[PATCH] s390: aes support

obj-$(CONFIG_CRYPTO_SHA1_S390) += sha1_s390.o

obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o

obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o des_check_key.o

obj-$(CONFIG_CRYPTO_AES_S390) += aes_s390.o

obj-$(CONFIG_CRYPTO_TEST) += crypt_s390_query.o

/*

 * Cryptographic API.

 *

 * s390 implementation of the AES Cipher Algorithm.

 *

 * s390 Version:

 *   Copyright (C) 2005 IBM Deutschland GmbH, IBM Corporation

 *   Author(s): Jan Glauber (jang@de.ibm.com)

 *

 * Derived from "crypto/aes.c"

 *

 * This program is free software; you can redistribute it and/or modify it

 * under the terms of the GNU General Public License as published by the Free

 * Software Foundation; either version 2 of the License, or (at your option)

 * any later version.

 *

 */

#include <linux/module.h>

#include <linux/init.h>

#include <linux/crypto.h>

#include "crypt_s390.h"

#define AES_MIN_KEY_SIZE	16

#define AES_MAX_KEY_SIZE	32

/* data block size for all key lengths */

#define AES_BLOCK_SIZE		16

int has_aes_128 = 0;

int has_aes_192 = 0;

int has_aes_256 = 0;

struct s390_aes_ctx {

	u8 iv[AES_BLOCK_SIZE];

	u8 key[AES_MAX_KEY_SIZE];

	int key_len;

};

static int aes_set_key(void *ctx, const u8 *in_key, unsigned int key_len,

		       u32 *flags)

{

	struct s390_aes_ctx *sctx = ctx;

	switch (key_len) {

	case 16:

		if (!has_aes_128)

			goto fail;

		break;

	case 24:

		if (!has_aes_192)

			goto fail;

		break;

	case 32:

		if (!has_aes_256)

			goto fail;

		break;

	default:

		/* invalid key length */

		goto fail;

		break;

	}

	sctx->key_len = key_len;

	memcpy(sctx->key, in_key, key_len);

	return 0;

fail:

	*flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;

	return -EINVAL;

}

static void aes_encrypt(void *ctx, u8 *out, const u8 *in)

{

	const struct s390_aes_ctx *sctx = ctx;

	switch (sctx->key_len) {

	case 16:

		crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in,

			      AES_BLOCK_SIZE);

		break;

	case 24:

		crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in,

			      AES_BLOCK_SIZE);

		break;

	case 32:

		crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in,

			      AES_BLOCK_SIZE);

		break;

	}

}

static void aes_decrypt(void *ctx, u8 *out, const u8 *in)

{

	const struct s390_aes_ctx *sctx = ctx;

	switch (sctx->key_len) {

	case 16:

		crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in,

			      AES_BLOCK_SIZE);

		break;

	case 24:

		crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in,

			      AES_BLOCK_SIZE);

		break;

	case 32:

		crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in,

			      AES_BLOCK_SIZE);

		break;

	}

}

static unsigned int aes_encrypt_ecb(const struct cipher_desc *desc, u8 *out,

				    const u8 *in, unsigned int nbytes)

{

	struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);

	switch (sctx->key_len) {

	case 16:

		crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes);

		break;

	case 24:

		crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes);

		break;

	case 32:

		crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes);

		break;

	}

	return nbytes & ~(AES_BLOCK_SIZE - 1);

}

static unsigned int aes_decrypt_ecb(const struct cipher_desc *desc, u8 *out,

				    const u8 *in, unsigned int nbytes)

{

	struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);

	switch (sctx->key_len) {

	case 16:

		crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes);

		break;

	case 24:

		crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes);

		break;

	case 32:

		crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes);

		break;

	}

	return nbytes & ~(AES_BLOCK_SIZE - 1);

}

static unsigned int aes_encrypt_cbc(const struct cipher_desc *desc, u8 *out,

				    const u8 *in, unsigned int nbytes)

{

	struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);

	memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE);

	switch (sctx->key_len) {

	case 16:

		crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes);

		break;

	case 24:

		crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes);

		break;

	case 32:

		crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes);

		break;

	}

	memcpy(desc->info, &sctx->iv, AES_BLOCK_SIZE);

	return nbytes & ~(AES_BLOCK_SIZE - 1);

