diff options
| author | Eric Biggers <ebiggers@kernel.org> | 2026-01-12 11:20:30 -0800 |
|---|---|---|
| committer | Eric Biggers <ebiggers@kernel.org> | 2026-01-15 14:09:08 -0800 |
| commit | 7fcb22dc7765185a86077f65179ec4fa3f30b910 (patch) | |
| tree | 86ae67536ede64d08ba2e96a0f3f8c3322533bfe /drivers/char | |
| parent | 86120434712314077fc7aeeaaf732521d1446736 (diff) | |
lib/crypto: aescfb: Use new AES library API
Switch from the old AES library functions (which use struct
crypto_aes_ctx) to the new ones (which use struct aes_enckey). This
eliminates the unnecessary computation and caching of the decryption
round keys. The new AES en/decryption functions are also much faster
and use AES instructions when supported by the CPU.
Note that in addition to the change in the key preparation function and
the key struct type itself, the change in the type of the key struct
results in aes_encrypt() (which is temporarily a type-generic macro)
calling the new encryption function rather than the old one.
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lore.kernel.org/r/20260112192035.10427-33-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Diffstat (limited to 'drivers/char')
| -rw-r--r-- | drivers/char/tpm/tpm2-sessions.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessions.c index 4149379665c4..09df6353ef04 100644 --- a/drivers/char/tpm/tpm2-sessions.c +++ b/drivers/char/tpm/tpm2-sessions.c @@ -126,7 +126,7 @@ struct tpm2_auth { u8 session_key[SHA256_DIGEST_SIZE]; u8 passphrase[SHA256_DIGEST_SIZE]; int passphrase_len; - struct crypto_aes_ctx aes_ctx; + struct aes_enckey aes_key; /* saved session attributes: */ u8 attrs; __be32 ordinal; @@ -677,8 +677,8 @@ int tpm_buf_fill_hmac_session(struct tpm_chip *chip, struct tpm_buf *buf) auth->scratch); len = tpm_buf_read_u16(buf, &offset_p); - aes_expandkey(&auth->aes_ctx, auth->scratch, AES_KEY_BYTES); - aescfb_encrypt(&auth->aes_ctx, &buf->data[offset_p], + aes_prepareenckey(&auth->aes_key, auth->scratch, AES_KEY_BYTES); + aescfb_encrypt(&auth->aes_key, &buf->data[offset_p], &buf->data[offset_p], len, auth->scratch + AES_KEY_BYTES); /* reset p to beginning of parameters for HMAC */ @@ -858,8 +858,8 @@ int tpm_buf_check_hmac_response(struct tpm_chip *chip, struct tpm_buf *buf, auth->scratch); len = tpm_buf_read_u16(buf, &offset_p); - aes_expandkey(&auth->aes_ctx, auth->scratch, AES_KEY_BYTES); - aescfb_decrypt(&auth->aes_ctx, &buf->data[offset_p], + aes_prepareenckey(&auth->aes_key, auth->scratch, AES_KEY_BYTES); + aescfb_decrypt(&auth->aes_key, &buf->data[offset_p], &buf->data[offset_p], len, auth->scratch + AES_KEY_BYTES); } |