When running cryptomgr tests against the driver, there are several
occurences of different errors for setkey of des and des3-ede
algorithms.
Those key checks are already implemented in the kernels des
implementation, so this is added as dependency and the kernel methods
are called. It also required adding the kernels des/des3 context
definitions to the des_ctx internal structure to be able to call the
kernel methods.
Fixed ifxdeu-des... setkey unexpectedly succeeded on test vector x;
expected_error=-22.
Fixed ifxdeu-des... setkey failed on test vector x; expected_error=0,
actual_error=-22.
Renamed des_ctx internal structure and des_encrypt/des_decrypt methods
because they are already defined in the kernel module.
Fixed wrong DES_xxx constant definitions in crypto_alg definition for
ifxdeu_des3_ede_alg.
Fixed method comment errors.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
TITLE:=deu driver for $(1)
URL:=http://www.lantiq.com/
VARIANT:=$(1)
TITLE:=deu driver for $(1)
URL:=http://www.lantiq.com/
VARIANT:=$(1)
- DEPENDS:=@TARGET_lantiq_$(2) +kmod-crypto-manager @LINUX_5_4
+ DEPENDS:=@TARGET_lantiq_$(2) +kmod-crypto-manager +kmod-crypto-des @LINUX_5_4
FILES:=$(PKG_BUILD_DIR)/ltq_deu_$(1).ko
AUTOLOAD:=$(call AutoProbe,ltq_deu_$(1))
endef
FILES:=$(PKG_BUILD_DIR)/ltq_deu_$(1).ko
AUTOLOAD:=$(call AutoProbe,ltq_deu_$(1))
endef
#include <linux/delay.h>
#include <asm/byteorder.h>
#include <crypto/algapi.h>
#include <linux/delay.h>
#include <asm/byteorder.h>
#include <crypto/algapi.h>
#include <crypto/internal/skcipher.h>
#include "ifxmips_deu.h"
#include <crypto/internal/skcipher.h>
#include "ifxmips_deu.h"
void ifx_deu_des (void *ctx_arg, u8 *out_arg, const u8 *in_arg,
u8 *iv_arg, u32 nbytes, int encdec, int mode);
void ifx_deu_des (void *ctx_arg, u8 *out_arg, const u8 *in_arg,
u8 *iv_arg, u32 nbytes, int encdec, int mode);
+struct ifx_deu_des_ctx {
int controlr_M;
int key_length;
u8 iv[DES_BLOCK_SIZE];
u32 expkey[DES3_EDE_EXPKEY_WORDS];
int controlr_M;
int key_length;
u8 iv[DES_BLOCK_SIZE];
u32 expkey[DES3_EDE_EXPKEY_WORDS];
+ struct des_ctx des_context;
+ struct des3_ede_ctx des3_ede_context;
};
extern int disable_multiblock;
};
extern int disable_multiblock;
int des_setkey(struct crypto_tfm *tfm, const u8 *key,
unsigned int keylen)
{
int des_setkey(struct crypto_tfm *tfm, const u8 *key,
unsigned int keylen)
{
- struct des_ctx *dctx = crypto_tfm_ctx(tfm);
+ struct ifx_deu_des_ctx *dctx = crypto_tfm_ctx(tfm);
+ int err;
//printk("setkey in %s\n", __FILE__);
//printk("setkey in %s\n", __FILE__);
+ err = des_expand_key(&dctx->des_context, key, keylen);
+ if (err == -ENOKEY) {
+ if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
+ err = -EINVAL;
+ else
+ err = 0;
+ }
+
dctx->controlr_M = 0; // des
dctx->key_length = keylen;
memcpy ((u8 *) (dctx->expkey), key, keylen);
dctx->controlr_M = 0; // des
dctx->key_length = keylen;
memcpy ((u8 *) (dctx->expkey), key, keylen);
+ if (err)
+ memset(dctx, 0, sizeof(*dctx));
+
+ return err;
-/*! \fn int des_set_key (struct crypto_skcipher *tfm, const uint8_t *in_key, unsigned int key_len)
