projects / openwrt / staging / mkresin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
dnsmasq: full: disable ipset support by default
[openwrt/staging/mkresin.git] / package / kernel / lantiq / ltq-deu / src / ifxmips_aes.c
1 /******************************************************************************
2 **
3 ** FILE NAME : ifxmips_aes.c
4 ** PROJECT : IFX UEIP
5 ** MODULES : DEU Module
6 **
7 ** DATE : September 8, 2009
8 ** AUTHOR : Mohammad Firdaus
9 ** DESCRIPTION : Data Encryption Unit Driver for AES Algorithm
10 ** COPYRIGHT : Copyright (c) 2009
11 ** Infineon Technologies AG
12 ** Am Campeon 1-12, 85579 Neubiberg, Germany
13 **
14 ** This program is free software; you can redistribute it and/or modify
15 ** it under the terms of the GNU General Public License as published by
16 ** the Free Software Foundation; either version 2 of the License, or
17 ** (at your option) any later version.
18 **
19 ** HISTORY
20 ** $Date $Author $Comment
21 ** 08,Sept 2009 Mohammad Firdaus Initial UEIP release
22 *******************************************************************************/
23 /*!
24 \defgroup IFX_DEU IFX_DEU_DRIVERS
25 \ingroup API
26 \brief ifx DEU driver module
27 */
28
29 /*!
30 \file ifxmips_aes.c
31 \ingroup IFX_DEU
32 \brief AES Encryption Driver main file
33 */
34
35 /*!
36 \defgroup IFX_AES_FUNCTIONS IFX_AES_FUNCTIONS
37 \ingroup IFX_DEU
38 \brief IFX AES driver Functions
39 */
40
41
42 /* Project Header Files */
43 #if defined(CONFIG_MODVERSIONS)
44 #define MODVERSIONS
45 #include <linux/modeversions>
46 #endif
47
48 #include <linux/version.h>
49 #include <linux/module.h>
50 #include <linux/init.h>
51 #include <linux/proc_fs.h>
52 #include <linux/fs.h>
53 #include <linux/types.h>
54 #include <linux/errno.h>
55 #include <linux/crypto.h>
56 #include <linux/interrupt.h>
57 #include <linux/delay.h>
58 #include <asm/byteorder.h>
59 #include <crypto/algapi.h>
60
61 #include "ifxmips_deu.h"
62
63 #if defined(CONFIG_DANUBE)
64 #include "ifxmips_deu_danube.h"
65 extern int ifx_danube_pre_1_4;
66 #elif defined(CONFIG_AR9)
67 #include "ifxmips_deu_ar9.h"
68 #elif defined(CONFIG_VR9) || defined(CONFIG_AR10)
69 #include "ifxmips_deu_vr9.h"
70 #else
71 #error "Unkown platform"
72 #endif
73
74 /* DMA related header and variables */
75
76 spinlock_t aes_lock;
77 #define CRTCL_SECT_INIT spin_lock_init(&aes_lock)
78 #define CRTCL_SECT_START spin_lock_irqsave(&aes_lock, flag)
79 #define CRTCL_SECT_END spin_unlock_irqrestore(&aes_lock, flag)
80
81 /* Definition of constants */
82 #define AES_START IFX_AES_CON
83 #define AES_MIN_KEY_SIZE 16
84 #define AES_MAX_KEY_SIZE 32
85 #define AES_BLOCK_SIZE 16
86 #define CTR_RFC3686_NONCE_SIZE 4
87 #define CTR_RFC3686_IV_SIZE 8
88 #define CTR_RFC3686_MAX_KEY_SIZE (AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE)
89
90 #ifdef CRYPTO_DEBUG
91 extern char debug_level;
92 #define DPRINTF(level, format, args...) if (level < debug_level) printk(KERN_INFO "[%s %s %d]: " format, __FILE__, __func__, __LINE__, ##args);
93 #else
94 #define DPRINTF(level, format, args...)
