linux/crypto/lskcipher.c, branch v6.7

crypto: skcipher - fix weak key check for lskciphers

2023-10-20T05:39:26Z

When an algorithm of the new "lskcipher" type is exposed through the "skcipher" API, calls to crypto_skcipher_setkey() don't pass on the CRYPTO_TFM_REQ_FORBID_WEAK_KEYS flag to the lskcipher. This causes self-test failures for ecb(des), as weak keys are not rejected anymore. Fix this. Fixes: 31865c4c4db2 ("crypto: skcipher - Add lskcipher") Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu

crypto: lskcipher - Return EINVAL when ecb_name fails sanity checks

2023-10-20T05:39:26Z

Set the error value to -EINVAL instead of zero when the underlying name (within "ecb()") fails basic sanity checks. Fixes: 8aee5d4ebd11 ("crypto: lskcipher - Add compatibility wrapper around ECB") Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202310111323.ZjK7bzjw-lkp@intel.com/ Signed-off-by: Herbert Xu

crypto: lskcipher - Add compatibility wrapper around ECB

2023-09-20T05:15:29Z

As an aid to the transition from cipher algorithm implementations to lskcipher, add a temporary wrapper when creating simple lskcipher templates by using ecb(X) instead of X if an lskcipher implementation of X cannot be found. This can be reverted once all cipher implementations have switched over to lskcipher. Signed-off-by: Herbert Xu

crypto: skcipher - Add lskcipher

2023-09-20T05:15:29Z

Add a new API type lskcipher designed for taking straight kernel pointers instead of SG lists. Its relationship to skcipher will be analogous to that between shash and ahash. Signed-off-by: Herbert Xu