aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'crypto')
-rw-r--r--crypto/Kconfig69
-rw-r--r--crypto/Makefile4
-rw-r--r--crypto/ablkcipher.c62
-rw-r--r--crypto/aead.c62
-rw-r--r--crypto/af_alg.c2
-rw-r--r--crypto/ahash.c28
-rw-r--r--crypto/algapi.c12
-rw-r--r--crypto/algif_hash.c4
-rw-r--r--crypto/arc4.c15
-rw-r--r--crypto/async_tx/async_memcpy.c1
-rw-r--r--crypto/async_tx/async_pq.c1
-rw-r--r--crypto/async_tx/async_raid6_recov.c1
-rw-r--r--crypto/async_tx/async_tx.c1
-rw-r--r--crypto/async_tx/async_xor.c1
-rw-r--r--crypto/async_tx/raid6test.c2
-rw-r--r--crypto/blkcipher.c32
-rw-r--r--crypto/blowfish_common.c (renamed from crypto/blowfish.c)98
-rw-r--r--crypto/blowfish_generic.c142
-rw-r--r--crypto/crc32c.c10
-rw-r--r--crypto/cryptd.c2
-rw-r--r--crypto/crypto_user.c435
-rw-r--r--crypto/crypto_wq.c1
-rw-r--r--crypto/gf128mul.c4
-rw-r--r--crypto/ghash-generic.c6
-rw-r--r--crypto/internal.h3
-rw-r--r--crypto/md4.c1
-rw-r--r--crypto/md5.c92
-rw-r--r--crypto/pcompress.c25
-rw-r--r--crypto/proc.c3
-rw-r--r--crypto/rng.c29
-rw-r--r--crypto/sha1_generic.c20
-rw-r--r--crypto/shash.c28
-rw-r--r--crypto/tcrypt.c10
-rw-r--r--crypto/testmgr.c30
-rw-r--r--crypto/testmgr.h691
-rw-r--r--crypto/vmac.c1
-rw-r--r--crypto/wp512.c18
-rw-r--r--crypto/xcbc.c1
38 files changed, 1712 insertions, 235 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 87b22ca9c223..527a857d10b6 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -100,6 +100,14 @@ config CRYPTO_MANAGER2
100 select CRYPTO_BLKCIPHER2 100 select CRYPTO_BLKCIPHER2
101 select CRYPTO_PCOMP2 101 select CRYPTO_PCOMP2
102 102
103config CRYPTO_USER
104 tristate "Userspace cryptographic algorithm configuration"
105 depends on NET
106 select CRYPTO_MANAGER
107 help
108 Userapace configuration for cryptographic instantiations such as
109 cbc(aes).
110
103config CRYPTO_MANAGER_DISABLE_TESTS 111config CRYPTO_MANAGER_DISABLE_TESTS
104 bool "Disable run-time self tests" 112 bool "Disable run-time self tests"
105 default y 113 default y
@@ -354,7 +362,7 @@ config CRYPTO_RMD128
354 RIPEMD-128 (ISO/IEC 10118-3:2004). 362 RIPEMD-128 (ISO/IEC 10118-3:2004).
355 363
356 RIPEMD-128 is a 128-bit cryptographic hash function. It should only 364 RIPEMD-128 is a 128-bit cryptographic hash function. It should only
357 to be used as a secure replacement for RIPEMD. For other use cases 365 be used as a secure replacement for RIPEMD. For other use cases,
358 RIPEMD-160 should be used. 366 RIPEMD-160 should be used.
359 367
360 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. 368 Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
@@ -407,6 +415,16 @@ config CRYPTO_SHA1
407 help 415 help
408 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). 416 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
409 417
418config CRYPTO_SHA1_SSSE3
419 tristate "SHA1 digest algorithm (SSSE3/AVX)"
420 depends on X86 && 64BIT
421 select CRYPTO_SHA1
422 select CRYPTO_HASH
423 help
424 SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2) implemented
425 using Supplemental SSE3 (SSSE3) instructions or Advanced Vector
426 Extensions (AVX), when available.
427
410config CRYPTO_SHA256 428config CRYPTO_SHA256
411 tristate "SHA224 and SHA256 digest algorithm" 429 tristate "SHA224 and SHA256 digest algorithm"
412 select CRYPTO_HASH 430 select CRYPTO_HASH
@@ -458,7 +476,7 @@ config CRYPTO_WP512
458 476
459config CRYPTO_GHASH_CLMUL_NI_INTEL 477config CRYPTO_GHASH_CLMUL_NI_INTEL
460 tristate "GHASH digest algorithm (CLMUL-NI accelerated)" 478 tristate "GHASH digest algorithm (CLMUL-NI accelerated)"
461 depends on (X86 || UML_X86) && 64BIT 479 depends on X86 && 64BIT
462 select CRYPTO_SHASH 480 select CRYPTO_SHASH
463 select CRYPTO_CRYPTD 481 select CRYPTO_CRYPTD
464 help 482 help
@@ -533,7 +551,7 @@ config CRYPTO_AES_X86_64
533 551
534config CRYPTO_AES_NI_INTEL 552config CRYPTO_AES_NI_INTEL
535 tristate "AES cipher algorithms (AES-NI)" 553 tristate "AES cipher algorithms (AES-NI)"
536 depends on (X86 || UML_X86) 554 depends on X86
537 select CRYPTO_AES_X86_64 if 64BIT 555 select CRYPTO_AES_X86_64 if 64BIT
538 select CRYPTO_AES_586 if !64BIT 556 select CRYPTO_AES_586 if !64BIT
539 select CRYPTO_CRYPTD 557 select CRYPTO_CRYPTD
@@ -590,6 +608,7 @@ config CRYPTO_ARC4
590config CRYPTO_BLOWFISH 608config CRYPTO_BLOWFISH
591 tristate "Blowfish cipher algorithm" 609 tristate "Blowfish cipher algorithm"
592 select CRYPTO_ALGAPI 610 select CRYPTO_ALGAPI
611 select CRYPTO_BLOWFISH_COMMON
593 help 612 help
594 Blowfish cipher algorithm, by Bruce Schneier. 613 Blowfish cipher algorithm, by Bruce Schneier.
595 614
@@ -600,6 +619,30 @@ config CRYPTO_BLOWFISH
600 See also: 619 See also:
601 <http://www.schneier.com/blowfish.html> 620 <http://www.schneier.com/blowfish.html>
602 621
622config CRYPTO_BLOWFISH_COMMON
623 tristate
624 help
625 Common parts of the Blowfish cipher algorithm shared by the
626 generic c and the assembler implementations.
627
628 See also:
629 <http://www.schneier.com/blowfish.html>
630
631config CRYPTO_BLOWFISH_X86_64
632 tristate "Blowfish cipher algorithm (x86_64)"
633 depends on (X86 || UML_X86) && 64BIT
634 select CRYPTO_ALGAPI
635 select CRYPTO_BLOWFISH_COMMON
636 help
637 Blowfish cipher algorithm (x86_64), by Bruce Schneier.
638
639 This is a variable key length cipher which can use keys from 32
640 bits to 448 bits in length. It's fast, simple and specifically
641 designed for use on "large microprocessors".
642
643 See also:
644 <http://www.schneier.com/blowfish.html>
645
603config CRYPTO_CAMELLIA 646config CRYPTO_CAMELLIA
604 tristate "Camellia cipher algorithms" 647 tristate "Camellia cipher algorithms"
605 depends on CRYPTO 648 depends on CRYPTO
@@ -793,6 +836,26 @@ config CRYPTO_TWOFISH_X86_64
793 See also: 836 See also:
794 <http://www.schneier.com/twofish.html> 837 <http://www.schneier.com/twofish.html>
795 838
839config CRYPTO_TWOFISH_X86_64_3WAY
840 tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
841 depends on (X86 || UML_X86) && 64BIT
842 select CRYPTO_ALGAPI
843 select CRYPTO_TWOFISH_COMMON
844 select CRYPTO_TWOFISH_X86_64
845 help
846 Twofish cipher algorithm (x86_64, 3-way parallel).
847
848 Twofish was submitted as an AES (Advanced Encryption Standard)
849 candidate cipher by researchers at CounterPane Systems. It is a
850 16 round block cipher supporting key sizes of 128, 192, and 256
851 bits.
852
853 This module provides Twofish cipher algorithm that processes three
854 blocks parallel, utilizing resources of out-of-order CPUs better.
