26642697
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
26652698
},
2666-
.setkey = aead_setkey,
2699+
.setkey = des3_aead_setkey,
26672700
.setauthsize = aead_setauthsize,
26682701
.encrypt = aead_encrypt,
26692702
.decrypt = aead_decrypt,
@@ -2686,7 +2719,7 @@ static struct caam_aead_alg driver_aeads[] = {
26862719
"cbc-des3_ede-caam",
26872720
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
26882721
},
2689-
.setkey = aead_setkey,
2722+
.setkey = des3_aead_setkey,
26902723
.setauthsize = aead_setauthsize,
26912724
.encrypt = aead_encrypt,
26922725
.decrypt = aead_decrypt,
@@ -2709,7 +2742,7 @@ static struct caam_aead_alg driver_aeads[] = {
27092742
"cbc-des3_ede-caam",
27102743
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
27112744
},
2712-
.setkey = aead_setkey,
2745+
.setkey = des3_aead_setkey,
27132746
.setauthsize = aead_setauthsize,
27142747
.encrypt = aead_encrypt,
27152748
.decrypt = aead_decrypt,

drivers/crypto/caam/caamalg_qi.c

Lines changed: 53 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -292,6 +292,39 @@ static int aead_setkey(struct crypto_aead *aead, const u8 *key,
292292
return -EINVAL;
293293
}
294294

295+
static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
296+
unsigned int keylen)
297+
{
298+
struct crypto_authenc_keys keys;
299+
u32 flags;
300+
int err;
301+
302+
err = crypto_authenc_extractkeys(&keys, key, keylen);
303+
if (unlikely(err))
304+
goto badkey;
305+
306+
err = -EINVAL;
307+
if (keys.enckeylen != DES3_EDE_KEY_SIZE)
308+
goto badkey;
309+
310+
flags = crypto_aead_get_flags(aead);
311+
err = __des3_verify_key(&flags, keys.enckey);
312+
if (unlikely(err)) {
313+
crypto_aead_set_flags(aead, flags);
314+
goto out;
315+
}
316+
317+
err = aead_setkey(aead, key, keylen);
318+
319+
out:
320+
memzero_explicit(&keys, sizeof(keys));
321+
return err;
322+
323+
badkey:
324+
crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN);
325+
goto out;
326+
}
327+
295328
static int gcm_set_sh_desc(struct crypto_aead *aead)
296329
{
297330
struct caam_ctx *ctx = crypto_aead_ctx(aead);
@@ -667,6 +700,13 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
667700
return -EINVAL;
668701
}
669702

