diff options
| author | Eric Biggers <ebiggers@google.com> | 2019-01-18 22:48:00 -0800 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-01-25 18:41:52 +0800 |
| commit | 6f100b73adb230b1391a267a29bfef5bfaabceb1 (patch) | |
| tree | e760ca8f066b8f8988add787deecb0754ae01c42 | |
| parent | b2d2f1011ffd1872bc0056e98398123196a069f7 (diff) | |
| download | linux-crypto-6f100b73adb230b1391a267a29bfef5bfaabceb1.tar.gz linux-crypto-6f100b73adb230b1391a267a29bfef5bfaabceb1.zip | |
crypto: clarify name of WEAK_KEY request flag
CRYPTO_TFM_REQ_WEAK_KEY confuses newcomers to the crypto API because it
sounds like it is requesting a weak key. Actually, it is requesting
that weak keys be forbidden (for algorithms that have the notion of
"weak keys"; currently only DES and XTS do).
Also it is only one letter away from CRYPTO_TFM_RES_WEAK_KEY, with which
it can be easily confused. (This in fact happened in the UX500 driver,
though just in some debugging messages.)
Therefore, make the intent clear by renaming it to
CRYPTO_TFM_REQ_FORBID_WEAK_KEYS.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| -rw-r--r-- | crypto/des_generic.c | 4 | ||||
| -rw-r--r-- | crypto/testmgr.c | 14 | ||||
| -rw-r--r-- | crypto/testmgr.h | 4 |
3 files changed, 11 insertions, 11 deletions
diff --git a/crypto/des_generic.c b/crypto/des_generic.c index a7172054..1e662166 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c @@ -789,7 +789,7 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key, /* Expand to tmp */ ret = des_ekey(tmp, key); - if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { + if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { *flags |= CRYPTO_TFM_RES_WEAK_KEY; return -EINVAL; } @@ -866,7 +866,7 @@ int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && - (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { + (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { *flags |= CRYPTO_TFM_RES_WEAK_KEY; return -EINVAL; } diff --git a/crypto/testmgr.c b/crypto/testmgr.c index e4f3f5f6..4ac3d222 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -706,7 +706,8 @@ static int __test_aead(struct crypto_aead *tfm, int enc, crypto_aead_clear_flags(tfm, ~0); if (template[i].wk) - crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); + crypto_aead_set_flags(tfm, + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); if (template[i].klen > MAX_KEYLEN) { pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", @@ -820,7 +821,8 @@ static int __test_aead(struct crypto_aead *tfm, int enc, crypto_aead_clear_flags(tfm, ~0); if (template[i].wk) - crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); + crypto_aead_set_flags(tfm, + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); if (template[i].klen > MAX_KEYLEN) { pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", d, j, algo, template[i].klen, MAX_KEYLEN); @@ -1078,7 +1080,7 @@ static int test_cipher(struct crypto_cipher *tfm, int enc, crypto_cipher_clear_flags(tfm, ~0); if (template[i].wk) - crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); + crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); ret = crypto_cipher_setkey(tfm, template[i].key, template[i].klen); @@ -1194,8 +1196,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, crypto_skcipher_clear_flags(tfm, ~0); if (template[i].wk) - crypto_skcipher_set_flags(tfm, - CRYPTO_TFM_REQ_WEAK_KEY); + crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); ret = crypto_skcipher_setkey(tfm, template[i].key, template[i].klen); @@ -1265,8 +1266,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, j++; crypto_skcipher_clear_flags(tfm, ~0); if (template[i].wk) - crypto_skcipher_set_flags(tfm, - CRYPTO_TFM_REQ_WEAK_KEY); + crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); ret = crypto_skcipher_setkey(tfm, template[i].key, template[i].klen); diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 95297240..d8f6035c 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -50,7 +50,7 @@ struct hash_testvec { * @ctext: Pointer to ciphertext * @len: Length of @ptext and @ctext in bytes * @fail: If set to one, the test need to fail - * @wk: Does the test need CRYPTO_TFM_REQ_WEAK_KEY + * @wk: Does the test need CRYPTO_TFM_REQ_FORBID_WEAK_KEYS? * ( e.g. test needs to fail due to a weak key ) * @np: numbers of SG to distribute data in (from 1 to MAX_TAP) * @tap: How to distribute data in @np SGs @@ -91,7 +91,7 @@ struct cipher_testvec { * @anp: Numbers of SG to distribute assoc data in * @fail: setkey() failure expected? * @novrfy: Decryption verification failure expected? - * @wk: Does the test need CRYPTO_TFM_REQ_WEAK_KEY? + * @wk: Does the test need CRYPTO_TFM_REQ_FORBID_WEAK_KEYS? * (e.g. setkey() needs to fail due to a weak key) * @klen: Length of @key in bytes * @plen: Length of @ptext in bytes |