}

static unsigned int aes_decrypt_cbc(const struct cipher_desc *desc, u8 *out,

				    const u8 *in, unsigned int nbytes)

{

	struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm);

	memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE);

	switch (sctx->key_len) {

	case 16:

		crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes);

		break;

	case 24:

		crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes);

		break;

	case 32:

		crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes);

		break;

	}

	return nbytes & ~(AES_BLOCK_SIZE - 1);

}

static struct crypto_alg aes_alg = {

	.cra_name		=	"aes",

	.cra_flags		=	CRYPTO_ALG_TYPE_CIPHER,

	.cra_blocksize		=	AES_BLOCK_SIZE,

	.cra_ctxsize		=	sizeof(struct s390_aes_ctx),

	.cra_module		=	THIS_MODULE,

	.cra_list		=	LIST_HEAD_INIT(aes_alg.cra_list),

	.cra_u			=	{

		.cipher = {

			.cia_min_keysize	=	AES_MIN_KEY_SIZE,

			.cia_max_keysize	=	AES_MAX_KEY_SIZE,

			.cia_setkey		=	aes_set_key,

			.cia_encrypt		=	aes_encrypt,

			.cia_decrypt		=	aes_decrypt,

			.cia_encrypt_ecb	=	aes_encrypt_ecb,

			.cia_decrypt_ecb	=	aes_decrypt_ecb,

			.cia_encrypt_cbc	=	aes_encrypt_cbc,

			.cia_decrypt_cbc	=	aes_decrypt_cbc,

		}

	}

};

static int __init aes_init(void)

{

	int ret;

	if (crypt_s390_func_available(KM_AES_128_ENCRYPT))

		has_aes_128 = 1;

	if (crypt_s390_func_available(KM_AES_192_ENCRYPT))

		has_aes_192 = 1;

	if (crypt_s390_func_available(KM_AES_256_ENCRYPT))

		has_aes_256 = 1;

	if (!has_aes_128 && !has_aes_192 && !has_aes_256)

		return -ENOSYS;

	ret = crypto_register_alg(&aes_alg);

	if (ret != 0)

		printk(KERN_INFO "crypt_s390: aes_s390 couldn't be loaded.\n");

	return ret;

}

static void __exit aes_fini(void)

{

	crypto_unregister_alg(&aes_alg);

}

module_init(aes_init);

module_exit(aes_fini);

MODULE_ALIAS("aes");

MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm");

MODULE_LICENSE("GPL");

 * 0x80 is the decipher modifier bit

 */

enum crypt_s390_km_func {

	KM_QUERY            = CRYPT_S390_KM | 0,

	KM_DEA_ENCRYPT      = CRYPT_S390_KM | 1,

	KM_DEA_DECRYPT      = CRYPT_S390_KM | 1 | 0x80,

	KM_TDEA_128_ENCRYPT = CRYPT_S390_KM | 2,

	KM_TDEA_128_DECRYPT = CRYPT_S390_KM | 2 | 0x80,

	KM_TDEA_192_ENCRYPT = CRYPT_S390_KM | 3,

	KM_TDEA_192_DECRYPT = CRYPT_S390_KM | 3 | 0x80,

	KM_QUERY	    = CRYPT_S390_KM | 0x0,

	KM_DEA_ENCRYPT      = CRYPT_S390_KM | 0x1,

	KM_DEA_DECRYPT      = CRYPT_S390_KM | 0x1 | 0x80,

	KM_TDEA_128_ENCRYPT = CRYPT_S390_KM | 0x2,

	KM_TDEA_128_DECRYPT = CRYPT_S390_KM | 0x2 | 0x80,

	KM_TDEA_192_ENCRYPT = CRYPT_S390_KM | 0x3,

	KM_TDEA_192_DECRYPT = CRYPT_S390_KM | 0x3 | 0x80,

	KM_AES_128_ENCRYPT  = CRYPT_S390_KM | 0x12,

	KM_AES_128_DECRYPT  = CRYPT_S390_KM | 0x12 | 0x80,

	KM_AES_192_ENCRYPT  = CRYPT_S390_KM | 0x13,

	KM_AES_192_DECRYPT  = CRYPT_S390_KM | 0x13 | 0x80,

	KM_AES_256_ENCRYPT  = CRYPT_S390_KM | 0x14,

	KM_AES_256_DECRYPT  = CRYPT_S390_KM | 0x14 | 0x80,

};

