> -----Original Message-----
> From: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
> Sent: Friday, September 13, 2019 5:27 PM
> To: Pascal van Leeuwen <pascalvanl@xxxxxxxxx>
> Cc: open list:HARDWARE RANDOM NUMBER GENERATOR CORE <linux-crypto@xxxxxxxxxxxxxxx>;
> Antoine Tenart <antoine.tenart@xxxxxxxxxxx>; Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>;
> David S. Miller <davem@xxxxxxxxxxxxx>; Pascal Van Leeuwen <pvanleeuwen@xxxxxxxxxxxxxx>
> Subject: Re: [PATCH 1/3] crypto: inside-secure - Added support for authenc HMAC-
> SHA1/DES-CBC
>
> On Fri, 13 Sep 2019 at 16:06, Pascal van Leeuwen <pascalvanl@xxxxxxxxx> wrote:
> >
> > This patch adds support for the authenc(hmac(sha1),cbc(des)) aead
> >
> > Signed-off-by: Pascal van Leeuwen <pvanleeuwen@xxxxxxxxxxxxxx>
>
> Please make sure your code is based on cryptodev/master before sending
> it to the list.
>
Looks like with this patchset and the previous (SHA3) patchset I forgot
to add the disclaimer that it applies on top of the previous patchset.
Mea culpa.
So there you go: "Added support for authenc HMAC-SHA1/DES-CBC" applies
on top of "Added (HMAC) SHA3 support", which applies on top of
"Add support for SM4 ciphers".
> --
> Ard.
>
> > ---
> > drivers/crypto/inside-secure/safexcel.c | 1 +
> > drivers/crypto/inside-secure/safexcel.h | 1 +
> > drivers/crypto/inside-secure/safexcel_cipher.c | 45 ++++++++++++++++++++++++++
> > 3 files changed, 47 insertions(+)
> >
> > diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside-
> secure/safexcel.c
> > index 12cb939..617c70b 100644
> > --- a/drivers/crypto/inside-secure/safexcel.c
> > +++ b/drivers/crypto/inside-secure/safexcel.c
> > @@ -1195,6 +1195,7 @@ static int safexcel_request_ring_irq(void *pdev, int irqid,
> > &safexcel_alg_hmac_sha3_256,
> > &safexcel_alg_hmac_sha3_384,
> > &safexcel_alg_hmac_sha3_512,
> > + &safexcel_alg_authenc_hmac_sha1_cbc_des,
> > };
> >
> > static int safexcel_register_algorithms(struct safexcel_crypto_priv *priv)
> > diff --git a/drivers/crypto/inside-secure/safexcel.h b/drivers/crypto/inside-
> secure/safexcel.h
> > index 82953b3..b020e27 100644
> > --- a/drivers/crypto/inside-secure/safexcel.h
> > +++ b/drivers/crypto/inside-secure/safexcel.h
> > @@ -895,5 +895,6 @@ int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned
> int keylen,
> > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_256;
> > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_384;
> > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_512;
> > +extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des;
> >
> > #endif
> > diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-
> secure/safexcel_cipher.c
> > index bf2b1f9..435f184 100644
> > --- a/drivers/crypto/inside-secure/safexcel_cipher.c
> > +++ b/drivers/crypto/inside-secure/safexcel_cipher.c
> > @@ -348,6 +348,7 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8
> *key,
> > struct safexcel_crypto_priv *priv = ctx->priv;
> > struct crypto_authenc_keys keys;
> > struct crypto_aes_ctx aes;
> > + u32 tmp[DES_EXPKEY_WORDS];
> > u32 flags;
> > int err = -EINVAL;
> >
> > @@ -367,6 +368,16 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const
> u8 *key,
> >
> > /* Encryption key */
> > switch (ctx->alg) {
> > + case SAFEXCEL_DES:
> > + if (keys.enckeylen != DES_KEY_SIZE)
> > + goto badkey;
> > + err = des_ekey(tmp, key);
> > + if (unlikely(!err && (tfm->crt_flags &
> > + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) {
> > + tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY;
> > + goto badkey_expflags;
> > + }
> > + break;
> > case SAFEXCEL_3DES:
> > if (keys.enckeylen != DES3_EDE_KEY_SIZE)
> > goto badkey;
> > @@ -1854,6 +1865,40 @@ struct safexcel_alg_template
> safexcel_alg_authenc_hmac_sha1_cbc_des3_ede = {
> > },
> > };
> >
> > +static int safexcel_aead_sha1_des_cra_init(struct crypto_tfm *tfm)
> > +{
> > + struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> > +
> > + safexcel_aead_sha1_cra_init(tfm);
> > + ctx->alg = SAFEXCEL_DES; /* override default */
> > + return 0;
> > +}
> > +
> > +struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des = {
> > + .type = SAFEXCEL_ALG_TYPE_AEAD,
> > + .algo_mask = SAFEXCEL_ALG_DES | SAFEXCEL_ALG_SHA1,
> > + .alg.aead = {
> > + .setkey = safexcel_aead_setkey,
> > + .encrypt = safexcel_aead_encrypt,
> > + .decrypt = safexcel_aead_decrypt,
> > + .ivsize = DES_BLOCK_SIZE,
> > + .maxauthsize = SHA1_DIGEST_SIZE,
> > + .base = {
> > + .cra_name = "authenc(hmac(sha1),cbc(des))",
> > + .cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-des",
> > + .cra_priority = SAFEXCEL_CRA_PRIORITY,
> > + .cra_flags = CRYPTO_ALG_ASYNC |
> > + CRYPTO_ALG_KERN_DRIVER_ONLY,
> > + .cra_blocksize = DES_BLOCK_SIZE,
> > + .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
> > + .cra_alignmask = 0,
> > + .cra_init = safexcel_aead_sha1_des_cra_init,
> > + .cra_exit = safexcel_aead_cra_exit,
> > + .cra_module = THIS_MODULE,
> > + },
> > + },
> > +};
> > +
> > static int safexcel_aead_sha1_ctr_cra_init(struct crypto_tfm *tfm)
> > {
> > struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> > --
> > 1.8.3.1
> >
Regards,
Pascal van Leeuwen
Silicon IP Architect, Multi-Protocol Engines @ Verimatrix
www.insidesecure.com
