diff options
| author | Stephan Mueller <smueller@chronox.de> | 2016-02-09 09:37:47 -0500 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2016-02-16 15:07:51 -0500 |
| commit | 28856a9e52c7cac712af6c143de04766617535dc (patch) | |
| tree | 4ee6c79e76f8eadc0148bfeb09fd146c9d53fabf /arch/x86 | |
| parent | 730d02e27670fa5b6a55778d11023c5897d87d57 (diff) | |
crypto: xts - consolidate sanity check for keys
The patch centralizes the XTS key check logic into the service function
xts_check_key which is invoked from the different XTS implementations.
With this, the XTS implementations in ARM, ARM64, PPC and S390 have now
a sanity check for the XTS keys similar to the other arches.
In addition, this service function received a check to ensure that the
key != the tweak key which is mandated by FIPS 140-2 IG A.9. As the
check is not present in the standards defining XTS, it is only enforced
in FIPS mode of the kernel.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'arch/x86')
| -rw-r--r-- | arch/x86/crypto/aesni-intel_glue.c | 11 | ||||
| -rw-r--r-- | arch/x86/crypto/camellia_glue.c | 10 | ||||
| -rw-r--r-- | arch/x86/crypto/cast6_avx_glue.c | 10 | ||||
| -rw-r--r-- | arch/x86/crypto/serpent_avx_glue.c | 11 | ||||
| -rw-r--r-- | arch/x86/crypto/serpent_sse2_glue.c | 11 | ||||
| -rw-r--r-- | arch/x86/crypto/twofish_glue_3way.c | 10 |
6 files changed, 18 insertions, 45 deletions
diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c index 3633ad6145c5..064c7e2bd7c8 100644 --- a/arch/x86/crypto/aesni-intel_glue.c +++ b/arch/x86/crypto/aesni-intel_glue.c | |||
| @@ -639,16 +639,11 @@ static int xts_aesni_setkey(struct crypto_tfm *tfm, const u8 *key, | |||
| 639 | unsigned int keylen) | 639 | unsigned int keylen) |
| 640 | { | 640 | { |
| 641 | struct aesni_xts_ctx *ctx = crypto_tfm_ctx(tfm); | 641 | struct aesni_xts_ctx *ctx = crypto_tfm_ctx(tfm); |
| 642 | u32 *flags = &tfm->crt_flags; | ||
| 643 | int err; | 642 | int err; |
| 644 | 643 | ||
| 645 | /* key consists of keys of equal size concatenated, therefore | 644 | err = xts_check_key(tfm, key, keylen); |
| 646 | * the length must be even | 645 | if (err) |
| 647 | */ | 646 | return err; |
| 648 | if (keylen % 2) { | ||
| 649 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
| 650 | return -EINVAL; | ||
| 651 | } | ||
| 652 | 647 | ||
| 653 | /* first half of xts-key is for crypt */ | 648 | /* first half of xts-key is for crypt */ |
| 654 | err = aes_set_key_common(tfm, ctx->raw_crypt_ctx, key, keylen / 2); | 649 | err = aes_set_key_common(tfm, ctx->raw_crypt_ctx, key, keylen / 2); |
diff --git a/arch/x86/crypto/camellia_glue.c b/arch/x86/crypto/camellia_glue.c index 5c8b6266a394..aa76cad9d262 100644 --- a/arch/x86/crypto/camellia_glue.c +++ b/arch/x86/crypto/camellia_glue.c | |||
| @@ -1503,13 +1503,9 @@ int xts_camellia_setkey(struct crypto_tfm *tfm, const u8 *key, | |||
| 1503 | u32 *flags = &tfm->crt_flags; | 1503 | u32 *flags = &tfm->crt_flags; |
| 1504 | int err; | 1504 | int err; |
| 1505 | 1505 | ||
| 1506 | /* key consists of keys of equal size concatenated, therefore | 1506 | err = xts_check_key(tfm, key, keylen); |
| 1507 | * the length must be even | 1507 | if (err) |
| 1508 | */ | 1508 | return err; |
| 1509 | if (keylen % 2) { | ||
| 1510 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
| 1511 | return -EINVAL; | ||
| 1512 | } | ||
| 1513 | 1509 | ||
| 1514 | /* first half of xts-key is for crypt */ | 1510 | /* first half of xts-key is for crypt */ |
| 1515 | err = __camellia_setkey(&ctx->crypt_ctx, key, keylen / 2, flags); | 1511 | err = __camellia_setkey(&ctx->crypt_ctx, key, keylen / 2, flags); |
diff --git a/arch/x86/crypto/cast6_avx_glue.c b/arch/x86/crypto/cast6_avx_glue.c index fca459578c35..50e684768c55 100644 --- a/arch/x86/crypto/cast6_avx_glue.c +++ b/arch/x86/crypto/cast6_avx_glue.c | |||
| @@ -329,13 +329,9 @@ static int xts_cast6_setkey(struct crypto_tfm *tfm, const u8 *key, | |||
| 329 | u32 *flags = &tfm->crt_flags; | 329 | u32 *flags = &tfm->crt_flags; |
| 330 | int err; | 330 | int err; |
