> -----Original Message----- > From: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > Sent: Friday, September 13, 2019 5:27 PM > To: Pascal van Leeuwen <pascalvanl@xxxxxxxxx> > Cc: open list:HARDWARE RANDOM NUMBER GENERATOR CORE <linux-crypto@xxxxxxxxxxxxxxx>; > Antoine Tenart <antoine.tenart@xxxxxxxxxxx>; Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>; > David S. Miller <davem@xxxxxxxxxxxxx>; Pascal Van Leeuwen <pvanleeuwen@xxxxxxxxxxxxxx> > Subject: Re: [PATCH 1/3] crypto: inside-secure - Added support for authenc HMAC- > SHA1/DES-CBC > > On Fri, 13 Sep 2019 at 16:06, Pascal van Leeuwen <pascalvanl@xxxxxxxxx> wrote: > > > > This patch adds support for the authenc(hmac(sha1),cbc(des)) aead > > > > Signed-off-by: Pascal van Leeuwen <pvanleeuwen@xxxxxxxxxxxxxx> > > Please make sure your code is based on cryptodev/master before sending > it to the list. > Looks like with this patchset and the previous (SHA3) patchset I forgot to add the disclaimer that it applies on top of the previous patchset. Mea culpa. So there you go: "Added support for authenc HMAC-SHA1/DES-CBC" applies on top of "Added (HMAC) SHA3 support", which applies on top of "Add support for SM4 ciphers". > -- > Ard. > > > --- > > drivers/crypto/inside-secure/safexcel.c | 1 + > > drivers/crypto/inside-secure/safexcel.h | 1 + > > drivers/crypto/inside-secure/safexcel_cipher.c | 45 ++++++++++++++++++++++++++ > > 3 files changed, 47 insertions(+) > > > > diff --git a/drivers/crypto/inside-secure/safexcel.c b/drivers/crypto/inside- > secure/safexcel.c > > index 12cb939..617c70b 100644 > > --- a/drivers/crypto/inside-secure/safexcel.c > > +++ b/drivers/crypto/inside-secure/safexcel.c > > @@ -1195,6 +1195,7 @@ static int safexcel_request_ring_irq(void *pdev, int irqid, > > &safexcel_alg_hmac_sha3_256, > > &safexcel_alg_hmac_sha3_384, > > &safexcel_alg_hmac_sha3_512, > > + &safexcel_alg_authenc_hmac_sha1_cbc_des, > > }; > > > > static int safexcel_register_algorithms(struct safexcel_crypto_priv *priv) > > diff --git a/drivers/crypto/inside-secure/safexcel.h b/drivers/crypto/inside- > secure/safexcel.h > > index 82953b3..b020e27 100644 > > --- a/drivers/crypto/inside-secure/safexcel.h > > +++ b/drivers/crypto/inside-secure/safexcel.h > > @@ -895,5 +895,6 @@ int safexcel_hmac_setkey(const char *alg, const u8 *key, unsigned > int keylen, > > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_256; > > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_384; > > extern struct safexcel_alg_template safexcel_alg_hmac_sha3_512; > > +extern struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des; > > > > #endif > > diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside- > secure/safexcel_cipher.c > > index bf2b1f9..435f184 100644 > > --- a/drivers/crypto/inside-secure/safexcel_cipher.c > > +++ b/drivers/crypto/inside-secure/safexcel_cipher.c > > @@ -348,6 +348,7 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 > *key, > > struct safexcel_crypto_priv *priv = ctx->priv; > > struct crypto_authenc_keys keys; > > struct crypto_aes_ctx aes; > > + u32 tmp[DES_EXPKEY_WORDS]; > > u32 flags; > > int err = -EINVAL; > > > > @@ -367,6 +368,16 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const > u8 *key, > > > > /* Encryption key */ > > switch (ctx->alg) { > > + case SAFEXCEL_DES: > > + if (keys.enckeylen != DES_KEY_SIZE) > > + goto badkey; > > + err = des_ekey(tmp, key); > > + if (unlikely(!err && (tfm->crt_flags & > > + CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))) { > > + tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; > > + goto badkey_expflags; > > + } > > + break; > > case SAFEXCEL_3DES: > > if (keys.enckeylen != DES3_EDE_KEY_SIZE) > > goto badkey; > > @@ -1854,6 +1865,40 @@ struct safexcel_alg_template > safexcel_alg_authenc_hmac_sha1_cbc_des3_ede = { > > }, > > }; > > > > +static int safexcel_aead_sha1_des_cra_init(struct crypto_tfm *tfm) > > +{ > > + struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); > > + > > + safexcel_aead_sha1_cra_init(tfm); > > + ctx->alg = SAFEXCEL_DES; /* override default */ > > + return 0; > > +} > > + > > +struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_cbc_des = { > > + .type = SAFEXCEL_ALG_TYPE_AEAD, > > + .algo_mask = SAFEXCEL_ALG_DES | SAFEXCEL_ALG_SHA1, > > + .alg.aead = { > > + .setkey = safexcel_aead_setkey, > > + .encrypt = safexcel_aead_encrypt, > > + .decrypt = safexcel_aead_decrypt, > > + .ivsize = DES_BLOCK_SIZE, > > + .maxauthsize = SHA1_DIGEST_SIZE, > > + .base = { > > + .cra_name = "authenc(hmac(sha1),cbc(des))", > > + .cra_driver_name = "safexcel-authenc-hmac-sha1-cbc-des", > > + .cra_priority = SAFEXCEL_CRA_PRIORITY, > > + .cra_flags = CRYPTO_ALG_ASYNC | > > + CRYPTO_ALG_KERN_DRIVER_ONLY, > > + .cra_blocksize = DES_BLOCK_SIZE, > > + .cra_ctxsize = sizeof(struct safexcel_cipher_ctx), > > + .cra_alignmask = 0, > > + .cra_init = safexcel_aead_sha1_des_cra_init, > > + .cra_exit = safexcel_aead_cra_exit, > > + .cra_module = THIS_MODULE, > > + }, > > + }, > > +}; > > + > > static int safexcel_aead_sha1_ctr_cra_init(struct crypto_tfm *tfm) > > { > > struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); > > -- > > 1.8.3.1 > > Regards, Pascal van Leeuwen Silicon IP Architect, Multi-Protocol Engines @ Verimatrix www.insidesecure.com