path: root/crypto/des_generic.c
diff options
authorArd Biesheuvel <>2019-08-15 12:00:43 +0300
committerHerbert Xu <>2019-08-22 14:39:37 +1000
commit6ee41e5420d0afa8cddf09aa7384dabe570f8dc7 (patch)
treeadaf9488cfc99fde2a383fdb077c1fb55a3a4bc0 /crypto/des_generic.c
parent220f67917ae649336b5fef4dec8024fed4b177f3 (diff)
crypto: des/3des_ede - add new helpers to verify keys
The recently added helper routine to perform key strength validation of triple DES keys is slightly inadequate, since it comes in two versions, neither of which are highly useful for anything other than skciphers (and many drivers still use the older blkcipher interfaces). So let's add a new helper and, considering that this is a helper function that is only intended to be used by crypto code itself, put it in a new des.h header under crypto/internal. While at it, implement a similar helper for single DES, so that we can start replacing the pattern of calling des_ekey() into a temp buffer that occurs in many drivers in drivers/crypto. Signed-off-by: Ard Biesheuvel <> Signed-off-by: Herbert Xu <>
Diffstat (limited to 'crypto/des_generic.c')
1 files changed, 0 insertions, 13 deletions
diff --git a/crypto/des_generic.c b/crypto/des_generic.c
index dc085514408a..c4d8ecda4ddf 100644
--- a/crypto/des_generic.c
+++ b/crypto/des_generic.c
@@ -841,19 +841,6 @@ static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
d[1] = cpu_to_le32(L);
- * RFC2451:
- *
- * For DES-EDE3, there is no known need to reject weak or
- * complementation keys. Any weakness is obviated by the use of
- * multiple keys.
- *
- * However, if the first two or last two independent 64-bit keys are
- * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the
- * same as DES. Implementers MUST reject keys that exhibit this
- * property.
- *
- */
int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key,
unsigned int keylen)