From: Pascal van Leeuwen <pascalvanl@gmail.com>
To: linux-crypto@vger.kernel.org
Cc: antoine.tenart@bootlin.com, herbert@gondor.apana.org.au,
davem@davemloft.net,
Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Subject: [PATCH 1/3] crypto: inside-secure - add support for authenc(hmac(sha1),cbc(des3_ede))
Date: Fri, 5 Jul 2019 08:49:22 +0200 [thread overview]
Message-ID: <1562309364-942-2-git-send-email-pvanleeuwen@verimatrix.com> (raw)
In-Reply-To: <1562309364-942-1-git-send-email-pvanleeuwen@verimatrix.com>
Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
---
drivers/crypto/inside-secure/safexcel.c | 1 +
drivers/crypto/inside-secure/safexcel.h | 1 +
drivers/crypto/inside-secure/safexcel_cipher.c | 89 ++++++++++++++++++++------
3 files changed, 72 insertions(+), 19 deletions(-)
diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-secure/safexcel.c
index 8e8c01d..c3bb177 100644
--- a/drivers/crypto/inside-secure/safexcel.c
+++ b/drivers/crypto/inside-secure/safexcel.c
@@ -1004,6 +1004,7 @@ static int safexcel_request_ring_irq(void *pdev, int irqid,
&safexcel_alg_authenc_hmac_sha256_cbc_aes,
&safexcel_alg_authenc_hmac_sha384_cbc_aes,
&safexcel_alg_authenc_hmac_sha512_cbc_aes,
+ &safexcel_alg_authenc_hmac_sha1_cbc_des3_ede,
};
static int safexcel_register_algorithms(struct safexcel_crypto_priv *priv)
diff --git a/drivers/crypto/inside-secure/safexcel.h b/drivers/crypto/inside-secure/safexcel.h
index b68fec3..765f481 100644
--- a/drivers/crypto/inside-secure/safexcel.h
+++ b/drivers/crypto/inside-secure/safexcel.h
@@ -765,5 +765,6 @@ int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned int keylen,
extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha256_cbc_aes;
extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha384_cbc_aes;
extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha512_cbc_aes;
+extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des3_ede;
#endif
diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c
index ea122dd..5eed890 100644
--- a/drivers/crypto/inside-secure/safexcel_cipher.c
+++ b/drivers/crypto/inside-secure/safexcel_cipher.c
@@ -183,14 +183,16 @@ static int safexcel_skcipher_aes_setkey(struct crypto_skcipher *ctfm,
return 0;
}
-static int safexcel_aead_aes_setkey(struct crypto_aead *ctfm, const u8 *key,
- unsigned int len)
+static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
+ unsigned int len)
{
struct crypto_tfm *tfm = crypto_aead_tfm(ctfm);
struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
struct safexcel_ahash_export_state istate, ostate;
struct safexcel_crypto_priv *priv = ctx->priv;
struct crypto_authenc_keys keys;
+ u32 flags;
+ int err;
if (crypto_authenc_extractkeys(&keys, key, len) != 0)
goto badkey;
@@ -199,6 +201,15 @@ static int safexcel_aead_aes_setkey(struct crypto_aead *ctfm, const u8 *key,
goto badkey;
/* Encryption key */
+ if (ctx->alg == SAFEXCEL_3DES) {
+ flags = crypto_aead_get_flags(ctfm);
+ err = __des3_verify_key(&flags, keys.enckey);
+ crypto_aead_set_flags(ctfm, flags);
+
+ if (unlikely(err))
+ return err;
+ }
+
if (priv->flags & EIP197_TRC_CACHE && ctx->base.ctxr_dma &&
memcmp(ctx->key, keys.enckey, keys.enckeylen))
ctx->base.needs_inv = true;
@@ -1240,7 +1251,7 @@ struct safexcel_alg_template safexcel_alg_ecb_des3_ede = {
},
};
-static int safexcel_aead_encrypt(struct aead_request *req)
+static int safexcel_aead_encrypt_aes(struct aead_request *req)
{
struct safexcel_cipher_req *creq = aead_request_ctx(req);
@@ -1248,7 +1259,7 @@ static int safexcel_aead_encrypt(struct aead_request *req)
CONTEXT_CONTROL_CRYPTO_MODE_CBC, SAFEXCEL_AES);
}
-static int safexcel_aead_decrypt(struct aead_request *req)
+static int safexcel_aead_decrypt_aes(struct aead_request *req)