855
856 See also:
857 <http://www.schneier.com/twofish.html>
858
796comment "Compression" 859comment "Compression"
797 860
798config CRYPTO_DEFLATE 861config CRYPTO_DEFLATE
diff --git a/crypto/Makefile b/crypto/Makefile
index ce5a813d3639..9e6eee2c05db 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -31,6 +31,7 @@ obj-$(CONFIG_CRYPTO_PCOMP2) += pcompress.o
31cryptomgr-y := algboss.o testmgr.o 31cryptomgr-y := algboss.o testmgr.o
32 32
33obj-$(CONFIG_CRYPTO_MANAGER2) += cryptomgr.o 33obj-$(CONFIG_CRYPTO_MANAGER2) += cryptomgr.o
34obj-$(CONFIG_CRYPTO_USER) += crypto_user.o
34obj-$(CONFIG_CRYPTO_HMAC) += hmac.o 35obj-$(CONFIG_CRYPTO_HMAC) += hmac.o
35obj-$(CONFIG_CRYPTO_VMAC) += vmac.o 36obj-$(CONFIG_CRYPTO_VMAC) += vmac.o
36obj-$(CONFIG_CRYPTO_XCBC) += xcbc.o 37obj-$(CONFIG_CRYPTO_XCBC) += xcbc.o
@@ -60,7 +61,8 @@ obj-$(CONFIG_CRYPTO_PCRYPT) += pcrypt.o
60obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o 61obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o
61obj-$(CONFIG_CRYPTO_DES) += des_generic.o 62obj-$(CONFIG_CRYPTO_DES) += des_generic.o
62obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o 63obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o
63obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish.o 64obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish_generic.o
65obj-$(CONFIG_CRYPTO_BLOWFISH_COMMON) += blowfish_common.o
64obj-$(CONFIG_CRYPTO_TWOFISH) += twofish_generic.o 66obj-$(CONFIG_CRYPTO_TWOFISH) += twofish_generic.o
65obj-$(CONFIG_CRYPTO_TWOFISH_COMMON) += twofish_common.o 67obj-$(CONFIG_CRYPTO_TWOFISH_COMMON) += twofish_common.o
66obj-$(CONFIG_CRYPTO_SERPENT) += serpent.o 68obj-$(CONFIG_CRYPTO_SERPENT) += serpent.o
diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c
index fdc67d38660b..a0f768c1d9aa 100644
--- a/crypto/ablkcipher.c
+++ b/crypto/ablkcipher.c
@@ -23,6 +23,8 @@
23#include <linux/sched.h> 23#include <linux/sched.h>
24#include <linux/slab.h> 24#include <linux/slab.h>
25#include <linux/seq_file.h> 25#include <linux/seq_file.h>
26#include <linux/cryptouser.h>
27#include <net/netlink.h>
26 28
27#include <crypto/scatterwalk.h> 29#include <crypto/scatterwalk.h>
28 30
@@ -381,6 +383,35 @@ static int crypto_init_ablkcipher_ops(struct crypto_tfm *tfm, u32 type,
381 return 0; 383 return 0;
382} 384}
383 385
386#ifdef CONFIG_NET
387static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
388{
389 struct crypto_report_blkcipher rblkcipher;
390
391 snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "ablkcipher");
392 snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s",
393 alg->cra_ablkcipher.geniv ?: "<default>");
394
395 rblkcipher.blocksize = alg->cra_blocksize;
396 rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
397 rblkcipher.max_keysize = alg->cra_ablkcipher.max_keysize;
398 rblkcipher.ivsize = alg->cra_ablkcipher.ivsize;
399
400 NLA_PUT(skb, CRYPTOCFGA_REPORT_BLKCIPHER,
401 sizeof(struct crypto_report_blkcipher), &rblkcipher);
402
403 return 0;
404
405nla_put_failure:
406 return -EMSGSIZE;
407}
408#else
409static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
410{
411 return -ENOSYS;
412}
413#endif
414
384static void crypto_ablkcipher_show(struct seq_file *m, struct crypto_alg *alg) 415static void crypto_ablkcipher_show(struct seq_file *m, struct crypto_alg *alg)
385 __attribute__ ((unused)); 416 __attribute__ ((unused));
386static void crypto_ablkcipher_show(struct seq_file *m, struct crypto_alg *alg) 417static void crypto_ablkcipher_show(struct seq_file *m, struct crypto_alg *alg)
@@ -403,6 +434,7 @@ const struct crypto_type crypto_ablkcipher_type = {
403#ifdef CONFIG_PROC_FS 434#ifdef CONFIG_PROC_FS
404 .show = crypto_ablkcipher_show, 435 .show = crypto_ablkcipher_show,
405#endif 436#endif
437 .report = crypto_ablkcipher_report,
406}; 438};
407EXPORT_SYMBOL_GPL(crypto_ablkcipher_type); 439EXPORT_SYMBOL_GPL(crypto_ablkcipher_type);
408 440
@@ -432,6 +464,35 @@ static int crypto_init_givcipher_ops(struct crypto_tfm *tfm, u32 type,
432 return 0; 464 return 0;
433} 465}
434 466
467#ifdef CONFIG_NET
468static int crypto_givcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
469{
470 struct crypto_report_blkcipher rblkcipher;
471
472 snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "givcipher");
473 snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s",
474 alg->cra_ablkcipher.geniv ?: "<built-in>");
475
476 rblkcipher.blocksize = alg->cra_blocksize;
477 rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize;
478 rblkcipher.max_keysize = alg->cra_ablkcipher.max_keysize;
479 rblkcipher.ivsize = alg->cra_ablkcipher.ivsize;
480
481 NLA_PUT(skb, CRYPTOCFGA_REPORT_BLKCIPHER,
482 sizeof(struct crypto_report_blkcipher), &rblkcipher);
483
484 return 0;
485
486nla_put_failure:
487 return -EMSGSIZE;
488}
489#else
490static int crypto_givcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
491{
492 return -ENOSYS;
493}
494#endif
495
435static void crypto_givcipher_show(struct seq_file *m, struct crypto_alg *alg) 496static void crypto_givcipher_show(struct seq_file *m, struct crypto_alg *alg)
436 __attribute__ ((unused)); 497 __attribute__ ((unused));
437static void crypto_givcipher_show(struct seq_file *m, struct crypto_alg *alg) 498static void crypto_givcipher_show(struct seq_file *m, struct crypto_alg *alg)
@@ -454,6 +515,7 @@ const struct crypto_type crypto_givcipher_type = {
454#ifdef CONFIG_PROC_FS 515#ifdef CONFIG_PROC_FS
455 .show = crypto_givcipher_show, 516 .show = crypto_givcipher_show,
456#endif 517#endif
518 .report = crypto_givcipher_report,
457}; 519};
458EXPORT_SYMBOL_GPL(crypto_givcipher_type); 520EXPORT_SYMBOL_GPL(crypto_givcipher_type);
459 521
diff --git a/crypto/aead.c b/crypto/aead.c
index 6729e8ff68e7..04add3dca6fe 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -21,6 +21,8 @@
21#include <linux/sched.h> 21#include <linux/sched.h>
22#include <linux/slab.h> 22#include <linux/slab.h>
23#include <linux/seq_file.h> 23#include <linux/seq_file.h>
24#include <linux/cryptouser.h>
25#include <net/netlink.h>
24 26
25#include "internal.h" 27#include "internal.h"
26 28
@@ -109,6 +111,35 @@ static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
109 return 0; 111 return 0;
110} 112}
111 113
114#ifdef CONFIG_NET
115static int crypto_aead_report(struct sk_buff *skb, struct crypto_alg *alg)
116{
117 struct crypto_report_aead raead;
118 struct aead_alg *aead = &alg->cra_aead;
119
120 snprintf(raead.type, CRYPTO_MAX_ALG_NAME, "%s", "aead");
121 snprintf(raead.geniv, CRYPTO_MAX_ALG_NAME, "%s",
122 aead->geniv ?: "<built-in>");
123
124 raead.blocksize = alg->cra_blocksize;
125 raead.maxauthsize = aead->maxauthsize;
126 raead.ivsize = aead->ivsize;
127
128 NLA_PUT(skb, CRYPTOCFGA_REPORT_AEAD,
129 sizeof(struct crypto_report_aead), &raead);
130
131 return 0;
132
133nla_put_failure:
134 return -EMSGSIZE;
135}
136#else
137static int crypto_aead_report(struct sk_buff *skb, struct crypto_alg *alg)
138{
139 return -ENOSYS;
140}
141#endif
142
112static void crypto_aead_show(struct seq_file *m, struct crypto_alg *alg) 143static void crypto_aead_show(struct seq_file *m, struct crypto_alg *alg)
113 __attribute__ ((unused)); 144 __attribute__ ((unused));
114static void crypto_aead_show(struct seq_file *m, struct crypto_alg *alg) 145static void crypto_aead_show(struct seq_file *m, struct crypto_alg *alg)
