diff options
author | Sebastian Siewior <sebastian@breakpoint.cc> | 2007-11-08 08:20:30 -0500 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2008-01-10 16:16:09 -0500 |
commit | 96e82e4551d38e0863b366a7b61185bc4a9946cc (patch) | |
tree | 514e38d847cb09c55230ceb3088329ed4175c55c /crypto | |
parent | be5fb270125729b7bca7879967f1dfadff0d9841 (diff) |
[CRYPTO] aes-generic: Make key generation exportable
This patch exports four tables and the set_key() routine. This ressources
can be shared by other AES implementations (aes-x86_64 for instance).
The decryption key has been turned around (deckey[0] is the first piece
of the key instead of deckey[keylen+20]). The encrypt/decrypt functions
are looking now identical (except they are using different tables and
key).
Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/aes_generic.c | 249 |
1 files changed, 120 insertions, 129 deletions
diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c index df8df4d346d2..cf30af74480f 100644 --- a/crypto/aes_generic.c +++ b/crypto/aes_generic.c | |||
@@ -47,11 +47,6 @@ | |||
47 | * --------------------------------------------------------------------------- | 47 | * --------------------------------------------------------------------------- |
48 | */ | 48 | */ |
49 | 49 | ||
50 | /* Some changes from the Gladman version: | ||
51 | s/RIJNDAEL(e_key)/E_KEY/g | ||
52 | s/RIJNDAEL(d_key)/D_KEY/g | ||
53 | */ | ||
54 | |||
55 | #include <crypto/aes.h> | 50 | #include <crypto/aes.h> |
56 | #include <linux/module.h> | 51 | #include <linux/module.h> |
57 | #include <linux/init.h> | 52 | #include <linux/init.h> |
@@ -60,32 +55,26 @@ | |||
60 | #include <linux/crypto.h> | 55 | #include <linux/crypto.h> |
61 | #include <asm/byteorder.h> | 56 | #include <asm/byteorder.h> |
62 | 57 | ||
63 | /* | ||
64 | * #define byte(x, nr) ((unsigned char)((x) >> (nr*8))) | ||
65 | */ | ||
66 | static inline u8 byte(const u32 x, const unsigned n) | 58 | static inline u8 byte(const u32 x, const unsigned n) |
67 | { | 59 | { |
68 | return x >> (n << 3); | 60 | return x >> (n << 3); |
69 | } | 61 | } |
70 | 62 | ||
71 | struct aes_ctx { | ||
72 | int key_length; | ||
73 | u32 buf[120]; | ||
74 | }; | ||
75 | |||
76 | #define E_KEY (&ctx->buf[0]) | ||
77 | #define D_KEY (&ctx->buf[60]) | ||
78 | |||
79 | static u8 pow_tab[256] __initdata; | 63 | static u8 pow_tab[256] __initdata; |
80 | static u8 log_tab[256] __initdata; | 64 | static u8 log_tab[256] __initdata; |
81 | static u8 sbx_tab[256] __initdata; | 65 | static u8 sbx_tab[256] __initdata; |
82 | static u8 isb_tab[256] __initdata; | 66 | static u8 isb_tab[256] __initdata; |
83 | static u32 rco_tab[10]; | 67 | static u32 rco_tab[10]; |
84 | static u32 ft_tab[4][256]; | ||
85 | static u32 it_tab[4][256]; | ||
86 | 68 | ||
87 | static u32 fl_tab[4][256]; | 69 | u32 crypto_ft_tab[4][256]; |
88 | static u32 il_tab[4][256]; | 70 | u32 crypto_fl_tab[4][256]; |
