Linux Audio

Check our new training course

Open Menu / include / crypto / xts.h
Loading...
v6.8
 1/* SPDX-License-Identifier: GPL-2.0 */
 2#ifndef _CRYPTO_XTS_H
 3#define _CRYPTO_XTS_H
 4
 5#include <crypto/b128ops.h>
 6#include <crypto/internal/skcipher.h>
 
 7#include <linux/fips.h>
 8
 
 
 
 9#define XTS_BLOCK_SIZE 16
10
11static inline int xts_verify_key(struct crypto_skcipher *tfm,
12				 const u8 *key, unsigned int keylen)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
13{
 
 
14	/*
15	 * key consists of keys of equal size concatenated, therefore
16	 * the length must be even.
17	 */
18	if (keylen % 2)
 
19		return -EINVAL;
 
20
21	/*
22	 * In FIPS mode only a combined key length of either 256 or
23	 * 512 bits is allowed, c.f. FIPS 140-3 IG C.I.
24	 */
25	if (fips_enabled && keylen != 32 && keylen != 64)
26		return -EINVAL;
27
28	/*
29	 * Ensure that the AES and tweak key are not identical when
30	 * in FIPS mode or the FORBID_WEAK_KEYS flag is set.
31	 */
32	if ((fips_enabled || (crypto_skcipher_get_flags(tfm) &
33			      CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) &&
34	    !crypto_memneq(key, key + (keylen / 2), keylen / 2))
35		return -EINVAL;
 
36
37	return 0;
38}
39
40#endif  /* _CRYPTO_XTS_H */
v4.6
 
 1#ifndef _CRYPTO_XTS_H
 2#define _CRYPTO_XTS_H
 3
 4#include <crypto/b128ops.h>
 5#include <linux/crypto.h>
 6#include <crypto/algapi.h>
 7#include <linux/fips.h>
 8
 9struct scatterlist;
10struct blkcipher_desc;
11
12#define XTS_BLOCK_SIZE 16
13
14struct xts_crypt_req {
15	be128 *tbuf;
16	unsigned int tbuflen;
17
18	void *tweak_ctx;
19	void (*tweak_fn)(void *ctx, u8* dst, const u8* src);
20	void *crypt_ctx;
21	void (*crypt_fn)(void *ctx, u8 *blks, unsigned int nbytes);
22};
23
24#define XTS_TWEAK_CAST(x) ((void (*)(void *, u8*, const u8*))(x))
25
26int xts_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
27	      struct scatterlist *src, unsigned int nbytes,
28	      struct xts_crypt_req *req);
29
30static inline int xts_check_key(struct crypto_tfm *tfm,
31				const u8 *key, unsigned int keylen)
32{
33	u32 *flags = &tfm->crt_flags;
34
35	/*
36	 * key consists of keys of equal size concatenated, therefore
37	 * the length must be even.
38	 */
39	if (keylen % 2) {
40		*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
41		return -EINVAL;
42	}
43
44	/* ensure that the AES and tweak key are not identical */
45	if (fips_enabled &&
46	    !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
47		*flags |= CRYPTO_TFM_RES_WEAK_KEY;
 
 
 
 
 
 
 
 
 
 
48		return -EINVAL;
49	}
50
51	return 0;
52}
53
54#endif  /* _CRYPTO_XTS_H */