aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorSebastian Siewior <sebastian@breakpoint.cc>2007-11-08 08:20:30 -0500
committerHerbert Xu <herbert@gondor.apana.org.au>2008-01-10 16:16:09 -0500
commit96e82e4551d38e0863b366a7b61185bc4a9946cc (patch)
tree514e38d847cb09c55230ceb3088329ed4175c55c /crypto
parentbe5fb270125729b7bca7879967f1dfadff0d9841 (diff)
[CRYPTO] aes-generic: Make key generation exportable
This patch exports four tables and the set_key() routine. This ressources can be shared by other AES implementations (aes-x86_64 for instance). The decryption key has been turned around (deckey[0] is the first piece of the key instead of deckey[keylen+20]). The encrypt/decrypt functions are looking now identical (except they are using different tables and key). Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/aes_generic.c249
1 files changed, 120 insertions, 129 deletions
diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c
index df8df4d346d2..cf30af74480f 100644
--- a/crypto/aes_generic.c
+++ b/crypto/aes_generic.c
@@ -47,11 +47,6 @@
47 * --------------------------------------------------------------------------- 47 * ---------------------------------------------------------------------------
48 */ 48 */
49 49
50/* Some changes from the Gladman version:
51 s/RIJNDAEL(e_key)/E_KEY/g
52 s/RIJNDAEL(d_key)/D_KEY/g
53*/
54
55#include <crypto/aes.h> 50#include <crypto/aes.h>
56#include <linux/module.h> 51#include <linux/module.h>
57#include <linux/init.h> 52#include <linux/init.h>
@@ -60,32 +55,26 @@
60#include <linux/crypto.h> 55#include <linux/crypto.h>
61#include <asm/byteorder.h> 56#include <asm/byteorder.h>
62 57
63/*
64 * #define byte(x, nr) ((unsigned char)((x) >> (nr*8)))
65 */
66static inline u8 byte(const u32 x, const unsigned n) 58static inline u8 byte(const u32 x, const unsigned n)
67{ 59{
68 return x >> (n << 3); 60 return x >> (n << 3);
69} 61}
70 62
71struct aes_ctx {
72 int key_length;
73 u32 buf[120];
74};
75
76#define E_KEY (&ctx->buf[0])
77#define D_KEY (&ctx->buf[60])
78
79static u8 pow_tab[256] __initdata; 63static u8 pow_tab[256] __initdata;
80static u8 log_tab[256] __initdata; 64static u8 log_tab[256] __initdata;
81static u8 sbx_tab[256] __initdata; 65static u8 sbx_tab[256] __initdata;
82static u8 isb_tab[256] __initdata; 66static u8 isb_tab[256] __initdata;
83static u32 rco_tab[10]; 67static u32 rco_tab[10];
84static u32 ft_tab[4][256];
85static u32 it_tab[4][256];
86 68
87static u32 fl_tab[4][256]; 69u32 crypto_ft_tab[4][256];
88static u32 il_tab[4][256]; 70u32 crypto_fl_tab[4][256];
71u32 crypto_it_tab[4][256];
72u32 crypto_il_tab[4][256];
73
74EXPORT_SYMBOL_GPL(crypto_ft_tab);
75EXPORT_SYMBOL_GPL(crypto_fl_tab);
76EXPORT_SYMBOL_GPL(crypto_it_tab);
77EXPORT_SYMBOL_GPL(crypto_il_tab);
89 78
90static inline u8 __init f_mult(u8 a, u8 b) 79static inline u8 __init f_mult(u8 a, u8 b)
91{ 80{
@@ -134,37 +123,37 @@ static void __init gen_tabs(void)
134 p = sbx_tab[i]; 123 p = sbx_tab[i];
135 124
136 t = p; 125 t = p;
