Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/include/crypto/internal/des.h 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) /* SPDX-License-Identifier: GPL-2.0 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * DES & Triple DES EDE key verification helpers
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6) #ifndef __CRYPTO_INTERNAL_DES_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) #define __CRYPTO_INTERNAL_DES_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) #include <linux/crypto.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) #include <linux/fips.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <crypto/des.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) #include <crypto/aead.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <crypto/skcipher.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16)  * crypto_des_verify_key - Check whether a DES key is weak
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17)  * @tfm: the crypto algo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18)  * @key: the key buffer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20)  * Returns -EINVAL if the key is weak and the crypto TFM does not permit weak
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21)  * keys. Otherwise, 0 is returned.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23)  * It is the job of the caller to ensure that the size of the key equals
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24)  * DES_KEY_SIZE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 	struct des_ctx tmp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 	int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 	err = des_expand_key(&tmp, key, DES_KEY_SIZE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 	if (err == -ENOKEY) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 		if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 			err = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 		else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 			err = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 	memzero_explicit(&tmp, sizeof(tmp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 	return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43)  * RFC2451:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45)  *   For DES-EDE3, there is no known need to reject weak or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46)  *   complementation keys.  Any weakness is obviated by the use of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47)  *   multiple keys.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49)  *   However, if the first two or last two independent 64-bit keys are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50)  *   equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51)  *   same as DES.  Implementers MUST reject keys that exhibit this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52)  *   property.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) static inline int des3_ede_verify_key(const u8 *key, unsigned int key_len,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 				      bool check_weak)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 	int ret = fips_enabled ? -EINVAL : -ENOKEY;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	u32 K[6];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	memcpy(K, key, DES3_EDE_KEY_SIZE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 	if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 	     !((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 	    (fips_enabled || check_weak))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 		goto bad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 		goto bad;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 	ret = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) bad:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	memzero_explicit(K, DES3_EDE_KEY_SIZE);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 	return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79)  * crypto_des3_ede_verify_key - Check whether a DES3-EDE key is weak
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80)  * @tfm: the crypto algo
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81)  * @key: the key buffer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83)  * Returns -EINVAL if the key is weak and the crypto TFM does not permit weak
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84)  * keys or when running in FIPS mode. Otherwise, 0 is returned. Note that some
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85)  * keys are rejected in FIPS mode even if weak keys are permitted by the TFM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86)  * flags.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88)  * It is the job of the caller to ensure that the size of the key equals
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89)  * DES3_EDE_KEY_SIZE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 					     const u8 *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 	return des3_ede_verify_key(key, DES3_EDE_KEY_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 				   crypto_tfm_get_flags(tfm) &
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 				   CRYPTO_TFM_REQ_FORBID_WEAK_KEYS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) static inline int verify_skcipher_des_key(struct crypto_skcipher *tfm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 					  const u8 *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 	return crypto_des_verify_key(crypto_skcipher_tfm(tfm), key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) static inline int verify_skcipher_des3_key(struct crypto_skcipher *tfm,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 					   const u8 *key)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	return crypto_des3_ede_verify_key(crypto_skcipher_tfm(tfm), key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) static inline int verify_aead_des_key(struct crypto_aead *tfm, const u8 *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 				      int keylen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 	if (keylen != DES_KEY_SIZE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 	return crypto_des_verify_key(crypto_aead_tfm(tfm), key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) static inline int verify_aead_des3_key(struct crypto_aead *tfm, const u8 *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 				       int keylen)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 	if (keylen != DES3_EDE_KEY_SIZE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 	return crypto_des3_ede_verify_key(crypto_aead_tfm(tfm), key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) #endif /* __CRYPTO_INTERNAL_DES_H */
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.