95 #endif /* CRYPTO_DEBUG */
96
97 /* Function decleration */
98 int aes_chip_init(void);
99 u32 endian_swap(u32 input);
100 u32 input_swap(u32 input);
101 u32* memory_alignment(const u8 *arg, u32 *buff_alloc, int in_out, int nbytes);
102 void aes_dma_memory_copy(u32 *outcopy, u32 *out_dma, u8 *out_arg, int nbytes);
103 void des_dma_memory_copy(u32 *outcopy, u32 *out_dma, u8 *out_arg, int nbytes);
104 int aes_memory_allocate(int value);
105 int des_memory_allocate(int value);
106 void memory_release(u32 *addr);
107
108
109 extern void ifx_deu_aes (void *ctx_arg, uint8_t *out_arg, const uint8_t *in_arg,
110 uint8_t *iv_arg, size_t nbytes, int encdec, int mode);
111 /* End of function decleration */
112
113 struct aes_ctx {
114 int key_length;
115 u32 buf[AES_MAX_KEY_SIZE];
116 u8 nonce[CTR_RFC3686_NONCE_SIZE];
117 };
118
119 extern int disable_deudma;
120 extern int disable_multiblock;
121
122 /*! \fn int aes_set_key (struct crypto_tfm *tfm, const uint8_t *in_key, unsigned int key_len)
123 * \ingroup IFX_AES_FUNCTIONS
124 * \brief sets the AES keys
125 * \param tfm linux crypto algo transform
126 * \param in_key input key
127 * \param key_len key lengths of 16, 24 and 32 bytes supported
128 * \return -EINVAL - bad key length, 0 - SUCCESS
129 */
130 int aes_set_key (struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len)
131 {
132 struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
133 unsigned long *flags = (unsigned long *) &tfm->crt_flags;
134
135 //printk("set_key in %s\n", __FILE__);
136
137 //aes_chip_init();
138
139 if (key_len != 16 && key_len != 24 && key_len != 32) {
140 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
141 return -EINVAL;
142 }
143
144 ctx->key_length = key_len;
145 DPRINTF(0, "ctx @%p, key_len %d, ctx->key_length %d\n", ctx, key_len, ctx->key_length);
146 memcpy ((u8 *) (ctx->buf), in_key, key_len);
147
148 return 0;
149 }
150
151
152 /*! \fn void ifx_deu_aes (void *ctx_arg, u8 *out_arg, const u8 *in_arg, u8 *iv_arg, size_t nbytes, int encdec, int mode)
153 * \ingroup IFX_AES_FUNCTIONS
154 * \brief main interface to AES hardware
155 * \param ctx_arg crypto algo context
156 * \param out_arg output bytestream
157 * \param in_arg input bytestream
158 * \param iv_arg initialization vector
159 * \param nbytes length of bytestream
160 * \param encdec 1 for encrypt; 0 for decrypt
161 * \param mode operation mode such as ebc, cbc, ctr
162 *
163 */
164 void ifx_deu_aes (void *ctx_arg, u8 *out_arg, const u8 *in_arg,
165 u8 *iv_arg, size_t nbytes, int encdec, int mode)
166
167 {
168 /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
169 volatile struct aes_t *aes = (volatile struct aes_t *) AES_START;
170 struct aes_ctx *ctx = (struct aes_ctx *)ctx_arg;
171 u32 *in_key = ctx->buf;
172 unsigned long flag;
173 /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
174 int key_len = ctx->key_length;
175
176 int i = 0;
177 int byte_cnt = nbytes;
178
179
180 CRTCL_SECT_START;
181 /* 128, 192 or 256 bit key length */
182 aes->controlr.K = key_len / 8 - 2;
183 if (key_len == 128 / 8) {
184 aes->K3R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 0));
185 aes->K2R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 1));
186 aes->K1R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 2));
187 aes->K0R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 3));
188 }
189 else if (key_len == 192 / 8) {
190 aes->K5R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 0));
191 aes->K4R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 1));
192 aes->K3R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 2));
193 aes->K2R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 3));
194 aes->K1R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 4));
195 aes->K0R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 5));
196 }
197 else if (key_len == 256 / 8) {
198 aes->K7R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 0));
199 aes->K6R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 1));
200 aes->K5R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 2));
201 aes->K4R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 3));