@@ -130,6 +161,7 @@ const struct crypto_type crypto_aead_type = {
130#ifdef CONFIG_PROC_FS 161#ifdef CONFIG_PROC_FS
131 .show = crypto_aead_show, 162 .show = crypto_aead_show,
132#endif 163#endif
164 .report = crypto_aead_report,
133}; 165};
134EXPORT_SYMBOL_GPL(crypto_aead_type); 166EXPORT_SYMBOL_GPL(crypto_aead_type);
135 167
@@ -165,6 +197,35 @@ static int crypto_init_nivaead_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
165 return 0; 197 return 0;
166} 198}
167 199
200#ifdef CONFIG_NET
201static int crypto_nivaead_report(struct sk_buff *skb, struct crypto_alg *alg)
202{
203 struct crypto_report_aead raead;
204 struct aead_alg *aead = &alg->cra_aead;
205
206 snprintf(raead.type, CRYPTO_MAX_ALG_NAME, "%s", "nivaead");
207 snprintf(raead.geniv, CRYPTO_MAX_ALG_NAME, "%s", aead->geniv);
208
209 raead.blocksize = alg->cra_blocksize;
210 raead.maxauthsize = aead->maxauthsize;
211 raead.ivsize = aead->ivsize;
212
213 NLA_PUT(skb, CRYPTOCFGA_REPORT_AEAD,
214 sizeof(struct crypto_report_aead), &raead);
215
216 return 0;
217
218nla_put_failure:
219 return -EMSGSIZE;
220}
221#else
222static int crypto_nivaead_report(struct sk_buff *skb, struct crypto_alg *alg)
223{
224 return -ENOSYS;
225}
226#endif
227
228
168static void crypto_nivaead_show(struct seq_file *m, struct crypto_alg *alg) 229static void crypto_nivaead_show(struct seq_file *m, struct crypto_alg *alg)
169 __attribute__ ((unused)); 230 __attribute__ ((unused));
170static void crypto_nivaead_show(struct seq_file *m, struct crypto_alg *alg) 231static void crypto_nivaead_show(struct seq_file *m, struct crypto_alg *alg)
@@ -186,6 +247,7 @@ const struct crypto_type crypto_nivaead_type = {
186#ifdef CONFIG_PROC_FS 247#ifdef CONFIG_PROC_FS
187 .show = crypto_nivaead_show, 248 .show = crypto_nivaead_show,
188#endif 249#endif
250 .report = crypto_nivaead_report,
189}; 251};
190EXPORT_SYMBOL_GPL(crypto_nivaead_type); 252EXPORT_SYMBOL_GPL(crypto_nivaead_type);
191 253
diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index 940d70cb5c25..ac33d5f30778 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -12,7 +12,7 @@
12 * 12 *
13 */ 13 */
14 14
15#include <asm/atomic.h> 15#include <linux/atomic.h>
16#include <crypto/if_alg.h> 16#include <crypto/if_alg.h>
17#include <linux/crypto.h> 17#include <linux/crypto.h>
18#include <linux/init.h> 18#include <linux/init.h>
diff --git a/crypto/ahash.c b/crypto/ahash.c
index f669822a7a44..ac93c99cfae8 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -21,6 +21,8 @@
21#include <linux/sched.h> 21#include <linux/sched.h>
22#include <linux/slab.h> 22#include <linux/slab.h>
23#include <linux/seq_file.h> 23#include <linux/seq_file.h>
24#include <linux/cryptouser.h>
25#include <net/netlink.h>
24 26
25#include "internal.h" 27#include "internal.h"
26 28
@@ -397,6 +399,31 @@ static unsigned int crypto_ahash_extsize(struct crypto_alg *alg)
397 return sizeof(struct crypto_shash *); 399 return sizeof(struct crypto_shash *);
398} 400}
399 401
402#ifdef CONFIG_NET
403static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg)
404{
405 struct crypto_report_hash rhash;
406
407 snprintf(rhash.type, CRYPTO_MAX_ALG_NAME, "%s", "ahash");
408
409 rhash.blocksize = alg->cra_blocksize;
410 rhash.digestsize = __crypto_hash_alg_common(alg)->digestsize;
411
412 NLA_PUT(skb, CRYPTOCFGA_REPORT_HASH,
413 sizeof(struct crypto_report_hash), &rhash);
414
415 return 0;
416
417nla_put_failure:
418 return -EMSGSIZE;
419}
420#else
421static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg)
422{
423 return -ENOSYS;
424}
425#endif
426
400static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg) 427static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg)
401 __attribute__ ((unused)); 428 __attribute__ ((unused));
402static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg) 429static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg)
@@ -415,6 +442,7 @@ const struct crypto_type crypto_ahash_type = {
415#ifdef CONFIG_PROC_FS 442#ifdef CONFIG_PROC_FS
416 .show = crypto_ahash_show, 443 .show = crypto_ahash_show,
417#endif 444#endif
445 .report = crypto_ahash_report,
418 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 446 .maskclear = ~CRYPTO_ALG_TYPE_MASK,
419 .maskset = CRYPTO_ALG_TYPE_AHASH_MASK, 447 .maskset = CRYPTO_ALG_TYPE_AHASH_MASK,
420 .type = CRYPTO_ALG_TYPE_AHASH, 448 .type = CRYPTO_ALG_TYPE_AHASH,
diff --git a/crypto/algapi.c b/crypto/algapi.c
index c3cf1a69a47a..54dd4e33b5d6 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -22,8 +22,6 @@
22 22
23#include "internal.h" 23#include "internal.h"
24 24
25static void crypto_remove_final(struct list_head *list);
26
27static LIST_HEAD(crypto_template_list); 25static LIST_HEAD(crypto_template_list);
28 26
29void crypto_larval_error(const char *name, u32 type, u32 mask) 27void crypto_larval_error(const char *name, u32 type, u32 mask)
@@ -129,9 +127,8 @@ static void crypto_remove_spawn(struct crypto_spawn *spawn,
129 BUG_ON(!list_empty(&inst->alg.cra_users)); 127 BUG_ON(!list_empty(&inst->alg.cra_users));
130} 128}
131 129
132static void crypto_remove_spawns(struct crypto_alg *alg, 130void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
133 struct list_head *list, 131 struct crypto_alg *nalg)
134 struct crypto_alg *nalg)
135{ 132{
136 u32 new_type = (nalg ?: alg)->cra_flags; 133 u32 new_type = (nalg ?: alg)->cra_flags;
137 struct crypto_spawn *spawn, *n; 134 struct crypto_spawn *spawn, *n;
@@ -177,6 +174,7 @@ static void crypto_remove_spawns(struct crypto_alg *alg,
177 crypto_remove_spawn(spawn, list); 174 crypto_remove_spawn(spawn, list);
178 } 175 }
179} 176}
177EXPORT_SYMBOL_GPL(crypto_remove_spawns);
180 178
181static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg) 179static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg)
182{ 180{
@@ -321,7 +319,7 @@ unlock:
321} 319}
322EXPORT_SYMBOL_GPL(crypto_alg_tested); 320EXPORT_SYMBOL_GPL(crypto_alg_tested);
323 321
324static void crypto_remove_final(struct list_head *list) 322void crypto_remove_final(struct list_head *list)
325{ 323{
326 struct crypto_alg *alg; 324 struct crypto_alg *alg;
327 struct crypto_alg *n; 325 struct crypto_alg *n;
@@ -331,6 +329,7 @@ static void crypto_remove_final(struct list_head *list)
331 crypto_alg_put(alg); 329 crypto_alg_put(alg);
332 } 330 }
333} 331}
332EXPORT_SYMBOL_GPL(crypto_remove_final);
334 333
335static void crypto_wait_for_test(struct crypto_larval *larval) 334static void crypto_wait_for_test(struct crypto_larval *larval)
336{ 335{
@@ -493,6 +492,7 @@ int crypto_register_instance(struct crypto_template *tmpl,
493 goto err; 492 goto err;
494 493
495 inst->alg.cra_module = tmpl->module; 494 inst->alg.cra_module = tmpl->module;
495 inst->alg.cra_flags |= CRYPTO_ALG_INSTANCE;
496 496
497 down_write(&crypto_alg_sem); 497 down_write(&crypto_alg_sem);
498 498
diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
index 62122a1a2f7a..ef5356cd280a 100644
--- a/crypto/algif_hash.c
+++ b/crypto/algif_hash.c
@@ -68,8 +68,10 @@ static int hash_sendmsg(struct kiocb *unused, struct socket *sock,
68 int newlen; 68 int newlen;
69 69
70 newlen = af_alg_make_sg(&ctx->sgl, from, len, 0); 70 newlen = af_alg_make_sg(&ctx->sgl, from, len, 0);
71 if (newlen < 0) 71 if (newlen < 0) {
72 err = copied ? 0 : newlen;
