6 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
7 * Copyright (c) 2005 Herbert Xu <herbert@gondor.apana.org.au>
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the Free
11 * Software Foundation; either version 2 of the License, or (at your option)
15 #include <linux/compiler.h>
16 #include <linux/kernel.h>
17 #include <linux/crypto.h>
18 #include <linux/errno.h>
20 #include <linux/slab.h>
21 #include <linux/string.h>
22 #include <asm/scatterlist.h>
24 #include "scatterwalk.h"
26 static inline void xor_64(u8
*a
, const u8
*b
)
28 ((u32
*)a
)[0] ^= ((u32
*)b
)[0];
29 ((u32
*)a
)[1] ^= ((u32
*)b
)[1];
32 static inline void xor_128(u8
*a
, const u8
*b
)
34 ((u32
*)a
)[0] ^= ((u32
*)b
)[0];
35 ((u32
*)a
)[1] ^= ((u32
*)b
)[1];
36 ((u32
*)a
)[2] ^= ((u32
*)b
)[2];
37 ((u32
*)a
)[3] ^= ((u32
*)b
)[3];
40 static unsigned int crypt_slow(const struct cipher_desc
*desc
,
41 struct scatter_walk
*in
,
42 struct scatter_walk
*out
, unsigned int bsize
)
48 n
= scatterwalk_copychunks(src
, in
, bsize
, 0);
49 scatterwalk_advance(in
, n
);
51 desc
->prfn(desc
, dst
, src
, bsize
);
53 n
= scatterwalk_copychunks(dst
, out
, bsize
, 1);
54 scatterwalk_advance(out
, n
);
59 static inline unsigned int crypt_fast(const struct cipher_desc
*desc
,
60 struct scatter_walk
*in
,
61 struct scatter_walk
*out
,
67 dst
= scatterwalk_samebuf(in
, out
) ? src
: out
->data
;
69 nbytes
= desc
->prfn(desc
, dst
, src
, nbytes
);
71 scatterwalk_advance(in
, nbytes
);
72 scatterwalk_advance(out
, nbytes
);
78 * Generic encrypt/decrypt wrapper for ciphers, handles operations across
79 * multiple page boundaries by using temporary blocks. In user context,
80 * the kernel is given a chance to schedule us once per page.
82 static int crypt(const struct cipher_desc
*desc
,
83 struct scatterlist
*dst
,
84 struct scatterlist
*src
,
87 struct scatter_walk walk_in
, walk_out
;
88 struct crypto_tfm
*tfm
= desc
->tfm
;
89 const unsigned int bsize
= crypto_tfm_alg_blocksize(tfm
);
95 tfm
->crt_flags
|= CRYPTO_TFM_RES_BAD_BLOCK_LEN
;
99 scatterwalk_start(&walk_in
, src
);
100 scatterwalk_start(&walk_out
, dst
);
105 scatterwalk_map(&walk_in
, 0);
106 scatterwalk_map(&walk_out
, 1);
108 n
= scatterwalk_clamp(&walk_in
, nbytes
);
109 n
= scatterwalk_clamp(&walk_out
, n
);
111 if (likely(n
>= bsize
))
112 n
= crypt_fast(desc
, &walk_in
, &walk_out
, n
);
114 n
= crypt_slow(desc
, &walk_in
, &walk_out
, bsize
);
118 scatterwalk_done(&walk_in
, 0, nbytes
);
119 scatterwalk_done(&walk_out
, 1, nbytes
);
128 static unsigned int cbc_process_encrypt(const struct cipher_desc
*desc
,
129 u8
*dst
, const u8
*src
,
132 struct crypto_tfm
*tfm
= desc
->tfm
;
133 void (*xor)(u8
*, const u8
*) = tfm
->crt_u
.cipher
.cit_xor_block
;
134 int bsize
= crypto_tfm_alg_blocksize(tfm
);
136 void (*fn
)(void *, u8
*, const u8
*) = desc
->crfn
;
138 unsigned int done