202 aes->K3R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 4));
203 aes->K2R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 5));
204 aes->K1R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 6));
205 aes->K0R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 7));
206 }
207 else {
208 printk (KERN_ERR "[%s %s %d]: Invalid key_len : %d\n", __FILE__, __func__, __LINE__, key_len);
209 CRTCL_SECT_END;
210 return;// -EINVAL;
211 }
212
213 /* let HW pre-process DEcryption key in any case (even if
214 ENcryption is used). Key Valid (KV) bit is then only
215 checked in decryption routine! */
216 aes->controlr.PNK = 1;
217
218
219 aes->controlr.E_D = !encdec; //encryption
220 aes->controlr.O = mode; //0 ECB 1 CBC 2 OFB 3 CFB 4 CTR
221
222 //aes->controlr.F = 128; //default; only for CFB and OFB modes; change only for customer-specific apps
223 if (mode > 0) {
224 aes->IV3R = DEU_ENDIAN_SWAP(*(u32 *) iv_arg);
225 aes->IV2R = DEU_ENDIAN_SWAP(*((u32 *) iv_arg + 1));
226 aes->IV1R = DEU_ENDIAN_SWAP(*((u32 *) iv_arg + 2));
227 aes->IV0R = DEU_ENDIAN_SWAP(*((u32 *) iv_arg + 3));
228 };
229
230
231 i = 0;
232 while (byte_cnt >= 16) {
233
234 aes->ID3R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 0));
235 aes->ID2R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 1));
236 aes->ID1R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 2));
237 aes->ID0R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 3)); /* start crypto */
238
239 while (aes->controlr.BUS) {
240 // this will not take long
241 }
242
243 *((volatile u32 *) out_arg + (i * 4) + 0) = aes->OD3R;
244 *((volatile u32 *) out_arg + (i * 4) + 1) = aes->OD2R;
245 *((volatile u32 *) out_arg + (i * 4) + 2) = aes->OD1R;
246 *((volatile u32 *) out_arg + (i * 4) + 3) = aes->OD0R;
247
248 i++;
249 byte_cnt -= 16;
250 }
251
252 /* To handle all non-aligned bytes (not aligned to 16B size) */
253 if (byte_cnt) {
254 u8 *input[16];
255 u8 *output[16];
256
257 memcpy(input, ((u32 *) in_arg + (i * 4)), byte_cnt);
258
259 aes->ID3R = INPUT_ENDIAN_SWAP(*((u32 *) input + (i * 4) + 0));
260 aes->ID2R = INPUT_ENDIAN_SWAP(*((u32 *) input + (i * 4) + 1));
261 aes->ID1R = INPUT_ENDIAN_SWAP(*((u32 *) input + (i * 4) + 2));
262 aes->ID0R = INPUT_ENDIAN_SWAP(*((u32 *) input + (i * 4) + 3)); /* start crypto */
263
264 while (aes->controlr.BUS) {
265 }
266
267 *((volatile u32 *) output + (i * 4) + 0) = aes->OD3R;
268 *((volatile u32 *) output + (i * 4) + 1) = aes->OD2R;
269 *((volatile u32 *) output + (i * 4) + 2) = aes->OD1R;
270 *((volatile u32 *) output + (i * 4) + 3) = aes->OD0R;
271
272 memcpy(((u32 *) out_arg + (i * 4)), output, byte_cnt);
273 }
274
275 //tc.chen : copy iv_arg back
276 if (mode > 0) {
277 *((u32 *) iv_arg) = DEU_ENDIAN_SWAP(aes->IV3R);
278 *((u32 *) iv_arg + 1) = DEU_ENDIAN_SWAP(aes->IV2R);
279 *((u32 *) iv_arg + 2) = DEU_ENDIAN_SWAP(aes->IV1R);
280 *((u32 *) iv_arg + 3) = DEU_ENDIAN_SWAP(aes->IV0R);
281 }
282
283 CRTCL_SECT_END;
284 }
285
286 /*!
287 * \fn int ctr_rfc3686_aes_set_key (struct crypto_tfm *tfm, const uint8_t *in_key, unsigned int key_len)
288 * \ingroup IFX_AES_FUNCTIONS
289 * \brief sets RFC3686 key
290 * \param tfm linux crypto algo transform
291 * \param in_key input key
292 * \param key_len key lengths of 20, 28 and 36 bytes supported; last 4 bytes is nonce
293 * \return 0 - SUCCESS
294 * -EINVAL - bad key length
295 */
296 int ctr_rfc3686_aes_set_key (struct crypto_tfm *tfm, const uint8_t *in_key, unsigned int key_len)
297 {
298 struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
299 unsigned long *flags = (unsigned long *)&tfm->crt_flags;
300
301 //printk("ctr_rfc3686_aes_set_key in %s\n", __FILE__);
302
303 memcpy(ctx->nonce, in_key + (key_len - CTR_RFC3686_NONCE_SIZE),
304 CTR_RFC3686_NONCE_SIZE);
305
306 key_len -= CTR_RFC3686_NONCE_SIZE; // remove 4 bytes of nonce
307
308 if (key_len != 16 && key_len != 24 && key_len != 32) {
309 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
310 return -EINVAL;
311 }
312
313 ctx->key_length = key_len;
314
315 memcpy ((u8 *) (ctx->buf), in_key, key_len);
316
317 return 0;
318 }
319