72 goto unlock; 73 goto unlock;
74 }
73 75
74 ahash_request_set_crypt(&ctx->req, ctx->sgl.sg, NULL, 76 ahash_request_set_crypt(&ctx->req, ctx->sgl.sg, NULL,
75 newlen); 77 newlen);
diff --git a/crypto/arc4.c b/crypto/arc4.c
index 8be47e13a9e3..0d12a96da1d8 100644
--- a/crypto/arc4.c
+++ b/crypto/arc4.c
@@ -1,4 +1,4 @@
1/* 1/*
2 * Cryptographic API 2 * Cryptographic API
3 * 3 *
4 * ARC4 Cipher Algorithm 4 * ARC4 Cipher Algorithm
@@ -33,16 +33,15 @@ static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key,
33 ctx->x = 1; 33 ctx->x = 1;
34 ctx->y = 0; 34 ctx->y = 0;
35 35
36 for(i = 0; i < 256; i++) 36 for (i = 0; i < 256; i++)
37 ctx->S[i] = i; 37 ctx->S[i] = i;
38 38
39 for(i = 0; i < 256; i++) 39 for (i = 0; i < 256; i++) {
40 {
41 u8 a = ctx->S[i]; 40 u8 a = ctx->S[i];
42 j = (j + in_key[k] + a) & 0xff; 41 j = (j + in_key[k] + a) & 0xff;
43 ctx->S[i] = ctx->S[j]; 42 ctx->S[i] = ctx->S[j];
44 ctx->S[j] = a; 43 ctx->S[j] = a;
45 if(++k >= key_len) 44 if (++k >= key_len)
46 k = 0; 45 k = 0;
47 } 46 }
48 47
@@ -80,9 +79,9 @@ static struct crypto_alg arc4_alg = {
80 .cra_u = { .cipher = { 79 .cra_u = { .cipher = {
81 .cia_min_keysize = ARC4_MIN_KEY_SIZE, 80 .cia_min_keysize = ARC4_MIN_KEY_SIZE,
82 .cia_max_keysize = ARC4_MAX_KEY_SIZE, 81 .cia_max_keysize = ARC4_MAX_KEY_SIZE,
83 .cia_setkey = arc4_set_key, 82 .cia_setkey = arc4_set_key,
84 .cia_encrypt = arc4_crypt, 83 .cia_encrypt = arc4_crypt,
85 .cia_decrypt = arc4_crypt } } 84 .cia_decrypt = arc4_crypt } }
86}; 85};
87 86
88static int __init arc4_init(void) 87static int __init arc4_init(void)
diff --git a/crypto/async_tx/async_memcpy.c b/crypto/async_tx/async_memcpy.c
index 518c22bd9562..0d5a90ca6501 100644
--- a/crypto/async_tx/async_memcpy.c
+++ b/crypto/async_tx/async_memcpy.c
@@ -25,6 +25,7 @@
25 */ 25 */
26#include <linux/kernel.h> 26#include <linux/kernel.h>
27#include <linux/highmem.h> 27#include <linux/highmem.h>
28#include <linux/module.h>
28#include <linux/mm.h> 29#include <linux/mm.h>
29#include <linux/dma-mapping.h> 30#include <linux/dma-mapping.h>
30#include <linux/async_tx.h> 31#include <linux/async_tx.h>
diff --git a/crypto/async_tx/async_pq.c b/crypto/async_tx/async_pq.c
index fdd8257d35d9..91d5d385899e 100644
--- a/crypto/async_tx/async_pq.c
+++ b/crypto/async_tx/async_pq.c
@@ -21,6 +21,7 @@
21 */ 21 */
22#include <linux/kernel.h> 22#include <linux/kernel.h>
23#include <linux/interrupt.h> 23#include <linux/interrupt.h>
24#include <linux/module.h>
24#include <linux/dma-mapping.h> 25#include <linux/dma-mapping.h>
25#include <linux/raid/pq.h> 26#include <linux/raid/pq.h>
26#include <linux/async_tx.h> 27#include <linux/async_tx.h>
diff --git a/crypto/async_tx/async_raid6_recov.c b/crypto/async_tx/async_raid6_recov.c
index ce038d861eb9..a9f08a6a582e 100644
--- a/crypto/async_tx/async_raid6_recov.c
+++ b/crypto/async_tx/async_raid6_recov.c
@@ -22,6 +22,7 @@
22 */ 22 */
23#include <linux/kernel.h> 23#include <linux/kernel.h>
24#include <linux/interrupt.h> 24#include <linux/interrupt.h>
25#include <linux/module.h>
25#include <linux/dma-mapping.h> 26#include <linux/dma-mapping.h>
26#include <linux/raid/pq.h> 27#include <linux/raid/pq.h>
27#include <linux/async_tx.h> 28#include <linux/async_tx.h>
diff --git a/crypto/async_tx/async_tx.c b/crypto/async_tx/async_tx.c
index 7f2c00a45205..842120979374 100644
--- a/crypto/async_tx/async_tx.c
+++ b/crypto/async_tx/async_tx.c
@@ -24,6 +24,7 @@
24 * 24 *
25 */ 25 */
26#include <linux/rculist.h> 26#include <linux/rculist.h>
27#include <linux/module.h>
27#include <linux/kernel.h> 28#include <linux/kernel.h>
28#include <linux/async_tx.h> 29#include <linux/async_tx.h>
29 30
diff --git a/crypto/async_tx/async_xor.c b/crypto/async_tx/async_xor.c
index bc28337fded2..154cc84381c2 100644
--- a/crypto/async_tx/async_xor.c
+++ b/crypto/async_tx/async_xor.c
@@ -25,6 +25,7 @@
25 */ 25 */
26#include <linux/kernel.h> 26#include <linux/kernel.h>
27#include <linux/interrupt.h> 27#include <linux/interrupt.h>
28#include <linux/module.h>
28#include <linux/mm.h> 29#include <linux/mm.h>
29#include <linux/dma-mapping.h> 30#include <linux/dma-mapping.h>
30#include <linux/raid/xor.h> 31#include <linux/raid/xor.h>
diff --git a/crypto/async_tx/raid6test.c b/crypto/async_tx/raid6test.c
index c1321935ebcc..aa2b0270ed16 100644
--- a/crypto/async_tx/raid6test.c
+++ b/crypto/async_tx/raid6test.c
@@ -21,7 +21,9 @@
21 */ 21 */
22#include <linux/async_tx.h> 22#include <linux/async_tx.h>
23#include <linux/gfp.h> 23#include <linux/gfp.h>
24#include <linux/mm.h>
24#include <linux/random.h> 25#include <linux/random.h>
26#include <linux/module.h>
25 27
26#undef pr 28#undef pr
27#define pr(fmt, args...) pr_info("raid6test: " fmt, ##args) 29#define pr(fmt, args...) pr_info("raid6test: " fmt, ##args)
diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c
index 7a7219266e3c..1e61d1a888b2 100644
--- a/crypto/blkcipher.c
+++ b/crypto/blkcipher.c
@@ -24,6 +24,8 @@
24#include <linux/seq_file.h> 24#include <linux/seq_file.h>
25#include <linux/slab.h> 25#include <linux/slab.h>
26#include <linux/string.h> 26#include <linux/string.h>
27#include <linux/cryptouser.h>
28#include <net/netlink.h>
27 29
28#include "internal.h" 30#include "internal.h"
29 31
@@ -492,6 +494,35 @@ static int crypto_init_blkcipher_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
492 return crypto_init_blkcipher_ops_async(tfm); 494 return crypto_init_blkcipher_ops_async(tfm);
493} 495}
494 496
497#ifdef CONFIG_NET
498static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
499{
500 struct crypto_report_blkcipher rblkcipher;
501
502 snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "blkcipher");
503 snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s",
504 alg->cra_blkcipher.geniv ?: "<default>");
505
506 rblkcipher.blocksize = alg->cra_blocksize;
507 rblkcipher.min_keysize = alg->cra_blkcipher.min_keysize;
508 rblkcipher.max_keysize = alg->cra_blkcipher.max_keysize;
509 rblkcipher.ivsize = alg->cra_blkcipher.ivsize;
510
511 NLA_PUT(skb, CRYPTOCFGA_REPORT_BLKCIPHER,
512 sizeof(struct crypto_report_blkcipher), &rblkcipher);
513
514 return 0;
515
516nla_put_failure:
517 return -EMSGSIZE;
518}
519#else
520static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
521{
522 return -ENOSYS;
523}
524#endif
525
495static void crypto_blkcipher_show(struct seq_file *m, struct crypto_alg *alg) 526static void crypto_blkcipher_show(struct seq_file *m, struct crypto_alg *alg)
496 __attribute__ ((unused)); 527 __attribute__ ((unused));
497static void crypto_blkcipher_show(struct seq_file *m, struct crypto_alg *alg) 528static void crypto_blkcipher_show(struct seq_file *m, struct crypto_alg *alg)
@@ -511,6 +542,7 @@ const struct crypto_type crypto_blkcipher_type = {
511#ifdef CONFIG_PROC_FS 542#ifdef CONFIG_PROC_FS
512 .show = crypto_blkcipher_show, 543 .show = crypto_blkcipher_show,
513#endif 544#endif
545 .report = crypto_blkcipher_report,
514}; 546};
515EXPORT_SYMBOL_GPL(crypto_blkcipher_type); 547EXPORT_SYMBOL_GPL(crypto_blkcipher_type);
516 548
diff --git a/crypto/blowfish.c b/crypto/blowfish_common.c
index a67d52ee0580..f636aab0209f 100644
--- a/crypto/blowfish.c
+++ b/crypto/blowfish_common.c
@@ -1,6 +1,9 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * Common Blowfish algorithm parts shared between the c and assembler
5 * implementations.