71 | u32 crypto_it_tab[4][256]; | ||
72 | u32 crypto_il_tab[4][256]; | ||
73 | |||
74 | EXPORT_SYMBOL_GPL(crypto_ft_tab); | ||
75 | EXPORT_SYMBOL_GPL(crypto_fl_tab); | ||
76 | EXPORT_SYMBOL_GPL(crypto_it_tab); | ||
77 | EXPORT_SYMBOL_GPL(crypto_il_tab); | ||
89 | 78 | ||
90 | static inline u8 __init f_mult(u8 a, u8 b) | 79 | static inline u8 __init f_mult(u8 a, u8 b) |
91 | { | 80 | { |
@@ -134,37 +123,37 @@ static void __init gen_tabs(void) | |||
134 | p = sbx_tab[i]; | 123 | p = sbx_tab[i]; |
135 | 124 | ||
136 | t = p; | 125 | t = p; |
137 | fl_tab[0][i] = t; | 126 | crypto_fl_tab[0][i] = t; |
138 | fl_tab[1][i] = rol32(t, 8); | 127 | crypto_fl_tab[1][i] = rol32(t, 8); |
139 | fl_tab[2][i] = rol32(t, 16); | 128 | crypto_fl_tab[2][i] = rol32(t, 16); |
140 | fl_tab[3][i] = rol32(t, 24); | 129 | crypto_fl_tab[3][i] = rol32(t, 24); |
141 | 130 | ||
142 | t = ((u32) ff_mult(2, p)) | | 131 | t = ((u32) ff_mult(2, p)) | |
143 | ((u32) p << 8) | | 132 | ((u32) p << 8) | |
144 | ((u32) p << 16) | ((u32) ff_mult(3, p) << 24); | 133 | ((u32) p << 16) | ((u32) ff_mult(3, p) << 24); |
145 | 134 | ||
146 | ft_tab[0][i] = t; | 135 | crypto_ft_tab[0][i] = t; |
147 | ft_tab[1][i] = rol32(t, 8); | 136 | crypto_ft_tab[1][i] = rol32(t, 8); |
148 | ft_tab[2][i] = rol32(t, 16); | 137 | crypto_ft_tab[2][i] = rol32(t, 16); |
149 | ft_tab[3][i] = rol32(t, 24); | 138 | crypto_ft_tab[3][i] = rol32(t, 24); |
150 | 139 | ||
151 | p = isb_tab[i]; | 140 | p = isb_tab[i]; |
152 | 141 | ||
153 | t = p; | 142 | t = p; |
154 | il_tab[0][i] = t; | 143 | crypto_il_tab[0][i] = t; |
155 | il_tab[1][i] = rol32(t, 8); | 144 | crypto_il_tab[1][i] = rol32(t, 8); |
156 | il_tab[2][i] = rol32(t, 16); | 145 | crypto_il_tab[2][i] = rol32(t, 16); |
157 | il_tab[3][i] = rol32(t, 24); | 146 | crypto_il_tab[3][i] = rol32(t, 24); |
158 | 147 | ||
159 | t = ((u32) ff_mult(14, p)) | | 148 | t = ((u32) ff_mult(14, p)) | |
160 | ((u32) ff_mult(9, p) << 8) | | 149 | ((u32) ff_mult(9, p) << 8) | |
161 | ((u32) ff_mult(13, p) << 16) | | 150 | ((u32) ff_mult(13, p) << 16) | |
162 | ((u32) ff_mult(11, p) << 24); | 151 | ((u32) ff_mult(11, p) << 24); |
163 | 152 | ||
164 | it_tab[0][i] = t; | 153 | crypto_it_tab[0][i] = t; |
165 | it_tab[1][i] = rol32(t, 8); | 154 | crypto_it_tab[1][i] = rol32(t, 8); |
166 | it_tab[2][i] = rol32(t, 16); | 155 | crypto_it_tab[2][i] = rol32(t, 16); |
167 | it_tab[3][i] = rol32(t, 24); | 156 | crypto_it_tab[3][i] = rol32(t, 24); |
168 | } | 157 | } |
169 | } | 158 | } |
170 | 159 | ||
@@ -184,69 +173,69 @@ static void __init gen_tabs(void) | |||
184 | } while (0) | 173 | } while (0) |
185 | 174 | ||
186 | #define ls_box(x) \ | 175 | #define ls_box(x) \ |
187 | fl_tab[0][byte(x, 0)] ^ \ | 176 | crypto_fl_tab[0][byte(x, 0)] ^ \ |
188 | fl_tab[1][byte(x, 1)] ^ \ | 177 | crypto_fl_tab[1][byte(x, 1)] ^ \ |
189 | fl_tab[2][byte(x, 2)] ^ \ | 178 | crypto_fl_tab[2][byte(x, 2)] ^ \ |