{
struct safexcel_cipher_req *creq = aead_request_ctx(req);
@@ -1287,9 +1298,9 @@ static int safexcel_aead_sha1_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA1_DIGEST_SIZE,
.base = {
@@ -1321,9 +1332,9 @@ static int safexcel_aead_sha256_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha256_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA256_DIGEST_SIZE,
.base = {
@@ -1355,9 +1366,9 @@ static int safexcel_aead_sha224_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha224_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA224_DIGEST_SIZE,
.base = {
@@ -1389,9 +1400,9 @@ static int safexcel_aead_sha512_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha512_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA512_DIGEST_SIZE,
.base = {
@@ -1423,9 +1434,9 @@ static int safexcel_aead_sha384_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha384_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA384_DIGEST_SIZE,
.base = {
@@ -1443,3 +1454,43 @@ struct safexcel_alg_template safexcel_alg_authenc_hmac_sha384_cbc_aes = {
},
},
};
+
+static int safexcel_aead_encrypt_3des(struct aead_request *req)
+{
+ struct safexcel_cipher_req *creq = aead_request_ctx(req);
+
+ return safexcel_queue_req(&req->base, creq, SAFEXCEL_ENCRYPT,
+ CONTEXT_CONTROL_CRYPTO_MODE_CBC, SAFEXCEL_3DES);
+}
+
+static int safexcel_aead_decrypt_3des(struct aead_request *req)
+{
+ struct safexcel_cipher_req *creq = aead_request_ctx(req);
+
+ return safexcel_queue_req(&req->base, creq, SAFEXCEL_DECRYPT,
+ CONTEXT_CONTROL_CRYPTO_MODE_CBC, SAFEXCEL_3DES);
+}
+
+struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des3_ede = {
+ .type = SAFEXCEL_ALG_TYPE_AEAD,
+ .alg.aead = {
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_3des,
+ .decrypt = safexcel_aead_decrypt_3des,
+ .ivsize = DES3_EDE_BLOCK_SIZE,
+ .maxauthsize = SHA1_DIGEST_SIZE,
+ .base = {
+ .cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
+ .cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-des3_ede",
+ .cra_priority = 300,
+ .cra_flags = CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = DES3_EDE_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
+ .cra_alignmask = 0,
+ .cra_init = safexcel_aead_sha1_cra_init,
+ .cra_exit = safexcel_aead_cra_exit,
+ .cra_module = THIS_MODULE,
+ },
+ },
+};
--
1.8.3.1
next prev parent reply other threads:[~2019-07-05 7:53 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-05 6:49 [PATCH 0/3] crypto: inside-secure - add more AEAD ciphersuites Pascal van Leeuwen
2019-07-05 6:49 ` Pascal van Leeuwen [this message]
2019-07-26 12:19 ` [PATCH 1/3] crypto: inside-secure - add support for authenc(hmac(sha1),cbc(des3_ede)) Antoine Tenart
2019-07-26 12:57 ` Pascal Van Leeuwen
2019-07-26 13:07 ` Antoine Tenart
2019-07-26 13:38 ` Pascal Van Leeuwen
2019-07-30 14:01 ` Pascal Van Leeuwen
2019-07-30 14:09 ` Antoine Tenart
2019-07-05 6:49 ` [PATCH 2/3] crypto: inside-secure - added support for rfc3686(ctr(aes)) Pascal van Leeuwen
2019-07-26 12:33 ` Antoine Tenart
2019-07-26 13:28 ` Pascal Van Leeuwen
2019-07-26 13:46 ` Antoine Tenart
2019-07-26 14:29 ` Pascal Van Leeuwen
2019-07-30 8:24 ` Antoine Tenart
2019-07-30 10:54 ` Pascal Van Leeuwen
2019-07-05 6:49 ` [PATCH 3/3] crypto: inside-secure - add support for authenc(hmac(sha*),rfc3686(ctr(aes))) suites Pascal van Leeuwen
2019-07-26 12:32 ` [PATCH 0/3] crypto: inside-secure - add more AEAD ciphersuites Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1562309364-942-2-git-send-email-pvanleeuwen@verimatrix.com \
--to=pascalvanl@gmail.com \
--cc=antoine.tenart@bootlin.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=pvanleeuwen@verimatrix.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.