From edbd1ecbd8b8fde1b69cc0d20f7d50532e225a0f Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Wed, 24 Jan 2018 19:09:07 -0800 Subject: crypto: mcryptd - remove pointless wrapper functions There is no need for ahash_mcryptd_{update,final,finup,digest}(); we should just call crypto_ahash_*() directly. Signed-off-by: Eric Biggers Acked-by: Tim Chen Signed-off-by: Herbert Xu --- include/crypto/internal/hash.h | 5 ----- 1 file changed, 5 deletions(-) (limited to 'include/crypto') diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h index 27040a46d50a..a0b0ad9d585e 100644 --- a/include/crypto/internal/hash.h +++ b/include/crypto/internal/hash.h @@ -126,11 +126,6 @@ int shash_ahash_update(struct ahash_request *req, struct shash_desc *desc); int shash_ahash_finup(struct ahash_request *req, struct shash_desc *desc); int shash_ahash_digest(struct ahash_request *req, struct shash_desc *desc); -int ahash_mcryptd_update(struct ahash_request *desc); -int ahash_mcryptd_final(struct ahash_request *desc); -int ahash_mcryptd_finup(struct ahash_request *desc); -int ahash_mcryptd_digest(struct ahash_request *desc); - int crypto_init_shash_ops_async(struct crypto_tfm *tfm); static inline void *crypto_ahash_ctx(struct crypto_ahash *tfm) -- cgit v1.2.3 From 218d1cc1860c45b77f6814b44f6f0ffb9e40a82f Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Fri, 26 Jan 2018 20:15:30 +0100 Subject: crypto: engine - Permit to enqueue all async requests The crypto engine could actually only enqueue hash and ablkcipher request. This patch permit it to enqueue any type of crypto_async_request. Signed-off-by: Corentin Labbe Tested-by: Fabien Dessenne Tested-by: Fabien Dessenne Signed-off-by: Herbert Xu --- include/crypto/engine.h | 68 ++++++++++++++++++++++++++++--------------------- 1 file changed, 39 insertions(+), 29 deletions(-) (limited to 'include/crypto') diff --git a/include/crypto/engine.h b/include/crypto/engine.h index dd04c1699b51..1cbec29af3d6 100644 --- a/include/crypto/engine.h +++ b/include/crypto/engine.h @@ -17,7 +17,10 @@ #include #include #include +#include +#include #include +#include #define ENGINE_NAME_LEN 30 /* @@ -37,12 +40,6 @@ * @unprepare_crypt_hardware: there are currently no more requests on the * queue so the subsystem notifies the driver that it may relax the * hardware by issuing this call - * @prepare_cipher_request: do some prepare if need before handle the current request - * @unprepare_cipher_request: undo any work done by prepare_cipher_request() - * @cipher_one_request: do encryption for current request - * @prepare_hash_request: do some prepare if need before handle the current request - * @unprepare_hash_request: undo any work done by prepare_hash_request() - * @hash_one_request: do hash for current request * @kworker: kthread worker struct for request pump * @pump_requests: work struct for scheduling work to the request pump * @priv_data: the engine private data @@ -65,19 +62,6 @@ struct crypto_engine { int (*prepare_crypt_hardware)(struct crypto_engine *engine); int (*unprepare_crypt_hardware)(struct crypto_engine *engine); - int (*prepare_cipher_request)(struct crypto_engine *engine, - struct ablkcipher_request *req); - int (*unprepare_cipher_request)(struct crypto_engine *engine, - struct ablkcipher_request *req); - int (*prepare_hash_request)(struct crypto_engine *engine, - struct ahash_request *req); - int (*unprepare_hash_request)(struct crypto_engine *engine, - struct ahash_request *req); - int (*cipher_one_request)(struct crypto_engine *engine, - struct ablkcipher_request *req); - int (*hash_one_request)(struct crypto_engine *engine, - struct ahash_request *req); - struct kthread_worker *kworker; struct kthread_work pump_requests; @@ -85,19 +69,45 @@ struct crypto_engine { struct crypto_async_request *cur_req; }; -int crypto_transfer_cipher_request(struct crypto_engine *engine, - struct ablkcipher_request *req, - bool need_pump); -int crypto_transfer_cipher_request_to_engine(struct crypto_engine *engine, - struct ablkcipher_request *req); -int