[linux-2.6-block.git] / include / crypto / xts.h

/* SPDX-License-Identifier: GPL-2.0 */
#ifndef _CRYPTO_XTS_H
#define _CRYPTO_XTS_H

#include <crypto/b128ops.h>
#include <crypto/internal/skcipher.h>
#include <linux/fips.h>

#define XTS_BLOCK_SIZE 16

#define XTS_TWEAK_CAST(x) ((void (*)(void *, u8*, const u8*))(x))

static inline int xts_check_key(struct crypto_tfm *tfm,
				const u8 *key, unsigned int keylen)
{
	u32 *flags = &tfm->crt_flags;

	/*
	 * key consists of keys of equal size concatenated, therefore
	 * the length must be even.
	 */
	if (keylen % 2) {
		*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
		return -EINVAL;
	}

	/* ensure that the AES and tweak key are not identical */
	if (fips_enabled &&
	    !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
		*flags |= CRYPTO_TFM_RES_WEAK_KEY;
		return -EINVAL;
	}

	return 0;
}

static inline int xts_verify_key(struct crypto_skcipher *tfm,
				 const u8 *key, unsigned int keylen)
{
	/*
	 * key consists of keys of equal size concatenated, therefore
	 * the length must be even.
	 */
	if (keylen % 2) {
		crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
		return -EINVAL;
	}

	/* ensure that the AES and tweak key are not identical */
	if ((fips_enabled || (crypto_skcipher_get_flags(tfm) &
			      CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) &&
	    !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
		crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
		return -EINVAL;
	}

	return 0;
}

#endif  /* _CRYPTO_XTS_H */
Commit	Line	Data
b2441318	1	/* SPDX-License-Identifier: GPL-2.0 */
ce004556 JK	2	#ifndef _CRYPTO_XTS_H
	3	#define _CRYPTO_XTS_H
	4
	5	#include <crypto/b128ops.h>
f1c131b4	6	#include <crypto/internal/skcipher.h>
28856a9e	7	#include <linux/fips.h>
ce004556	8
ce004556 JK	9	#define XTS_BLOCK_SIZE 16
ce004556 JK	10
ce004556 JK	11	#define XTS_TWEAK_CAST(x) ((void ()(void , u8, const u8))(x))
ce004556 JK	12
28856a9e SM	13	static inline int xts_check_key(struct crypto_tfm *tfm,
	14	const u8 *key, unsigned int keylen)
	15	{
	16	u32 *flags = &tfm->crt_flags;
	17
	18	/*
	19	* key consists of keys of equal size concatenated, therefore
	20	* the length must be even.
	21	*/
	22	if (keylen % 2) {
	23	*flags \|= CRYPTO_TFM_RES_BAD_KEY_LEN;
	24	return -EINVAL;
	25	}
	26
	27	/* ensure that the AES and tweak key are not identical */
	28	if (fips_enabled &&
	29	!crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
	30	*flags \|= CRYPTO_TFM_RES_WEAK_KEY;
	31	return -EINVAL;
	32	}
	33
	34	return 0;
	35	}
	36
f1c131b4 HX	37	static inline int xts_verify_key(struct crypto_skcipher *tfm,
	38	const u8 *key, unsigned int keylen)
	39	{
	40	/*
	41	* key consists of keys of equal size concatenated, therefore
	42	* the length must be even.
	43	*/
	44	if (keylen % 2) {
	45	crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
	46	return -EINVAL;
	47	}
	48
	49	/* ensure that the AES and tweak key are not identical */
231baecd EB	50	if ((fips_enabled \|\| (crypto_skcipher_get_flags(tfm) &
231baecd EB	51	CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) &&
f1c131b4 HX	52	!crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
	53	crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
	54	return -EINVAL;
	55	}
	56
	57	return 0;
	58	}
	59
ce004556	60	#endif /* _CRYPTO_XTS_H */