137 fl_tab[0][i] = t; 126 crypto_fl_tab[0][i] = t;
138 fl_tab[1][i] = rol32(t, 8); 127 crypto_fl_tab[1][i] = rol32(t, 8);
139 fl_tab[2][i] = rol32(t, 16); 128 crypto_fl_tab[2][i] = rol32(t, 16);
140 fl_tab[3][i] = rol32(t, 24); 129 crypto_fl_tab[3][i] = rol32(t, 24);
141 130
142 t = ((u32) ff_mult(2, p)) | 131 t = ((u32) ff_mult(2, p)) |
143 ((u32) p << 8) | 132 ((u32) p << 8) |
144 ((u32) p << 16) | ((u32) ff_mult(3, p) << 24); 133 ((u32) p << 16) | ((u32) ff_mult(3, p) << 24);
145 134
146 ft_tab[0][i] = t; 135 crypto_ft_tab[0][i] = t;
147 ft_tab[1][i] = rol32(t, 8); 136 crypto_ft_tab[1][i] = rol32(t, 8);
148 ft_tab[2][i] = rol32(t, 16); 137 crypto_ft_tab[2][i] = rol32(t, 16);
149 ft_tab[3][i] = rol32(t, 24); 138 crypto_ft_tab[3][i] = rol32(t, 24);
150 139
151 p = isb_tab[i]; 140 p = isb_tab[i];
152 141
153 t = p; 142 t = p;
154 il_tab[0][i] = t; 143 crypto_il_tab[0][i] = t;
155 il_tab[1][i] = rol32(t, 8); 144 crypto_il_tab[1][i] = rol32(t, 8);
156 il_tab[2][i] = rol32(t, 16); 145 crypto_il_tab[2][i] = rol32(t, 16);
157 il_tab[3][i] = rol32(t, 24); 146 crypto_il_tab[3][i] = rol32(t, 24);
158 147
159 t = ((u32) ff_mult(14, p)) | 148 t = ((u32) ff_mult(14, p)) |
160 ((u32) ff_mult(9, p) << 8) | 149 ((u32) ff_mult(9, p) << 8) |
161 ((u32) ff_mult(13, p) << 16) | 150 ((u32) ff_mult(13, p) << 16) |
162 ((u32) ff_mult(11, p) << 24); 151 ((u32) ff_mult(11, p) << 24);
163 152
164 it_tab[0][i] = t; 153 crypto_it_tab[0][i] = t;
165 it_tab[1][i] = rol32(t, 8); 154 crypto_it_tab[1][i] = rol32(t, 8);
166 it_tab[2][i] = rol32(t, 16); 155 crypto_it_tab[2][i] = rol32(t, 16);
167 it_tab[3][i] = rol32(t, 24); 156 crypto_it_tab[3][i] = rol32(t, 24);
168 } 157 }
169} 158}
170 159
@@ -184,69 +173,69 @@ static void __init gen_tabs(void)
184} while (0) 173} while (0)
185 174
186#define ls_box(x) \ 175#define ls_box(x) \
187 fl_tab[0][byte(x, 0)] ^ \ 176 crypto_fl_tab[0][byte(x, 0)] ^ \
188 fl_tab[1][byte(x, 1)] ^ \ 177 crypto_fl_tab[1][byte(x, 1)] ^ \
189 fl_tab[2][byte(x, 2)] ^ \ 178 crypto_fl_tab[2][byte(x, 2)] ^ \
190 fl_tab[3][byte(x, 3)] 179 crypto_fl_tab[3][byte(x, 3)]
191 180
192#define loop4(i) do { \ 181#define loop4(i) do { \
193 t = ror32(t, 8); \ 182 t = ror32(t, 8); \
194 t = ls_box(t) ^ rco_tab[i]; \ 183 t = ls_box(t) ^ rco_tab[i]; \
195 t ^= E_KEY[4 * i]; \ 184 t ^= ctx->key_enc[4 * i]; \
196 E_KEY[4 * i + 4] = t; \ 185 ctx->key_enc[4 * i + 4] = t; \
197 t ^= E_KEY[4 * i + 1]; \ 186 t ^= ctx->key_enc[4 * i + 1]; \
198 E_KEY[4 * i + 5] = t; \ 187 ctx->key_enc[4 * i + 5] = t; \
199 t ^= E_KEY[4 * i + 2]; \ 188 t ^= ctx->key_enc[4 * i + 2]; \
200 E_KEY[4 * i + 6] = t; \ 189 ctx->key_enc[4 * i + 6] = t; \
201 t ^= E_KEY[4 * i + 3]; \ 190 t ^= ctx->key_enc[4 * i + 3]; \
202 E_KEY[4 * i + 7] = t; \ 191 ctx->key_enc[4 * i + 7] = t; \
203} while (0) 192} while (0)
204 193
205#define loop6(i) do { \ 194#define loop6(i) do { \
206 t = ror32(t, 8); \ 195 t = ror32(t, 8); \
207 t = ls_box(t) ^ rco_tab[i]; \ 196 t = ls_box(t) ^ rco_tab[i]; \
