xref: /openbmc/linux/include/crypto/xts.h (revision c4c4db0d) 
1b2441318SGreg Kroah-Hartman /* SPDX-License-Identifier: GPL-2.0 */
2ce004556SJussi Kivilinna #ifndef _CRYPTO_XTS_H
3ce004556SJussi Kivilinna #define _CRYPTO_XTS_H
4ce004556SJussi Kivilinna 
5ce004556SJussi Kivilinna #include <crypto/b128ops.h>
6f1c131b4SHerbert Xu #include <crypto/internal/skcipher.h>
728856a9eSStephan Mueller #include <linux/fips.h>
8ce004556SJussi Kivilinna 
9ce004556SJussi Kivilinna #define XTS_BLOCK_SIZE 16
10ce004556SJussi Kivilinna 
1128856a9eSStephan Mueller static inline int xts_check_key(struct crypto_tfm *tfm,
1228856a9eSStephan Mueller 				const u8 *key, unsigned int keylen)
1328856a9eSStephan Mueller {
1428856a9eSStephan Mueller 	/*
1528856a9eSStephan Mueller 	 * key consists of keys of equal size concatenated, therefore
1628856a9eSStephan Mueller 	 * the length must be even.
1728856a9eSStephan Mueller 	 */
18674f368aSEric Biggers 	if (keylen % 2)
1928856a9eSStephan Mueller 		return -EINVAL;
2028856a9eSStephan Mueller 
2128856a9eSStephan Mueller 	/* ensure that the AES and tweak key are not identical */
22c4c4db0dSEric Biggers 	if (fips_enabled && !crypto_memneq(key, key + (keylen / 2), keylen / 2))
2328856a9eSStephan Mueller 		return -EINVAL;
2428856a9eSStephan Mueller 
2528856a9eSStephan Mueller 	return 0;
2628856a9eSStephan Mueller }
2728856a9eSStephan Mueller 
28f1c131b4SHerbert Xu static inline int xts_verify_key(struct crypto_skcipher *tfm,
29f1c131b4SHerbert Xu 				 const u8 *key, unsigned int keylen)
30f1c131b4SHerbert Xu {
31f1c131b4SHerbert Xu 	/*
32f1c131b4SHerbert Xu 	 * key consists of keys of equal size concatenated, therefore
33f1c131b4SHerbert Xu 	 * the length must be even.
34f1c131b4SHerbert Xu 	 */
35674f368aSEric Biggers 	if (keylen % 2)
36f1c131b4SHerbert Xu 		return -EINVAL;
37f1c131b4SHerbert Xu 
38f1c131b4SHerbert Xu 	/* ensure that the AES and tweak key are not identical */
39231baecdSEric Biggers 	if ((fips_enabled || (crypto_skcipher_get_flags(tfm) &
40231baecdSEric Biggers 			      CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) &&
41c4c4db0dSEric Biggers 	    !crypto_memneq(key, key + (keylen / 2), keylen / 2))
42f1c131b4SHerbert Xu 		return -EINVAL;
43f1c131b4SHerbert Xu 
44f1c131b4SHerbert Xu 	return 0;
45f1c131b4SHerbert Xu }
46f1c131b4SHerbert Xu 
47ce004556SJussi Kivilinna #endif  /* _CRYPTO_XTS_H */
48