[PATCH] Add XTS cipher mode
Jussi Kivilinna
jussi.kivilinna at iki.fi
Wed Jan 4 21:42:14 CET 2017
On 04.01.2017 18:09, Stephan Müller wrote:
> Am Mittwoch, 4. Januar 2017, 17:15:06 CET schrieb Jussi Kivilinna:
>
> Hi Jussi,
>
>> + case GCRY_CIPHER_MODE_XTS:
>> + /* Setup tweak cipher with second part of XTS key. */
>> + rc = c->spec->setkey (c->u_mode.xts.tweak_context, key + keylen,
>> + keylen);
>> + if (!rc)
>> + {
>> + /* Duplicate initial tweak context. */
>> + memcpy (c->u_mode.xts.tweak_context + c->spec->contextsize,
>> + c->u_mode.xts.tweak_context, c->spec->contextsize);
>> + }
>> + else
>> + c->marks.key = 0;
>> + break;
>> +
>
> As libgcrypt is intended to be used in FIPS 140-2 context, can you please add
> a check that the key and tweak key are not identical? If they are, setkey
> should fail.
Sure, I'll add check that is active in FIPS mode.
-Jussi
More information about the Gcrypt-devel
mailing list