xts_fallback_setkey() in xts_aes_set_key() will now enforce key size
rule in FIPS mode when setting up the fallback algorithm keys, which
makes the check in xts_aes_set_key() redundant or unreachable. So just
drop this check.
xts_fallback_setkey() now makes a key size check in xts_verify_key():
xts_fallback_setkey()
crypto_skcipher_setkey() [ skcipher_setkey_unaligned() ]
cipher->setkey() { .setkey = xts_setkey }
xts_setkey()
xts_verify_key()
Signed-off-by: Vladis Dronov <[email protected]>
---
arch/s390/crypto/aes_s390.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c
index 526c3f40f6a2..c773820e4af9 100644
--- a/arch/s390/crypto/aes_s390.c
+++ b/arch/s390/crypto/aes_s390.c
@@ -398,10 +398,6 @@ static int xts_aes_set_key(struct crypto_skcipher *tfm, const u8 *in_key,
if (err)
return err;
- /* In fips mode only 128 bit or 256 bit keys are valid */
- if (fips_enabled && key_len != 32 && key_len != 64)
- return -EINVAL;
-
/* Pick the correct function code based on the key length */
fc = (key_len == 32) ? CPACF_KM_XTS_128 :
(key_len == 64) ? CPACF_KM_XTS_256 : 0;
--
2.38.1
Hi Vladis,
the patch subject prefix is a bit misleading IMO, it kind of suggests
that this patch would apply to the generic crypto/xts.c. How about using
a format similar to e.g. the one from commit 7988fb2c03c8 ("crypto:
s390/aes - convert to skcipher API"), i.e.
"crypto: s390/aes - drop redundant xts key check"
?
Vladis Dronov <[email protected]> writes:
> xts_fallback_setkey() in xts_aes_set_key() will now enforce key size
> rule in FIPS mode when setting up the fallback algorithm keys,
I think it would be nice to make it more explicit why/how
xts_fallback_setkey() happens to enforce the key size rules now.
Perhaps amend the above sentence by something like
"xts_fallback_setkey() in xts_aes_set_key() will now implictly enforce
the key size rule in FIPS mode by means of invoking the generic xts
implementation with its key checks for setting up the fallback
algorithm,"
?
> which makes the check in xts_aes_set_key() redundant or
> unreachable. So just drop this check.
>
> xts_fallback_setkey() now makes a key size check in xts_verify_key():
>
> xts_fallback_setkey()
> crypto_skcipher_setkey() [ skcipher_setkey_unaligned() ]
> cipher->setkey() { .setkey = xts_setkey }
> xts_setkey()
> xts_verify_key()
>
> Signed-off-by: Vladis Dronov <[email protected]>
> ---
> arch/s390/crypto/aes_s390.c | 4 ----
> 1 file changed, 4 deletions(-)
>
> diff --git a/arch/s390/crypto/aes_s390.c b/arch/s390/crypto/aes_s390.c
> index 526c3f40f6a2..c773820e4af9 100644
> --- a/arch/s390/crypto/aes_s390.c
> +++ b/arch/s390/crypto/aes_s390.c
> @@ -398,10 +398,6 @@ static int xts_aes_set_key(struct crypto_skcipher *tfm, const u8 *in_key,
> if (err)
> return err;
>
> - /* In fips mode only 128 bit or 256 bit keys are valid */
> - if (fips_enabled && key_len != 32 && key_len != 64)
> - return -EINVAL;
> -
The change itself looks good, but it might be worth adding a comment
right at the invocation of xts_fallback_setkey() that this includes an
implicit xts_verify_key() check? So that if anybody ever was about to
remove the xts_fallback_setkey() for some reason in the future, it would
give a clear indication that xts_verify_key() needs to get called
directly instead?
Thanks!
Nicolai
> /* Pick the correct function code based on the key length */
> fc = (key_len == 32) ? CPACF_KM_XTS_128 :
> (key_len == 64) ? CPACF_KM_XTS_256 : 0;
--
SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nürnberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman
(HRB 36809, AG Nürnberg)