Loading arch/i386/crypto/aes-i586-asm.S +19 −21 Original line number Diff line number Diff line Loading @@ -257,16 +257,15 @@ aes_enc_blk: sub $8,%esp // space for register saves on stack add $16,%ebp // increment to next round key sub $10,%r3 je 4f // 10 rounds for 128-bit key add $32,%ebp sub $2,%r3 je 3f // 12 rounds for 128-bit key add $32,%ebp 2: fwd_rnd1( -64(%ebp) ,ft_tab) // 14 rounds for 128-bit key cmp $12,%r3 jb 4f // 10 rounds for 128-bit key lea 32(%ebp),%ebp je 3f // 12 rounds for 192-bit key lea 32(%ebp),%ebp 2: fwd_rnd1( -64(%ebp) ,ft_tab) // 14 rounds for 256-bit key fwd_rnd2( -48(%ebp) ,ft_tab) 3: fwd_rnd1( -32(%ebp) ,ft_tab) // 12 rounds for 128-bit key 3: fwd_rnd1( -32(%ebp) ,ft_tab) // 12 rounds for 192-bit key fwd_rnd2( -16(%ebp) ,ft_tab) 4: fwd_rnd1( (%ebp) ,ft_tab) // 10 rounds for 128-bit key fwd_rnd2( +16(%ebp) ,ft_tab) Loading Loading @@ -336,16 +335,15 @@ aes_dec_blk: sub $8,%esp // space for register saves on stack sub $16,%ebp // increment to next round key sub $10,%r3 je 4f // 10 rounds for 128-bit key sub $32,%ebp sub $2,%r3 je 3f // 12 rounds for 128-bit key sub $32,%ebp 2: inv_rnd1( +64(%ebp), it_tab) // 14 rounds for 128-bit key cmp $12,%r3 jb 4f // 10 rounds for 128-bit key lea -32(%ebp),%ebp je 3f // 12 rounds for 192-bit key lea -32(%ebp),%ebp 2: inv_rnd1( +64(%ebp), it_tab) // 14 rounds for 256-bit key inv_rnd2( +48(%ebp), it_tab) 3: inv_rnd1( +32(%ebp), it_tab) // 12 rounds for 128-bit key 3: inv_rnd1( +32(%ebp), it_tab) // 12 rounds for 192-bit key inv_rnd2( +16(%ebp), it_tab) 4: inv_rnd1( (%ebp), it_tab) // 10 rounds for 128-bit key inv_rnd2( -16(%ebp), it_tab) Loading arch/i386/crypto/aes.c +25 −31 Original line number Diff line number Diff line Loading @@ -36,6 +36,8 @@ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> * */ #include <asm/byteorder.h> #include <linux/kernel.h> #include <linux/module.h> #include <linux/init.h> Loading @@ -59,7 +61,6 @@ struct aes_ctx { }; #define WPOLY 0x011b #define u32_in(x) le32_to_cpup((const __le32 *)(x)) #define bytes2word(b0, b1, b2, b3) \ (((u32)(b3) << 24) | ((u32)(b2) << 16) | ((u32)(b1) << 8) | (b0)) Loading Loading @@ -93,7 +94,6 @@ static u32 rcon_tab[RC_LENGTH]; u32 ft_tab[4][256]; u32 fl_tab[4][256]; static u32 ls_tab[4][256]; static u32 im_tab[4][256]; u32 il_tab[4][256]; u32 it_tab[4][256]; Loading Loading @@ -144,15 +144,6 @@ static void gen_tabs(void) fl_tab[2][i] = upr(w, 2); fl_tab[3][i] = upr(w, 3); /* * table for key schedule if fl_tab above is * not of the required form */ ls_tab[0][i] = w; ls_tab[1][i] = upr(w, 1); ls_tab[2][i] = upr(w, 2); ls_tab[3][i] = upr(w, 3); b = fi(inv_affine((u8)i)); w = bytes2word(fe(b), f9(b), fd(b), fb(b)); Loading Loading @@ -393,13 +384,14 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) int i; u32 ss[8]; struct aes_ctx *ctx = ctx_arg; const __le32 *key = (const __le32 *)in_key; /* encryption schedule */ ctx->ekey[0] = ss[0] = u32_in(in_key); ctx->ekey[1] = ss[1] = u32_in(in_key + 4); ctx->ekey[2] = ss[2] = u32_in(in_key + 8); ctx->ekey[3] = ss[3] = u32_in(in_key + 12); ctx->ekey[0] = ss[0] = le32_to_cpu(key[0]); ctx->ekey[1] = ss[1] = le32_to_cpu(key[1]); ctx->ekey[2] = ss[2] = le32_to_cpu(key[2]); ctx->ekey[3] = ss[3] = le32_to_cpu(key[3]); switch(key_len) { case 16: Loading @@ -410,8 +402,8 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 24: ctx->ekey[4] = ss[4] = u32_in(in_key + 16); ctx->ekey[5] = ss[5] = u32_in(in_key + 20); ctx->ekey[4] = ss[4] = le32_to_cpu(key[4]); ctx->ekey[5] = ss[5] = le32_to_cpu(key[5]); for (i = 0; i < 7; i++) ke6(ctx->ekey, i); kel6(ctx->ekey, 7); Loading @@ -419,10 +411,10 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 32: ctx->ekey[4] = ss[4] = u32_in(in_key + 16); ctx->ekey[5] = ss[5] = u32_in(in_key + 20); ctx->ekey[6] = ss[6] = u32_in(in_key + 24); ctx->ekey[7] = ss[7] = u32_in(in_key + 28); ctx->ekey[4] = ss[4] = le32_to_cpu(key[4]); ctx->ekey[5] = ss[5] = le32_to_cpu(key[5]); ctx->ekey[6] = ss[6] = le32_to_cpu(key[6]); ctx->ekey[7] = ss[7] = le32_to_cpu(key[7]); for (i = 0; i < 6; i++) ke8(ctx->ekey, i); kel8(ctx->ekey, 6); Loading @@ -436,10 +428,10 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) /* decryption schedule */ ctx->dkey[0] = ss[0] = u32_in(in_key); ctx->dkey[1] = ss[1] = u32_in(in_key + 4); ctx->dkey[2] = ss[2] = u32_in(in_key + 8); ctx->dkey[3] = ss[3] = u32_in(in_key + 12); ctx->dkey[0] = ss[0] = le32_to_cpu(key[0]); ctx->dkey[1] = ss[1] = le32_to_cpu(key[1]); ctx->dkey[2] = ss[2] = le32_to_cpu(key[2]); ctx->dkey[3] = ss[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: Loading @@ -450,8 +442,8 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 24: ctx->dkey[4] = ff(ss[4] = u32_in(in_key + 16)); ctx->dkey[5] = ff(ss[5] = u32_in(in_key + 20)); ctx->dkey[4] = ff(ss[4] = le32_to_cpu(key[4])); ctx->dkey[5] = ff(ss[5] = le32_to_cpu(key[5])); kdf6(ctx->dkey, 0); for (i = 1; i < 7; i++) kd6(ctx->dkey, i); Loading @@ -459,10 +451,10 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 32: ctx->dkey[4] = ff(ss[4] = u32_in(in_key + 16)); ctx->dkey[5] = ff(ss[5] = u32_in(in_key + 20)); ctx->dkey[6] = ff(ss[6] = u32_in(in_key + 24)); ctx->dkey[7] = ff(ss[7] = u32_in(in_key + 28)); ctx->dkey[4] = ff(ss[4] = le32_to_cpu(key[4])); ctx->dkey[5] = ff(ss[5] = le32_to_cpu(key[5])); ctx->dkey[6] = ff(ss[6] = le32_to_cpu(key[6])); ctx->dkey[7] = ff(ss[7] = le32_to_cpu(key[7])); kdf8(ctx->dkey, 0); for (i = 1; i < 6; i++) kd8(ctx->dkey, i); Loading @@ -484,6 +476,8 @@ static inline void aes_decrypt(void *ctx, u8 *dst, const u8 *src) static struct crypto_alg aes_alg = { .cra_name = "aes", .cra_driver_name = "aes-i586", .cra_priority = 200, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), Loading arch/x86_64/crypto/aes.c +13 −12 Original line number Diff line number Diff line Loading @@ -74,8 +74,6 @@ static inline u8 byte(const u32 x, const unsigned n) return x >> (n << 3); } #define u32_in(x) le32_to_cpu(*(const __le32 *)(x)) struct aes_ctx { u32 key_length; Loading Loading @@ -234,6 +232,7 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { struct aes_ctx *ctx = ctx_arg; const __le32 *key = (const __le32 *)in_key; u32 i, j, t, u, v, w; if (key_len != 16 && key_len != 24 && key_len != 32) { Loading @@ -243,10 +242,10 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, ctx->key_length = key_len; D_KEY[key_len + 24] = E_KEY[0] = u32_in(in_key); D_KEY[key_len + 25] = E_KEY[1] = u32_in(in_key + 4); D_KEY[key_len + 26] = E_KEY[2] = u32_in(in_key + 8); D_KEY[key_len + 27] = E_KEY[3] = u32_in(in_key + 12); D_KEY[key_len + 24] = E_KEY[0] = le32_to_cpu(key[0]); D_KEY[key_len + 25] = E_KEY[1] = le32_to_cpu(key[1]); D_KEY[key_len + 26] = E_KEY[2] = le32_to_cpu(key[2]); D_KEY[key_len + 27] = E_KEY[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: Loading @@ -256,17 +255,17 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, break; case 24: E_KEY[4] = u32_in(in_key + 16); t = E_KEY[5] = u32_in(in_key + 20); E_KEY[4] = le32_to_cpu(key[4]); t = E_KEY[5] = le32_to_cpu(key[5]); for (i = 0; i < 8; ++i) loop6 (i); break; case 32: E_KEY[4] = u32_in(in_key + 16); E_KEY[5] = u32_in(in_key + 20); E_KEY[6] = u32_in(in_key + 24); t = E_KEY[7] = u32_in(in_key + 28); E_KEY[4] = le32_to_cpu(key[4]); E_KEY[5] = le32_to_cpu(key[5]); E_KEY[6] = le32_to_cpu(key[6]); t = E_KEY[7] = le32_to_cpu(key[7]); for (i = 0; i < 7; ++i) loop8(i); break; Loading @@ -290,6 +289,8 @@ extern void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in); static struct crypto_alg aes_alg = { .cra_name = "aes", .cra_driver_name = "aes-x86_64", .cra_priority = 200, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), Loading crypto/Kconfig +1 −1 Original line number Diff line number Diff line Loading @@ -157,7 +157,7 @@ config CRYPTO_SERPENT config CRYPTO_AES tristate "AES cipher algorithms" depends on CRYPTO && !(X86 || UML_X86) depends on CRYPTO help AES cipher algorithms (FIPS-197). AES uses the Rijndael algorithm. Loading crypto/aes.c +34 −29 Original line number Diff line number Diff line Loading @@ -73,9 +73,6 @@ byte(const u32 x, const unsigned n) return x >> (n << 3); } #define u32_in(x) le32_to_cpu(*(const u32 *)(x)) #define u32_out(to, from) (*(u32 *)(to) = cpu_to_le32(from)) struct aes_ctx { int key_length; u32 E[60]; Loading Loading @@ -256,6 +253,7 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { struct aes_ctx *ctx = ctx_arg; const __le32 *key = (const __le32 *)in_key; u32 i, t, u, v, w; if (key_len != 16 && key_len != 24 && key_len != 32) { Loading @@ -265,10 +263,10 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) ctx->key_length = key_len; E_KEY[0] = u32_in (in_key); E_KEY[1] = u32_in (in_key + 4); E_KEY[2] = u32_in (in_key + 8); E_KEY[3] = u32_in (in_key + 12); E_KEY[0] = le32_to_cpu(key[0]); E_KEY[1] = le32_to_cpu(key[1]); E_KEY[2] = le32_to_cpu(key[2]); E_KEY[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: Loading @@ -278,17 +276,17 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 24: E_KEY[4] = u32_in (in_key + 16); t = E_KEY[5] = u32_in (in_key + 20); E_KEY[4] = le32_to_cpu(key[4]); t = E_KEY[5] = le32_to_cpu(key[5]); for (i = 0; i < 8; ++i) loop6 (i); break; case 32: E_KEY[4] = u32_in (in_key + 16); E_KEY[5] = u32_in (in_key + 20); E_KEY[6] = u32_in (in_key + 24); t = E_KEY[7] = u32_in (in_key + 28); E_KEY[4] = le32_to_cpu(key[4]); E_KEY[5] = le32_to_cpu(key[5]); E_KEY[6] = le32_to_cpu(key[6]); t = E_KEY[7] = le32_to_cpu(key[7]); for (i = 0; i < 7; ++i) loop8 (i); break; Loading Loading @@ -324,13 +322,15 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) { const struct aes_ctx *ctx = ctx_arg; const __le32 *src = (const __le32 *)in; __le32 *dst = (__le32 *)out; u32 b0[4], b1[4]; const u32 *kp = E_KEY + 4; b0[0] = u32_in (in) ^ E_KEY[0]; b0[1] = u32_in (in + 4) ^ E_KEY[1]; b0[2] = u32_in (in + 8) ^ E_KEY[2]; b0[3] = u32_in (in + 12) ^ E_KEY[3]; b0[0] = le32_to_cpu(src[0]) ^ E_KEY[0]; b0[1] = le32_to_cpu(src[1]) ^ E_KEY[1]; b0[2] = le32_to_cpu(src[2]) ^ E_KEY[2]; b0[3] = le32_to_cpu(src[3]) ^ E_KEY[3]; if (ctx->key_length > 24) { f_nround (b1, b0, kp); Loading @@ -353,10 +353,10 @@ static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) f_nround (b1, b0, kp); f_lround (b0, b1, kp); u32_out (out, b0[0]); u32_out (out + 4, b0[1]); u32_out (out + 8, b0[2]); u32_out (out + 12, b0[3]); dst[0] = cpu_to_le32(b0[0]); dst[1] = cpu_to_le32(b0[1]); dst[2] = cpu_to_le32(b0[2]); dst[3] = cpu_to_le32(b0[3]); } /* decrypt a block of text */ Loading @@ -377,14 +377,16 @@ static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in) { const struct aes_ctx *ctx = ctx_arg; const __le32 *src = (const __le32 *)in; __le32 *dst = (__le32 *)out; u32 b0[4], b1[4]; const int key_len = ctx->key_length; const u32 *kp = D_KEY + key_len + 20; b0[0] = u32_in (in) ^ E_KEY[key_len + 24]; b0[1] = u32_in (in + 4) ^ E_KEY[key_len + 25]; b0[2] = u32_in (in + 8) ^ E_KEY[key_len + 26]; b0[3] = u32_in (in + 12) ^ E_KEY[key_len + 27]; b0[0] = le32_to_cpu(src[0]) ^ E_KEY[key_len + 24]; b0[1] = le32_to_cpu(src[1]) ^ E_KEY[key_len + 25]; b0[2] = le32_to_cpu(src[2]) ^ E_KEY[key_len + 26]; b0[3] = le32_to_cpu(src[3]) ^ E_KEY[key_len + 27]; if (key_len > 24) { i_nround (b1, b0, kp); Loading @@ -407,18 +409,21 @@ static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in) i_nround (b1, b0, kp); i_lround (b0, b1, kp); u32_out (out, b0[0]); u32_out (out + 4, b0[1]); u32_out (out + 8, b0[2]); u32_out (out + 12, b0[3]); dst[0] = cpu_to_le32(b0[0]); dst[1] = cpu_to_le32(b0[1]); dst[2] = cpu_to_le32(b0[2]); dst[3] = cpu_to_le32(b0[3]); } static struct crypto_alg aes_alg = { .cra_name = "aes", .cra_driver_name = "aes-generic", .cra_priority = 100, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), .cra_alignmask = 3, .cra_module = THIS_MODULE, .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), .cra_u = { Loading Loading