6 *
4 * Blowfish Cipher Algorithm, by Bruce Schneier. 7 * Blowfish Cipher Algorithm, by Bruce Schneier.
5 * http://www.counterpane.com/blowfish.html 8 * http://www.counterpane.com/blowfish.html
6 * 9 *
@@ -22,15 +25,7 @@
22#include <asm/byteorder.h> 25#include <asm/byteorder.h>
23#include <linux/crypto.h> 26#include <linux/crypto.h>
24#include <linux/types.h> 27#include <linux/types.h>
25 28#include <crypto/blowfish.h>
26#define BF_BLOCK_SIZE 8
27#define BF_MIN_KEY_SIZE 4
28#define BF_MAX_KEY_SIZE 56
29
30struct bf_ctx {
31 u32 p[18];
32 u32 s[1024];
33};
34 29
35static const u32 bf_pbox[16 + 2] = { 30static const u32 bf_pbox[16 + 2] = {
36 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 31 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344,
@@ -309,9 +304,9 @@ static const u32 bf_sbox[256 * 4] = {
309#define GET32_0(x) (((x) >> (24)) & (0xff)) 304#define GET32_0(x) (((x) >> (24)) & (0xff))
310 305
311#define bf_F(x) (((S[GET32_0(x)] + S[256 + GET32_1(x)]) ^ \ 306#define bf_F(x) (((S[GET32_0(x)] + S[256 + GET32_1(x)]) ^ \
312 S[512 + GET32_2(x)]) + S[768 + GET32_3(x)]) 307 S[512 + GET32_2(x)]) + S[768 + GET32_3(x)])
313 308
314#define ROUND(a, b, n) b ^= P[n]; a ^= bf_F (b) 309#define ROUND(a, b, n) ({ b ^= P[n]; a ^= bf_F(b); })
315 310
316/* 311/*
317 * The blowfish encipher, processes 64-bit blocks. 312 * The blowfish encipher, processes 64-bit blocks.
@@ -348,57 +343,10 @@ static void encrypt_block(struct bf_ctx *bctx, u32 *dst, u32 *src)
348 dst[1] = yl; 343 dst[1] = yl;
349} 344}
350 345
351static void bf_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
352{
353 const __be32 *in_blk = (const __be32 *)src;
354 __be32 *const out_blk = (__be32 *)dst;
355 u32 in32[2], out32[2];
356
357 in32[0] = be32_to_cpu(in_blk[0]);
358 in32[1] = be32_to_cpu(in_blk[1]);
359 encrypt_block(crypto_tfm_ctx(tfm), out32, in32);
360 out_blk[0] = cpu_to_be32(out32[0]);
361 out_blk[1] = cpu_to_be32(out32[1]);
362}
363
364static void bf_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
365{
366 struct bf_ctx *ctx = crypto_tfm_ctx(tfm);
367 const __be32 *in_blk = (const __be32 *)src;
368 __be32 *const out_blk = (__be32 *)dst;
369 const u32 *P = ctx->p;
370 const u32 *S = ctx->s;
371 u32 yl = be32_to_cpu(in_blk[0]);
372 u32 yr = be32_to_cpu(in_blk[1]);
373
374 ROUND(yr, yl, 17);
375 ROUND(yl, yr, 16);
376 ROUND(yr, yl, 15);
377 ROUND(yl, yr, 14);
378 ROUND(yr, yl, 13);
379 ROUND(yl, yr, 12);
380 ROUND(yr, yl, 11);
381 ROUND(yl, yr, 10);
382 ROUND(yr, yl, 9);
383 ROUND(yl, yr, 8);
384 ROUND(yr, yl, 7);
385 ROUND(yl, yr, 6);
386 ROUND(yr, yl, 5);
387 ROUND(yl, yr, 4);
388 ROUND(yr, yl, 3);
389 ROUND(yl, yr, 2);
390
391 yl ^= P[1];
392 yr ^= P[0];
393
394 out_blk[0] = cpu_to_be32(yr);
395 out_blk[1] = cpu_to_be32(yl);
396}
397
398/* 346/*
399 * Calculates the blowfish S and P boxes for encryption and decryption. 347 * Calculates the blowfish S and P boxes for encryption and decryption.
400 */ 348 */
401static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) 349int blowfish_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
402{ 350{
403 struct bf_ctx *ctx = crypto_tfm_ctx(tfm); 351 struct bf_ctx *ctx = crypto_tfm_ctx(tfm);
404 u32 *P = ctx->p; 352 u32 *P = ctx->p;
@@ -448,35 +396,7 @@ static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
448 /* Bruce says not to bother with the weak key check. */ 396 /* Bruce says not to bother with the weak key check. */
449 return 0; 397 return 0;
450} 398}
451 399EXPORT_SYMBOL_GPL(blowfish_setkey);
452static struct crypto_alg alg = {
453 .cra_name = "blowfish",
454 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
455 .cra_blocksize = BF_BLOCK_SIZE,
456 .cra_ctxsize = sizeof(struct bf_ctx),
457 .cra_alignmask = 3,
458 .cra_module = THIS_MODULE,
459 .cra_list = LIST_HEAD_INIT(alg.cra_list),
460 .cra_u = { .cipher = {
461 .cia_min_keysize = BF_MIN_KEY_SIZE,
462 .cia_max_keysize = BF_MAX_KEY_SIZE,
463 .cia_setkey = bf_setkey,
464 .cia_encrypt = bf_encrypt,
465 .cia_decrypt = bf_decrypt } }
466};
467
468static int __init blowfish_mod_init(void)
469{
470 return crypto_register_alg(&alg);
471}
472
473static void __exit blowfish_mod_fini(void)
474{
475 crypto_unregister_alg(&alg);
476}
477
478module_init(blowfish_mod_init);
479module_exit(blowfish_mod_fini);
480 400
481MODULE_LICENSE("GPL"); 401MODULE_LICENSE("GPL");
482MODULE_DESCRIPTION("Blowfish Cipher Algorithm"); 402MODULE_DESCRIPTION("Blowfish Cipher common functions");
diff --git a/crypto/blowfish_generic.c b/crypto/blowfish_generic.c
new file mode 100644
index 000000000000..6f269b5cfa3b
--- /dev/null
+++ b/crypto/blowfish_generic.c
@@ -0,0 +1,142 @@
1/*
2 * Cryptographic API.
3 *
4 * Blowfish Cipher Algorithm, by Bruce Schneier.
5 * http://www.counterpane.com/blowfish.html
6 *
7 * Adapted from Kerneli implementation.
8 *
9 * Copyright (c) Herbert Valerio Riedel <hvr@hvrlab.org>
10 * Copyright (c) Kyle McMartin <kyle@debian.org>
11 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 */
19#include <linux/init.h>
20#include <linux/module.h>
21#include <linux/mm.h>
22#include <asm/byteorder.h>
23#include <linux/crypto.h>
24#include <linux/types.h>
25#include <crypto/blowfish.h>
26
27/*
28 * Round loop unrolling macros, S is a pointer to a S-Box array
29 * organized in 4 unsigned longs at a row.