703+
static int des3_skcipher_setkey(struct crypto_skcipher *skcipher,
704+
const u8 *key, unsigned int keylen)
705+
{
706+
return unlikely(des3_verify_key(skcipher, key)) ?:
707+
skcipher_setkey(skcipher, key, keylen);
708+
}
709+
670710
static int xts_skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key,
671711
unsigned int keylen)
672712
{
@@ -1382,7 +1422,7 @@ static struct caam_skcipher_alg driver_algs[] = {
13821422
.cra_driver_name = "cbc-3des-caam-qi",
13831423
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
13841424
},
1385-
.setkey = skcipher_setkey,
1425+
.setkey = des3_skcipher_setkey,
13861426
.encrypt = skcipher_encrypt,
13871427
.decrypt = skcipher_decrypt,
13881428
.min_keysize = DES3_EDE_KEY_SIZE,
@@ -1798,7 +1838,7 @@ static struct caam_aead_alg driver_aeads[] = {
17981838
"cbc-des3_ede-caam-qi",
17991839
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
18001840
},
1801-
.setkey = aead_setkey,
1841+
.setkey = des3_aead_setkey,
18021842
.setauthsize = aead_setauthsize,
18031843
.encrypt = aead_encrypt,
18041844
.decrypt = aead_decrypt,
@@ -1820,7 +1860,7 @@ static struct caam_aead_alg driver_aeads[] = {
18201860
"cbc-des3_ede-caam-qi",
18211861
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
18221862
},
1823-
.setkey = aead_setkey,
1863+
.setkey = des3_aead_setkey,
18241864
.setauthsize = aead_setauthsize,
18251865
.encrypt = aead_encrypt,
18261866
.decrypt = aead_decrypt,
@@ -1843,7 +1883,7 @@ static struct caam_aead_alg driver_aeads[] = {
18431883
"cbc-des3_ede-caam-qi",
18441884
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
18451885
},
1846-
.setkey = aead_setkey,
1886+
.setkey = des3_aead_setkey,
18471887
.setauthsize = aead_setauthsize,
18481888
.encrypt = aead_encrypt,
18491889
.decrypt = aead_decrypt,
@@ -1866,7 +1906,7 @@ static struct caam_aead_alg driver_aeads[] = {
18661906
"cbc-des3_ede-caam-qi",
18671907
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
18681908
},
1869-
.setkey = aead_setkey,
1909+
.setkey = des3_aead_setkey,
18701910
.setauthsize = aead_setauthsize,
18711911
.encrypt = aead_encrypt,
18721912
.decrypt = aead_decrypt,
@@ -1889,7 +1929,7 @@ static struct caam_aead_alg driver_aeads[] = {
18891929
"cbc-des3_ede-caam-qi",
18901930
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
18911931
},
1892-
.setkey = aead_setkey,
1932+
.setkey = des3_aead_setkey,
18931933
.setauthsize = aead_setauthsize,
18941934
.encrypt = aead_encrypt,
18951935
.decrypt = aead_decrypt,
@@ -1912,7 +1952,7 @@ static struct caam_aead_alg driver_aeads[] = {
19121952
"cbc-des3_ede-caam-qi",
19131953
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
19141954
},
1915-
.setkey = aead_setkey,
1955+
.setkey = des3_aead_setkey,
19161956
.setauthsize = aead_setauthsize,
19171957
.encrypt = aead_encrypt,
19181958
.decrypt = aead_decrypt,
@@ -1935,7 +1975,7 @@ static struct caam_aead_alg driver_aeads[] = {
19351975
"cbc-des3_ede-caam-qi",
19361976
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
19371977
},
1938-
.setkey = aead_setkey,
1978+
.setkey = des3_aead_setkey,
19391979
.setauthsize = aead_setauthsize,
19401980
.encrypt = aead_encrypt,
19411981
.decrypt = aead_decrypt,
@@ -1958,7 +1998,7 @@ static struct caam_aead_alg driver_aeads[] = {
19581998
"cbc-des3_ede-caam-qi",
19591999
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
19602000
},
1961-
.setkey = aead_setkey,
2001+
.setkey = des3_aead_setkey,
19622002
.setauthsize = aead_setauthsize,
19632003
.encrypt = aead_encrypt,
19642004
.decrypt = aead_decrypt,
@@ -1981,7 +2021,7 @@ static struct caam_aead_alg driver_aeads[] = {
19812021
"cbc-des3_ede-caam-qi",
19822022
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
19832023
},
1984-
.setkey = aead_setkey,
2024+
.setkey = des3_aead_setkey,
19852025
.setauthsize = aead_setauthsize,
19862026
.encrypt = aead_encrypt,
19872027
.decrypt = aead_decrypt,
@@ -2004,7 +2044,7 @@ static struct caam_aead_alg driver_aeads[] = {
20042044
"cbc-des3_ede-caam-qi",
20052045
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
20062046
},
2007-
.setkey = aead_setkey,
2047+
.setkey = des3_aead_setkey,
20082048
.setauthsize = aead_setauthsize,
20092049
.encrypt = aead_encrypt,
20102050
.decrypt = aead_decrypt,
@@ -2027,7 +2067,7 @@ static struct caam_aead_alg driver_aeads[] = {
20272067
"cbc-des3_ede-caam-qi",
20282068
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
20292069
},
2030-
.setkey = aead_setkey,
2070+
.setkey = des3_aead_setkey,
20312071
.setauthsize = aead_setauthsize,
20322072
.encrypt = aead_encrypt,
20332073
.decrypt = aead_decrypt,
@@ -2050,7 +2090,7 @@ static struct caam_aead_alg driver_aeads[] = {
20502090
"cbc-des3_ede-caam-qi",
20512091
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
20522092
},
2053-
.setkey = aead_setkey,
2093+
.setkey = des3_aead_setkey,
20542094
.setauthsize = aead_setauthsize,
20552095
.encrypt = aead_encrypt,
20562096
.decrypt = aead_decrypt,

0 commit comments

Comments
 (0)