190 | fl_tab[3][byte(x, 3)] | 179 | crypto_fl_tab[3][byte(x, 3)] |
191 | 180 | ||
192 | #define loop4(i) do { \ | 181 | #define loop4(i) do { \ |
193 | t = ror32(t, 8); \ | 182 | t = ror32(t, 8); \ |
194 | t = ls_box(t) ^ rco_tab[i]; \ | 183 | t = ls_box(t) ^ rco_tab[i]; \ |
195 | t ^= E_KEY[4 * i]; \ | 184 | t ^= ctx->key_enc[4 * i]; \ |
196 | E_KEY[4 * i + 4] = t; \ | 185 | ctx->key_enc[4 * i + 4] = t; \ |
197 | t ^= E_KEY[4 * i + 1]; \ | 186 | t ^= ctx->key_enc[4 * i + 1]; \ |
198 | E_KEY[4 * i + 5] = t; \ | 187 | ctx->key_enc[4 * i + 5] = t; \ |
199 | t ^= E_KEY[4 * i + 2]; \ | 188 | t ^= ctx->key_enc[4 * i + 2]; \ |
200 | E_KEY[4 * i + 6] = t; \ | 189 | ctx->key_enc[4 * i + 6] = t; \ |
201 | t ^= E_KEY[4 * i + 3]; \ | 190 | t ^= ctx->key_enc[4 * i + 3]; \ |
202 | E_KEY[4 * i + 7] = t; \ | 191 | ctx->key_enc[4 * i + 7] = t; \ |
203 | } while (0) | 192 | } while (0) |
204 | 193 | ||
205 | #define loop6(i) do { \ | 194 | #define loop6(i) do { \ |
206 | t = ror32(t, 8); \ | 195 | t = ror32(t, 8); \ |
207 | t = ls_box(t) ^ rco_tab[i]; \ | 196 | t = ls_box(t) ^ rco_tab[i]; \ |
208 | t ^= E_KEY[6 * i]; \ | 197 | t ^= ctx->key_enc[6 * i]; \ |
209 | E_KEY[6 * i + 6] = t; \ | 198 | ctx->key_enc[6 * i + 6] = t; \ |
210 | t ^= E_KEY[6 * i + 1]; \ | 199 | t ^= ctx->key_enc[6 * i + 1]; \ |
211 | E_KEY[6 * i + 7] = t; \ | 200 | ctx->key_enc[6 * i + 7] = t; \ |
212 | t ^= E_KEY[6 * i + 2]; \ | 201 | t ^= ctx->key_enc[6 * i + 2]; \ |
213 | E_KEY[6 * i + 8] = t; \ | 202 | ctx->key_enc[6 * i + 8] = t; \ |
214 | t ^= E_KEY[6 * i + 3]; \ | 203 | t ^= ctx->key_enc[6 * i + 3]; \ |
215 | E_KEY[6 * i + 9] = t; \ | 204 | ctx->key_enc[6 * i + 9] = t; \ |
216 | t ^= E_KEY[6 * i + 4]; \ | 205 | t ^= ctx->key_enc[6 * i + 4]; \ |
217 | E_KEY[6 * i + 10] = t; \ | 206 | ctx->key_enc[6 * i + 10] = t; \ |
218 | t ^= E_KEY[6 * i + 5]; \ | 207 | t ^= ctx->key_enc[6 * i + 5]; \ |
219 | E_KEY[6 * i + 11] = t; \ | 208 | ctx->key_enc[6 * i + 11] = t; \ |
220 | } while (0) | 209 | } while (0) |
221 | 210 | ||
222 | #define loop8(i) do { \ | 211 | #define loop8(i) do { \ |
223 | t = ror32(t, 8); \ | 212 | t = ror32(t, 8); \ |
224 | t = ls_box(t) ^ rco_tab[i]; \ | 213 | t = ls_box(t) ^ rco_tab[i]; \ |
225 | t ^= E_KEY[8 * i]; \ | 214 | t ^= ctx->key_enc[8 * i]; \ |
226 | E_KEY[8 * i + 8] = t; \ | 215 | ctx->key_enc[8 * i + 8] = t; \ |
227 | t ^= E_KEY[8 * i + 1]; \ | 216 | t ^= ctx->key_enc[8 * i + 1]; \ |
228 | E_KEY[8 * i + 9] = t; \ | 217 | ctx->key_enc[8 * i + 9] = t; \ |
229 | t ^= E_KEY[8 * i + 2]; \ | 218 | t ^= ctx->key_enc[8 * i + 2]; \ |
230 | E_KEY[8 * i + 10] = t; \ | 219 | ctx->key_enc[8 * i + 10] = t; \ |
231 | t ^= E_KEY[8 * i + 3]; \ | 220 | t ^= ctx->key_enc[8 * i + 3]; \ |
232 | E_KEY[8 * i + 11] = t; \ | 221 | ctx->key_enc[8 * i + 11] = t; \ |
233 | t = E_KEY[8 * i + 4] ^ ls_box(t); \ | 222 | t = ctx->key_enc[8 * i + 4] ^ ls_box(t); \ |
234 | E_KEY[8 * i + 12] = t; \ | 223 | ctx->key_enc[8 * i + 12] = t; \ |
