summaryrefslogtreecommitdiff
path: root/include/crypto
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2019-04-11 16:50:56 +0800
committerHerbert Xu <herbert@gondor.apana.org.au>2019-04-18 22:14:58 +0800
commitd7198ce46d10712b6fdd66e35237d7d0d51afcd6 (patch)
tree786ec13831f3e366c6612b85a3a4a8818c8bed71 /include/crypto
parent694e0db6600c12f8172efb51cd4b4bbade958562 (diff)
downloadlwn-d7198ce46d10712b6fdd66e35237d7d0d51afcd6.tar.gz
lwn-d7198ce46d10712b6fdd66e35237d7d0d51afcd6.zip
crypto: des_generic - Forbid 2-key in 3DES and add helpers
This patch adds a requirement to the generic 3DES implementation such that 2-key 3DES (K1 == K3) is no longer allowed in FIPS mode. We will also provide helpers that may be used by drivers that implement 3DES to make the same check. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/crypto')
-rw-r--r--include/crypto/des.h43
1 files changed, 43 insertions, 0 deletions
diff --git a/include/crypto/des.h b/include/crypto/des.h
index d4094d58ac54..72c7c8e5a5a7 100644
--- a/include/crypto/des.h
+++ b/include/crypto/des.h
@@ -6,6 +6,11 @@
#ifndef __CRYPTO_DES_H
#define __CRYPTO_DES_H
+#include <crypto/skcipher.h>
+#include <linux/compiler.h>
+#include <linux/fips.h>
+#include <linux/string.h>
+
#define DES_KEY_SIZE 8
#define DES_EXPKEY_WORDS 32
#define DES_BLOCK_SIZE 8
@@ -14,6 +19,44 @@
#define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS)
#define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE
+static inline int __des3_verify_key(u32 *flags, const u8 *key)
+{
+ int err = -EINVAL;
+ u32 K[6];
+
+ memcpy(K, key, DES3_EDE_KEY_SIZE);
+
+ if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
+ !((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
+ (fips_enabled ||
+ (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)))
+ goto bad;
+
+ if (unlikely(!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled)
+ goto bad;
+
+ err = 0;
+
+out:
+ memzero_explicit(K, DES3_EDE_KEY_SIZE);
+
+ return err;
+
+bad:
+ *flags |= CRYPTO_TFM_RES_WEAK_KEY;
+ goto out;
+}
+
+static inline int des3_verify_key(struct crypto_skcipher *tfm, const u8 *key)
+{
+ u32 flags;
+ int err;
+
+ flags = crypto_skcipher_get_flags(tfm);
+ err = __des3_verify_key(&flags, key);
+ crypto_skcipher_set_flags(tfm, flags);
+ return err;
+}
extern unsigned long des_ekey(u32 *pe, const u8 *k);