From: Pascal van Leeuwen <pascalvanl@gmail.com>
To: linux-crypto@vger.kernel.org
Cc: antoine.tenart@bootlin.com, herbert@gondor.apana.org.au,
davem@davemloft.net,
Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Subject: [PATCH 1/3] crypto: inside-secure - add support for authenc(hmac(sha1),cbc(des3_ede))
Date: Fri, 5 Jul 2019 08:49:22 +0200 [thread overview]
Message-ID: <1562309364-942-2-git-send-email-pvanleeuwen@verimatrix.com> (raw)
In-Reply-To: <1562309364-942-1-git-send-email-pvanleeuwen@verimatrix.com>
Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
---
drivers/crypto/inside-secure/safexcel.c | 1 +
drivers/crypto/inside-secure/safexcel.h | 1 +
drivers/crypto/inside-secure/safexcel_cipher.c | 89 ++++++++++++++++++++------
3 files changed, 72 insertions(+), 19 deletions(-)
diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-secure/safexcel.c
index 8e8c01d..c3bb177 100644
--- a/drivers/crypto/inside-secure/safexcel.c
+++ b/drivers/crypto/inside-secure/safexcel.c
@@ -1004,6 +1004,7 @@ static int safexcel_request_ring_irq(void *pdev, int irqid,
&safexcel_alg_authenc_hmac_sha256_cbc_aes,
&safexcel_alg_authenc_hmac_sha384_cbc_aes,
&safexcel_alg_authenc_hmac_sha512_cbc_aes,
+ &safexcel_alg_authenc_hmac_sha1_cbc_des3_ede,
};
static int safexcel_register_algorithms(struct safexcel_crypto_priv *priv)
diff --git a/drivers/crypto/inside-secure/safexcel.h b/drivers/crypto/inside-secure/safexcel.h
index b68fec3..765f481 100644
--- a/drivers/crypto/inside-secure/safexcel.h
+++ b/drivers/crypto/inside-secure/safexcel.h
@@ -765,5 +765,6 @@ int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned int keylen,
extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha256_cbc_aes;
extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha384_cbc_aes;
extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha512_cbc_aes;
+extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des3_ede;
#endif
diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c
index ea122dd..5eed890 100644
--- a/drivers/crypto/inside-secure/safexcel_cipher.c
+++ b/drivers/crypto/inside-secure/safexcel_cipher.c
@@ -183,14 +183,16 @@ static int safexcel_skcipher_aes_setkey(struct crypto_skcipher *ctfm,
return 0;
}
-static int safexcel_aead_aes_setkey(struct crypto_aead *ctfm, const u8 *key,
- unsigned int len)
+static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
+ unsigned int len)
{
struct crypto_tfm *tfm = crypto_aead_tfm(ctfm);
struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
struct safexcel_ahash_export_state istate, ostate;
struct safexcel_crypto_priv *priv = ctx->priv;
struct crypto_authenc_keys keys;
+ u32 flags;
+ int err;
if (crypto_authenc_extractkeys(&keys, key, len) != 0)
goto badkey;
@@ -199,6 +201,15 @@ static int safexcel_aead_aes_setkey(struct crypto_aead *ctfm, const u8 *key,
goto badkey;
/* Encryption key */
+ if (ctx->alg == SAFEXCEL_3DES) {
+ flags = crypto_aead_get_flags(ctfm);
+ err = __des3_verify_key(&flags, keys.enckey);
+ crypto_aead_set_flags(ctfm, flags);
+
+ if (unlikely(err))
+ return err;
+ }
+
if (priv->flags & EIP197_TRC_CACHE && ctx->base.ctxr_dma &&
memcmp(ctx->key, keys.enckey, keys.enckeylen))
ctx->base.needs_inv = true;
@@ -1240,7 +1251,7 @@ struct safexcel_alg_template safexcel_alg_ecb_des3_ede = {
},
};
-static int safexcel_aead_encrypt(struct aead_request *req)
+static int safexcel_aead_encrypt_aes(struct aead_request *req)
{
struct safexcel_cipher_req *creq = aead_request_ctx(req);
@@ -1248,7 +1259,7 @@ static int safexcel_aead_encrypt(struct aead_request *req)
CONTEXT_CONTROL_CRYPTO_MODE_CBC, SAFEXCEL_AES);
}
-static int safexcel_aead_decrypt(struct aead_request *req)
+static int safexcel_aead_decrypt_aes(struct aead_request *req)
{
struct safexcel_cipher_req *creq = aead_request_ctx(req);
@@ -1287,9 +1298,9 @@ static int safexcel_aead_sha1_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA1_DIGEST_SIZE,