235 | t ^= E_KEY[8 * i + 5]; \ | 224 | t ^= ctx->key_enc[8 * i + 5]; \ |
236 | E_KEY[8 * i + 13] = t; \ | 225 | ctx->key_enc[8 * i + 13] = t; \ |
237 | t ^= E_KEY[8 * i + 6]; \ | 226 | t ^= ctx->key_enc[8 * i + 6]; \ |
238 | E_KEY[8 * i + 14] = t; \ | 227 | ctx->key_enc[8 * i + 14] = t; \ |
239 | t ^= E_KEY[8 * i + 7]; \ | 228 | t ^= ctx->key_enc[8 * i + 7]; \ |
240 | E_KEY[8 * i + 15] = t; \ | 229 | ctx->key_enc[8 * i + 15] = t; \ |
241 | } while (0) | 230 | } while (0) |
242 | 231 | ||
243 | static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | 232 | int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, |
244 | unsigned int key_len) | 233 | unsigned int key_len) |
245 | { | 234 | { |
246 | struct aes_ctx *ctx = crypto_tfm_ctx(tfm); | 235 | struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm); |
247 | const __le32 *key = (const __le32 *)in_key; | 236 | const __le32 *key = (const __le32 *)in_key; |
248 | u32 *flags = &tfm->crt_flags; | 237 | u32 *flags = &tfm->crt_flags; |
249 | u32 i, t, u, v, w; | 238 | u32 i, t, u, v, w, j; |
250 | 239 | ||
251 | if (key_len % 8) { | 240 | if (key_len % 8) { |
252 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | 241 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; |
@@ -255,54 +244,55 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
255 | 244 | ||
256 | ctx->key_length = key_len; | 245 | ctx->key_length = key_len; |
257 | 246 | ||
258 | E_KEY[0] = le32_to_cpu(key[0]); | 247 | ctx->key_dec[key_len + 24] = ctx->key_enc[0] = le32_to_cpu(key[0]); |
259 | E_KEY[1] = le32_to_cpu(key[1]); | 248 | ctx->key_dec[key_len + 25] = ctx->key_enc[1] = le32_to_cpu(key[1]); |
260 | E_KEY[2] = le32_to_cpu(key[2]); | 249 | ctx->key_dec[key_len + 26] = ctx->key_enc[2] = le32_to_cpu(key[2]); |
261 | E_KEY[3] = le32_to_cpu(key[3]); | 250 | ctx->key_dec[key_len + 27] = ctx->key_enc[3] = le32_to_cpu(key[3]); |
262 | 251 | ||
263 | switch (key_len) { | 252 | switch (key_len) { |
264 | case 16: | 253 | case 16: |
265 | t = E_KEY[3]; | 254 | t = ctx->key_enc[3]; |
266 | for (i = 0; i < 10; ++i) | 255 | for (i = 0; i < 10; ++i) |
267 | loop4(i); | 256 | loop4(i); |
268 | break; | 257 | break; |
269 | 258 | ||
270 | case 24: | 259 | case 24: |
271 | E_KEY[4] = le32_to_cpu(key[4]); | 260 | ctx->key_enc[4] = le32_to_cpu(key[4]); |
272 | t = E_KEY[5] = le32_to_cpu(key[5]); | 261 | t = ctx->key_enc[5] = le32_to_cpu(key[5]); |
273 | for (i = 0; i < 8; ++i) | 262 | for (i = 0; i < 8; ++i) |
274 | loop6(i); | 263 | loop6(i); |
275 | break; | 264 | break; |
276 | 265 | ||
277 | case 32: | 266 | case 32: |
278 | E_KEY[4] = le32_to_cpu(key[4]); | 267 | ctx->key_enc[4] = le32_to_cpu(key[4]); |
279 | E_KEY[5] = le32_to_cpu(key[5]); | 268 | ctx->key_enc[5] = le32_to_cpu(key[5]); |
280 | E_KEY[6] = le32_to_cpu(key[6]); | 269 | ctx->key_enc[6] = le32_to_cpu(key[6]); |
281 | t = E_KEY[7] = le32_to_cpu(key[7]); | 270 | t = ctx->key_enc[7] = le32_to_cpu(key[7]); |