arch/i386/crypto/aes-i586-asm.S +19 −21 Original line number Diff line number Diff line Loading @@ -257,16 +257,15 @@ aes_enc_blk: sub $8,%esp // space for register saves on stack add $16,%ebp // increment to next round key sub $10,%r3 je 4f // 10 rounds for 128-bit key add $32,%ebp sub $2,%r3 je 3f // 12 rounds for 128-bit key add $32,%ebp 2: fwd_rnd1( -64(%ebp) ,ft_tab) // 14 rounds for 128-bit key cmp $12,%r3 jb 4f // 10 rounds for 128-bit key lea 32(%ebp),%ebp je 3f // 12 rounds for 192-bit key lea 32(%ebp),%ebp 2: fwd_rnd1( -64(%ebp) ,ft_tab) // 14 rounds for 256-bit key fwd_rnd2( -48(%ebp) ,ft_tab) 3: fwd_rnd1( -32(%ebp) ,ft_tab) // 12 rounds for 128-bit key 3: fwd_rnd1( -32(%ebp) ,ft_tab) // 12 rounds for 192-bit key fwd_rnd2( -16(%ebp) ,ft_tab) 4: fwd_rnd1( (%ebp) ,ft_tab) // 10 rounds for 128-bit key fwd_rnd2( +16(%ebp) ,ft_tab) Loading Loading @@ -336,16 +335,15 @@ aes_dec_blk: sub $8,%esp // space for register saves on stack sub $16,%ebp // increment to next round key sub $10,%r3 je 4f // 10 rounds for 128-bit key sub $32,%ebp sub $2,%r3 je 3f // 12 rounds for 128-bit key sub $32,%ebp 2: inv_rnd1( +64(%ebp), it_tab) // 14 rounds for 128-bit key cmp $12,%r3 jb 4f // 10 rounds for 128-bit key lea -32(%ebp),%ebp je 3f // 12 rounds for 192-bit key lea -32(%ebp),%ebp 2: inv_rnd1( +64(%ebp), it_tab) // 14 rounds for 256-bit key inv_rnd2( +48(%ebp), it_tab) 3: inv_rnd1( +32(%ebp), it_tab) // 12 rounds for 128-bit key 3: inv_rnd1( +32(%ebp), it_tab) // 12 rounds for 192-bit key inv_rnd2( +16(%ebp), it_tab) 4: inv_rnd1( (%ebp), it_tab) // 10 rounds for 128-bit key inv_rnd2( -16(%ebp), it_tab) Loading
arch/i386/crypto/aes.c +25 −31 Original line number Diff line number Diff line Loading @@ -36,6 +36,8 @@ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> * */ #include <asm/byteorder.h> #include <linux/kernel.h> #include <linux/module.h> #include <linux/init.h> Loading @@ -59,7 +61,6 @@ struct aes_ctx { }; #define WPOLY 0x011b #define u32_in(x) le32_to_cpup((const __le32 *)(x)) #define bytes2word(b0, b1, b2, b3) \ (((u32)(b3) << 24) | ((u32)(b2) << 16) | ((u32)(b1) << 8) | (b0)) Loading Loading @@ -93,7 +94,6 @@ static u32 rcon_tab[RC_LENGTH]; u32 ft_tab[4][256]; u32 fl_tab[4][256]; static u32 ls_tab[4][256]; static u32 im_tab[4][256]; u32 il_tab[4][256]; u32 it_tab[4][256]; Loading Loading @@ -144,15 +144,6 @@ static void gen_tabs(void) fl_tab[2][i] = upr(w, 2); fl_tab[3][i] = upr(w, 3); /* * table for key schedule if fl_tab above is * not of the required form */ ls_tab[0][i] = w; ls_tab[1][i] = upr(w, 1); ls_tab[2][i] = upr(w, 2); ls_tab[3][i] = upr(w, 3); b = fi(inv_affine((u8)i)); w = bytes2word(fe(b), f9(b), fd(b), fb(b)); Loading Loading @@ -393,13 +384,14 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) int i; u32 ss[8]; struct aes_ctx *ctx = ctx_arg; const __le32 *key = (const __le32 *)in_key; /* encryption schedule */ ctx->ekey[0] = ss[0] = u32_in(in_key); ctx->ekey[1] = ss[1] = u32_in(in_key + 4); ctx->ekey[2] = ss[2] = u32_in(in_key + 8); ctx->ekey[3] = ss[3] = u32_in(in_key + 12); ctx->ekey[0] = ss[0] = le32_to_cpu(key[0]); ctx->ekey[1] = ss[1] = le32_to_cpu(key[1]); ctx->ekey[2] = ss[2] = le32_to_cpu(key[2]); ctx->ekey[3] = ss[3] = le32_to_cpu(key[3]); switch(key_len) { case 16: Loading @@ -410,8 +402,8 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 24: ctx->ekey[4] = ss[4] = u32_in(in_key + 16); ctx->ekey[5] = ss[5] = u32_in(in_key + 20); ctx->ekey[4] = ss[4] = le32_to_cpu(key[4]); ctx->ekey[5] = ss[5] = le32_to_cpu(key[5]); for (i = 0; i < 7; i++) ke6(ctx->ekey, i); kel6(ctx->ekey, 7); Loading @@ -419,10 +411,10 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 32: ctx->ekey[4] = ss[4] = u32_in(in_key + 16); ctx->ekey[5] = ss[5] = u32_in(in_key + 20); ctx->ekey[6] = ss[6] = u32_in(in_key + 24); ctx->ekey[7] = ss[7] = u32_in(in_key + 28); ctx->ekey[4] = ss[4] = le32_to_cpu(key[4]); ctx->ekey[5] = ss[5] = le32_to_cpu(key[5]); ctx->ekey[6] = ss[6] = le32_to_cpu(key[6]); ctx->ekey[7] = ss[7] = le32_to_cpu(key[7]); for (i = 0; i < 6; i++) ke8(ctx->ekey, i); kel8(ctx->ekey, 6); Loading @@ -436,10 +428,10 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) /* decryption schedule */ ctx->dkey[0] = ss[0] = u32_in(in_key); ctx->dkey[1] = ss[1] = u32_in(in_key + 4); ctx->dkey[2] = ss[2] = u32_in(in_key + 8); ctx->dkey[3] = ss[3] = u32_in(in_key + 12); ctx->dkey[0] = ss[0] = le32_to_cpu(key[0]); ctx->dkey[1] = ss[1] = le32_to_cpu(key[1]); ctx->dkey[2] = ss[2] = le32_to_cpu(key[2]); ctx->dkey[3] = ss[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: Loading @@ -450,8 +442,8 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 24: ctx->dkey[4] = ff(ss[4] = u32_in(in_key + 16)); ctx->dkey[5] = ff(ss[5] = u32_in(in_key + 20)); ctx->dkey[4] = ff(ss[4] = le32_to_cpu(key[4])); ctx->dkey[5] = ff(ss[5] = le32_to_cpu(key[5])); kdf6(ctx->dkey, 0); for (i = 1; i < 7; i++) kd6(ctx->dkey, i); Loading @@ -459,10 +451,10 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 32: ctx->dkey[4] = ff(ss[4] = u32_in(in_key + 16)); ctx->dkey[5] = ff(ss[5] = u32_in(in_key + 20)); ctx->dkey[6] = ff(ss[6] = u32_in(in_key + 24)); ctx->dkey[7] = ff(ss[7] = u32_in(in_key + 28)); ctx->dkey[4] = ff(ss[4] = le32_to_cpu(key[4])); ctx->dkey[5] = ff(ss[5] = le32_to_cpu(key[5])); ctx->dkey[6] = ff(ss[6] = le32_to_cpu(key[6])); ctx->dkey[7] = ff(ss[7] = le32_to_cpu(key[7])); kdf8(ctx->dkey, 0); for (i = 1; i < 6; i++) kd8(ctx->dkey, i); Loading @@ -484,6 +476,8 @@ static inline void aes_decrypt(void *ctx, u8 *dst, const u8 *src) static struct crypto_alg aes_alg = { .cra_name = "aes", .cra_driver_name = "aes-i586", .cra_priority = 200, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), Loading
