search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
staging: rtl8192u: remove redundant assignment to pointer crypt
[linux/fpc-iii.git] / arch / arm64 / crypto / aes-ce-glue.c
blobd3bc97afde203c61f785290648a776dcbf7c8ffc
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * aes-ce-cipher.c - core AES cipher using ARMv8 Crypto Extensions
4 *
5 * Copyright (C) 2013 - 2017 Linaro Ltd <ard.biesheuvel@linaro.org>
6 */
7
8 #include <asm/neon.h>
9 #include <asm/simd.h>
10 #include <asm/unaligned.h>
11 #include <crypto/aes.h>
12 #include <crypto/internal/simd.h>
13 #include <linux/cpufeature.h>
14 #include <linux/crypto.h>
15 #include <linux/module.h>
16
17 #include "aes-ce-setkey.h"
18
19 MODULE_DESCRIPTION("Synchronous AES cipher using ARMv8 Crypto Extensions");
20 MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@linaro.org>");
21 MODULE_LICENSE("GPL v2");
22
23 asmlinkage void __aes_arm64_encrypt(u32 *rk, u8 *out, const u8 *in, int rounds);
24 asmlinkage void __aes_arm64_decrypt(u32 *rk, u8 *out, const u8 *in, int rounds);
25
26 struct aes_block {
27 u8 b[AES_BLOCK_SIZE];
28 };
29
30 asmlinkage void __aes_ce_encrypt(u32 *rk, u8 *out, const u8 *in, int rounds);
31 asmlinkage void __aes_ce_decrypt(u32 *rk, u8 *out, const u8 *in, int rounds);
32
33 asmlinkage u32 __aes_ce_sub(u32 l);
34 asmlinkage void __aes_ce_invert(struct aes_block *out,
35 const struct aes_block *in);
36
37 static int num_rounds(struct crypto_aes_ctx *ctx)
38 {
39 /*
40 * # of rounds specified by AES:
41 * 128 bit key 10 rounds
42 * 192 bit key 12 rounds
43 * 256 bit key 14 rounds
44 * => n byte key => 6 + (n/4) rounds
45 */
46 return 6 + ctx->key_length / 4;
47 }
48
49 static void aes_cipher_encrypt(struct crypto_tfm *tfm, u8 dst[], u8 const src[])
50 {
51 struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
52
53 if (!crypto_simd_usable()) {
54 __aes_arm64_encrypt(ctx->key_enc, dst, src, num_rounds(ctx));
55 return;
56 }
57
58 kernel_neon_begin();
59 __aes_ce_encrypt(ctx->key_enc, dst, src, num_rounds(ctx));
60 kernel_neon_end();
61 }
62
63 static void aes_cipher_decrypt(struct crypto_tfm *tfm, u8 dst[], u8 const src[])
64 {
65 struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
66
67 if (!crypto_simd_usable()) {
68 __aes_arm64_decrypt(ctx->key_dec, dst, src, num_rounds(ctx));
69 return;
70 }
71
72 kernel_neon_begin();
73 __aes_ce_decrypt(ctx->key_dec, dst, src, num_rounds(ctx));
74 kernel_neon_end();
75 }
76
77 int ce_aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
78 unsigned int key_len)
79 {
80 /*
81 * The AES key schedule round constants
82 */
83 static u8 const rcon[] = {
84 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36,
85 };
86
87 u32 kwords = key_len / sizeof(u32);
88 struct aes_block *key_enc, *key_dec;
89 int i, j;
90
91 if (key_len != AES_KEYSIZE_128 &&
92 key_len != AES_KEYSIZE_192 &&
93 key_len != AES_KEYSIZE_256)
94 return -EINVAL;
95
96 ctx->key_length = key_len;
97 for (i = 0; i < kwords; i++)
98 ctx->key_enc[i] = get_unaligned_le32(in_key + i * sizeof(u32));
99
100 kernel_neon_begin();
101 for (i = 0; i < sizeof(rcon); i++) {
102 u32 *rki = ctx->key_enc + (i * kwords);
103 u32 *rko = rki + kwords;
104
105 rko[0] = ror32(__aes_ce_sub(rki[kwords - 1]), 8) ^ rcon[i] ^ rki[0];
106 rko[1] = rko[0] ^ rki[1];
107 rko[2] = rko[1] ^ rki[2];
108 rko[3] = rko[2] ^ rki[3];
109
110 if (key_len == AES_KEYSIZE_192) {
111 if (i >= 7)
112 break;
113 rko[4] = rko[3] ^ rki[4];
114 rko[5] = rko[4] ^ rki[5];
115 } else if (key_len == AES_KEYSIZE_256) {
116 if (i >= 6)
117 break;
118 rko[4] = __aes_ce_sub(rko[3]) ^ rki[4];
119 rko[5] = rko[4] ^ rki[5];
120 rko[6] = rko[5] ^ rki[6];
121 rko[7] = rko[6] ^ rki[7];
122 }
123 }
124
125 /*
126 * Generate the decryption keys for the Equivalent Inverse Cipher.
127 * This involves reversing the order of the round keys, and applying
128 * the Inverse Mix Columns transformation on all but the first and
129 * the last one.
130 */
131 key_enc = (struct aes_block *)ctx->key_enc;
132 key_dec = (struct aes_block *)ctx->key_dec;
133 j = num_rounds(ctx);
134
135 key_dec[0] = key_enc[j];
136 for (i = 1, j--; j > 0; i++, j--)
137 __aes_ce_invert(key_dec + i, key_enc + j);
138 key_dec[i] = key_enc[0];
139
140 kernel_neon_end();
141 return 0;
142 }
143 EXPORT_SYMBOL(ce_aes_expandkey);
144
145 int ce_aes_setkey(struct crypto_tfm *tfm, const u8 *in_key,
146 unsigned int key_len)
147 {
148 struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
149 int ret;
150
151 ret = ce_aes_expandkey(ctx, in_key, key_len);
152 if (!ret)
153 return 0;
154
155 tfm->crt_flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
156 return -EINVAL;
157 }
158 EXPORT_SYMBOL(ce_aes_setkey);
159
160 static struct crypto_alg aes_alg = {
161 .cra_name = "aes",
162 .cra_driver_name = "aes-ce",
163 .cra_priority = 250,
164 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
165 .cra_blocksize = AES_BLOCK_SIZE,
166 .cra_ctxsize = sizeof(struct crypto_aes_ctx),
167 .cra_module = THIS_MODULE,
168 .cra_cipher = {
169 .cia_min_keysize = AES_MIN_KEY_SIZE,
170 .cia_max_keysize = AES_MAX_KEY_SIZE,
171 .cia_setkey = ce_aes_setkey,
172 .cia_encrypt = aes_cipher_encrypt,
173 .cia_decrypt = aes_cipher_decrypt
174 }
175 };
176
177 static int __init aes_mod_init(void)
178 {
179 return crypto_register_alg(&aes_alg);
180 }
181
182 static void __exit aes_mod_exit(void)
183 {
184 crypto_unregister_alg(&aes_alg);
185 }
186
187 module_cpu_feature_match(AES, aes_mod_init);
188 module_exit(aes_mod_exit);
Linux with added FPC-III support