crypto_transfer_hash_request(struct crypto_engine *engine, - struct ahash_request *req, bool need_pump); +/* + * struct crypto_engine_op - crypto hardware engine operations + * @prepare__request: do some prepare if need before handle the current request + * @unprepare_request: undo any work done by prepare_request() + * @do_one_request: do encryption for current request + */ +struct crypto_engine_op { + int (*prepare_request)(struct crypto_engine *engine, + void *areq); + int (*unprepare_request)(struct crypto_engine *engine, + void *areq); + int (*do_one_request)(struct crypto_engine *engine, + void *areq); +}; + +struct crypto_engine_ctx { + struct crypto_engine_op op; +}; + +int crypto_transfer_ablkcipher_request_to_engine(struct crypto_engine *engine, + struct ablkcipher_request *req); +int crypto_transfer_aead_request_to_engine(struct crypto_engine *engine, + struct aead_request *req); +int crypto_transfer_akcipher_request_to_engine(struct crypto_engine *engine, + struct akcipher_request *req); int crypto_transfer_hash_request_to_engine(struct crypto_engine *engine, - struct ahash_request *req); -void crypto_finalize_cipher_request(struct crypto_engine *engine, - struct ablkcipher_request *req, int err); + struct ahash_request *req); +int crypto_transfer_skcipher_request_to_engine(struct crypto_engine *engine, + struct skcipher_request *req); +void crypto_finalize_ablkcipher_request(struct crypto_engine *engine, + struct ablkcipher_request *req, int err); +void crypto_finalize_aead_request(struct crypto_engine *engine, + struct aead_request *req, int err); +void crypto_finalize_akcipher_request(struct crypto_engine *engine, + struct akcipher_request *req, int err); void crypto_finalize_hash_request(struct crypto_engine *engine, struct ahash_request *req, int err); +void crypto_finalize_skcipher_request(struct crypto_engine *engine, + struct skcipher_request *req, int err); int crypto_engine_start(struct crypto_engine *engine); int crypto_engine_stop(struct crypto_engine *engine); struct crypto_engine *crypto_engine_alloc_init(struct device *dev, bool rt); -- cgit v1.2.3 From c8c36413ca8ccbf7a0afe71247fc4617ee2dfcfe Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Wed, 14 Feb 2018 10:42:20 -0800 Subject: crypto: speck - export common helpers Export the Speck constants and transform context and the ->setkey(), ->encrypt(), and ->decrypt() functions so that they can be reused by the ARM NEON implementation of Speck-XTS. The generic key expansion code will be reused because it is not performance-critical and is not vectorizable, while the generic encryption and decryption functions are needed as fallbacks and for the XTS tweak encryption. Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- include/crypto/speck.h | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 include/crypto/speck.h (limited to 'include/crypto') diff --git a/include/crypto/speck.h b/include/crypto/speck.h new file mode 100644 index 000000000000..73cfc952d405 --- /dev/null +++ b/include/crypto/speck.h @@ -0,0 +1,62 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Common values for the Speck algorithm + */ + +#ifndef _CRYPTO_SPECK_H +#define _CRYPTO_SPECK_H + +#include + +/* Speck128 */ + +#define SPECK128_BLOCK_SIZE 16 + +#define SPECK128_128_KEY_SIZE 16 +#define SPECK128_128_NROUNDS 32 + +#define SPECK128_192_KEY_SIZE 24 +#define SPECK128_192_NROUNDS 33 + +#define SPECK128_256_KEY_SIZE 32 +#define SPECK128_256_NROUNDS 34 + +struct speck128_tfm_ctx { + u64 round_keys[SPECK128_256_NROUNDS]; + int nrounds; +}; + +void crypto_speck128_encrypt(const struct speck128_tfm_ctx *ctx, + u8 *out, const u8 *in); + +void crypto_speck128_decrypt(const struct speck128_tfm_ctx *ctx, + u8 *out, const u8 *in); + +int crypto_speck128_setkey(struct speck128_tfm_ctx *ctx, const u8 *key, + unsigned int keysize); + +/* Speck64 */ + +#define SPECK64_BLOCK_SIZE 8 + +#define SPECK64_96_KEY_SIZE 12 +#define SPECK64_96_NROUNDS 26 + +#define SPECK64_128_KEY_SIZE 16 +#define SPECK64_128_NROUNDS 27 + +struct speck64_tfm_ctx { + u32 round_keys[SPECK64_128_NROUNDS]; + int nrounds; +}; + +void crypto_speck64_encrypt(const struct speck64_tfm_ctx *ctx, + u8 *out, const u8 *in); + +void crypto_speck64_decrypt(const struct speck64_tfm_ctx *ctx, + u8 *out, const u8 *in); + +int crypto_speck64_setkey(struct speck64_tfm_ctx *ctx, const u8 *key, + unsigned int keysize); + +#endif /* _CRYPTO_SPECK_H */ -- cgit v1.2.3 From d14f0a1fc488af563ec3b3767383190d2b331b5e Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 19 Feb 2018 23:47:59 -0800 Subject: crypto: simd - allow registering multiple algorithms at once Add a function to crypto_simd that registers an array of skcipher algorithms, then allocates and registers the simd wrapper algorithms for them. It assumes the naming scheme where the names of the underlying algorithms are prefixed with two underscores. Also add the corresponding 'unregister' function. Most of the x86 crypto modules will be able to use these. Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- include/crypto/internal/simd.h | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'include/crypto') diff --git a/include/crypto/internal/simd.h b/include/crypto/internal/simd.h index 32ceb6929885..f18344518e32 100644 --- a/include/crypto/internal/simd.h +++ b/include/crypto/internal/simd.h @@ -7,6 +7,7 @@ #define _CRYPTO_INTERNAL_SIMD_H struct simd_skcipher_alg; +struct skcipher_alg; struct simd_skcipher_alg *simd_skcipher_create_compat(const char *algname, const char *drvname, @@ -15,4 +16,10 @@ struct simd_skcipher_alg *simd_skcipher_create(const char *algname, const char *basename); void simd_skcipher_free(struct simd_skcipher_alg *alg); +int simd_register_skciphers_compat(struct skcipher_alg *algs, int count, + struct simd_skcipher_alg **simd_algs); + +void simd_unregister_skciphers(struct skcipher_alg *algs, int count, + struct simd_skcipher_alg **simd_algs); + #endif /* _CRYPTO_INTERNAL_SIMD_H */ -- cgit v1.2.3 From eb66ecd56107e563de65121866990ec07142245d Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 19 Feb 2018 23:48:24 -0800 Subject: crypto: xts - remove xts_crypt() Now that all users of xts_crypt() have been removed in favor of the XTS template wrapping an ECB mode algorithm, remove xts_crypt(). Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- include/crypto/xts.h | 17 ----------------- 1 file changed, 17 deletions(-) (limited to 'include/crypto') diff --git a/include/crypto/xts.h b/include/crypto/xts.h index 322aab6e78a7..34d94c95445a 100644 --- a/include/crypto/xts.h +++ b/include/crypto/xts.h @@ -6,27 +6,10 @@ #include #include -struct scatterlist; -struct blkcipher_desc; - #define XTS_BLOCK_SIZE 16 -struct xts_crypt_req { - le128 *tbuf; - unsigned int tbuflen; - - void *tweak_ctx; - void (*tweak_fn)(void *ctx, u8* dst, const u8* src); - void *crypt_ctx; - void (*crypt_fn)(void *ctx, u8 *blks, unsigned int nbytes); -}; - #define XTS_TWEAK_CAST(x) ((void (*)(void *, u8*, const u8*))(x)) -int xts_crypt(struct blkcipher_desc *desc, struct scatterlist *dst, - struct scatterlist *src, unsigned int nbytes, - struct xts_crypt_req *req); - static inline int xts_check_key(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) { -- cgit v1.2.3 From 217afccf65064709fb032652ee17cc0a8f68b7b5 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 19 Feb 2018 23:48:25 -0800 Subject: crypto: lrw - remove lrw_crypt() Now that all users of lrw_crypt() have been removed in favor of the LRW template wrapping an ECB mode algorithm, remove lrw_crypt(). Also remove crypto/lrw.h as that is no longer needed either; and fold 'struct lrw_table_ctx' into 'struct priv', lrw_init_table() into setkey(), and lrw_free_table() into exit_tfm(). Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- include/crypto/lrw.h | 44 -------------------------------------------- 1 file changed, 44 deletions(-) delete mode 100644 include/crypto/lrw.h (limited to 'include/crypto') diff --git a/include/crypto/lrw.h b/include/crypto/lrw.h deleted file mode 100644 index a9d44c06d081..000000000000 --- a/include/crypto/lrw.h +++ /dev/null @@ -1,44 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ -#ifndef _CRYPTO_LRW_H -#define _CRYPTO_LRW_H - -#include - -struct scatterlist; -struct gf128mul_64k; -struct blkcipher_desc; - -#define LRW_BLOCK_SIZE 16 - -struct lrw_table_ctx { - /* optimizes multiplying a random (non incrementing, as at the - * start of a new sector) value with key2, we could also have - * used 4k optimization tables or no optimization at all. In the - * latter case we would have to store key2 here */ - struct gf128mul_64k *table; - /* stores: - * key2*{ 0,0,...0,0,0,0,1 }, key2*{ 0,0,...0,0,0,1,1 }, - * key2*{ 0,0,...0,0,1,1,1 }, key2*{ 0,0,...0,1,1,1,1 } - * key2*{ 0,0,...1,1,1,1,1 }, etc - * needed for optimized multiplication of incrementing values - * with key2 */ - be128 mulinc[128]; -}; - -int lrw_init_table(struct lrw_table_ctx *ctx, const u8 *tweak); -void lrw_free_table(struct lrw_table_ctx *ctx); - -struct lrw_crypt_req { - be128 *tbuf; - unsigned int tbuflen; - - struct lrw_table_ctx *table_ctx; - void *crypt_ctx; - void (*crypt_fn)(void *ctx, u8 *blks, unsigned int nbytes); -}; - -int lrw_crypt(struct blkcipher_desc *desc, struct scatterlist *dst, - struct scatterlist *src, unsigned int nbytes, - struct lrw_crypt_req *req); - -#endif /* _CRYPTO_LRW_H */ -- cgit v1.2.3 From 0e145b477dea594ee5b588feb7cb0f531e2d263d Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 19 Feb 2018 23:48:28 -0800 Subject: crypto: ablk_helper - remove ablk_helper All users of ablk_helper have been converted over to crypto_simd, so remove ablk_helper. Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- include/crypto/ablk_helper.h | 32 -------------------------------- 1 file changed, 32 deletions(-) delete mode 100644 include/crypto/ablk_helper.h (limited to 'include/crypto') diff --git a/include/crypto/ablk_helper.h b/include/crypto/ablk_helper.h deleted file mode 100644 index 4e655c2a4e15..000000000000 --- a/include/crypto/ablk_helper.h +++ /dev/null @@ -1,32 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ -/* - * Shared async block cipher helpers - */ - -#ifndef _CRYPTO_ABLK_HELPER_H -#define _CRYPTO_ABLK_HELPER_H - -#include -#include -#include - -struct async_helper_ctx { - struct cryptd_ablkcipher *cryptd_tfm; -}; - -extern int ablk_set_key(struct crypto_ablkcipher *tfm, const u8 *key, - unsigned int key_len); - -extern int __ablk_encrypt(struct ablkcipher_request *req); - -extern int ablk_encrypt(struct ablkcipher_request *req); - -extern int ablk_decrypt(struct ablkcipher_request *req); - -extern void ablk_exit(struct crypto_tfm *tfm); - -extern int ablk_init_common(struct crypto_tfm *tfm, const char *drv_name); - -extern int ablk_init(struct crypto_tfm *tfm); - -#endif /* _CRYPTO_ABLK_HELPER_H */ -- cgit v1.2.3 From 747c8ce4e710cf2d72d115f84b2d0d6f4aa504b4 Mon Sep 17 00:00:00 2001 From: Gilad Ben-Yossef Date: Tue, 6 Mar 2018 09:44:42 +0000 Subject: crypto: sm4 - introduce SM4 symmetric cipher algorithm Introduce the SM4 cipher algorithms (OSCCA GB/T 32907-2016). SM4 (GBT.32907-2016) is a cryptographic standard issued by the Organization of State Commercial Administration of China (OSCCA) as an authorized cryptographic algorithms for the use within China. SMS4 was originally created for use in protecting wireless networks, and is mandated in the Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure) (GB.15629.11-2003). Signed-off-by: Gilad Ben-Yossef Signed-off-by: Herbert Xu --- include/crypto/sm4.