Google Git
Sign in
android / kernel / common / 674f368a952c48ede71784935a799a5205b92b6c / . / include / crypto / xts.h
blob: 57b2c52928db79e625f3a3317621aaf68d899960 [file] [log] [blame]
Greg Kroah-Hartmanb2441312017-11-01 15:07:57 +0100[diff] [blame]1/* SPDX-License-Identifier: GPL-2.0 */
Jussi Kivilinnace004552011-11-09 11:56:06 +0800[diff] [blame]2#ifndef _CRYPTO_XTS_H
3#define _CRYPTO_XTS_H
4
5#include <crypto/b128ops.h>
Herbert Xuf1c131b2016-11-22 20:08:19 +0800[diff] [blame]6#include <crypto/internal/skcipher.h>
Stephan Mueller28856a92016-02-09 15:37:47 +0100[diff] [blame]7#include <linux/fips.h>
Jussi Kivilinnace004552011-11-09 11:56:06 +0800[diff] [blame]8
Jussi Kivilinnace004552011-11-09 11:56:06 +0800[diff] [blame]9#define XTS_BLOCK_SIZE 16
10
Stephan Mueller28856a92016-02-09 15:37:47 +0100[diff] [blame]11static inline int xts_check_key(struct crypto_tfm *tfm,
12 const u8 *key, unsigned int keylen)
13{
14 u32 *flags = &tfm->crt_flags;
15
16 /*
17 * key consists of keys of equal size concatenated, therefore
18 * the length must be even.
19 */
Eric Biggers674f3682019-12-30 21:19:36 -0600[diff] [blame^]20 if (keylen % 2)
Stephan Mueller28856a92016-02-09 15:37:47 +0100[diff] [blame]21 return -EINVAL;
Stephan Mueller28856a92016-02-09 15:37:47 +0100[diff] [blame]22
23 /* ensure that the AES and tweak key are not identical */
24 if (fips_enabled &&
25 !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
26 *flags |= CRYPTO_TFM_RES_WEAK_KEY;
27 return -EINVAL;
28 }
29
30 return 0;
31}
32
Herbert Xuf1c131b2016-11-22 20:08:19 +0800[diff] [blame]33static inline int xts_verify_key(struct crypto_skcipher *tfm,
34 const u8 *key, unsigned int keylen)
35{
36 /*
37 * key consists of keys of equal size concatenated, therefore
38 * the length must be even.
39 */
Eric Biggers674f3682019-12-30 21:19:36 -0600[diff] [blame^]40 if (keylen % 2)
Herbert Xuf1c131b2016-11-22 20:08:19 +0800[diff] [blame]41 return -EINVAL;
Herbert Xuf1c131b2016-11-22 20:08:19 +0800[diff] [blame]42
43 /* ensure that the AES and tweak key are not identical */
Eric Biggers231baec2019-01-18 22:48:00 -0800[diff] [blame]44 if ((fips_enabled || (crypto_skcipher_get_flags(tfm) &
45 CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) &&
Herbert Xuf1c131b2016-11-22 20:08:19 +0800[diff] [blame]46 !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
47 crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
48 return -EINVAL;
49 }
50
51 return 0;
52}
53
Jussi Kivilinnace004552011-11-09 11:56:06 +0800[diff] [blame]54#endif /* _CRYPTO_XTS_H */