arch/x86_64/crypto/aes.c +13 −12 Original line number Diff line number Diff line Loading @@ -74,8 +74,6 @@ static inline u8 byte(const u32 x, const unsigned n) return x >> (n << 3); } #define u32_in(x) le32_to_cpu(*(const __le32 *)(x)) struct aes_ctx { u32 key_length; Loading Loading @@ -234,6 +232,7 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { struct aes_ctx *ctx = ctx_arg; const __le32 *key = (const __le32 *)in_key; u32 i, j, t, u, v, w; if (key_len != 16 && key_len != 24 && key_len != 32) { Loading @@ -243,10 +242,10 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, ctx->key_length = key_len; D_KEY[key_len + 24] = E_KEY[0] = u32_in(in_key); D_KEY[key_len + 25] = E_KEY[1] = u32_in(in_key + 4); D_KEY[key_len + 26] = E_KEY[2] = u32_in(in_key + 8); D_KEY[key_len + 27] = E_KEY[3] = u32_in(in_key + 12); D_KEY[key_len + 24] = E_KEY[0] = le32_to_cpu(key[0]); D_KEY[key_len + 25] = E_KEY[1] = le32_to_cpu(key[1]); D_KEY[key_len + 26] = E_KEY[2] = le32_to_cpu(key[2]); D_KEY[key_len + 27] = E_KEY[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: Loading @@ -256,17 +255,17 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, break; case 24: E_KEY[4] = u32_in(in_key + 16); t = E_KEY[5] = u32_in(in_key + 20); E_KEY[4] = le32_to_cpu(key[4]); t = E_KEY[5] = le32_to_cpu(key[5]); for (i = 0; i < 8; ++i) loop6 (i); break; case 32: E_KEY[4] = u32_in(in_key + 16); E_KEY[5] = u32_in(in_key + 20); E_KEY[6] = u32_in(in_key + 24); t = E_KEY[7] = u32_in(in_key + 28); E_KEY[4] = le32_to_cpu(key[4]); E_KEY[5] = le32_to_cpu(key[5]); E_KEY[6] = le32_to_cpu(key[6]); t = E_KEY[7] = le32_to_cpu(key[7]); for (i = 0; i < 7; ++i) loop8(i); break; Loading @@ -290,6 +289,8 @@ extern void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in); static struct crypto_alg aes_alg = { .cra_name = "aes", .cra_driver_name = "aes-x86_64", .cra_priority = 200, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), Loading
crypto/Kconfig +1 −1 Original line number Diff line number Diff line Loading @@ -157,7 +157,7 @@ config CRYPTO_SERPENT config CRYPTO_AES tristate "AES cipher algorithms" depends on CRYPTO && !(X86 || UML_X86) depends on CRYPTO help AES cipher algorithms (FIPS-197). AES uses the Rijndael algorithm. Loading
crypto/aes.c +34 −29 Original line number Diff line number Diff line Loading @@ -73,9 +73,6 @@ byte(const u32 x, const unsigned n) return x >> (n << 3); } #define u32_in(x) le32_to_cpu(*(const u32 *)(x)) #define u32_out(to, from) (*(u32 *)(to) = cpu_to_le32(from)) struct aes_ctx { int key_length; u32 E[60]; Loading Loading @@ -256,6 +253,7 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { struct aes_ctx *ctx = ctx_arg; const __le32 *key = (const __le32 *)in_key; u32 i, t, u, v, w; if (key_len != 16 && key_len != 24 && key_len != 32) { Loading @@ -265,10 +263,10 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) ctx->key_length = key_len; E_KEY[0] = u32_in (in_key); E_KEY[1] = u32_in (in_key + 4); E_KEY[2] = u32_in (in_key + 8); E_KEY[3] = u32_in (in_key + 12); E_KEY[0] = le32_to_cpu(key[0]); E_KEY[1] = le32_to_cpu(key[1]); E_KEY[2] = le32_to_cpu(key[2]); E_KEY[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: