Add xts_crypt() function that can be used by cipher implementations that can
benefit from parallelized cipher operations.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@xxxxxxxx>
---
crypto/xts.c | 74 +++++++++++++++++++++++++++++++++++++++++++++++++-
include/crypto/xts.h | 27 ++++++++++++++++++
2 files changed, 99 insertions(+), 2 deletions(-)
create mode 100644 include/crypto/xts.h
diff --git a/crypto/xts.c b/crypto/xts.c
index 96f3f88..5681d66 100644
--- a/crypto/xts.c
+++ b/crypto/xts.c
@@ -21,11 +21,10 @@
#include <linux/scatterlist.h>
#include <linux/slab.h>
+#include <crypto/xts.h>
#include <crypto/b128ops.h>
#include <crypto/gf128mul.h>
-#define XTS_BLOCK_SIZE 16
-
struct priv {
struct crypto_cipher *child;
struct crypto_cipher *tweak;
@@ -167,6 +166,77 @@ static int decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
crypto_cipher_alg(ctx->child)->cia_decrypt);
}
+int xts_crypt(struct blkcipher_desc *desc, struct scatterlist *sdst,
+ struct scatterlist *ssrc, unsigned int nbytes,
+ struct xts_crypt_req *req)
+{
+ const unsigned int bsize = XTS_BLOCK_SIZE;
+ const unsigned int max_blks = req->tbuflen / bsize;
+ struct blkcipher_walk walk;
+ unsigned int nblocks;
+ be128 *src, *dst, *t;
+ be128 *t_buf = req->tbuf;
+ int err, i;
+
+ BUG_ON(max_blks < 1);
+
+ blkcipher_walk_init(&walk, sdst, ssrc, nbytes);
+
+ err = blkcipher_walk_virt(desc, &walk);
+ nbytes = walk.nbytes;
+ if (!nbytes)
+ return err;
+
+ nblocks = min(nbytes / bsize, max_blks);
+ src = (be128 *)walk.src.virt.addr;
+ dst = (be128 *)walk.dst.virt.addr;
+
+ /* calculate first value of T */
+ req->tweak_fn(req->tweak_ctx, (u8 *)&t_buf[0], walk.iv);
+
+ i = 0;
+ goto first;
+
+ for (;;) {
+ do {
+ for (i = 0; i < nblocks; i++) {
+ gf128mul_x_ble(&t_buf[i], t);
+first:
+ t = &t_buf[i];
+
+ /* PP <- T xor P */
+ be128_xor(dst + i, t, src + i);
+ }
+
+ /* CC <- E(Key2,PP) */
+ req->crypt_fn(req->crypt_ctx, (u8 *)dst,
+ nblocks * bsize);
+
+ /* C <- T xor CC */
+ for (i = 0; i < nblocks; i++)
+ be128_xor(dst + i, dst + i, &t_buf[i]);
+
+ src += nblocks;
+ dst += nblocks;
+ nbytes -= nblocks * bsize;
+ nblocks = min(nbytes / bsize, max_blks);
+ } while (nblocks > 0);
+
+ *(be128 *)walk.iv = *t;
+
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ nbytes = walk.nbytes;
+ if (!nbytes)
+ break;
+
+ src = (be128 *)walk.src.virt.addr;
+ dst = (be128 *)walk.dst.virt.addr;
+ }
+
+ return err;
+}
+EXPORT_SYMBOL_GPL(xts_crypt);
+
static int init_tfm(struct crypto_tfm *tfm)
{
struct crypto_cipher *cipher;
diff --git a/include/crypto/xts.h b/include/crypto/xts.h
new file mode 100644
index 0000000..72c09eb
--- /dev/null
+++ b/include/crypto/xts.h
@@ -0,0 +1,27 @@
+#ifndef _CRYPTO_XTS_H
+#define _CRYPTO_XTS_H
+
+#include <crypto/b128ops.h>
+
+struct scatterlist;
+struct blkcipher_desc;
+
+#define XTS_BLOCK_SIZE 16
+
+struct xts_crypt_req {
+ be128 *tbuf;
+ unsigned int tbuflen;
+
+ void *tweak_ctx;
+ void (*tweak_fn)(void *ctx, u8* dst, const u8* src);
+ void *crypt_ctx;
+ void (*crypt_fn)(void *ctx, u8 *blks, unsigned int nbytes);
+};
+
+#define XTS_TWEAK_CAST(x) ((void (*)(void *, u8*, const u8*))(x))
+
+int xts_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes,
+ struct xts_crypt_req *req);
+
+#endif /* _CRYPTO_XTS_H */
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