30 */
31#define GET32_3(x) (((x) & 0xff))
32#define GET32_2(x) (((x) >> (8)) & (0xff))
33#define GET32_1(x) (((x) >> (16)) & (0xff))
34#define GET32_0(x) (((x) >> (24)) & (0xff))
35
36#define bf_F(x) (((S[GET32_0(x)] + S[256 + GET32_1(x)]) ^ \
37 S[512 + GET32_2(x)]) + S[768 + GET32_3(x)])
38
39#define ROUND(a, b, n) ({ b ^= P[n]; a ^= bf_F(b); })
40
41static void bf_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
42{
43 struct bf_ctx *ctx = crypto_tfm_ctx(tfm);
44 const __be32 *in_blk = (const __be32 *)src;
45 __be32 *const out_blk = (__be32 *)dst;
46 const u32 *P = ctx->p;
47 const u32 *S = ctx->s;
48 u32 yl = be32_to_cpu(in_blk[0]);
49 u32 yr = be32_to_cpu(in_blk[1]);
50
51 ROUND(yr, yl, 0);
52 ROUND(yl, yr, 1);
53 ROUND(yr, yl, 2);
54 ROUND(yl, yr, 3);
55 ROUND(yr, yl, 4);
56 ROUND(yl, yr, 5);
57 ROUND(yr, yl, 6);
58 ROUND(yl, yr, 7);
59 ROUND(yr, yl, 8);
60 ROUND(yl, yr, 9);
61 ROUND(yr, yl, 10);
62 ROUND(yl, yr, 11);
63 ROUND(yr, yl, 12);
64 ROUND(yl, yr, 13);
65 ROUND(yr, yl, 14);
66 ROUND(yl, yr, 15);
67
68 yl ^= P[16];
69 yr ^= P[17];
70
71 out_blk[0] = cpu_to_be32(yr);
72 out_blk[1] = cpu_to_be32(yl);
73}
74
75static void bf_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
76{
77 struct bf_ctx *ctx = crypto_tfm_ctx(tfm);
78 const __be32 *in_blk = (const __be32 *)src;
79 __be32 *const out_blk = (__be32 *)dst;
80 const u32 *P = ctx->p;
81 const u32 *S = ctx->s;
82 u32 yl = be32_to_cpu(in_blk[0]);
83 u32 yr = be32_to_cpu(in_blk[1]);
84
85 ROUND(yr, yl, 17);
86 ROUND(yl, yr, 16);
87 ROUND(yr, yl, 15);
88 ROUND(yl, yr, 14);
89 ROUND(yr, yl, 13);
90 ROUND(yl, yr, 12);
91 ROUND(yr, yl, 11);
92 ROUND(yl, yr, 10);
93 ROUND(yr, yl, 9);
94 ROUND(yl, yr, 8);
95 ROUND(yr, yl, 7);
96 ROUND(yl, yr, 6);
97 ROUND(yr, yl, 5);
98 ROUND(yl, yr, 4);
99 ROUND(yr, yl, 3);
100 ROUND(yl, yr, 2);
101
102 yl ^= P[1];
103 yr ^= P[0];
104
105 out_blk[0] = cpu_to_be32(yr);
106 out_blk[1] = cpu_to_be32(yl);
107}
108
109static struct crypto_alg alg = {
110 .cra_name = "blowfish",
111 .cra_driver_name = "blowfish-generic",
112 .cra_priority = 100,
113 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
114 .cra_blocksize = BF_BLOCK_SIZE,
115 .cra_ctxsize = sizeof(struct bf_ctx),
116 .cra_alignmask = 3,
117 .cra_module = THIS_MODULE,
118 .cra_list = LIST_HEAD_INIT(alg.cra_list),
119 .cra_u = { .cipher = {
120 .cia_min_keysize = BF_MIN_KEY_SIZE,
121 .cia_max_keysize = BF_MAX_KEY_SIZE,
122 .cia_setkey = blowfish_setkey,
123 .cia_encrypt = bf_encrypt,
124 .cia_decrypt = bf_decrypt } }
125};
126
127static int __init blowfish_mod_init(void)
128{
129 return crypto_register_alg(&alg);
130}
131
132static void __exit blowfish_mod_fini(void)
133{
134 crypto_unregister_alg(&alg);
135}
136
137module_init(blowfish_mod_init);
138module_exit(blowfish_mod_fini);
139
140MODULE_LICENSE("GPL");
141MODULE_DESCRIPTION("Blowfish Cipher Algorithm");
142MODULE_ALIAS("blowfish");
diff --git a/crypto/crc32c.c b/crypto/crc32c.c
index de9e55c29794..3f9ad2801052 100644
--- a/crypto/crc32c.c
+++ b/crypto/crc32c.c
@@ -224,11 +224,11 @@ static int crc32c_cra_init(struct crypto_tfm *tfm)
224static struct shash_alg alg = { 224static struct shash_alg alg = {
225 .digestsize = CHKSUM_DIGEST_SIZE, 225 .digestsize = CHKSUM_DIGEST_SIZE,
226 .setkey = chksum_setkey, 226 .setkey = chksum_setkey,
227 .init = chksum_init, 227 .init = chksum_init,
228 .update = chksum_update, 228 .update = chksum_update,
229 .final = chksum_final, 229 .final = chksum_final,
230 .finup = chksum_finup, 230 .finup = chksum_finup,
231 .digest = chksum_digest, 231 .digest = chksum_digest,
232 .descsize = sizeof(struct chksum_desc_ctx), 232 .descsize = sizeof(struct chksum_desc_ctx),
233 .base = { 233 .base = {
234 .cra_name = "crc32c", 234 .cra_name = "crc32c",
diff --git a/crypto/cryptd.c b/crypto/cryptd.c
index e46d21ae26bc..671d4d6d14df 100644
--- a/crypto/cryptd.c
+++ b/crypto/cryptd.c
@@ -945,7 +945,7 @@ static void __exit cryptd_exit(void)
945 crypto_unregister_template(&cryptd_tmpl); 945 crypto_unregister_template(&cryptd_tmpl);
946} 946}
947 947
948module_init(cryptd_init); 948subsys_initcall(cryptd_init);
949module_exit(cryptd_exit); 949module_exit(cryptd_exit);
950 950
951MODULE_LICENSE("GPL"); 951MODULE_LICENSE("GPL");
diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
new file mode 100644
index 000000000000..0605a2bbba75
--- /dev/null
+++ b/crypto/crypto_user.c
@@ -0,0 +1,435 @@
1/*
2 * Crypto user configuration API.
3 *
4 * Copyright (C) 2011 secunet Security Networks AG
5 * Copyright (C) 2011 Steffen Klassert <steffen.klassert@secunet.com>
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms and conditions of the GNU General Public License,
9 * version 2, as published by the Free Software Foundation.