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 include/crypto/sm4.h (limited to 'include/crypto') diff --git a/include/crypto/sm4.h b/include/crypto/sm4.h new file mode 100644 index 000000000000..b64e64d20b28 --- /dev/null +++ b/include/crypto/sm4.h @@ -0,0 +1,28 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +/* + * Common values for the SM4 algorithm + * Copyright (C) 2018 ARM Limited or its affiliates. + */ + +#ifndef _CRYPTO_SM4_H +#define _CRYPTO_SM4_H + +#include +#include + +#define SM4_KEY_SIZE 16 +#define SM4_BLOCK_SIZE 16 +#define SM4_RKEY_WORDS 32 + +struct crypto_sm4_ctx { + u32 rkey_enc[SM4_RKEY_WORDS]; + u32 rkey_dec[SM4_RKEY_WORDS]; +}; + +int crypto_sm4_set_key(struct crypto_tfm *tfm, const u8 *in_key, + unsigned int key_len); +int crypto_sm4_expand_key(struct crypto_sm4_ctx *ctx, const u8 *in_key, + unsigned int key_len); + +#endif -- cgit v1.2.3 From 3d053d53fcbe7343c89895bcfa2d6bc598740d55 Mon Sep 17 00:00:00 2001 From: Kamil Konieczny Date: Wed, 7 Mar 2018 11:49:33 +0100 Subject: crypto: hash - Prevent use of req->result in ahash update Prevent improper use of req->result field in ahash update, init, export and import functions in drivers code. A driver should use ahash request context if it needs to save internal state. Signed-off-by: Kamil Konieczny Signed-off-by: Herbert Xu --- include/crypto/hash.h | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'include/crypto') diff --git a/include/crypto/hash.h b/include/crypto/hash.h index 2d1849dffb80..76e432cab75d 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -74,7 +74,8 @@ struct ahash_request { * @init: **[mandatory]** Initialize the transformation context. Intended only to initialize the * state of the HASH transformation at the beginning. This shall fill in * the internal structures used during the entire duration of the whole - * transformation. No data processing happens at this point. + * transformation. No data processing happens at this point. Driver code + * implementation must not use req->result. * @update: **[mandatory]** Push a chunk of data into the driver for transformation. This * function actually pushes blocks of data from upper layers into the * driver, which then passes those to the hardware as seen fit. This @@ -83,7 +84,8 @@ struct ahash_request { * transformation. This function shall not modify the transformation * context, as this function may be called in parallel with the same * transformation object. Data processing can happen synchronously - * [SHASH] or asynchronously [AHASH] at this point. + * [SHASH] or asynchronously [AHASH] at this point. Driver must not use + * req->result. * @final: **[mandatory]** Retrieve result from the driver. This function finalizes the * transformation and retrieves the resulting hash from the driver and * pushes it back to upper layers. No data processing happens at this @@ -120,11 +122,12 @@ struct ahash_request { * you want to save partial result of the transformation after * processing certain amount of data and reload this partial result * multiple times later on for multiple re-use. No data processing - * happens at this point. + * happens at this point. Driver must not use req->result. * @import: Import partial state of the transformation. This function loads the * entire state of the ongoing transformation from a provided block of * data so the transformation can continue from this point onward. No - * data processing happens at this point. + * data processing happens at this point. Driver must not use + * req->result. * @halg: see struct hash_alg_common */ struct ahash_alg { -- cgit v1.2.3 From 4989d4f07a8e738b33a79099ddbdd8e125a4da1b Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Tue, 20 Mar 2018 07:41:00 +0800 Subject: crypto: api - Remove unused crypto_type lookup function The lookup function in crypto_type was only used for the implicit IV generators which have been completely removed from the crypto API. This patch removes the lookup function as it is now useless. Signed-off-by: Herbert Xu --- include/crypto/algapi.h | 1 - 1 file changed, 1 deletion(-) (limited to 'include/crypto') diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h index e3cebf640c00..1aba888241dd 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -30,7 +30,6 @@ struct crypto_type { int (*init_tfm)(struct crypto_tfm *tfm); void (*show)(struct seq_file *m, struct crypto_alg *alg); int (*report)(struct sk_buff *skb, struct crypto_alg *alg); - struct crypto_alg *(*lookup)(const char *name, u32 type, u32 mask); void (*free)(struct crypto_instance *inst); unsigned int type; -- cgit v1.2.3