.base = {
@@ -1321,9 +1332,9 @@ static int safexcel_aead_sha256_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha256_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA256_DIGEST_SIZE,
.base = {
@@ -1355,9 +1366,9 @@ static int safexcel_aead_sha224_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha224_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA224_DIGEST_SIZE,
.base = {
@@ -1389,9 +1400,9 @@ static int safexcel_aead_sha512_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha512_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA512_DIGEST_SIZE,
.base = {
@@ -1423,9 +1434,9 @@ static int safexcel_aead_sha384_cra_init(struct crypto_tfm *tfm)
struct safexcel_alg_template safexcel_alg_authenc_hmac_sha384_cbc_aes = {
.type = SAFEXCEL_ALG_TYPE_AEAD,
.alg.aead = {
- .setkey = safexcel_aead_aes_setkey,
- .encrypt = safexcel_aead_encrypt,
- .decrypt = safexcel_aead_decrypt,
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_aes,
+ .decrypt = safexcel_aead_decrypt_aes,
.ivsize = AES_BLOCK_SIZE,
.maxauthsize = SHA384_DIGEST_SIZE,
.base = {
@@ -1443,3 +1454,43 @@ struct safexcel_alg_template safexcel_alg_authenc_hmac_sha384_cbc_aes = {
},
},
};
+
+static int safexcel_aead_encrypt_3des(struct aead_request *req)
+{
+ struct safexcel_cipher_req *creq = aead_request_ctx(req);
+
+ return safexcel_queue_req(&req->base, creq, SAFEXCEL_ENCRYPT,
+ CONTEXT_CONTROL_CRYPTO_MODE_CBC, SAFEXCEL_3DES);
+}
+
+static int safexcel_aead_decrypt_3des(struct aead_request *req)
+{
+ struct safexcel_cipher_req *creq = aead_request_ctx(req);
+
+ return safexcel_queue_req(&req->base, creq, SAFEXCEL_DECRYPT,
+ CONTEXT_CONTROL_CRYPTO_MODE_CBC, SAFEXCEL_3DES);
+}
+
+struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des3_ede = {
+ .type = SAFEXCEL_ALG_TYPE_AEAD,
+ .alg.aead = {
+ .setkey = safexcel_aead_setkey,
+ .encrypt = safexcel_aead_encrypt_3des,
+ .decrypt = safexcel_aead_decrypt_3des,
+ .ivsize = DES3_EDE_BLOCK_SIZE,
+ .maxauthsize = SHA1_DIGEST_SIZE,
+ .base = {
+ .cra_name = "authenc(hmac(sha1),cbc(des3_ede))",
+ .cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-des3_ede",
+ .cra_priority = 300,
+ .cra_flags = CRYPTO_ALG_ASYNC |
+ CRYPTO_ALG_KERN_DRIVER_ONLY,
+ .cra_blocksize = DES3_EDE_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
+ .cra_alignmask = 0,
+ .cra_init = safexcel_aead_sha1_cra_init,
+ .cra_exit = safexcel_aead_cra_exit,
+ .cra_module = THIS_MODULE,
+ },
+ },
+};
--
1.8.3.1
next prev parent reply other threads:[~2019-07-05 7:53 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-05 6:49 [PATCH 0/3] crypto: inside-secure - add more AEAD ciphersuites Pascal van Leeuwen
2019-07-05 6:49 ` Pascal van Leeuwen [this message]
2019-07-26 12:19 ` [PATCH 1/3] crypto: inside-secure - add support for authenc(hmac(sha1),cbc(des3_ede)) Antoine Tenart
2019-07-26 12:57 ` Pascal Van Leeuwen
2019-07-26 13:07 ` Antoine Tenart
2019-07-26 13:38 ` Pascal Van Leeuwen
2019-07-30 14:01 ` Pascal Van Leeuwen
2019-07-30 14:09 ` Antoine Tenart
2019-07-05 6:49 ` [PATCH 2/3] crypto: inside-secure - added support for rfc3686(ctr(aes)) Pascal van Leeuwen
2019-07-26 12:33 ` Antoine Tenart
2019-07-26 13:28 ` Pascal Van Leeuwen
2019-07-26 13:46 ` Antoine Tenart
2019-07-26 14:29 ` Pascal Van Leeuwen
2019-07-30 8:24 ` Antoine Tenart
2019-07-30 10:54 ` Pascal Van Leeuwen
2019-07-05 6:49 ` [PATCH 3/3] crypto: inside-secure - add support for authenc(hmac(sha*),rfc3686(ctr(aes))) suites Pascal van Leeuwen
2019-07-26 12:32 ` [PATCH 0/3] crypto: inside-secure - add more AEAD ciphersuites Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1562309364-942-2-git-send-email-pvanleeuwen@verimatrix.com \
--to=pascalvanl@gmail.com \
--cc=antoine.tenart@bootlin.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=pvanleeuwen@verimatrix.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).