320 /*! \fn void ifx_deu_aes (void *ctx_arg, u8 *out_arg, const u8 *in_arg, u8 *iv_arg, u32 nbytes, int encdec, int mode)
321 * \ingroup IFX_AES_FUNCTIONS
322 * \brief main interface with deu hardware in DMA mode
323 * \param ctx_arg crypto algo context
324 * \param out_arg output bytestream
325 * \param in_arg input bytestream
326 * \param iv_arg initialization vector
327 * \param nbytes length of bytestream
328 * \param encdec 1 for encrypt; 0 for decrypt
329 * \param mode operation mode such as ebc, cbc, ctr
330 */
331
332
333 //definitions from linux/include/crypto.h:
334 //#define CRYPTO_TFM_MODE_ECB 0x00000001
335 //#define CRYPTO_TFM_MODE_CBC 0x00000002
336 //#define CRYPTO_TFM_MODE_CFB 0x00000004
337 //#define CRYPTO_TFM_MODE_CTR 0x00000008
338 //#define CRYPTO_TFM_MODE_OFB 0x00000010 // not even defined
339 //but hardware definition: 0 ECB 1 CBC 2 OFB 3 CFB 4 CTR
340
341 /*! \fn void ifx_deu_aes_ecb (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
342 * \ingroup IFX_AES_FUNCTIONS
343 * \brief sets AES hardware to ECB mode
344 * \param ctx crypto algo context
345 * \param dst output bytestream
346 * \param src input bytestream
347 * \param iv initialization vector
348 * \param nbytes length of bytestream
349 * \param encdec 1 for encrypt; 0 for decrypt
350 * \param inplace not used
351 */
352 void ifx_deu_aes_ecb (void *ctx, uint8_t *dst, const uint8_t *src,
353 uint8_t *iv, size_t nbytes, int encdec, int inplace)
354 {
355 ifx_deu_aes (ctx, dst, src, NULL, nbytes, encdec, 0);
356 }
357
358 /*! \fn void ifx_deu_aes_cbc (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
359 * \ingroup IFX_AES_FUNCTIONS
360 * \brief sets AES hardware to CBC mode
361 * \param ctx crypto algo context
362 * \param dst output bytestream
363 * \param src input bytestream
364 * \param iv initialization vector
365 * \param nbytes length of bytestream
366 * \param encdec 1 for encrypt; 0 for decrypt
367 * \param inplace not used
368 */
369 void ifx_deu_aes_cbc (void *ctx, uint8_t *dst, const uint8_t *src,
370 uint8_t *iv, size_t nbytes, int encdec, int inplace)
371 {
372 ifx_deu_aes (ctx, dst, src, iv, nbytes, encdec, 1);
373 }
374
375 /*! \fn void ifx_deu_aes_ofb (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
376 * \ingroup IFX_AES_FUNCTIONS
377 * \brief sets AES hardware to OFB mode
378 * \param ctx crypto algo context
379 * \param dst output bytestream
380 * \param src input bytestream
381 * \param iv initialization vector
382 * \param nbytes length of bytestream
383 * \param encdec 1 for encrypt; 0 for decrypt
384 * \param inplace not used
385 */
386 void ifx_deu_aes_ofb (void *ctx, uint8_t *dst, const uint8_t *src,
387 uint8_t *iv, size_t nbytes, int encdec, int inplace)
388 {
389 ifx_deu_aes (ctx, dst, src, iv, nbytes, encdec, 2);
390 }
391
392 /*! \fn void ifx_deu_aes_cfb (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
393 * \ingroup IFX_AES_FUNCTIONS
394 * \brief sets AES hardware to CFB mode
395 * \param ctx crypto algo context
396 * \param dst output bytestream
397 * \param src input bytestream
398 * \param iv initialization vector
399 * \param nbytes length of bytestream
400 * \param encdec 1 for encrypt; 0 for decrypt
401 * \param inplace not used
402 */
403 void ifx_deu_aes_cfb (void *ctx, uint8_t *dst, const uint8_t *src,
404 uint8_t *iv, size_t nbytes, int encdec, int inplace)
405 {
406 ifx_deu_aes (ctx, dst, src, iv, nbytes, encdec, 3);
407 }
408
409 /*! \fn void ifx_deu_aes_ctr (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
410 * \ingroup IFX_AES_FUNCTIONS
411 * \brief sets AES hardware to CTR mode
412 * \param ctx crypto algo context
413 * \param dst output bytestream
414 * \param src input bytestream
415 * \param iv initialization vector
416 * \param nbytes length of bytestream
417 * \param encdec 1 for encrypt; 0 for decrypt
418 * \param inplace not used
419 */
420 void ifx_deu_aes_ctr (void *ctx, uint8_t *dst, const uint8_t *src,
421 uint8_t *iv, size_t nbytes, int encdec, int inplace)
422 {
423 ifx_deu_aes (ctx, dst, src, iv, nbytes, encdec, 4);
424 }
425
426 /*! \fn void aes_encrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
427 * \ingroup IFX_AES_FUNCTIONS
