Re: [PATCH 1/3] crypto: inside-secure - Added support for authenc HMAC-SHA1/DES-CBC

[Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>]

On Fri, 13 Sep 2019 at 16:06, Pascal van Leeuwen <pascalvanl@xxxxxxxxx> wrote:
>
> This patch adds support for the authenc(hmac(sha1),cbc(des)) aead
>
> Signed-off-by: Pascal van Leeuwen <pvanleeuwen@xxxxxxxxxxxxxx>

Please make sure your code is based on cryptodev/master before sending
it to the list.

-- 
Ard.

> ---
>  drivers/crypto/inside-secure/safexcel.c        |  1 +
>  drivers/crypto/inside-secure/safexcel.h        |  1 +
>  drivers/crypto/inside-secure/safexcel_cipher.c | 45 ++++++++++++++++++++++++++
>  3 files changed, 47 insertions(+)
>
> diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-secure/safexcel.c
> index 12cb939..617c70b 100644
> --- a/drivers/crypto/inside-secure/safexcel.c
> +++ b/drivers/crypto/inside-secure/safexcel.c
> @@ -1195,6 +1195,7 @@ static int safexcel_request_ring_irq(void *pdev, int irqid,
>         &safexcel_alg_hmac_sha3_256,
>         &safexcel_alg_hmac_sha3_384,
>         &safexcel_alg_hmac_sha3_512,
> +       &safexcel_alg_authenc_hmac_sha1_cbc_des,
>  };
>
>  static int safexcel_register_algorithms(struct safexcel_crypto_priv *priv)
> diff --git a/drivers/crypto/inside-secure/safexcel.h b/drivers/crypto/inside-secure/safexcel.h
> index 82953b3..b020e27 100644
> --- a/drivers/crypto/inside-secure/safexcel.h
> +++ b/drivers/crypto/inside-secure/safexcel.h
> @@ -895,5 +895,6 @@ int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned int keylen,
>  extern struct safexcel_alg_template safexcel_alg_hmac_sha3_256;
>  extern struct safexcel_alg_template safexcel_alg_hmac_sha3_384;
>  extern struct safexcel_alg_template safexcel_alg_hmac_sha3_512;
> +extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des;
>
>  #endif
> diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c
> index bf2b1f9..435f184 100644
> --- a/drivers/crypto/inside-secure/safexcel_cipher.c
> +++ b/drivers/crypto/inside-secure/safexcel_cipher.c
> @@ -348,6 +348,7 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
>         struct safexcel_crypto_priv *priv = ctx->priv;
>         struct crypto_authenc_keys keys;
>         struct crypto_aes_ctx aes;
> +       u32 tmp[DES_EXPKEY_WORDS];
>         u32 flags;
>         int err = -EINVAL;
>
> @@ -367,6 +368,16 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
>
>         /* Encryption key */
>         switch (ctx->alg) {
> +       case SAFEXCEL_DES:
> +               if (keys.enckeylen != DES_KEY_SIZE)
> +                       goto badkey;
> +               err = des_ekey(tmp, key);
> +               if (unlikely(!err && (tfm->crt_flags &
> +                                     CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) {
> +                       tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
> +                       goto badkey_expflags;
> +               }
> +               break;
>         case SAFEXCEL_3DES:
>                 if (keys.enckeylen != DES3_EDE_KEY_SIZE)
>                         goto badkey;
> @@ -1854,6 +1865,40 @@ struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des3_ede = {
>         },
>  };
>
> +static int safexcel_aead_sha1_des_cra_init(struct crypto_tfm *tfm)
> +{
> +       struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> +
> +       safexcel_aead_sha1_cra_init(tfm);
> +       ctx->alg = SAFEXCEL_DES; /* override default */
> +       return 0;
> +}
> +
> +struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des = {
> +       .type = SAFEXCEL_ALG_TYPE_AEAD,
> +       .algo_mask = SAFEXCEL_ALG_DES | SAFEXCEL_ALG_SHA1,
> +       .alg.aead = {
> +               .setkey = safexcel_aead_setkey,
> +               .encrypt = safexcel_aead_encrypt,
> +               .decrypt = safexcel_aead_decrypt,
> +               .ivsize = DES_BLOCK_SIZE,
> +               .maxauthsize = SHA1_DIGEST_SIZE,
> +               .base = {
> +                       .cra_name = "authenc(hmac(sha1),cbc(des))",
> +                       .cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-des",
> +                       .cra_priority = SAFEXCEL_CRA_PRIORITY,
> +                       .cra_flags = CRYPTO_ALG_ASYNC |
> +                                    CRYPTO_ALG_KERN_DRIVER_ONLY,
> +                       .cra_blocksize = DES_BLOCK_SIZE,
> +                       .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
> +                       .cra_alignmask = 0,
> +                       .cra_init = safexcel_aead_sha1_des_cra_init,
> +                       .cra_exit = safexcel_aead_cra_exit,
> +                       .cra_module = THIS_MODULE,
> +               },
> +       },
> +};
> +
>  static int safexcel_aead_sha1_ctr_cra_init(struct crypto_tfm *tfm)
>  {
>         struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> --
> 1.8.3.1
>