+/*! \fn int des_setkey_skcipher (struct crypto_skcipher *tfm, const uint8_t *in_key, unsigned int key_len)
* \ingroup IFX_AES_FUNCTIONS
* \brief sets the AES keys for skcipher
* \param tfm linux crypto skcipher
* \ingroup IFX_AES_FUNCTIONS
* \brief sets the AES keys for skcipher
* \param tfm linux crypto skcipher
u8 *iv_arg, u32 nbytes, int encdec, int mode)
{
volatile struct des_t *des = (struct des_t *) DES_3DES_START;
u8 *iv_arg, u32 nbytes, int encdec, int mode)
{
volatile struct des_t *des = (struct des_t *) DES_3DES_START;
- struct des_ctx *dctx = ctx_arg;
+ struct ifx_deu_des_ctx *dctx = ctx_arg;
u32 *key = dctx->expkey;
unsigned long flag;
u32 *key = dctx->expkey;
unsigned long flag;
ifx_deu_des (ctx, dst, src, iv, nbytes, encdec, 4);
}
ifx_deu_des (ctx, dst, src, iv, nbytes, encdec, 4);
}
-/*! \fn void des_encrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
+/*! \fn void ifx_deu_des_encrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
* \ingroup IFX_DES_FUNCTIONS
* \brief encrypt DES_BLOCK_SIZE of data
* \param tfm linux crypto algo transform
* \param out output bytestream
* \param in input bytestream
*/
* \ingroup IFX_DES_FUNCTIONS
* \brief encrypt DES_BLOCK_SIZE of data
* \param tfm linux crypto algo transform
* \param out output bytestream
* \param in input bytestream
*/
-void des_encrypt (struct crypto_tfm *tfm, uint8_t * out, const uint8_t * in)
+void ifx_deu_des_encrypt (struct crypto_tfm *tfm, uint8_t * out, const uint8_t * in)
- struct des_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct ifx_deu_des_ctx *ctx = crypto_tfm_ctx(tfm);
ifx_deu_des (ctx, out, in, NULL, DES_BLOCK_SIZE,
CRYPTO_DIR_ENCRYPT, 0);
}
ifx_deu_des (ctx, out, in, NULL, DES_BLOCK_SIZE,
CRYPTO_DIR_ENCRYPT, 0);
}
-/*! \fn void des_decrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
+/*! \fn void ifx_deu_des_decrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
* \ingroup IFX_DES_FUNCTIONS
* \brief encrypt DES_BLOCK_SIZE of data
* \param tfm linux crypto algo transform
* \param out output bytestream
* \param in input bytestream
*/
* \ingroup IFX_DES_FUNCTIONS
* \brief encrypt DES_BLOCK_SIZE of data
* \param tfm linux crypto algo transform
* \param out output bytestream
* \param in input bytestream
*/
-void des_decrypt (struct crypto_tfm *tfm, uint8_t * out, const uint8_t * in)
+void ifx_deu_des_decrypt (struct crypto_tfm *tfm, uint8_t * out, const uint8_t * in)
- struct des_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct ifx_deu_des_ctx *ctx = crypto_tfm_ctx(tfm);
ifx_deu_des (ctx, out, in, NULL, DES_BLOCK_SIZE,
CRYPTO_DIR_DECRYPT, 0);
}
ifx_deu_des (ctx, out, in, NULL, DES_BLOCK_SIZE,
CRYPTO_DIR_DECRYPT, 0);
}
int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key,
unsigned int keylen)
{
int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key,
unsigned int keylen)
{
- struct des_ctx *dctx = crypto_tfm_ctx(tfm);
+ struct ifx_deu_des_ctx *dctx = crypto_tfm_ctx(tfm);
+ int err;
//printk("setkey in %s\n", __FILE__);
//printk("setkey in %s\n", __FILE__);
+ err = des3_ede_expand_key(&dctx->des3_ede_context, key, keylen);
+ if (err == -ENOKEY) {
+ if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
+ err = -EINVAL;