428 * \brief encrypt AES_BLOCK_SIZE of data
429 * \param tfm linux crypto algo transform
430 * \param out output bytestream
431 * \param in input bytestream
432 */
433 void aes_encrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
434 {
435 struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
436 ifx_deu_aes (ctx, out, in, NULL, AES_BLOCK_SIZE,
437 CRYPTO_DIR_ENCRYPT, 0);
438 }
439
440 /*! \fn void aes_decrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
441 * \ingroup IFX_AES_FUNCTIONS
442 * \brief decrypt AES_BLOCK_SIZE of data
443 * \param tfm linux crypto algo transform
444 * \param out output bytestream
445 * \param in input bytestream
446 */
447 void aes_decrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
448 {
449 struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
450 ifx_deu_aes (ctx, out, in, NULL, AES_BLOCK_SIZE,
451 CRYPTO_DIR_DECRYPT, 0);
452 }
453
454 /*
455 * \brief AES function mappings
456 */
457 struct crypto_alg ifxdeu_aes_alg = {
458 .cra_name = "aes",
459 .cra_driver_name = "ifxdeu-aes",
460 .cra_priority = 300,
461 .cra_flags = CRYPTO_ALG_TYPE_CIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
462 .cra_blocksize = AES_BLOCK_SIZE,
463 .cra_ctxsize = sizeof(struct aes_ctx),
464 .cra_module = THIS_MODULE,
465 .cra_list = LIST_HEAD_INIT(ifxdeu_aes_alg.cra_list),
466 .cra_u = {
467 .cipher = {
468 .cia_min_keysize = AES_MIN_KEY_SIZE,
469 .cia_max_keysize = AES_MAX_KEY_SIZE,
470 .cia_setkey = aes_set_key,
471 .cia_encrypt = aes_encrypt,
472 .cia_decrypt = aes_decrypt,
473 }
474 }
475 };
476
477 /*! \fn int ecb_aes_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
478 * \ingroup IFX_AES_FUNCTIONS
479 * \brief ECB AES encrypt using linux crypto blkcipher
480 * \param desc blkcipher descriptor
481 * \param dst output scatterlist
482 * \param src input scatterlist
483 * \param nbytes data size in bytes
484 * \return err
485 */
486 int ecb_aes_encrypt(struct blkcipher_desc *desc,
487 struct scatterlist *dst, struct scatterlist *src,
488 unsigned int nbytes)
489 {
490 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
491 struct blkcipher_walk walk;
492 int err;
493 unsigned int enc_bytes;
494
495 blkcipher_walk_init(&walk, dst, src, nbytes);
496 err = blkcipher_walk_virt(desc, &walk);
497
498 while ((nbytes = enc_bytes = walk.nbytes)) {
499 enc_bytes -= (nbytes % AES_BLOCK_SIZE);
500 ifx_deu_aes_ecb(ctx, walk.dst.virt.addr, walk.src.virt.addr,
501 NULL, enc_bytes, CRYPTO_DIR_ENCRYPT, 0);
502 nbytes &= AES_BLOCK_SIZE - 1;
503 err = blkcipher_walk_done(desc, &walk, nbytes);
504 }
505
506 return err;
507 }
508
509 /*! \fn int ecb_aes_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
510 * \ingroup IFX_AES_FUNCTIONS
511 * \brief ECB AES decrypt using linux crypto blkcipher
512 * \param desc blkcipher descriptor
513 * \param dst output scatterlist
514 * \param src input scatterlist
515 * \param nbytes data size in bytes
516 * \return err
517 */
518 int ecb_aes_decrypt(struct blkcipher_desc *desc,
519 struct scatterlist *dst, struct scatterlist *src,
520 unsigned int nbytes)
521 {
522 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
523 struct blkcipher_walk walk;
524 int err;
525 unsigned int dec_bytes;
526
527 blkcipher_walk_init(&walk, dst, src, nbytes);
528 err = blkcipher_walk_virt(desc, &walk);
529
530 while ((nbytes = dec_bytes = walk.nbytes)) {
531 dec_bytes -= (nbytes % AES_BLOCK_SIZE);
532 ifx_deu_aes_ecb(ctx, walk.dst.virt.addr, walk.src.virt.addr,
533 NULL, dec_bytes, CRYPTO_DIR_DECRYPT, 0);
534 nbytes &= AES_BLOCK_SIZE - 1;
535 err = blkcipher_walk_done(desc, &walk, nbytes);
536 }
537
538 return err;
539 }
540
541 /*
542 * \brief AES function mappings
543 */
544 struct crypto_alg ifxdeu_ecb_aes_alg = {
545 .cra_name = "ecb(aes)",
546 .cra_driver_name = "ifxdeu-ecb(aes)",
547 .cra_priority = 400,
548 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
549 .cra_blocksize = AES_BLOCK_SIZE,
550 .cra_ctxsize = sizeof(struct aes_ctx),
551 .cra_type = &crypto_blkcipher_type,
552 .cra_module = THIS_MODULE,
553 .cra_list = LIST_HEAD_INIT(ifxdeu_ecb_aes_alg.cra_list),
554 .cra_u = {