208 t ^= E_KEY[6 * i]; \ 197 t ^= ctx->key_enc[6 * i]; \
209 E_KEY[6 * i + 6] = t; \ 198 ctx->key_enc[6 * i + 6] = t; \
210 t ^= E_KEY[6 * i + 1]; \ 199 t ^= ctx->key_enc[6 * i + 1]; \
211 E_KEY[6 * i + 7] = t; \ 200 ctx->key_enc[6 * i + 7] = t; \
212 t ^= E_KEY[6 * i + 2]; \ 201 t ^= ctx->key_enc[6 * i + 2]; \
213 E_KEY[6 * i + 8] = t; \ 202 ctx->key_enc[6 * i + 8] = t; \
214 t ^= E_KEY[6 * i + 3]; \ 203 t ^= ctx->key_enc[6 * i + 3]; \
215 E_KEY[6 * i + 9] = t; \ 204 ctx->key_enc[6 * i + 9] = t; \
216 t ^= E_KEY[6 * i + 4]; \ 205 t ^= ctx->key_enc[6 * i + 4]; \
217 E_KEY[6 * i + 10] = t; \ 206 ctx->key_enc[6 * i + 10] = t; \
218 t ^= E_KEY[6 * i + 5]; \ 207 t ^= ctx->key_enc[6 * i + 5]; \
219 E_KEY[6 * i + 11] = t; \ 208 ctx->key_enc[6 * i + 11] = t; \
220} while (0) 209} while (0)
221 210
222#define loop8(i) do { \ 211#define loop8(i) do { \
223 t = ror32(t, 8); \ 212 t = ror32(t, 8); \
224 t = ls_box(t) ^ rco_tab[i]; \ 213 t = ls_box(t) ^ rco_tab[i]; \
225 t ^= E_KEY[8 * i]; \ 214 t ^= ctx->key_enc[8 * i]; \
226 E_KEY[8 * i + 8] = t; \ 215 ctx->key_enc[8 * i + 8] = t; \
227 t ^= E_KEY[8 * i + 1]; \ 216 t ^= ctx->key_enc[8 * i + 1]; \
228 E_KEY[8 * i + 9] = t; \ 217 ctx->key_enc[8 * i + 9] = t; \
229 t ^= E_KEY[8 * i + 2]; \ 218 t ^= ctx->key_enc[8 * i + 2]; \
230 E_KEY[8 * i + 10] = t; \ 219 ctx->key_enc[8 * i + 10] = t; \
231 t ^= E_KEY[8 * i + 3]; \ 220 t ^= ctx->key_enc[8 * i + 3]; \
232 E_KEY[8 * i + 11] = t; \ 221 ctx->key_enc[8 * i + 11] = t; \
233 t = E_KEY[8 * i + 4] ^ ls_box(t); \ 222 t = ctx->key_enc[8 * i + 4] ^ ls_box(t); \
234 E_KEY[8 * i + 12] = t; \ 223 ctx->key_enc[8 * i + 12] = t; \
235 t ^= E_KEY[8 * i + 5]; \ 224 t ^= ctx->key_enc[8 * i + 5]; \
236 E_KEY[8 * i + 13] = t; \ 225 ctx->key_enc[8 * i + 13] = t; \
237 t ^= E_KEY[8 * i + 6]; \ 226 t ^= ctx->key_enc[8 * i + 6]; \
238 E_KEY[8 * i + 14] = t; \ 227 ctx->key_enc[8 * i + 14] = t; \
239 t ^= E_KEY[8 * i + 7]; \ 228 t ^= ctx->key_enc[8 * i + 7]; \
240 E_KEY[8 * i + 15] = t; \ 229 ctx->key_enc[8 * i + 15] = t; \
241} while (0) 230} while (0)
242 231
243static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, 232int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
244 unsigned int key_len) 233 unsigned int key_len)
245{ 234{
246 struct aes_ctx *ctx = crypto_tfm_ctx(tfm); 235 struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
247 const __le32 *key = (const __le32 *)in_key; 236 const __le32 *key = (const __le32 *)in_key;
248 u32 *flags = &tfm->crt_flags; 237 u32 *flags = &tfm->crt_flags;
249 u32 i, t, u, v, w; 238 u32 i, t, u, v, w, j;
250 239
251 if (key_len % 8) { 240 if (key_len % 8) {
252 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; 241 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
@@ -255,54 +244,55 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
255 244
256 ctx->key_length = key_len; 245 ctx->key_length = key_len;
257 246
258 E_KEY[0] = le32_to_cpu(key[0]); 247 ctx->key_dec[key_len + 24] = ctx->key_enc[0] = le32_to_cpu(key[0]);