10 *
11 * This program is distributed in the hope it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
19 */
20
21#include <linux/module.h>
22#include <linux/crypto.h>
23#include <linux/cryptouser.h>
24#include <net/netlink.h>
25#include <linux/security.h>
26#include <net/net_namespace.h>
27#include "internal.h"
28
29DEFINE_MUTEX(crypto_cfg_mutex);
30
31/* The crypto netlink socket */
32static struct sock *crypto_nlsk;
33
34struct crypto_dump_info {
35 struct sk_buff *in_skb;
36 struct sk_buff *out_skb;
37 u32 nlmsg_seq;
38 u16 nlmsg_flags;
39};
40
41static struct crypto_alg *crypto_alg_match(struct crypto_user_alg *p, int exact)
42{
43 struct crypto_alg *q, *alg = NULL;
44
45 down_read(&crypto_alg_sem);
46
47 list_for_each_entry(q, &crypto_alg_list, cra_list) {
48 int match = 0;
49
50 if ((q->cra_flags ^ p->cru_type) & p->cru_mask)
51 continue;
52
53 if (strlen(p->cru_driver_name))
54 match = !strcmp(q->cra_driver_name,
55 p->cru_driver_name);
56 else if (!exact)
57 match = !strcmp(q->cra_name, p->cru_name);
58
59 if (match) {
60 alg = q;
61 break;
62 }
63 }
64
65 up_read(&crypto_alg_sem);
66
67 return alg;
68}
69
70static int crypto_report_cipher(struct sk_buff *skb, struct crypto_alg *alg)
71{
72 struct crypto_report_cipher rcipher;
73
74 snprintf(rcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "cipher");
75
76 rcipher.blocksize = alg->cra_blocksize;
77 rcipher.min_keysize = alg->cra_cipher.cia_min_keysize;
78 rcipher.max_keysize = alg->cra_cipher.cia_max_keysize;
79
80 NLA_PUT(skb, CRYPTOCFGA_REPORT_CIPHER,
81 sizeof(struct crypto_report_cipher), &rcipher);
82
83 return 0;
84
85nla_put_failure:
86 return -EMSGSIZE;
87}
88
89static int crypto_report_comp(struct sk_buff *skb, struct crypto_alg *alg)
90{
91 struct crypto_report_comp rcomp;
92
93 snprintf(rcomp.type, CRYPTO_MAX_ALG_NAME, "%s", "compression");
94
95 NLA_PUT(skb, CRYPTOCFGA_REPORT_COMPRESS,
96 sizeof(struct crypto_report_comp), &rcomp);
97
98 return 0;
99
100nla_put_failure:
101 return -EMSGSIZE;
102}
103
104static int crypto_report_one(struct crypto_alg *alg,
105 struct crypto_user_alg *ualg, struct sk_buff *skb)
106{
107 memcpy(&ualg->cru_name, &alg->cra_name, sizeof(ualg->cru_name));
108 memcpy(&ualg->cru_driver_name, &alg->cra_driver_name,
109 sizeof(ualg->cru_driver_name));
110 memcpy(&ualg->cru_module_name, module_name(alg->cra_module),
111 CRYPTO_MAX_ALG_NAME);
112
113 ualg->cru_flags = alg->cra_flags;
114 ualg->cru_refcnt = atomic_read(&alg->cra_refcnt);
115
116 NLA_PUT_U32(skb, CRYPTOCFGA_PRIORITY_VAL, alg->cra_priority);
117
118 if (alg->cra_flags & CRYPTO_ALG_LARVAL) {
119 struct crypto_report_larval rl;
120
121 snprintf(rl.type, CRYPTO_MAX_ALG_NAME, "%s", "larval");
122
123 NLA_PUT(skb, CRYPTOCFGA_REPORT_LARVAL,
124 sizeof(struct crypto_report_larval), &rl);
125
126 goto out;
127 }
128
129 if (alg->cra_type && alg->cra_type->report) {
130 if (alg->cra_type->report(skb, alg))
131 goto nla_put_failure;
132
133 goto out;
134 }
135
136 switch (alg->cra_flags & (CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_LARVAL)) {
137 case CRYPTO_ALG_TYPE_CIPHER:
138 if (crypto_report_cipher(skb, alg))
139 goto nla_put_failure;
140
141 break;
142 case CRYPTO_ALG_TYPE_COMPRESS:
143 if (crypto_report_comp(skb, alg))
144 goto nla_put_failure;
145
146 break;
147 }
148
149out:
150 return 0;
151
152nla_put_failure:
153 return -EMSGSIZE;
154}
155
156static int crypto_report_alg(struct crypto_alg *alg,
157 struct crypto_dump_info *info)
158{
159 struct sk_buff *in_skb = info->in_skb;
160 struct sk_buff *skb = info->out_skb;
161 struct nlmsghdr *nlh;
162 struct crypto_user_alg *ualg;
163 int err = 0;
164
165 nlh = nlmsg_put(skb, NETLINK_CB(in_skb).pid, info->nlmsg_seq,
166 CRYPTO_MSG_GETALG, sizeof(*ualg), info->nlmsg_flags);
167 if (!nlh) {
168 err = -EMSGSIZE;
169 goto out;
170 }
171
172 ualg = nlmsg_data(nlh);
173
174 err = crypto_report_one(alg, ualg, skb);
175 if (err) {
176 nlmsg_cancel(skb, nlh);
177 goto out;
178 }
179
180 nlmsg_end(skb, nlh);
181
182out:
183 return err;
184}
185
186static int crypto_report(struct sk_buff *in_skb, struct nlmsghdr *in_nlh,
187 struct nlattr **attrs)
188{
189 struct crypto_user_alg *p = nlmsg_data(in_nlh);
190 struct crypto_alg *alg;
191 struct sk_buff *skb;
192 struct crypto_dump_info info;
193 int err;
194
195 if (!p->cru_driver_name)
196 return -EINVAL;
197
198 alg = crypto_alg_match(p, 1);
199 if (!alg)
200 return -ENOENT;
201
202 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
203 if (!skb)
204 return -ENOMEM;
205
206 info.in_skb = in_skb;
207 info.out_skb = skb;
208 info.nlmsg_seq = in_nlh->nlmsg_seq;
209 info.nlmsg_flags = 0;
210
211 err = crypto_report_alg(alg, &info);
212 if (err)
213 return err;
214
215 return nlmsg_unicast(crypto_nlsk, skb, NETLINK_CB(in_skb).pid);
216}
217
218static int crypto_dump_report(struct sk_buff *skb, struct netlink_callback *cb)
219{
220 struct crypto_alg *alg;
221 struct crypto_dump_info info;
222 int err;
223
224 if (cb->args[0])
225 goto out;
226
227 cb->args[0] = 1;
228
229 info.in_skb = cb->skb;
230 info.out_skb = skb;
231 info.nlmsg_seq = cb->nlh->nlmsg_seq;
232 info.nlmsg_flags = NLM_F_MULTI;
233
234 list_for_each_entry(alg, &crypto_alg_list, cra_list) {
235 err = crypto_report_alg(alg, &info);
236 if (err)
237 goto out_err;
238 }
239
240out:
241 return skb->len;
242out_err:
243 return err;
244}
245
246static int crypto_dump_report_done(struct netlink_callback *cb)
247{
248 return 0;
249}
250
251static int crypto_update_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
252 struct nlattr **attrs)
253{
254 struct crypto_alg *alg;
255 struct crypto_user_alg *p = nlmsg_data(nlh);
256 struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
257 LIST_HEAD(list);
258
259 if (priority && !strlen(p->cru_driver_name))
260 return -EINVAL;
261
262 alg = crypto_alg_match(p, 1);
263 if (!alg)
264 return -ENOENT;
265
266 down_write(&crypto_alg_sem);
267
268 crypto_remove_spawns(alg, &list, NULL);
269
270 if (priority)
271 alg->cra_priority = nla_get_u32(priority);
272
273 up_write(&crypto_alg_sem);
274
275 crypto_remove_final(&list);
276
277 return 0;
278}
279
280static int crypto_del_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
281 struct nlattr **attrs)
282{
283 struct crypto_alg *alg;
284 struct crypto_user_alg *p = nlmsg_data(nlh);
285
286 alg = crypto_alg_match(p, 1);
287 if (!alg)
288 return -ENOENT;
289
290 /* We can not unregister core algorithms such as aes-generic.