282 | for (i = 0; i < 7; ++i) | 271 | for (i = 0; i < 7; ++i) |
283 | loop8(i); | 272 | loop8(i); |
284 | break; | 273 | break; |
285 | } | 274 | } |
286 | 275 | ||
287 | D_KEY[0] = E_KEY[0]; | 276 | ctx->key_dec[0] = ctx->key_enc[key_len + 24]; |
288 | D_KEY[1] = E_KEY[1]; | 277 | ctx->key_dec[1] = ctx->key_enc[key_len + 25]; |
289 | D_KEY[2] = E_KEY[2]; | 278 | ctx->key_dec[2] = ctx->key_enc[key_len + 26]; |
290 | D_KEY[3] = E_KEY[3]; | 279 | ctx->key_dec[3] = ctx->key_enc[key_len + 27]; |
291 | 280 | ||
292 | for (i = 4; i < key_len + 24; ++i) { | 281 | for (i = 4; i < key_len + 24; ++i) { |
293 | imix_col(D_KEY[i], E_KEY[i]); | 282 | j = key_len + 24 - (i & ~3) + (i & 3); |
283 | imix_col(ctx->key_dec[j], ctx->key_enc[i]); | ||
294 | } | 284 | } |
295 | |||
296 | return 0; | 285 | return 0; |
297 | } | 286 | } |
287 | EXPORT_SYMBOL_GPL(crypto_aes_set_key); | ||
298 | 288 | ||
299 | /* encrypt a block of text */ | 289 | /* encrypt a block of text */ |
300 | 290 | ||
301 | #define f_rn(bo, bi, n, k) do { \ | 291 | #define f_rn(bo, bi, n, k) do { \ |
302 | bo[n] = ft_tab[0][byte(bi[n], 0)] ^ \ | 292 | bo[n] = crypto_ft_tab[0][byte(bi[n], 0)] ^ \ |
303 | ft_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \ | 293 | crypto_ft_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \ |
304 | ft_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ | 294 | crypto_ft_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ |
305 | ft_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \ | 295 | crypto_ft_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \ |
306 | } while (0) | 296 | } while (0) |
307 | 297 | ||
308 | #define f_nround(bo, bi, k) do {\ | 298 | #define f_nround(bo, bi, k) do {\ |
@@ -314,10 +304,10 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
314 | } while (0) | 304 | } while (0) |
315 | 305 | ||
316 | #define f_rl(bo, bi, n, k) do { \ | 306 | #define f_rl(bo, bi, n, k) do { \ |
317 | bo[n] = fl_tab[0][byte(bi[n], 0)] ^ \ | 307 | bo[n] = crypto_fl_tab[0][byte(bi[n], 0)] ^ \ |
318 | fl_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \ | 308 | crypto_fl_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \ |
319 | fl_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ | 309 | crypto_fl_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ |
320 | fl_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \ | 310 | crypto_fl_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \ |
321 | } while (0) | 311 | } while (0) |
322 | 312 | ||
323 | #define f_lround(bo, bi, k) do {\ | 313 | #define f_lround(bo, bi, k) do {\ |
@@ -329,23 +319,24 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
329 | 319 | ||
330 | static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 320 | static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
331 | { | 321 | { |
332 | const struct aes_ctx *ctx = crypto_tfm_ctx(tfm); | 322 | const struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm); |
