1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * DES & Triple DES EDE Cipher Algorithms. 4 */ 5 6 #ifndef __CRYPTO_DES_H 7 #define __CRYPTO_DES_H 8 9 #include <crypto/skcipher.h> 10 #include <linux/compiler.h> 11 #include <linux/fips.h> 12 #include <linux/string.h> 13 14 #define DES_KEY_SIZE 8 15 #define DES_EXPKEY_WORDS 32 16 #define DES_BLOCK_SIZE 8 17 18 #define DES3_EDE_KEY_SIZE (3 * DES_KEY_SIZE) 19 #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) 20 #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE 21 22 static inline int __des3_verify_key(u32 *flags, const u8 *key) 23 { 24 int err = -EINVAL; 25 u32 K[6]; 26 27 memcpy(K, key, DES3_EDE_KEY_SIZE); 28 29 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || 30 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && 31 (fips_enabled || 32 (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) 33 goto bad; 34 35 if (unlikely(!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled) 36 goto bad; 37 38 err = 0; 39 40 out: 41 memzero_explicit(K, DES3_EDE_KEY_SIZE); 42 43 return err; 44 45 bad: 46 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 47 goto out; 48 } 49 50 static inline int des3_verify_key(struct crypto_skcipher *tfm, const u8 *key) 51 { 52 u32 flags; 53 int err; 54 55 flags = crypto_skcipher_get_flags(tfm); 56 err = __des3_verify_key(&flags, key); 57 crypto_skcipher_set_flags(tfm, flags); 58 return err; 59 } 60 61 extern unsigned long des_ekey(u32 *pe, const u8 *k); 62 63 extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, 64 unsigned int keylen); 65 66 #endif /* __CRYPTO_DES_H */ 67