259 E_KEY[1] = le32_to_cpu(key[1]); 248 ctx->key_dec[key_len + 25] = ctx->key_enc[1] = le32_to_cpu(key[1]);
260 E_KEY[2] = le32_to_cpu(key[2]); 249 ctx->key_dec[key_len + 26] = ctx->key_enc[2] = le32_to_cpu(key[2]);
261 E_KEY[3] = le32_to_cpu(key[3]); 250 ctx->key_dec[key_len + 27] = ctx->key_enc[3] = le32_to_cpu(key[3]);
262 251
263 switch (key_len) { 252 switch (key_len) {
264 case 16: 253 case 16:
265 t = E_KEY[3]; 254 t = ctx->key_enc[3];
266 for (i = 0; i < 10; ++i) 255 for (i = 0; i < 10; ++i)
267 loop4(i); 256 loop4(i);
268 break; 257 break;
269 258
270 case 24: 259 case 24:
271 E_KEY[4] = le32_to_cpu(key[4]); 260 ctx->key_enc[4] = le32_to_cpu(key[4]);
272 t = E_KEY[5] = le32_to_cpu(key[5]); 261 t = ctx->key_enc[5] = le32_to_cpu(key[5]);
273 for (i = 0; i < 8; ++i) 262 for (i = 0; i < 8; ++i)
274 loop6(i); 263 loop6(i);
275 break; 264 break;
276 265
277 case 32: 266 case 32:
278 E_KEY[4] = le32_to_cpu(key[4]); 267 ctx->key_enc[4] = le32_to_cpu(key[4]);
279 E_KEY[5] = le32_to_cpu(key[5]); 268 ctx->key_enc[5] = le32_to_cpu(key[5]);
280 E_KEY[6] = le32_to_cpu(key[6]); 269 ctx->key_enc[6] = le32_to_cpu(key[6]);
281 t = E_KEY[7] = le32_to_cpu(key[7]); 270 t = ctx->key_enc[7] = le32_to_cpu(key[7]);
282 for (i = 0; i < 7; ++i) 271 for (i = 0; i < 7; ++i)
283 loop8(i); 272 loop8(i);
284 break; 273 break;
285 } 274 }
286 275
287 D_KEY[0] = E_KEY[0]; 276 ctx->key_dec[0] = ctx->key_enc[key_len + 24];
288 D_KEY[1] = E_KEY[1]; 277 ctx->key_dec[1] = ctx->key_enc[key_len + 25];
289 D_KEY[2] = E_KEY[2]; 278 ctx->key_dec[2] = ctx->key_enc[key_len + 26];
290 D_KEY[3] = E_KEY[3]; 279 ctx->key_dec[3] = ctx->key_enc[key_len + 27];
291 280
292 for (i = 4; i < key_len + 24; ++i) { 281 for (i = 4; i < key_len + 24; ++i) {
293 imix_col(D_KEY[i], E_KEY[i]); 282 j = key_len + 24 - (i & ~3) + (i & 3);
283 imix_col(ctx->key_dec[j], ctx->key_enc[i]);
294 } 284 }
295
296 return 0; 285 return 0;
297} 286}
287EXPORT_SYMBOL_GPL(crypto_aes_set_key);
298 288
299/* encrypt a block of text */ 289/* encrypt a block of text */
300 290
301#define f_rn(bo, bi, n, k) do { \ 291#define f_rn(bo, bi, n, k) do { \
302 bo[n] = ft_tab[0][byte(bi[n], 0)] ^ \ 292 bo[n] = crypto_ft_tab[0][byte(bi[n], 0)] ^ \
303 ft_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \ 293 crypto_ft_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \
304 ft_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ 294 crypto_ft_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \
305 ft_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \ 295 crypto_ft_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \
306} while (0) 296} while (0)
307 297
308#define f_nround(bo, bi, k) do {\ 298#define f_nround(bo, bi, k) do {\
@@ -314,10 +304,10 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
314} while (0) 304} while (0)
315 305
316#define f_rl(bo, bi, n, k) do { \ 306#define f_rl(bo, bi, n, k) do { \
317 bo[n] = fl_tab[0][byte(bi[n], 0)] ^ \ 307 bo[n] = crypto_fl_tab[0][byte(bi[n], 0)] ^ \