/* function codes for KMC (CIPHER MESSAGE WITH CHAINING)

 * instruction

 */

enum crypt_s390_kmc_func {

	KMC_QUERY            = CRYPT_S390_KMC | 0,

	KMC_DEA_ENCRYPT      = CRYPT_S390_KMC | 1,

	KMC_DEA_DECRYPT      = CRYPT_S390_KMC | 1 | 0x80,

	KMC_TDEA_128_ENCRYPT = CRYPT_S390_KMC | 2,

	KMC_TDEA_128_DECRYPT = CRYPT_S390_KMC | 2 | 0x80,

	KMC_TDEA_192_ENCRYPT = CRYPT_S390_KMC | 3,

	KMC_TDEA_192_DECRYPT = CRYPT_S390_KMC | 3 | 0x80,

	KMC_QUERY            = CRYPT_S390_KMC | 0x0,

	KMC_DEA_ENCRYPT      = CRYPT_S390_KMC | 0x1,

	KMC_DEA_DECRYPT      = CRYPT_S390_KMC | 0x1 | 0x80,

	KMC_TDEA_128_ENCRYPT = CRYPT_S390_KMC | 0x2,

	KMC_TDEA_128_DECRYPT = CRYPT_S390_KMC | 0x2 | 0x80,

	KMC_TDEA_192_ENCRYPT = CRYPT_S390_KMC | 0x3,

	KMC_TDEA_192_DECRYPT = CRYPT_S390_KMC | 0x3 | 0x80,

	KMC_AES_128_ENCRYPT  = CRYPT_S390_KMC | 0x12,

	KMC_AES_128_DECRYPT  = CRYPT_S390_KMC | 0x12 | 0x80,

	KMC_AES_192_ENCRYPT  = CRYPT_S390_KMC | 0x13,

	KMC_AES_192_DECRYPT  = CRYPT_S390_KMC | 0x13 | 0x80,

	KMC_AES_256_ENCRYPT  = CRYPT_S390_KMC | 0x14,

	KMC_AES_256_DECRYPT  = CRYPT_S390_KMC | 0x14 | 0x80,

};

/* function codes for KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST)

		crypt_s390_func_available(KM_TDEA_128_ENCRYPT));

	printk(KERN_INFO "KM_TDEA_192: %d\n",

		crypt_s390_func_available(KM_TDEA_192_ENCRYPT));

	printk(KERN_INFO "KM_AES_128: %d\n",

		crypt_s390_func_available(KM_AES_128_ENCRYPT));

	printk(KERN_INFO "KM_AES_192: %d\n",

		crypt_s390_func_available(KM_AES_192_ENCRYPT));

	printk(KERN_INFO "KM_AES_256: %d\n",

		crypt_s390_func_available(KM_AES_256_ENCRYPT));

	/* query available KMC functions */

	printk(KERN_INFO "KMC_QUERY: %d\n",

		crypt_s390_func_available(KMC_TDEA_128_ENCRYPT));

	printk(KERN_INFO "KMC_TDEA_192: %d\n",

		crypt_s390_func_available(KMC_TDEA_192_ENCRYPT));

	printk(KERN_INFO "KMC_AES_128: %d\n",

		crypt_s390_func_available(KMC_AES_128_ENCRYPT));

	printk(KERN_INFO "KMC_AES_192: %d\n",

		crypt_s390_func_available(KMC_AES_192_ENCRYPT));

	printk(KERN_INFO "KMC_AES_256: %d\n",

		crypt_s390_func_available(KMC_AES_256_ENCRYPT));

	/* query available KIMD fucntions */

	printk(KERN_INFO "KIMD_QUERY: %d\n",

# CONFIG_CRYPTO_TWOFISH is not set

# CONFIG_CRYPTO_SERPENT is not set

# CONFIG_CRYPTO_AES is not set

# CONFIG_CRYPTO_AES_S390 is not set

# CONFIG_CRYPTO_CAST5 is not set

# CONFIG_CRYPTO_CAST6 is not set

# CONFIG_CRYPTO_TEA is not set