555 .blkcipher = {
556 .min_keysize = AES_MIN_KEY_SIZE,
557 .max_keysize = AES_MAX_KEY_SIZE,
558 .setkey = aes_set_key,
559 .encrypt = ecb_aes_encrypt,
560 .decrypt = ecb_aes_decrypt,
561 }
562 }
563 };
564
565
566 /*! \fn int cbc_aes_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
567 * \ingroup IFX_AES_FUNCTIONS
568 * \brief CBC AES encrypt using linux crypto blkcipher
569 * \param desc blkcipher descriptor
570 * \param dst output scatterlist
571 * \param src input scatterlist
572 * \param nbytes data size in bytes
573 * \return err
574 */
575 int cbc_aes_encrypt(struct blkcipher_desc *desc,
576 struct scatterlist *dst, struct scatterlist *src,
577 unsigned int nbytes)
578 {
579 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
580 struct blkcipher_walk walk;
581 int err;
582 unsigned int enc_bytes;
583
584 blkcipher_walk_init(&walk, dst, src, nbytes);
585 err = blkcipher_walk_virt(desc, &walk);
586
587 while ((nbytes = enc_bytes = walk.nbytes)) {
588 u8 *iv = walk.iv;
589 enc_bytes -= (nbytes % AES_BLOCK_SIZE);
590 ifx_deu_aes_cbc(ctx, walk.dst.virt.addr, walk.src.virt.addr,
591 iv, enc_bytes, CRYPTO_DIR_ENCRYPT, 0);
592 nbytes &= AES_BLOCK_SIZE - 1;
593 err = blkcipher_walk_done(desc, &walk, nbytes);
594 }
595
596 return err;
597 }
598
599 /*! \fn int cbc_aes_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
600 * \ingroup IFX_AES_FUNCTIONS
601 * \brief CBC AES decrypt using linux crypto blkcipher
602 * \param desc blkcipher descriptor
603 * \param dst output scatterlist
604 * \param src input scatterlist
605 * \param nbytes data size in bytes
606 * \return err
607 */
608 int cbc_aes_decrypt(struct blkcipher_desc *desc,
609 struct scatterlist *dst, struct scatterlist *src,
610 unsigned int nbytes)
611 {
612 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
613 struct blkcipher_walk walk;
614 int err;
615 unsigned int dec_bytes;
616
617 blkcipher_walk_init(&walk, dst, src, nbytes);
618 err = blkcipher_walk_virt(desc, &walk);
619
620 while ((nbytes = dec_bytes = walk.nbytes)) {
621 u8 *iv = walk.iv;
622 dec_bytes -= (nbytes % AES_BLOCK_SIZE);
623 ifx_deu_aes_cbc(ctx, walk.dst.virt.addr, walk.src.virt.addr,
624 iv, dec_bytes, CRYPTO_DIR_DECRYPT, 0);
625 nbytes &= AES_BLOCK_SIZE - 1;
626 err = blkcipher_walk_done(desc, &walk, nbytes);
627 }
628
629 return err;
630 }
631
632 /*
633 * \brief AES function mappings
634 */
635 struct crypto_alg ifxdeu_cbc_aes_alg = {
636 .cra_name = "cbc(aes)",
637 .cra_driver_name = "ifxdeu-cbc(aes)",
638 .cra_priority = 400,
639 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
640 .cra_blocksize = AES_BLOCK_SIZE,
641 .cra_ctxsize = sizeof(struct aes_ctx),
642 .cra_type = &crypto_blkcipher_type,
643 .cra_module = THIS_MODULE,
644 .cra_list = LIST_HEAD_INIT(ifxdeu_cbc_aes_alg.cra_list),
645 .cra_u = {
646 .blkcipher = {
647 .min_keysize = AES_MIN_KEY_SIZE,
648 .max_keysize = AES_MAX_KEY_SIZE,
649 .ivsize = AES_BLOCK_SIZE,
650 .setkey = aes_set_key,
651 .encrypt = cbc_aes_encrypt,
652 .decrypt = cbc_aes_decrypt,
653 }
654 }
655 };
656
657
658 /*! \fn int ctr_basic_aes_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
659 * \ingroup IFX_AES_FUNCTIONS
660 * \brief Counter mode AES encrypt using linux crypto blkcipher
661 * \param desc blkcipher descriptor
662 * \param dst output scatterlist
663 * \param src input scatterlist
664 * \param nbytes data size in bytes
665 * \return err
666 */
667 int ctr_basic_aes_encrypt(struct blkcipher_desc *desc,
668 struct scatterlist *dst, struct scatterlist *src,
669 unsigned int nbytes)
670 {
671 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
672 struct blkcipher_walk walk;
673 int err;
674
675 blkcipher_walk_init(&walk, dst, src, nbytes);
676 err = blkcipher_walk_virt(desc, &walk);
677
678 while ((nbytes = walk.nbytes)) {
679 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
680 walk.iv, nbytes, CRYPTO_DIR_ENCRYPT, 0);
681 err = blkcipher_walk_done(desc, &walk, 0);
682 }
683 return err;
684 }
685
686 /*! \fn int ctr_basic_aes_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
687 * \ingroup IFX_AES_FUNCTIONS
688 * \brief Counter mode AES decrypt using linux crypto blkcipher
