X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=crypto%2Faes.c;h=e2440773878cc960ff5b22b5240fd735a048e8f8;hb=97bf2856c6014879bd04983a3e9dfcdac1e7fe85;hp=94b89a9c749388a47d0e1b91cb15a9ebf5ace8cf;hpb=c7b5ebbddf7bcd3651947760f423e3783bbe6573;p=linux-2.6.git diff --git a/crypto/aes.c b/crypto/aes.c index 94b89a9c7..e24407738 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -64,43 +64,22 @@ #define AES_BLOCK_SIZE 16 -static inline -u32 generic_rotr32 (const u32 x, const unsigned bits) -{ - const unsigned n = bits % 32; - return (x >> n) | (x << (32 - n)); -} - -static inline -u32 generic_rotl32 (const u32 x, const unsigned bits) -{ - const unsigned n = bits % 32; - return (x << n) | (x >> (32 - n)); -} - -#define rotl generic_rotl32 -#define rotr generic_rotr32 - /* * #define byte(x, nr) ((unsigned char)((x) >> (nr*8))) */ -inline static u8 +static inline u8 byte(const u32 x, const unsigned n) { return x >> (n << 3); } -#define u32_in(x) le32_to_cpu(*(const u32 *)(x)) -#define u32_out(to, from) (*(u32 *)(to) = cpu_to_le32(from)) - struct aes_ctx { int key_length; - u32 E[60]; - u32 D[60]; + u32 buf[120]; }; -#define E_KEY ctx->E -#define D_KEY ctx->D +#define E_KEY (&ctx->buf[0]) +#define D_KEY (&ctx->buf[60]) static u8 pow_tab[256] __initdata; static u8 log_tab[256] __initdata; @@ -191,26 +170,26 @@ gen_tabs (void) t = p; fl_tab[0][i] = t; - fl_tab[1][i] = rotl (t, 8); - fl_tab[2][i] = rotl (t, 16); - fl_tab[3][i] = rotl (t, 24); + fl_tab[1][i] = rol32(t, 8); + fl_tab[2][i] = rol32(t, 16); + fl_tab[3][i] = rol32(t, 24); t = ((u32) ff_mult (2, p)) | ((u32) p << 8) | ((u32) p << 16) | ((u32) ff_mult (3, p) << 24); ft_tab[0][i] = t; - ft_tab[1][i] = rotl (t, 8); - ft_tab[2][i] = rotl (t, 16); - ft_tab[3][i] = rotl (t, 24); + ft_tab[1][i] = rol32(t, 8); + ft_tab[2][i] = rol32(t, 16); + ft_tab[3][i] = rol32(t, 24); p = isb_tab[i]; t = p; il_tab[0][i] = t; - il_tab[1][i] = rotl (t, 8); - il_tab[2][i] = rotl (t, 16); - il_tab[3][i] = rotl (t, 24); + il_tab[1][i] = rol32(t, 8); + il_tab[2][i] = rol32(t, 16); + il_tab[3][i] = rol32(t, 24); t = ((u32) ff_mult (14, p)) | ((u32) ff_mult (9, p) << 8) | @@ -218,9 +197,9 @@ gen_tabs (void) ((u32) ff_mult (11, p) << 24); it_tab[0][i] = t; - it_tab[1][i] = rotl (t, 8); - it_tab[2][i] = rotl (t, 16); - it_tab[3][i] = rotl (t, 24); + it_tab[1][i] = rol32(t, 8); + it_tab[2][i] = rol32(t, 16); + it_tab[3][i] = rol32(t, 24); } } @@ -232,14 +211,14 @@ gen_tabs (void) w = star_x(v); \ t = w ^ (x); \ (y) = u ^ v ^ w; \ - (y) ^= rotr(u ^ t, 8) ^ \ - rotr(v ^ t, 16) ^ \ - rotr(t,24) + (y) ^= ror32(u ^ t, 8) ^ \ + ror32(v ^ t, 16) ^ \ + ror32(t,24) /* initialise the key schedule from the user supplied key */ #define loop4(i) \ -{ t = rotr(t, 8); t = ls_box(t) ^ rco_tab[i]; \ +{ t = ror32(t, 8); t = ls_box(t) ^ rco_tab[i]; \ t ^= E_KEY[4 * i]; E_KEY[4 * i + 4] = t; \ t ^= E_KEY[4 * i + 1]; E_KEY[4 * i + 5] = t; \ t ^= E_KEY[4 * i + 2]; E_KEY[4 * i + 6] = t; \ @@ -247,7 +226,7 @@ gen_tabs (void) } #define loop6(i) \ -{ t = rotr(t, 8); t = ls_box(t) ^ rco_tab[i]; \ +{ t = ror32(t, 8); t = ls_box(t) ^ rco_tab[i]; \ t ^= E_KEY[6 * i]; E_KEY[6 * i + 6] = t; \ t ^= E_KEY[6 * i + 1]; E_KEY[6 * i + 7] = t; \ t ^= E_KEY[6 * i + 2]; E_KEY[6 * i + 8] = t; \ @@ -257,7 +236,7 @@ gen_tabs (void) } #define loop8(i) \ -{ t = rotr(t, 8); ; t = ls_box(t) ^ rco_tab[i]; \ +{ t = ror32(t, 8); ; t = ls_box(t) ^ rco_tab[i]; \ t ^= E_KEY[8 * i]; E_KEY[8 * i + 8] = t; \ t ^= E_KEY[8 * i + 1]; E_KEY[8 * i + 9] = t; \ t ^= E_KEY[8 * i + 2]; E_KEY[8 * i + 10] = t; \ @@ -269,23 +248,25 @@ gen_tabs (void) t ^= E_KEY[8 * i + 7]; E_KEY[8 * i + 15] = t; \ } -static int -aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) +static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, + unsigned int key_len) { - struct aes_ctx *ctx = ctx_arg; + struct aes_ctx *ctx = crypto_tfm_ctx(tfm); + const __le32 *key = (const __le32 *)in_key; + u32 *flags = &tfm->crt_flags; u32 i, t, u, v, w; - if (key_len != 16 && key_len != 24 && key_len != 32) { + if (key_len % 8) { *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; return -EINVAL; } ctx->key_length = key_len; - E_KEY[0] = u32_in (in_key); - E_KEY[1] = u32_in (in_key + 4); - E_KEY[2] = u32_in (in_key + 8); - E_KEY[3] = u32_in (in_key + 12); + E_KEY[0] = le32_to_cpu(key[0]); + E_KEY[1] = le32_to_cpu(key[1]); + E_KEY[2] = le32_to_cpu(key[2]); + E_KEY[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: @@ -295,17 +276,17 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 24: - E_KEY[4] = u32_in (in_key + 16); - t = E_KEY[5] = u32_in (in_key + 20); + E_KEY[4] = le32_to_cpu(key[4]); + t = E_KEY[5] = le32_to_cpu(key[5]); for (i = 0; i < 8; ++i) loop6 (i); break; case 32: - E_KEY[4] = u32_in (in_key + 16); - E_KEY[5] = u32_in (in_key + 20); - E_KEY[6] = u32_in (in_key + 24); - t = E_KEY[7] = u32_in (in_key + 28); + E_KEY[4] = le32_to_cpu(key[4]); + E_KEY[5] = le32_to_cpu(key[5]); + E_KEY[6] = le32_to_cpu(key[6]); + t = E_KEY[7] = le32_to_cpu(key[7]); for (i = 0; i < 7; ++i) loop8 (i); break; @@ -338,16 +319,18 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) f_rl(bo, bi, 2, k); \ f_rl(bo, bi, 3, k) -static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) +static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { - const struct aes_ctx *ctx = ctx_arg; + const struct aes_ctx *ctx = crypto_tfm_ctx(tfm); + const __le32 *src = (const __le32 *)in; + __le32 *dst = (__le32 *)out; u32 b0[4], b1[4]; const u32 *kp = E_KEY + 4; - b0[0] = u32_in (in) ^ E_KEY[0]; - b0[1] = u32_in (in + 4) ^ E_KEY[1]; - b0[2] = u32_in (in + 8) ^ E_KEY[2]; - b0[3] = u32_in (in + 12) ^ E_KEY[3]; + b0[0] = le32_to_cpu(src[0]) ^ E_KEY[0]; + b0[1] = le32_to_cpu(src[1]) ^ E_KEY[1]; + b0[2] = le32_to_cpu(src[2]) ^ E_KEY[2]; + b0[3] = le32_to_cpu(src[3]) ^ E_KEY[3]; if (ctx->key_length > 24) { f_nround (b1, b0, kp); @@ -370,10 +353,10 @@ static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) f_nround (b1, b0, kp); f_lround (b0, b1, kp); - u32_out (out, b0[0]); - u32_out (out + 4, b0[1]); - u32_out (out + 8, b0[2]); - u32_out (out + 12, b0[3]); + dst[0] = cpu_to_le32(b0[0]); + dst[1] = cpu_to_le32(b0[1]); + dst[2] = cpu_to_le32(b0[2]); + dst[3] = cpu_to_le32(b0[3]); } /* decrypt a block of text */ @@ -391,17 +374,19 @@ static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) i_rl(bo, bi, 2, k); \ i_rl(bo, bi, 3, k) -static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in) +static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) { - const struct aes_ctx *ctx = ctx_arg; + const struct aes_ctx *ctx = crypto_tfm_ctx(tfm); + const __le32 *src = (const __le32 *)in; + __le32 *dst = (__le32 *)out; u32 b0[4], b1[4]; const int key_len = ctx->key_length; const u32 *kp = D_KEY + key_len + 20; - b0[0] = u32_in (in) ^ E_KEY[key_len + 24]; - b0[1] = u32_in (in + 4) ^ E_KEY[key_len + 25]; - b0[2] = u32_in (in + 8) ^ E_KEY[key_len + 26]; - b0[3] = u32_in (in + 12) ^ E_KEY[key_len + 27]; + b0[0] = le32_to_cpu(src[0]) ^ E_KEY[key_len + 24]; + b0[1] = le32_to_cpu(src[1]) ^ E_KEY[key_len + 25]; + b0[2] = le32_to_cpu(src[2]) ^ E_KEY[key_len + 26]; + b0[3] = le32_to_cpu(src[3]) ^ E_KEY[key_len + 27]; if (key_len > 24) { i_nround (b1, b0, kp); @@ -424,18 +409,21 @@ static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in) i_nround (b1, b0, kp); i_lround (b0, b1, kp); - u32_out (out, b0[0]); - u32_out (out + 4, b0[1]); - u32_out (out + 8, b0[2]); - u32_out (out + 12, b0[3]); + dst[0] = cpu_to_le32(b0[0]); + dst[1] = cpu_to_le32(b0[1]); + dst[2] = cpu_to_le32(b0[2]); + dst[3] = cpu_to_le32(b0[3]); } static struct crypto_alg aes_alg = { .cra_name = "aes", + .cra_driver_name = "aes-generic", + .cra_priority = 100, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), + .cra_alignmask = 3, .cra_module = THIS_MODULE, .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), .cra_u = {