= 0;
142 fn(crypto_tfm_ctx(tfm
), dst
, iv
);
143 memcpy(iv
, dst
, bsize
);
147 } while ((done
+= bsize
) < nbytes
);
152 static unsigned int cbc_process_decrypt(const struct cipher_desc
*desc
,
153 u8
*dst
, const u8
*src
,
156 struct crypto_tfm
*tfm
= desc
->tfm
;
157 void (*xor)(u8
*, const u8
*) = tfm
->crt_u
.cipher
.cit_xor_block
;
158 int bsize
= crypto_tfm_alg_blocksize(tfm
);
160 u8 stack
[src
== dst
? bsize
: 0];
162 u8
**dst_p
= src
== dst
? &buf
: &dst
;
164 void (*fn
)(void *, u8
*, const u8
*) = desc
->crfn
;
166 unsigned int done
= 0;
169 u8
*tmp_dst
= *dst_p
;
171 fn(crypto_tfm_ctx(tfm
), tmp_dst
, src
);
173 memcpy(iv
, src
, bsize
);
175 memcpy(dst
, tmp_dst
, bsize
);
179 } while ((done
+= bsize
) < nbytes
);
184 static unsigned int ecb_process(const struct cipher_desc
*desc
, u8
*dst
,
185 const u8
*src
, unsigned int nbytes
)
187 struct crypto_tfm
*tfm
= desc
->tfm
;
188 int bsize
= crypto_tfm_alg_blocksize(tfm
);
189 void (*fn
)(void *, u8
*, const u8
*) = desc
->crfn
;
190 unsigned int done
= 0;
193 fn(crypto_tfm_ctx(tfm
), dst
, src
);
197 } while ((done
+= bsize
) < nbytes
);
202 static int setkey(struct crypto_tfm
*tfm
, const u8
*key
, unsigned int keylen
)
204 struct cipher_alg
*cia
= &tfm
->__crt_alg
->cra_cipher
;
206 if (keylen
< cia
->cia_min_keysize
|| keylen
> cia
->cia_max_keysize
) {
207 tfm
->crt_flags
|= CRYPTO_TFM_RES_BAD_KEY_LEN
;
210 return cia
->cia_setkey(crypto_tfm_ctx(tfm
), key
, keylen
,
214 static int ecb_encrypt(struct crypto_tfm
*tfm
,
215 struct scatterlist
*dst
,
216 struct scatterlist
*src
, unsigned int nbytes
)
218 struct cipher_desc desc
;
219 struct cipher_alg
*cipher
= &tfm
->__crt_alg
->cra_cipher
;
222 desc
.crfn
= cipher
->cia_encrypt
;
223 desc
.prfn
= cipher
->cia_encrypt_ecb
?: ecb_process
;
225 return crypt(&desc
, dst
, src
, nbytes
);
228 static int ecb_decrypt(struct crypto_tfm
*tfm
,
229 struct scatterlist
*dst
,
230 struct scatterlist
*src
,
233 struct cipher_desc desc
;
234 struct cipher_alg
*cipher
= &tfm
->__crt_alg
->cra_cipher
;
237 desc
.crfn
= cipher
->cia_decrypt
;
238 desc
.prfn
= cipher
->cia_decrypt_ecb
?: ecb_process
;
240 return crypt(&desc
, dst
, src
, nbytes
);
243 static int cbc_encrypt(struct crypto_tfm
*tfm
,
244 struct scatterlist
*dst
,
245 struct scatterlist
*src
,
248 struct cipher_desc desc
;
249 struct cipher_alg
*cipher
= &tfm
->__crt_alg
->cra_cipher
;
252 desc
.crfn
= cipher
->cia_encrypt
;
253 desc
.prfn
= cipher
->cia_encrypt_cbc
?: cbc_process_encrypt
;
254 desc
.info
= tfm
->crt_cipher
.cit_iv
;
256 return crypt(&desc
, dst
, src
, nbytes
);
259 static int cbc_encrypt_iv(struct crypto_tfm
*tfm
,
260 struct scatterlist
*dst
,
261 struct scatterlist
*src
,
262 unsigned int nbytes
, u8
*iv
)
264 struct cipher_desc desc
;
265 struct cipher_alg
*cipher
= &tfm
->__crt_alg
->cra_cipher
;
268 desc