+ else
+ err = 0;
+ }
+
dctx->controlr_M = keylen / 8 + 1; // 3DES EDE1 / EDE2 / EDE3 Mode
dctx->key_length = keylen;
memcpy ((u8 *) (dctx->expkey), key, keylen);
dctx->controlr_M = keylen / 8 + 1; // 3DES EDE1 / EDE2 / EDE3 Mode
dctx->key_length = keylen;
memcpy ((u8 *) (dctx->expkey), key, keylen);
+ if (err)
+ memset(dctx, 0, sizeof(*dctx));
+
+ return err;
}
/*! \fn int des3_ede_setkey_skcipher(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen)
}
/*! \fn int des3_ede_setkey_skcipher(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen)
.cra_priority = 300,
.cra_flags = CRYPTO_ALG_TYPE_CIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.cra_blocksize = DES_BLOCK_SIZE,
.cra_priority = 300,
.cra_flags = CRYPTO_ALG_TYPE_CIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.cra_blocksize = DES_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct des_ctx),
+ .cra_ctxsize = sizeof(struct ifx_deu_des_ctx),
.cra_module = THIS_MODULE,
.cra_alignmask = 3,
.cra_list = LIST_HEAD_INIT(ifxdeu_des_alg.cra_list),
.cra_module = THIS_MODULE,
.cra_alignmask = 3,
.cra_list = LIST_HEAD_INIT(ifxdeu_des_alg.cra_list),
.cia_min_keysize = DES_KEY_SIZE,
.cia_max_keysize = DES_KEY_SIZE,
.cia_setkey = des_setkey,
.cia_min_keysize = DES_KEY_SIZE,
.cia_max_keysize = DES_KEY_SIZE,
.cia_setkey = des_setkey,
- .cia_encrypt = des_encrypt,
- .cia_decrypt = des_decrypt } }
+ .cia_encrypt = ifx_deu_des_encrypt,
+ .cia_decrypt = ifx_deu_des_decrypt } }
.cra_driver_name = "ifxdeu-des3_ede",
.cra_priority = 300,
.cra_flags = CRYPTO_ALG_TYPE_CIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.cra_driver_name = "ifxdeu-des3_ede",
.cra_priority = 300,
.cra_flags = CRYPTO_ALG_TYPE_CIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
- .cra_blocksize = DES_BLOCK_SIZE,
- .cra_ctxsize = sizeof(struct des_ctx),
+ .cra_blocksize = DES3_EDE_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct ifx_deu_des_ctx),
.cra_module = THIS_MODULE,
.cra_alignmask = 3,
.cra_list = LIST_HEAD_INIT(ifxdeu_des3_ede_alg.cra_list),
.cra_u = { .cipher = {
.cra_module = THIS_MODULE,
.cra_alignmask = 3,
.cra_list = LIST_HEAD_INIT(ifxdeu_des3_ede_alg.cra_list),
.cra_u = { .cipher = {
- .cia_min_keysize = DES_KEY_SIZE,
- .cia_max_keysize = DES_KEY_SIZE,
+ .cia_min_keysize = DES3_EDE_KEY_SIZE,
+ .cia_max_keysize = DES3_EDE_KEY_SIZE,
.cia_setkey = des3_ede_setkey,
.cia_setkey = des3_ede_setkey,
- .cia_encrypt = des_encrypt,
- .cia_decrypt = des_decrypt } }
+ .cia_encrypt = ifx_deu_des_encrypt,
+ .cia_decrypt = ifx_deu_des_decrypt } }
};
/*! \fn int ecb_des_encrypt(struct skcipher_req *req)
};
/*! \fn int ecb_des_encrypt(struct skcipher_req *req)
*/
int ecb_des_encrypt(struct skcipher_request *req)
{
*/
int ecb_des_encrypt(struct skcipher_request *req)
{
- struct des_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct ifx_deu_des_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
struct skcipher_walk walk;
int err;
unsigned int enc_bytes, nbytes;
struct skcipher_walk walk;
int err;
unsigned int enc_bytes, nbytes;
*/
int ecb_des_decrypt(struct skcipher_request *req)
{
*/
int ecb_des_decrypt(struct skcipher_request *req)
