On 14 July 2015 at 10:53, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> This patch converts the ARM64 aes-ce-ccm implementation to the
> new AEAD interface.
>
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
Tested-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
> ---
>
> arch/arm64/crypto/aes-ce-ccm-glue.c | 69 ++++++++++++++++++++++--------------
> 1 file changed, 43 insertions(+), 26 deletions(-)
>
> diff --git a/arch/arm64/crypto/aes-ce-ccm-glue.c b/arch/arm64/crypto/aes-ce-ccm-glue.c
> index 3303e8a..f3690fa 100644
> --- a/arch/arm64/crypto/aes-ce-ccm-glue.c
> +++ b/arch/arm64/crypto/aes-ce-ccm-glue.c
> @@ -124,7 +124,7 @@ static void ccm_calculate_auth_mac(struct aead_request *req, u8 mac[])
>
> ce_aes_ccm_auth_data(mac, (u8 *)<ag, ltag.len, &macp, ctx->key_enc,
> num_rounds(ctx));
> - scatterwalk_start(&walk, req->assoc);
> + scatterwalk_start(&walk, req->src);
>
> do {
> u32 n = scatterwalk_clamp(&walk, len);
> @@ -151,6 +151,10 @@ static int ccm_encrypt(struct aead_request *req)
> struct crypto_aes_ctx *ctx = crypto_aead_ctx(aead);
> struct blkcipher_desc desc = { .info = req->iv };
> struct blkcipher_walk walk;
> + struct scatterlist srcbuf[2];
> + struct scatterlist dstbuf[2];
> + struct scatterlist *src;
> + struct scatterlist *dst;
> u8 __aligned(8) mac[AES_BLOCK_SIZE];
> u8 buf[AES_BLOCK_SIZE];
> u32 len = req->cryptlen;
> @@ -168,7 +172,12 @@ static int ccm_encrypt(struct aead_request *req)
> /* preserve the original iv for the final round */
> memcpy(buf, req->iv, AES_BLOCK_SIZE);
>
> - blkcipher_walk_init(&walk, req->dst, req->src, len);
> + src = scatterwalk_ffwd(srcbuf, req->src, req->assoclen);
> + dst = src;
> + if (req->src != req->dst)
> + dst = scatterwalk_ffwd(dstbuf, req->dst, req->assoclen);
> +
> + blkcipher_walk_init(&walk, dst, src, len);
> err = blkcipher_aead_walk_virt_block(&desc, &walk, aead,
> AES_BLOCK_SIZE);
>
> @@ -194,7 +203,7 @@ static int ccm_encrypt(struct aead_request *req)
> return err;
>
> /* copy authtag to end of dst */
> - scatterwalk_map_and_copy(mac, req->dst, req->cryptlen,
> + scatterwalk_map_and_copy(mac, dst, req->cryptlen,
> crypto_aead_authsize(aead), 1);
>
> return 0;
> @@ -207,6 +216,10 @@ static int ccm_decrypt(struct aead_request *req)
> unsigned int authsize = crypto_aead_authsize(aead);
> struct blkcipher_desc desc = { .info = req->iv };
> struct blkcipher_walk walk;
> + struct scatterlist srcbuf[2];
> + struct scatterlist dstbuf[2];
> + struct scatterlist *src;
> + struct scatterlist *dst;
> u8 __aligned(8) mac[AES_BLOCK_SIZE];
> u8 buf[AES_BLOCK_SIZE];
> u32 len = req->cryptlen - authsize;
> @@ -224,7 +237,12 @@ static int ccm_decrypt(struct aead_request *req)
> /* preserve the original iv for the final round */
> memcpy(buf, req->iv, AES_BLOCK_SIZE);
>
> - blkcipher_walk_init(&walk, req->dst, req->src, len);
> + src = scatterwalk_ffwd(srcbuf, req->src, req->assoclen);
> + dst = src;
> + if (req->src != req->dst)
> + dst = scatterwalk_ffwd(dstbuf, req->dst, req->assoclen);
> +
> + blkcipher_walk_init(&walk, dst, src, len);
> err = blkcipher_aead_walk_virt_block(&desc, &walk, aead,
> AES_BLOCK_SIZE);
>
> @@ -250,44 +268,43 @@ static int ccm_decrypt(struct aead_request *req)
> return err;
>
> /* compare calculated auth tag with the stored one */
> - scatterwalk_map_and_copy(buf, req->src, req->cryptlen - authsize,
> + scatterwalk_map_and_copy(buf, src, req->cryptlen - authsize,
> authsize, 0);
>
> - if (memcmp(mac, buf, authsize))
> + if (crypto_memneq(mac, buf, authsize))
> return -EBADMSG;
> return 0;
> }
>
> -static struct crypto_alg ccm_aes_alg = {
> - .cra_name = "ccm(aes)",
> - .cra_driver_name = "ccm-aes-ce",
> - .cra_priority = 300,
> - .cra_flags = CRYPTO_ALG_TYPE_AEAD,
> - .cra_blocksize = 1,
> - .cra_ctxsize = sizeof(struct crypto_aes_ctx),
> - .cra_alignmask = 7,
> - .cra_type = &crypto_aead_type,
> - .cra_module = THIS_MODULE,
> - .cra_aead = {
> - .ivsize = AES_BLOCK_SIZE,
> - .maxauthsize = AES_BLOCK_SIZE,
> - .setkey = ccm_setkey,
> - .setauthsize = ccm_setauthsize,
> - .encrypt = ccm_encrypt,
> - .decrypt = ccm_decrypt,
> - }
> +static struct aead_alg ccm_aes_alg = {
> + .base = {
> + .cra_name = "ccm(aes)",
> + .cra_driver_name = "ccm-aes-ce",
> + .cra_flags = CRYPTO_ALG_AEAD_NEW,
> + .cra_priority = 300,
> + .cra_blocksize = 1,
> + .cra_ctxsize = sizeof(struct crypto_aes_ctx),
> + .cra_alignmask = 7,
> + .cra_module = THIS_MODULE,
> + },
> + .ivsize = AES_BLOCK_SIZE,
> + .maxauthsize = AES_BLOCK_SIZE,
> + .setkey = ccm_setkey,
> + .setauthsize = ccm_setauthsize,
> + .encrypt = ccm_encrypt,
> + .decrypt = ccm_decrypt,
> };
>
> static int __init aes_mod_init(void)
> {
> if (!(elf_hwcap & HWCAP_AES))
> return -ENODEV;
> - return crypto_register_alg(&ccm_aes_alg);
> + return crypto_register_aead(&ccm_aes_alg);
> }
>
> static void __exit aes_mod_exit(void)
> {
> - crypto_unregister_alg(&ccm_aes_alg);
> + crypto_unregister_aead(&ccm_aes_alg);
> }
>
> module_init(aes_mod_init);
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