Loading @@ -278,17 +276,17 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) break; case 24: E_KEY[4] = u32_in (in_key + 16); t = E_KEY[5] = u32_in (in_key + 20); E_KEY[4] = le32_to_cpu(key[4]); t = E_KEY[5] = le32_to_cpu(key[5]); for (i = 0; i < 8; ++i) loop6 (i); break; case 32: E_KEY[4] = u32_in (in_key + 16); E_KEY[5] = u32_in (in_key + 20); E_KEY[6] = u32_in (in_key + 24); t = E_KEY[7] = u32_in (in_key + 28); E_KEY[4] = le32_to_cpu(key[4]); E_KEY[5] = le32_to_cpu(key[5]); E_KEY[6] = le32_to_cpu(key[6]); t = E_KEY[7] = le32_to_cpu(key[7]); for (i = 0; i < 7; ++i) loop8 (i); break; Loading Loading @@ -324,13 +322,15 @@ aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) { const struct aes_ctx *ctx = ctx_arg; const __le32 *src = (const __le32 *)in; __le32 *dst = (__le32 *)out; u32 b0[4], b1[4]; const u32 *kp = E_KEY + 4; b0[0] = u32_in (in) ^ E_KEY[0]; b0[1] = u32_in (in + 4) ^ E_KEY[1]; b0[2] = u32_in (in + 8) ^ E_KEY[2]; b0[3] = u32_in (in + 12) ^ E_KEY[3]; b0[0] = le32_to_cpu(src[0]) ^ E_KEY[0]; b0[1] = le32_to_cpu(src[1]) ^ E_KEY[1]; b0[2] = le32_to_cpu(src[2]) ^ E_KEY[2]; b0[3] = le32_to_cpu(src[3]) ^ E_KEY[3]; if (ctx->key_length > 24) { f_nround (b1, b0, kp); Loading @@ -353,10 +353,10 @@ static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) f_nround (b1, b0, kp); f_lround (b0, b1, kp); u32_out (out, b0[0]); u32_out (out + 4, b0[1]); u32_out (out + 8, b0[2]); u32_out (out + 12, b0[3]); dst[0] = cpu_to_le32(b0[0]); dst[1] = cpu_to_le32(b0[1]); dst[2] = cpu_to_le32(b0[2]); dst[3] = cpu_to_le32(b0[3]); } /* decrypt a block of text */ Loading @@ -377,14 +377,16 @@ static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in) { const struct aes_ctx *ctx = ctx_arg; const __le32 *src = (const __le32 *)in; __le32 *dst = (__le32 *)out; u32 b0[4], b1[4]; const int key_len = ctx->key_length; const u32 *kp = D_KEY + key_len + 20; b0[0] = u32_in (in) ^ E_KEY[key_len + 24]; b0[1] = u32_in (in + 4) ^ E_KEY[key_len + 25]; b0[2] = u32_in (in + 8) ^ E_KEY[key_len + 26]; b0[3] = u32_in (in + 12) ^ E_KEY[key_len + 27]; b0[0] = le32_to_cpu(src[0]) ^ E_KEY[key_len + 24]; b0[1] = le32_to_cpu(src[1]) ^ E_KEY[key_len + 25]; b0[2] = le32_to_cpu(src[2]) ^ E_KEY[key_len + 26]; b0[3] = le32_to_cpu(src[3]) ^ E_KEY[key_len + 27]; if (key_len > 24) { i_nround (b1, b0, kp); Loading @@ -407,18 +409,21 @@ static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in) i_nround (b1, b0, kp); i_lround (b0, b1, kp); u32_out (out, b0[0]); u32_out (out + 4, b0[1]); u32_out (out + 8, b0[2]); u32_out (out + 12, b0[3]); dst[0] = cpu_to_le32(b0[0]); dst[1] = cpu_to_le32(b0[1]); dst[2] = cpu_to_le32(b0[2]); dst[3] = cpu_to_le32(b0[3]); } static struct crypto_alg aes_alg = { .cra_name = "aes", .cra_driver_name = "aes-generic", .cra_priority = 100, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), .cra_alignmask = 3, .cra_module = THIS_MODULE, .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), .cra_u = { Loading