{
- struct des_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct ifx_deu_des_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
struct skcipher_walk walk;
int err;
unsigned int dec_bytes, nbytes;
struct skcipher_walk walk;
int err;
unsigned int dec_bytes, nbytes;
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.base.cra_blocksize = DES_BLOCK_SIZE,
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.base.cra_blocksize = DES_BLOCK_SIZE,
- .base.cra_ctxsize = sizeof(struct des_ctx),
+ .base.cra_ctxsize = sizeof(struct ifx_deu_des_ctx),
.base.cra_module = THIS_MODULE,
.base.cra_list = LIST_HEAD_INIT(ifxdeu_ecb_des_alg.base.cra_list),
.min_keysize = DES_KEY_SIZE,
.base.cra_module = THIS_MODULE,
.base.cra_list = LIST_HEAD_INIT(ifxdeu_ecb_des_alg.base.cra_list),
.min_keysize = DES_KEY_SIZE,
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
- .base.cra_ctxsize = sizeof(struct des_ctx),
+ .base.cra_ctxsize = sizeof(struct ifx_deu_des_ctx),
.base.cra_module = THIS_MODULE,
.base.cra_list = LIST_HEAD_INIT(ifxdeu_ecb_des3_ede_alg.base.cra_list),
.min_keysize = DES3_EDE_KEY_SIZE,
.base.cra_module = THIS_MODULE,
.base.cra_list = LIST_HEAD_INIT(ifxdeu_ecb_des3_ede_alg.base.cra_list),
.min_keysize = DES3_EDE_KEY_SIZE,
*/
int cbc_des_encrypt(struct skcipher_request *req)
{
*/
int cbc_des_encrypt(struct skcipher_request *req)
{
- struct des_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct ifx_deu_des_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
struct skcipher_walk walk;
int err;
unsigned int enc_bytes, nbytes;
struct skcipher_walk walk;
int err;
unsigned int enc_bytes, nbytes;
*/
int cbc_des_decrypt(struct skcipher_request *req)
{
*/
int cbc_des_decrypt(struct skcipher_request *req)
{
- struct des_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
+ struct ifx_deu_des_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
struct skcipher_walk walk;
int err;
unsigned int dec_bytes, nbytes;
struct skcipher_walk walk;
int err;
unsigned int dec_bytes, nbytes;
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.base.cra_blocksize = DES_BLOCK_SIZE,
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.base.cra_blocksize = DES_BLOCK_SIZE,
- .base.cra_ctxsize = sizeof(struct des_ctx),
+ .base.cra_ctxsize = sizeof(struct ifx_deu_des_ctx),
.base.cra_module = THIS_MODULE,
.base.cra_list = LIST_HEAD_INIT(ifxdeu_cbc_des_alg.base.cra_list),
.min_keysize = DES_KEY_SIZE,
.base.cra_module = THIS_MODULE,
.base.cra_list = LIST_HEAD_INIT(ifxdeu_cbc_des_alg.base.cra_list),
.min_keysize = DES_KEY_SIZE,
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
.base.cra_priority = 400,
.base.cra_flags = CRYPTO_ALG_TYPE_SKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
.base.cra_blocksize = DES3_EDE_BLOCK_SIZE,
- .base.cra_ctxsize = sizeof(struct des_ctx),
+ .base.cra_ctxsize = sizeof(struct ifx_deu_des_ctx),
.base.cra_module = THIS_MODULE,
.base.cra_list = LIST_HEAD_INIT(ifxdeu_cbc_des3_ede_alg.base.cra_list),
.min_keysize = DES3_EDE_KEY_SIZE,
.base.cra_module = THIS_MODULE,
.base.cra_list = LIST_HEAD_INIT(ifxdeu_cbc_des3_ede_alg.base.cra_list),
.min_keysize = DES3_EDE_KEY_SIZE,