333 | const __le32 *src = (const __le32 *)in; | 323 | const __le32 *src = (const __le32 *)in; |
334 | __le32 *dst = (__le32 *)out; | 324 | __le32 *dst = (__le32 *)out; |
335 | u32 b0[4], b1[4]; | 325 | u32 b0[4], b1[4]; |
336 | const u32 *kp = E_KEY + 4; | 326 | const u32 *kp = ctx->key_enc + 4; |
327 | const int key_len = ctx->key_length; | ||
337 | 328 | ||
338 | b0[0] = le32_to_cpu(src[0]) ^ E_KEY[0]; | 329 | b0[0] = le32_to_cpu(src[0]) ^ ctx->key_enc[0]; |
339 | b0[1] = le32_to_cpu(src[1]) ^ E_KEY[1]; | 330 | b0[1] = le32_to_cpu(src[1]) ^ ctx->key_enc[1]; |
340 | b0[2] = le32_to_cpu(src[2]) ^ E_KEY[2]; | 331 | b0[2] = le32_to_cpu(src[2]) ^ ctx->key_enc[2]; |
341 | b0[3] = le32_to_cpu(src[3]) ^ E_KEY[3]; | 332 | b0[3] = le32_to_cpu(src[3]) ^ ctx->key_enc[3]; |
342 | 333 | ||
343 | if (ctx->key_length > 24) { | 334 | if (key_len > 24) { |
344 | f_nround(b1, b0, kp); | 335 | f_nround(b1, b0, kp); |
345 | f_nround(b0, b1, kp); | 336 | f_nround(b0, b1, kp); |
346 | } | 337 | } |
347 | 338 | ||
348 | if (ctx->key_length > 16) { | 339 | if (key_len > 16) { |
349 | f_nround(b1, b0, kp); | 340 | f_nround(b1, b0, kp); |
350 | f_nround(b0, b1, kp); | 341 | f_nround(b0, b1, kp); |
351 | } | 342 | } |
@@ -370,10 +361,10 @@ static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | |||
370 | /* decrypt a block of text */ | 361 | /* decrypt a block of text */ |
371 | 362 | ||
372 | #define i_rn(bo, bi, n, k) do { \ | 363 | #define i_rn(bo, bi, n, k) do { \ |
373 | bo[n] = it_tab[0][byte(bi[n], 0)] ^ \ | 364 | bo[n] = crypto_it_tab[0][byte(bi[n], 0)] ^ \ |
374 | it_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \ | 365 | crypto_it_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \ |
375 | it_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ | 366 | crypto_it_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ |
376 | it_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \ | 367 | crypto_it_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \ |
377 | } while (0) | 368 | } while (0) |
378 | 369 | ||
379 | #define i_nround(bo, bi, k) do {\ | 370 | #define i_nround(bo, bi, k) do {\ |
@@ -381,14 +372,14 @@ static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | |||
381 | i_rn(bo, bi, 1, k); \ | 372 | i_rn(bo, bi, 1, k); \ |
382 | i_rn(bo, bi, 2, k); \ | 373 | i_rn(bo, bi, 2, k); \ |
383 | i_rn(bo, bi, 3, k); \ | 374 | i_rn(bo, bi, 3, k); \ |
384 | k -= 4; \ | 375 | k += 4; \ |
385 | } while (0) | 376 | } while (0) |
386 | 377 | ||
387 | #define i_rl(bo, bi, n, k) do { \ | 378 | #define i_rl(bo, bi, n, k) do { \ |
388 | bo[n] = il_tab[0][byte(bi[n], 0)] ^ \ | 379 | bo[n] = crypto_il_tab[0][byte(bi[n], 0)] ^ \ |
389 | il_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \ | 380 | crypto_il_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \ |
390 | il_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ | 381 | crypto_il_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ |
