xref: /openbmc/linux/include/crypto/xts.h (revision 674f368a952c48ede71784935a799a5205b92b6c) 
1b2441318SGreg Kroah-Hartman /* SPDX-License-Identifier: GPL-2.0 */
2ce004556SJussi Kivilinna #ifndef _CRYPTO_XTS_H
3ce004556SJussi Kivilinna #define _CRYPTO_XTS_H
4ce004556SJussi Kivilinna 
5ce004556SJussi Kivilinna #include <crypto/b128ops.h>
6f1c131b4SHerbert Xu #include <crypto/internal/skcipher.h>
728856a9eSStephan Mueller #include <linux/fips.h>
8ce004556SJussi Kivilinna 
9ce004556SJussi Kivilinna #define XTS_BLOCK_SIZE 16
10ce004556SJussi Kivilinna 
1128856a9eSStephan Mueller static inline int xts_check_key(struct crypto_tfm *tfm,
1228856a9eSStephan Mueller 				const u8 *key, unsigned int keylen)
1328856a9eSStephan Mueller {
1428856a9eSStephan Mueller 	u32 *flags = &tfm->crt_flags;
1528856a9eSStephan Mueller 
1628856a9eSStephan Mueller 	/*
1728856a9eSStephan Mueller 	 * key consists of keys of equal size concatenated, therefore
1828856a9eSStephan Mueller 	 * the length must be even.
1928856a9eSStephan Mueller 	 */
20*674f368aSEric Biggers 	if (keylen % 2)
2128856a9eSStephan Mueller 		return -EINVAL;
2228856a9eSStephan Mueller 
2328856a9eSStephan Mueller 	/* ensure that the AES and tweak key are not identical */
2428856a9eSStephan Mueller 	if (fips_enabled &&
2528856a9eSStephan Mueller 	    !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
2628856a9eSStephan Mueller 		*flags |= CRYPTO_TFM_RES_WEAK_KEY;
2728856a9eSStephan Mueller 		return -EINVAL;
2828856a9eSStephan Mueller 	}
2928856a9eSStephan Mueller 
3028856a9eSStephan Mueller 	return 0;
3128856a9eSStephan Mueller }
3228856a9eSStephan Mueller 
33f1c131b4SHerbert Xu static inline int xts_verify_key(struct crypto_skcipher *tfm,
34f1c131b4SHerbert Xu 				 const u8 *key, unsigned int keylen)
35f1c131b4SHerbert Xu {
36f1c131b4SHerbert Xu 	/*
37f1c131b4SHerbert Xu 	 * key consists of keys of equal size concatenated, therefore
38f1c131b4SHerbert Xu 	 * the length must be even.
39f1c131b4SHerbert Xu 	 */
40*674f368aSEric Biggers 	if (keylen % 2)
41f1c131b4SHerbert Xu 		return -EINVAL;
42f1c131b4SHerbert Xu 
43f1c131b4SHerbert Xu 	/* ensure that the AES and tweak key are not identical */
44231baecdSEric Biggers 	if ((fips_enabled || (crypto_skcipher_get_flags(tfm) &
45231baecdSEric Biggers 			      CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) &&
46f1c131b4SHerbert Xu 	    !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
47f1c131b4SHerbert Xu 		crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
48f1c131b4SHerbert Xu 		return -EINVAL;
49f1c131b4SHerbert Xu 	}
50f1c131b4SHerbert Xu 
51f1c131b4SHerbert Xu 	return 0;
52f1c131b4SHerbert Xu }
53f1c131b4SHerbert Xu 
54ce004556SJussi Kivilinna #endif  /* _CRYPTO_XTS_H */
55