318 fl_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \ 308 crypto_fl_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \
319 fl_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ 309 crypto_fl_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \
320 fl_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \ 310 crypto_fl_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \
321} while (0) 311} while (0)
322 312
323#define f_lround(bo, bi, k) do {\ 313#define f_lround(bo, bi, k) do {\
@@ -329,23 +319,24 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
329 319
330static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) 320static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
331{ 321{
332 const struct aes_ctx *ctx = crypto_tfm_ctx(tfm); 322 const struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
333 const __le32 *src = (const __le32 *)in; 323 const __le32 *src = (const __le32 *)in;
334 __le32 *dst = (__le32 *)out; 324 __le32 *dst = (__le32 *)out;
335 u32 b0[4], b1[4]; 325 u32 b0[4], b1[4];
336 const u32 *kp = E_KEY + 4; 326 const u32 *kp = ctx->key_enc + 4;
327 const int key_len = ctx->key_length;
337 328
338 b0[0] = le32_to_cpu(src[0]) ^ E_KEY[0]; 329 b0[0] = le32_to_cpu(src[0]) ^ ctx->key_enc[0];
339 b0[1] = le32_to_cpu(src[1]) ^ E_KEY[1]; 330 b0[1] = le32_to_cpu(src[1]) ^ ctx->key_enc[1];
340 b0[2] = le32_to_cpu(src[2]) ^ E_KEY[2]; 331 b0[2] = le32_to_cpu(src[2]) ^ ctx->key_enc[2];
341 b0[3] = le32_to_cpu(src[3]) ^ E_KEY[3]; 332 b0[3] = le32_to_cpu(src[3]) ^ ctx->key_enc[3];
342 333
343 if (ctx->key_length > 24) { 334 if (key_len > 24) {
344 f_nround(b1, b0, kp); 335 f_nround(b1, b0, kp);
345 f_nround(b0, b1, kp); 336 f_nround(b0, b1, kp);
346 } 337 }
347 338
348 if (ctx->key_length > 16) { 339 if (key_len > 16) {
349 f_nround(b1, b0, kp); 340 f_nround(b1, b0, kp);
350 f_nround(b0, b1, kp); 341 f_nround(b0, b1, kp);
351 } 342 }
@@ -370,10 +361,10 @@ static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
370/* decrypt a block of text */ 361/* decrypt a block of text */
371 362
372#define i_rn(bo, bi, n, k) do { \ 363#define i_rn(bo, bi, n, k) do { \
373 bo[n] = it_tab[0][byte(bi[n], 0)] ^ \ 364 bo[n] = crypto_it_tab[0][byte(bi[n], 0)] ^ \
374 it_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \ 365 crypto_it_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \
375 it_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ 366 crypto_it_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \
376 it_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \ 367 crypto_it_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \
377} while (0) 368} while (0)
378 369
379#define i_nround(bo, bi, k) do {\ 370#define i_nround(bo, bi, k) do {\
@@ -381,14 +372,14 @@ static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
381 i_rn(bo, bi, 1, k); \ 372 i_rn(bo, bi, 1, k); \
382 i_rn(bo, bi, 2, k); \ 373 i_rn(bo, bi, 2, k); \
383 i_rn(bo, bi, 3, k); \ 374 i_rn(bo, bi, 3, k); \
384 k -= 4; \ 375 k += 4; \
385} while (0) 376} while (0)