391 | il_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \ | 382 | crypto_il_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \ |
392 | } while (0) | 383 | } while (0) |
393 | 384 | ||
394 | #define i_lround(bo, bi, k) do {\ | 385 | #define i_lround(bo, bi, k) do {\ |
@@ -400,17 +391,17 @@ static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | |||
400 | 391 | ||
401 | static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 392 | static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
402 | { | 393 | { |
403 | const struct aes_ctx *ctx = crypto_tfm_ctx(tfm); | 394 | const struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm); |
404 | const __le32 *src = (const __le32 *)in; | 395 | const __le32 *src = (const __le32 *)in; |
405 | __le32 *dst = (__le32 *)out; | 396 | __le32 *dst = (__le32 *)out; |
406 | u32 b0[4], b1[4]; | 397 | u32 b0[4], b1[4]; |
407 | const int key_len = ctx->key_length; | 398 | const int key_len = ctx->key_length; |
408 | const u32 *kp = D_KEY + key_len + 20; | 399 | const u32 *kp = ctx->key_dec + 4; |
409 | 400 | ||
410 | b0[0] = le32_to_cpu(src[0]) ^ E_KEY[key_len + 24]; | 401 | b0[0] = le32_to_cpu(src[0]) ^ ctx->key_dec[0]; |
411 | b0[1] = le32_to_cpu(src[1]) ^ E_KEY[key_len + 25]; | 402 | b0[1] = le32_to_cpu(src[1]) ^ ctx->key_dec[1]; |
412 | b0[2] = le32_to_cpu(src[2]) ^ E_KEY[key_len + 26]; | 403 | b0[2] = le32_to_cpu(src[2]) ^ ctx->key_dec[2]; |
413 | b0[3] = le32_to_cpu(src[3]) ^ E_KEY[key_len + 27]; | 404 | b0[3] = le32_to_cpu(src[3]) ^ ctx->key_dec[3]; |
414 | 405 | ||
415 | if (key_len > 24) { | 406 | if (key_len > 24) { |
416 | i_nround(b1, b0, kp); | 407 | i_nround(b1, b0, kp); |
@@ -445,7 +436,7 @@ static struct crypto_alg aes_alg = { | |||
445 | .cra_priority = 100, | 436 | .cra_priority = 100, |
446 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | 437 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, |
447 | .cra_blocksize = AES_BLOCK_SIZE, | 438 | .cra_blocksize = AES_BLOCK_SIZE, |
448 | .cra_ctxsize = sizeof(struct aes_ctx), | 439 | .cra_ctxsize = sizeof(struct crypto_aes_ctx), |
449 | .cra_alignmask = 3, | 440 | .cra_alignmask = 3, |
450 | .cra_module = THIS_MODULE, | 441 | .cra_module = THIS_MODULE, |
451 | .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), | 442 | .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), |
@@ -453,7 +444,7 @@ static struct crypto_alg aes_alg = { | |||
453 | .cipher = { | 444 | .cipher = { |
454 | .cia_min_keysize = AES_MIN_KEY_SIZE, | 445 | .cia_min_keysize = AES_MIN_KEY_SIZE, |
455 | .cia_max_keysize = AES_MAX_KEY_SIZE, | 446 | .cia_max_keysize = AES_MAX_KEY_SIZE, |
456 | .cia_setkey = aes_set_key, | 447 | .cia_setkey = crypto_aes_set_key, |
457 | .cia_encrypt = aes_encrypt, | 448 | .cia_encrypt = aes_encrypt, |
458 | .cia_decrypt = aes_decrypt | 449 | .cia_decrypt = aes_decrypt |
459 | } | 450 | } |