.crfn
= cipher
->cia_encrypt
;
269 desc
.prfn
= cipher
->cia_encrypt_cbc
?: cbc_process_encrypt
;
272 return crypt(&desc
, dst
, src
, nbytes
);
275 static int cbc_decrypt(struct crypto_tfm
*tfm
,
276 struct scatterlist
*dst
,
277 struct scatterlist
*src
,
280 struct cipher_desc desc
;
281 struct cipher_alg
*cipher
= &tfm
->__crt_alg
->cra_cipher
;
284 desc
.crfn
= cipher
->cia_decrypt
;
285 desc
.prfn
= cipher
->cia_decrypt_cbc
?: cbc_process_decrypt
;
286 desc
.info
= tfm
->crt_cipher
.cit_iv
;
288 return crypt(&desc
, dst
, src
, nbytes
);
291 static int cbc_decrypt_iv(struct crypto_tfm
*tfm
,
292 struct scatterlist
*dst
,
293 struct scatterlist
*src
,
294 unsigned int nbytes
, u8
*iv
)
296 struct cipher_desc desc
;
297 struct cipher_alg
*cipher
= &tfm
->__crt_alg
->cra_cipher
;
300 desc
.crfn
= cipher
->cia_decrypt
;
301 desc
.prfn
= cipher
->cia_decrypt_cbc
?: cbc_process_decrypt
;
304 return crypt(&desc
, dst
, src
, nbytes
);
307 static int nocrypt(struct crypto_tfm
*tfm
,
308 struct scatterlist
*dst
,
309 struct scatterlist
*src
,
315 static int nocrypt_iv(struct crypto_tfm
*tfm
,
316 struct scatterlist
*dst
,
317 struct scatterlist
*src
,
318 unsigned int nbytes
, u8
*iv
)
323 int crypto_init_cipher_flags(struct crypto_tfm
*tfm
, u32 flags
)
325 u32 mode
= flags
& CRYPTO_TFM_MODE_MASK
;
327 tfm
->crt_cipher
.cit_mode
= mode
? mode
: CRYPTO_TFM_MODE_ECB
;
328 if (flags
& CRYPTO_TFM_REQ_WEAK_KEY
)
329 tfm
->crt_flags
= CRYPTO_TFM_REQ_WEAK_KEY
;
334 int crypto_init_cipher_ops(struct crypto_tfm
*tfm
)
337 struct cipher_tfm
*ops
= &tfm
->crt_cipher
;
339 ops
->cit_setkey
= setkey
;
341 switch (tfm
->crt_cipher
.cit_mode
) {
342 case CRYPTO_TFM_MODE_ECB
:
343 ops
->cit_encrypt
= ecb_encrypt
;
344 ops
->cit_decrypt
= ecb_decrypt
;
347 case CRYPTO_TFM_MODE_CBC
:
348 ops
->cit_encrypt
= cbc_encrypt
;
349 ops
->cit_decrypt
= cbc_decrypt
;
350 ops
->cit_encrypt_iv
= cbc_encrypt_iv
;
351 ops
->cit_decrypt_iv
= cbc_decrypt_iv
;
354 case CRYPTO_TFM_MODE_CFB
:
355 ops
->cit_encrypt
= nocrypt
;
356 ops
->cit_decrypt
= nocrypt
;
357 ops
->cit_encrypt_iv
= nocrypt_iv
;
358 ops
->cit_decrypt_iv
= nocrypt_iv
;
361 case CRYPTO_TFM_MODE_CTR
:
362 ops
->cit_encrypt
= nocrypt
;
363 ops
->cit_decrypt
= nocrypt
;
364 ops
->cit_encrypt_iv
= nocrypt_iv
;
365 ops
->cit_decrypt_iv
= nocrypt_iv
;
372 if (ops
->cit_mode
== CRYPTO_TFM_MODE_CBC
) {
374 switch (crypto_tfm_alg_blocksize(tfm
)) {
376 ops
->cit_xor_block
= xor_64
;
380 ops
->cit_xor_block
= xor_128
;
384 printk(KERN_WARNING
"%s: block size %u not supported\n",
385 crypto_tfm_alg_name(tfm
),
386 crypto_tfm_alg_blocksize(tfm
));
391 ops
->cit_ivsize
= crypto_tfm_alg_blocksize(tfm
);
392 ops
->cit_iv
= kmalloc(ops
->cit_ivsize
, GFP_KERNEL
);
393 if (ops
->cit_iv
== NULL
)
401 void crypto_exit_cipher_ops(struct crypto_tfm
*tfm
)
403 kfree(tfm
->crt_cipher
.cit_iv
);