| 331 | 331 | ||
| 332 | /* key consists of keys of equal size concatenated, therefore | 332 | err = xts_check_key(tfm, key, keylen); |
| 333 | * the length must be even | 333 | if (err) |
| 334 | */ | 334 | return err; |
| 335 | if (keylen % 2) { | ||
| 336 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
| 337 | return -EINVAL; | ||
| 338 | } | ||
| 339 | 335 | ||
| 340 | /* first half of xts-key is for crypt */ | 336 | /* first half of xts-key is for crypt */ |
| 341 | err = __cast6_setkey(&ctx->crypt_ctx, key, keylen / 2, flags); | 337 | err = __cast6_setkey(&ctx->crypt_ctx, key, keylen / 2, flags); |
diff --git a/arch/x86/crypto/serpent_avx_glue.c b/arch/x86/crypto/serpent_avx_glue.c index 5dc37026c7ce..6f778d3daa22 100644 --- a/arch/x86/crypto/serpent_avx_glue.c +++ b/arch/x86/crypto/serpent_avx_glue.c | |||
| @@ -332,16 +332,11 @@ int xts_serpent_setkey(struct crypto_tfm *tfm, const u8 *key, | |||
| 332 | unsigned int keylen) | 332 | unsigned int keylen) |
| 333 | { | 333 | { |
| 334 | struct serpent_xts_ctx *ctx = crypto_tfm_ctx(tfm); | 334 | struct serpent_xts_ctx *ctx = crypto_tfm_ctx(tfm); |
| 335 | u32 *flags = &tfm->crt_flags; | ||
| 336 | int err; | 335 | int err; |
| 337 | 336 | ||
| 338 | /* key consists of keys of equal size concatenated, therefore | 337 | err = xts_check_key(tfm, key, keylen); |
| 339 | * the length must be even | 338 | if (err) |
| 340 | */ | 339 | return err; |
| 341 | if (keylen % 2) { | ||
| 342 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
| 343 | return -EINVAL; | ||
| 344 | } | ||
| 345 | 340 | ||
| 346 | /* first half of xts-key is for crypt */ | 341 | /* first half of xts-key is for crypt */ |
| 347 | err = __serpent_setkey(&ctx->crypt_ctx, key, keylen / 2); | 342 | err = __serpent_setkey(&ctx->crypt_ctx, key, keylen / 2); |
diff --git a/arch/x86/crypto/serpent_sse2_glue.c b/arch/x86/crypto/serpent_sse2_glue.c index 3643dd508f45..8943407e8917 100644 --- a/arch/x86/crypto/serpent_sse2_glue.c +++ b/arch/x86/crypto/serpent_sse2_glue.c | |||
| @@ -309,16 +309,11 @@ static int xts_serpent_setkey(struct crypto_tfm *tfm, const u8 *key, | |||
| 309 | unsigned int keylen) | 309 | unsigned int keylen) |
| 310 | { | 310 | { |
| 311 | struct serpent_xts_ctx *ctx = crypto_tfm_ctx(tfm); | 311 | struct serpent_xts_ctx *ctx = crypto_tfm_ctx(tfm); |
| 312 | u32 *flags = &tfm->crt_flags; | ||
| 313 | int err; | 312 | int err; |
| 314 | 313 | ||
| 315 | /* key consists of keys of equal size concatenated, therefore | 314 | err = xts_check_key(tfm, key, keylen); |
| 316 | * the length must be even | 315 | if (err) |
| 317 | */ | 316 | return err; |
| 318 | if (keylen % 2) { | ||
| 319 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
| 320 | return -EINVAL; | ||
| 321 | } | ||
| 322 | 317 | ||
| 323 | /* first half of xts-key is for crypt */ | 318 | /* first half of xts-key is for crypt */ |
| 324 | err = __serpent_setkey(&ctx->crypt_ctx, key, keylen / 2); | 319 | err = __serpent_setkey(&ctx->crypt_ctx, key, keylen / 2); |
diff --git a/arch/x86/crypto/twofish_glue_3way.c b/arch/x86/crypto/twofish_glue_3way.c index 56d8a08ee479..2ebb5e9789f3 100644 --- a/arch/x86/crypto/twofish_glue_3way.c +++ b/arch/x86/crypto/twofish_glue_3way.c | |||
| @@ -277,13 +277,9 @@ int xts_twofish_setkey(struct crypto_tfm *tfm, const u8 *key, | |||
| 277 | u32 *flags = &tfm->crt_flags; | 277 | u32 *flags = &tfm->crt_flags; |
| 278 | int err; | 278 | int err; |
| 279 | 279 | ||
| 280 | /* key consists of keys of equal size concatenated, therefore | 280 | err = xts_check_key(tfm, key, keylen); |
| 281 | * the length must be even | 281 | if (err) |
| 282 | */ | 282 | return err; |
| 283 | if (keylen % 2) { | ||
| 284 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | ||
| 285 | return -EINVAL; | ||
| 286 | } | ||
| 287 | 283 | ||
| 288 | /* first half of xts-key is for crypt */ | 284 | /* first half of xts-key is for crypt */ |
| 289 | err = __twofish_setkey(&ctx->crypt_ctx, key, keylen / 2, flags); | 285 | err = __twofish_setkey(&ctx->crypt_ctx, key, keylen / 2, flags); |