xref: /linux/include/crypto/xts.h (revision fd639726bf15fca8ee1a00dce8e0096d0ad9bd18)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _CRYPTO_XTS_H
3 #define _CRYPTO_XTS_H
4 
5 #include <crypto/b128ops.h>
6 #include <crypto/internal/skcipher.h>
7 #include <linux/fips.h>
8 
9 struct scatterlist;
10 struct blkcipher_desc;
11 
12 #define XTS_BLOCK_SIZE 16
13 
14 struct xts_crypt_req {
15 	le128 *tbuf;
16 	unsigned int tbuflen;
17 
18 	void *tweak_ctx;
19 	void (*tweak_fn)(void *ctx, u8* dst, const u8* src);
20 	void *crypt_ctx;
21 	void (*crypt_fn)(void *ctx, u8 *blks, unsigned int nbytes);
22 };
23 
24 #define XTS_TWEAK_CAST(x) ((void (*)(void *, u8*, const u8*))(x))
25 
26 int xts_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
27 	      struct scatterlist *src, unsigned int nbytes,
28 	      struct xts_crypt_req *req);
29 
30 static inline int xts_check_key(struct crypto_tfm *tfm,
31 				const u8 *key, unsigned int keylen)
32 {
33 	u32 *flags = &tfm->crt_flags;
34 
35 	/*
36 	 * key consists of keys of equal size concatenated, therefore
37 	 * the length must be even.
38 	 */
39 	if (keylen % 2) {
40 		*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
41 		return -EINVAL;
42 	}
43 
44 	/* ensure that the AES and tweak key are not identical */
45 	if (fips_enabled &&
46 	    !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
47 		*flags |= CRYPTO_TFM_RES_WEAK_KEY;
48 		return -EINVAL;
49 	}
50 
51 	return 0;
52 }
53 
54 static inline int xts_verify_key(struct crypto_skcipher *tfm,
55 				 const u8 *key, unsigned int keylen)
56 {
57 	/*
58 	 * key consists of keys of equal size concatenated, therefore
59 	 * the length must be even.
60 	 */
61 	if (keylen % 2) {
62 		crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
63 		return -EINVAL;
64 	}
65 
66 	/* ensure that the AES and tweak key are not identical */
67 	if ((fips_enabled || crypto_skcipher_get_flags(tfm) &
68 			     CRYPTO_TFM_REQ_WEAK_KEY) &&
69 	    !crypto_memneq(key, key + (keylen / 2), keylen / 2)) {
70 		crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
71 		return -EINVAL;
72 	}
73 
74 	return 0;
75 }
76 
77 #endif  /* _CRYPTO_XTS_H */
78