689 * \param desc blkcipher descriptor
690 * \param dst output scatterlist
691 * \param src input scatterlist
692 * \param nbytes data size in bytes
693 * \return err
694 */
695 int ctr_basic_aes_decrypt(struct blkcipher_desc *desc,
696 struct scatterlist *dst, struct scatterlist *src,
697 unsigned int nbytes)
698 {
699 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
700 struct blkcipher_walk walk;
701 int err;
702
703 blkcipher_walk_init(&walk, dst, src, nbytes);
704 err = blkcipher_walk_virt(desc, &walk);
705
706 while ((nbytes = walk.nbytes)) {
707 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
708 walk.iv, nbytes, CRYPTO_DIR_DECRYPT, 0);
709 err = blkcipher_walk_done(desc, &walk, 0);
710 }
711
712 return err;
713 }
714
715 /*
716 * \brief AES function mappings
717 */
718 struct crypto_alg ifxdeu_ctr_basic_aes_alg = {
719 .cra_name = "ctr(aes)",
720 .cra_driver_name = "ifxdeu-ctr(aes)",
721 .cra_priority = 400,
722 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
723 .cra_blocksize = 1,
724 .cra_ctxsize = sizeof(struct aes_ctx),
725 .cra_type = &crypto_blkcipher_type,
726 .cra_module = THIS_MODULE,
727 .cra_list = LIST_HEAD_INIT(ifxdeu_ctr_basic_aes_alg.cra_list),
728 .cra_u = {
729 .blkcipher = {
730 .min_keysize = AES_MIN_KEY_SIZE,
731 .max_keysize = AES_MAX_KEY_SIZE,
732 .ivsize = AES_BLOCK_SIZE,
733 .setkey = aes_set_key,
734 .encrypt = ctr_basic_aes_encrypt,
735 .decrypt = ctr_basic_aes_decrypt,
736 }
737 }
738 };
739
740
741 /*! \fn int ctr_rfc3686_aes_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
742 * \ingroup IFX_AES_FUNCTIONS
743 * \brief Counter mode AES (rfc3686) encrypt using linux crypto blkcipher
744 * \param desc blkcipher descriptor
745 * \param dst output scatterlist
746 * \param src input scatterlist
747 * \param nbytes data size in bytes
748 * \return err
749 */
750 int ctr_rfc3686_aes_encrypt(struct blkcipher_desc *desc,
751 struct scatterlist *dst, struct scatterlist *src,
752 unsigned int nbytes)
753 {
754 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
755 struct blkcipher_walk walk;
756 int err, bsize = nbytes;
757 u8 rfc3686_iv[16];
758
759 blkcipher_walk_init(&walk, dst, src, nbytes);
760 err = blkcipher_walk_virt(desc, &walk);
761
762 /* set up counter block */
763 memcpy(rfc3686_iv, ctx->nonce, CTR_RFC3686_NONCE_SIZE);
764 memcpy(rfc3686_iv + CTR_RFC3686_NONCE_SIZE, walk.iv, CTR_RFC3686_IV_SIZE);
765
766 /* initialize counter portion of counter block */
767 *(__be32 *)(rfc3686_iv + CTR_RFC3686_NONCE_SIZE + CTR_RFC3686_IV_SIZE) =
768 cpu_to_be32(1);
769
770 /* scatterlist source is the same size as request size, just process once */
771 if (nbytes == walk.nbytes) {
772 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
773 rfc3686_iv, nbytes, CRYPTO_DIR_ENCRYPT, 0);
774 nbytes -= walk.nbytes;
775 err = blkcipher_walk_done(desc, &walk, nbytes);
776 return err;
777 }
778
779 while ((nbytes = walk.nbytes) && (walk.nbytes >= AES_BLOCK_SIZE)) {
780 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
781 rfc3686_iv, nbytes, CRYPTO_DIR_ENCRYPT, 0);
782
783 nbytes -= walk.nbytes;
784 bsize -= walk.nbytes;
785 err = blkcipher_walk_done(desc, &walk, nbytes);
786 }
787
788 /* to handle remaining bytes < AES_BLOCK_SIZE */
789 if (walk.nbytes) {
790 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
791 rfc3686_iv, walk.nbytes, CRYPTO_DIR_ENCRYPT, 0);
792 err = blkcipher_walk_done(desc, &walk, 0);
793 }
794
795 return err;
796 }
797
798 /*! \fn int ctr_rfc3686_aes_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
799 * \ingroup IFX_AES_FUNCTIONS
800 * \brief Counter mode AES (rfc3686) decrypt using linux crypto blkcipher
801 * \param desc blkcipher descriptor
802 * \param dst output scatterlist
803 * \param src input scatterlist
804 * \param nbytes data size in bytes
805 * \return err
806 */
807 int ctr_rfc3686_aes_decrypt(struct blkcipher_desc *desc,
808 struct scatterlist *dst, struct scatterlist *src,
809 unsigned int nbytes)
810 {
811 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
812 struct blkcipher_walk walk;
813 int err, bsize = nbytes;
814 u8 rfc3686_iv[16];
815