386 377
387#define i_rl(bo, bi, n, k) do { \ 378#define i_rl(bo, bi, n, k) do { \
388 bo[n] = il_tab[0][byte(bi[n], 0)] ^ \ 379 bo[n] = crypto_il_tab[0][byte(bi[n], 0)] ^ \
389 il_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \ 380 crypto_il_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \
390 il_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ 381 crypto_il_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \
391 il_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \ 382 crypto_il_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \
392} while (0) 383} while (0)
393 384
394#define i_lround(bo, bi, k) do {\ 385#define i_lround(bo, bi, k) do {\
@@ -400,17 +391,17 @@ static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
400 391
401static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) 392static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in)
402{ 393{
403 const struct aes_ctx *ctx = crypto_tfm_ctx(tfm); 394 const struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
404 const __le32 *src = (const __le32 *)in; 395 const __le32 *src = (const __le32 *)in;
405 __le32 *dst = (__le32 *)out; 396 __le32 *dst = (__le32 *)out;
406 u32 b0[4], b1[4]; 397 u32 b0[4], b1[4];
407 const int key_len = ctx->key_length; 398 const int key_len = ctx->key_length;
408 const u32 *kp = D_KEY + key_len + 20; 399 const u32 *kp = ctx->key_dec + 4;
409 400
410 b0[0] = le32_to_cpu(src[0]) ^ E_KEY[key_len + 24]; 401 b0[0] = le32_to_cpu(src[0]) ^ ctx->key_dec[0];
411 b0[1] = le32_to_cpu(src[1]) ^ E_KEY[key_len + 25]; 402 b0[1] = le32_to_cpu(src[1]) ^ ctx->key_dec[1];
412 b0[2] = le32_to_cpu(src[2]) ^ E_KEY[key_len + 26]; 403 b0[2] = le32_to_cpu(src[2]) ^ ctx->key_dec[2];
413 b0[3] = le32_to_cpu(src[3]) ^ E_KEY[key_len + 27]; 404 b0[3] = le32_to_cpu(src[3]) ^ ctx->key_dec[3];
414 405
415 if (key_len > 24) { 406 if (key_len > 24) {
416 i_nround(b1, b0, kp); 407 i_nround(b1, b0, kp);
@@ -445,7 +436,7 @@ static struct crypto_alg aes_alg = {
445 .cra_priority = 100, 436 .cra_priority = 100,
446 .cra_flags = CRYPTO_ALG_TYPE_CIPHER, 437 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
447 .cra_blocksize = AES_BLOCK_SIZE, 438 .cra_blocksize = AES_BLOCK_SIZE,
448 .cra_ctxsize = sizeof(struct aes_ctx), 439 .cra_ctxsize = sizeof(struct crypto_aes_ctx),
449 .cra_alignmask = 3, 440 .cra_alignmask = 3,
450 .cra_module = THIS_MODULE, 441 .cra_module = THIS_MODULE,
451 .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), 442 .cra_list = LIST_HEAD_INIT(aes_alg.cra_list),
@@ -453,7 +444,7 @@ static struct crypto_alg aes_alg = {
453 .cipher = { 444 .cipher = {
454 .cia_min_keysize = AES_MIN_KEY_SIZE, 445 .cia_min_keysize = AES_MIN_KEY_SIZE,
455 .cia_max_keysize = AES_MAX_KEY_SIZE, 446 .cia_max_keysize = AES_MAX_KEY_SIZE,
456 .cia_setkey = aes_set_key, 447 .cia_setkey = crypto_aes_set_key,
457 .cia_encrypt = aes_encrypt, 448 .cia_encrypt = aes_encrypt,
458 .cia_decrypt = aes_decrypt 449 .cia_decrypt = aes_decrypt
459 } 450 }