tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

crypto: xts - drop xts_check_key()

xts_check_key() is obsoleted by xts_verify_key(). Over time XTS crypto
drivers adopted the newer xts_verify_key() variant, but xts_check_key()
is still used by a number of drivers. Switch drivers to use the newer
xts_verify_key() and make a couple of cleanups. This allows us to drop
xts_check_key() completely and avoid redundancy.

Signed-off-by: Vladis Dronov <vdronov@redhat.com>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Vladis Dronov and committed by
Herbert Xu 0ee43367 1c4428b2

+16 -34
+1 -1
arch/s390/crypto/paes_s390.c
··· 474 474 return rc; 475 475 476 476 /* 477 - * xts_check_key verifies the key length is not odd and makes 477 + * xts_verify_key verifies the key length is not odd and makes 478 478 * sure that the two keys are not the same. This can be done 479 479 * on the two protected keys as well 480 480 */
+1 -1
drivers/crypto/atmel-aes.c
··· 1879 1879 struct atmel_aes_xts_ctx *ctx = crypto_skcipher_ctx(tfm); 1880 1880 int err; 1881 1881 1882 - err = xts_check_key(crypto_skcipher_tfm(tfm), key, keylen); 1882 + err = xts_verify_key(tfm, key, keylen); 1883 1883 if (err) 1884 1884 return err; 1885 1885
+1 -1
drivers/crypto/axis/artpec6_crypto.c
··· 1621 1621 crypto_skcipher_ctx(cipher); 1622 1622 int ret; 1623 1623 1624 - ret = xts_check_key(&cipher->base, key, keylen); 1624 + ret = xts_verify_key(cipher, key, keylen); 1625 1625 if (ret) 1626 1626 return ret; 1627 1627
+3 -5
drivers/crypto/cavium/cpt/cptvf_algs.c
··· 232 232 static int cvm_xts_setkey(struct crypto_skcipher *cipher, const u8 *key, 233 233 u32 keylen) 234 234 { 235 - struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); 236 - struct cvm_enc_ctx *ctx = crypto_tfm_ctx(tfm); 235 + struct cvm_enc_ctx *ctx = crypto_skcipher_ctx(cipher); 237 236 int err; 238 237 const u8 *key1 = key; 239 238 const u8 *key2 = key + (keylen / 2); 240 239 241 - err = xts_check_key(tfm, key, keylen); 240 + err = xts_verify_key(cipher, key, keylen); 242 241 if (err) 243 242 return err; 244 243 ctx->key_len = keylen; ··· 288 289 static int cvm_setkey(struct crypto_skcipher *cipher, const u8 *key, 289 290 u32 keylen, u8 cipher_type) 290 291 { 291 - struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); 292 - struct cvm_enc_ctx *ctx = crypto_tfm_ctx(tfm); 292 + struct cvm_enc_ctx *ctx = crypto_skcipher_ctx(cipher); 293 293 294 294 ctx->cipher_type = cipher_type; 295 295 if (!cvm_validate_keylen(ctx, keylen)) {
+3 -5
drivers/crypto/cavium/nitrox/nitrox_skcipher.c
··· 337 337 static int nitrox_aes_xts_setkey(struct crypto_skcipher *cipher, 338 338 const u8 *key, unsigned int keylen) 339 339 { 340 - struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); 341 - struct nitrox_crypto_ctx *nctx = crypto_tfm_ctx(tfm); 340 + struct nitrox_crypto_ctx *nctx = crypto_skcipher_ctx(cipher); 342 341 struct flexi_crypto_context *fctx; 343 342 int aes_keylen, ret; 344 343 345 - ret = xts_check_key(tfm, key, keylen); 344 + ret = xts_verify_key(cipher, key, keylen); 346 345 if (ret) 347 346 return ret; 348 347 ··· 361 362 static int nitrox_aes_ctr_rfc3686_setkey(struct crypto_skcipher *cipher, 362 363 const u8 *key, unsigned int keylen) 363 364 { 364 - struct crypto_tfm *tfm = crypto_skcipher_tfm(cipher); 365 - struct nitrox_crypto_ctx *nctx = crypto_tfm_ctx(tfm); 365 + struct nitrox_crypto_ctx *nctx = crypto_skcipher_ctx(cipher); 366 366 struct flexi_crypto_context *fctx; 367 367 int aes_keylen; 368 368
+1 -1
drivers/crypto/ccree/cc_cipher.c
··· 460 460 } 461 461 462 462 if (ctx_p->cipher_mode == DRV_CIPHER_XTS && 463 - xts_check_key(tfm, key, keylen)) { 463 + xts_verify_key(sktfm, key, keylen)) { 464 464 dev_dbg(dev, "weak XTS key"); 465 465 return -EINVAL; 466 466 }
+1 -1
drivers/crypto/marvell/octeontx/otx_cptvf_algs.c
··· 398 398 const u8 *key1 = key; 399 399 int ret; 400 400 401 - ret = xts_check_key(crypto_skcipher_tfm(tfm), key, keylen); 401 + ret = xts_verify_key(tfm, key, keylen); 402 402 if (ret) 403 403 return ret; 404 404 ctx->key_len = keylen;
+1 -1
drivers/crypto/marvell/octeontx2/otx2_cptvf_algs.c
··· 412 412 const u8 *key1 = key; 413 413 int ret; 414 414 415 - ret = xts_check_key(crypto_skcipher_tfm(tfm), key, keylen); 415 + ret = xts_verify_key(tfm, key, keylen); 416 416 if (ret) 417 417 return ret; 418 418 ctx->key_len = keylen;
+4 -18
include/crypto/xts.h
··· 8 8 9 9 #define XTS_BLOCK_SIZE 16 10 10 11 - static inline int xts_check_key(struct crypto_tfm *tfm, 12 - const u8 *key, unsigned int keylen) 13 - { 14 - /* 15 - * key consists of keys of equal size concatenated, therefore 16 - * the length must be even. 17 - */ 18 - if (keylen % 2) 19 - return -EINVAL; 20 - 21 - /* ensure that the AES and tweak key are not identical */ 22 - if (fips_enabled && !crypto_memneq(key, key + (keylen / 2), keylen / 2)) 23 - return -EINVAL; 24 - 25 - return 0; 26 - } 27 - 28 11 static inline int xts_verify_key(struct crypto_skcipher *tfm, 29 12 const u8 *key, unsigned int keylen) 30 13 { ··· 25 42 if (fips_enabled && keylen != 32 && keylen != 64) 26 43 return -EINVAL; 27 44 28 - /* ensure that the AES and tweak key are not identical */ 45 + /* 46 + * Ensure that the AES and tweak key are not identical when 47 + * in FIPS mode or the FORBID_WEAK_KEYS flag is set. 48 + */ 29 49 if ((fips_enabled || (crypto_skcipher_get_flags(tfm) & 30 50 CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) && 31 51 !crypto_memneq(key, key + (keylen / 2), keylen / 2))