816 blkcipher_walk_init(&walk, dst, src, nbytes);
817 err = blkcipher_walk_virt(desc, &walk);
818
819 /* set up counter block */
820 memcpy(rfc3686_iv, ctx->nonce, CTR_RFC3686_NONCE_SIZE);
821 memcpy(rfc3686_iv + CTR_RFC3686_NONCE_SIZE, walk.iv, CTR_RFC3686_IV_SIZE);
822
823 /* initialize counter portion of counter block */
824 *(__be32 *)(rfc3686_iv + CTR_RFC3686_NONCE_SIZE + CTR_RFC3686_IV_SIZE) =
825 cpu_to_be32(1);
826
827 /* scatterlist source is the same size as request size, just process once */
828 if (nbytes == walk.nbytes) {
829 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
830 rfc3686_iv, nbytes, CRYPTO_DIR_ENCRYPT, 0);
831 nbytes -= walk.nbytes;
832 err = blkcipher_walk_done(desc, &walk, nbytes);
833 return err;
834 }
835
836 while ((nbytes = walk.nbytes) % (walk.nbytes >= AES_BLOCK_SIZE)) {
837 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
838 rfc3686_iv, nbytes, CRYPTO_DIR_DECRYPT, 0);
839
840 nbytes -= walk.nbytes;
841 bsize -= walk.nbytes;
842 err = blkcipher_walk_done(desc, &walk, nbytes);
843 }
844
845 /* to handle remaining bytes < AES_BLOCK_SIZE */
846 if (walk.nbytes) {
847 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
848 rfc3686_iv, walk.nbytes, CRYPTO_DIR_ENCRYPT, 0);
849 err = blkcipher_walk_done(desc, &walk, 0);
850 }
851
852 return err;
853 }
854
855 /*
856 * \brief AES function mappings
857 */
858 struct crypto_alg ifxdeu_ctr_rfc3686_aes_alg = {
859 .cra_name = "rfc3686(ctr(aes))",
860 .cra_driver_name = "ifxdeu-ctr-rfc3686(aes)",
861 .cra_priority = 400,
862 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | CRYPTO_ALG_KERN_DRIVER_ONLY,
863 .cra_blocksize = 1,
864 .cra_ctxsize = sizeof(struct aes_ctx),
865 .cra_type = &crypto_blkcipher_type,
866 .cra_module = THIS_MODULE,
867 .cra_list = LIST_HEAD_INIT(ifxdeu_ctr_rfc3686_aes_alg.cra_list),
868 .cra_u = {
869 .blkcipher = {
870 .min_keysize = AES_MIN_KEY_SIZE,
871 .max_keysize = CTR_RFC3686_MAX_KEY_SIZE,
872 .ivsize = CTR_RFC3686_IV_SIZE,
873 .setkey = ctr_rfc3686_aes_set_key,
874 .encrypt = ctr_rfc3686_aes_encrypt,
875 .decrypt = ctr_rfc3686_aes_decrypt,
876 }
877 }
878 };
879
880
881 /*! \fn int ifxdeu_init_aes (void)
882 * \ingroup IFX_AES_FUNCTIONS
883 * \brief function to initialize AES driver
884 * \return ret
885 */
886 int ifxdeu_init_aes (void)
887 {
888 int ret = -ENOSYS;
889
890 aes_chip_init();
891
892 if ((ret = crypto_register_alg(&ifxdeu_aes_alg)))
893 goto aes_err;
894
895 if ((ret = crypto_register_alg(&ifxdeu_ecb_aes_alg)))
896 goto ecb_aes_err;
897
898 if ((ret = crypto_register_alg(&ifxdeu_cbc_aes_alg)))
899 goto cbc_aes_err;
900
901 if ((ret = crypto_register_alg(&ifxdeu_ctr_basic_aes_alg)))
902 goto ctr_basic_aes_err;
903
904 if ((ret = crypto_register_alg(&ifxdeu_ctr_rfc3686_aes_alg)))
905 goto ctr_rfc3686_aes_err;
906
907 CRTCL_SECT_INIT;
908
909
910 printk (KERN_NOTICE "IFX DEU AES initialized%s%s.\n", disable_multiblock ? "" : " (multiblock)", disable_deudma ? "" : " (DMA)");
911 return ret;
912
913 ctr_rfc3686_aes_err:
914 crypto_unregister_alg(&ifxdeu_ctr_rfc3686_aes_alg);
915 printk (KERN_ERR "IFX ctr_rfc3686_aes initialization failed!\n");
916 return ret;
917 ctr_basic_aes_err:
918 crypto_unregister_alg(&ifxdeu_ctr_basic_aes_alg);
919 printk (KERN_ERR "IFX ctr_basic_aes initialization failed!\n");
920 return ret;
921 cbc_aes_err:
922 crypto_unregister_alg(&ifxdeu_cbc_aes_alg);
923 printk (KERN_ERR "IFX cbc_aes initialization failed!\n");
924 return ret;
925 ecb_aes_err:
926 crypto_unregister_alg(&ifxdeu_ecb_aes_alg);
927 printk (KERN_ERR "IFX aes initialization failed!\n");
928 return ret;
929 aes_err:
930 printk(KERN_ERR "IFX DEU AES initialization failed!\n");
931
932 return ret;
933 }
934
935 /*! \fn void ifxdeu_fini_aes (void)
936 * \ingroup IFX_AES_FUNCTIONS
937 * \brief unregister aes driver
938 */
939 void ifxdeu_fini_aes (void)
940 {
941 crypto_unregister_alg (&ifxdeu_aes_alg);
942 crypto_unregister_alg (&ifxdeu_ecb_aes_alg);
943 crypto_unregister_alg (&ifxdeu_cbc_aes_alg);
944 crypto_unregister_alg (&ifxdeu_ctr_basic_aes_alg);
945 crypto_unregister_alg (&ifxdeu_ctr_rfc3686_aes_alg);
946
947 }
948
949
Staging tree of Mathias Kresin