291 * We would loose the reference in the crypto_alg_list to this algorithm
292 * if we try to unregister. Unregistering such an algorithm without
293 * removing the module is not possible, so we restrict to crypto
294 * instances that are build from templates. */
295 if (!(alg->cra_flags & CRYPTO_ALG_INSTANCE))
296 return -EINVAL;
297
298 if (atomic_read(&alg->cra_refcnt) != 1)
299 return -EBUSY;
300
301 return crypto_unregister_alg(alg);
302}
303
304static int crypto_add_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
305 struct nlattr **attrs)
306{
307 int exact;
308 const char *name;
309 struct crypto_alg *alg;
310 struct crypto_user_alg *p = nlmsg_data(nlh);
311 struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
312
313 if (strlen(p->cru_driver_name))
314 exact = 1;
315
316 if (priority && !exact)
317 return -EINVAL;
318
319 alg = crypto_alg_match(p, exact);
320 if (alg)
321 return -EEXIST;
322
323 if (strlen(p->cru_driver_name))
324 name = p->cru_driver_name;
325 else
326 name = p->cru_name;
327
328 alg = crypto_alg_mod_lookup(name, p->cru_type, p->cru_mask);
329 if (IS_ERR(alg))
330 return PTR_ERR(alg);
331
332 down_write(&crypto_alg_sem);
333
334 if (priority)
335 alg->cra_priority = nla_get_u32(priority);
336
337 up_write(&crypto_alg_sem);
338
339 crypto_mod_put(alg);
340
341 return 0;
342}
343
344#define MSGSIZE(type) sizeof(struct type)
345
346static const int crypto_msg_min[CRYPTO_NR_MSGTYPES] = {
347 [CRYPTO_MSG_NEWALG - CRYPTO_MSG_BASE] = MSGSIZE(crypto_user_alg),
348 [CRYPTO_MSG_DELALG - CRYPTO_MSG_BASE] = MSGSIZE(crypto_user_alg),
349 [CRYPTO_MSG_UPDATEALG - CRYPTO_MSG_BASE] = MSGSIZE(crypto_user_alg),
350 [CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE] = MSGSIZE(crypto_user_alg),
351};
352
353static const struct nla_policy crypto_policy[CRYPTOCFGA_MAX+1] = {
354 [CRYPTOCFGA_PRIORITY_VAL] = { .type = NLA_U32},
355};
356
357#undef MSGSIZE
358
359static struct crypto_link {
360 int (*doit)(struct sk_buff *, struct nlmsghdr *, struct nlattr **);
361 int (*dump)(struct sk_buff *, struct netlink_callback *);
362 int (*done)(struct netlink_callback *);
363} crypto_dispatch[CRYPTO_NR_MSGTYPES] = {
364 [CRYPTO_MSG_NEWALG - CRYPTO_MSG_BASE] = { .doit = crypto_add_alg},
365 [CRYPTO_MSG_DELALG - CRYPTO_MSG_BASE] = { .doit = crypto_del_alg},
366 [CRYPTO_MSG_UPDATEALG - CRYPTO_MSG_BASE] = { .doit = crypto_update_alg},
367 [CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE] = { .doit = crypto_report,
368 .dump = crypto_dump_report,
369 .done = crypto_dump_report_done},
370};
371
372static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
373{
374 struct nlattr *attrs[CRYPTOCFGA_MAX+1];
375 struct crypto_link *link;
376 int type, err;
377
378 type = nlh->nlmsg_type;
379 if (type > CRYPTO_MSG_MAX)
380 return -EINVAL;
381
382 type -= CRYPTO_MSG_BASE;
383 link = &crypto_dispatch[type];
384
385 if (security_netlink_recv(skb, CAP_NET_ADMIN))
386 return -EPERM;
387
388 if ((type == (CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE) &&
389 (nlh->nlmsg_flags & NLM_F_DUMP))) {
390 if (link->dump == NULL)
391 return -EINVAL;
392
393 return netlink_dump_start(crypto_nlsk, skb, nlh,
394 link->dump, link->done, 0);
395 }
396
397 err = nlmsg_parse(nlh, crypto_msg_min[type], attrs, CRYPTOCFGA_MAX,
398 crypto_policy);
399 if (err < 0)
400 return err;
401
402 if (link->doit == NULL)
403 return -EINVAL;
404
405 return link->doit(skb, nlh, attrs);
406}
407
408static void crypto_netlink_rcv(struct sk_buff *skb)
409{
410 mutex_lock(&crypto_cfg_mutex);
411 netlink_rcv_skb(skb, &crypto_user_rcv_msg);
412 mutex_unlock(&crypto_cfg_mutex);
413}
414
415static int __init crypto_user_init(void)
416{
417 crypto_nlsk = netlink_kernel_create(&init_net, NETLINK_CRYPTO,
418 0, crypto_netlink_rcv,
419 NULL, THIS_MODULE);
420 if (!crypto_nlsk)
421 return -ENOMEM;
422
423 return 0;
424}
425
426static void __exit crypto_user_exit(void)
427{
428 netlink_kernel_release(crypto_nlsk);
429}
430
431module_init(crypto_user_init);
432module_exit(crypto_user_exit);
433MODULE_LICENSE("GPL");
434MODULE_AUTHOR("Steffen Klassert <steffen.klassert@secunet.com>");
435MODULE_DESCRIPTION("Crypto userspace configuration API");
diff --git a/crypto/crypto_wq.c b/crypto/crypto_wq.c
index b980ee1af459..adad92a44ba2 100644
--- a/crypto/crypto_wq.c
+++ b/crypto/crypto_wq.c
@@ -12,6 +12,7 @@
12 */ 12 */
13 13
14#include <linux/workqueue.h> 14#include <linux/workqueue.h>
15#include <linux/module.h>
15#include <crypto/algapi.h> 16#include <crypto/algapi.h>
16#include <crypto/crypto_wq.h> 17#include <crypto/crypto_wq.h>
17 18
diff --git a/crypto/gf128mul.c b/crypto/gf128mul.c
index df35e4ccd07e..5276607c72d0 100644
--- a/crypto/gf128mul.c
+++ b/crypto/gf128mul.c
@@ -182,7 +182,7 @@ void gf128mul_lle(be128 *r, const be128 *b)
182 for (i = 0; i < 7; ++i) 182 for (i = 0; i < 7; ++i)
183 gf128mul_x_lle(&p[i + 1], &p[i]); 183 gf128mul_x_lle(&p[i + 1], &p[i]);
184 184
185 memset(r, 0, sizeof(r)); 185 memset(r, 0, sizeof(*r));
186 for (i = 0;;) { 186 for (i = 0;;) {
187 u8 ch = ((u8 *)b)[15 - i]; 187 u8 ch = ((u8 *)b)[15 - i];
188 188
@@ -220,7 +220,7 @@ void gf128mul_bbe(be128 *r, const be128 *b)
220 for (i = 0; i < 7; ++i) 220 for (i = 0; i < 7; ++i)
221 gf128mul_x_bbe(&p[i + 1], &p[i]); 221 gf128mul_x_bbe(&p[i + 1], &p[i]);
222 222
223 memset(r, 0, sizeof(r)); 223 memset(r, 0, sizeof(*r));
224 for (i = 0;;) { 224 for (i = 0;;) {
225 u8 ch = ((u8 *)b)[i]; 225 u8 ch = ((u8 *)b)[i];
226 226
diff --git a/crypto/ghash-generic.c b/crypto/ghash-generic.c
index be4425616931..7835b8fc94db 100644
--- a/crypto/ghash-generic.c
+++ b/crypto/ghash-generic.c
@@ -67,6 +67,9 @@ static int ghash_update(struct shash_desc *desc,
67 struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm); 67 struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
68 u8 *dst = dctx->buffer; 68 u8 *dst = dctx->buffer;
69 69
70 if (!ctx->gf128)
71 return -ENOKEY;
72
70 if (dctx->bytes) { 73 if (dctx->bytes) {
71 int n = min(srclen, dctx->bytes); 74 int n = min(srclen, dctx->bytes);
72 u8 *pos = dst + (GHASH_BLOCK_SIZE - dctx->bytes); 75 u8 *pos = dst + (GHASH_BLOCK_SIZE - dctx->bytes);
@@ -119,6 +122,9 @@ static int ghash_final(struct shash_desc *desc, u8 *dst)
119 struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm); 122 struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
120 u8 *buf = dctx->buffer; 123 u8 *buf = dctx->buffer;
121 124
125 if (!ctx->gf128)
126 return -ENOKEY;
127
122 ghash_flush(ctx, dctx); 128 ghash_flush(ctx, dctx);
123 memcpy(dst, buf, GHASH_BLOCK_SIZE); 129 memcpy(dst, buf, GHASH_BLOCK_SIZE);
124 130
diff --git a/crypto/internal.h b/crypto/internal.h
index d4384b08ab29..b865ca1a8613 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -86,6 +86,9 @@ struct crypto_alg *crypto_larval_lookup(const char *name, u32 type, u32 mask);
86void crypto_larval_error(const char *name, u32 type, u32 mask); 86void crypto_larval_error(const char *name, u32 type, u32 mask);
87void crypto_alg_tested(const char *name, int err); 87void crypto_alg_tested(const char *name, int err);
88 88
89void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
90 struct crypto_alg *nalg);
91void crypto_remove_final(struct list_head *list);
89void crypto_shoot_alg(struct crypto_alg *alg); 92void crypto_shoot_alg(struct crypto_alg *alg);
90struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type, 93struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type,
91 u32 mask); 94 u32 mask);
diff --git a/crypto/md4.c b/crypto/md4.c
index 7fca1f59a4f5..0477a6a01d58 100644
--- a/crypto/md4.c
+++ b/crypto/md4.c
@@ -23,6 +23,7 @@
23#include <crypto/internal/hash.h> 23#include <crypto/internal/hash.h>
24#include <linux/init.h> 24#include <linux/init.h>
25#include <linux/kernel.h> 25#include <linux/kernel.h>
26#include <linux/module.h>
26#include <linux/string.h> 27#include <linux/string.h>
27#include <linux/types.h> 28#include <linux/types.h>
28#include <asm/byteorder.h> 29#include <asm/byteorder.h>
diff --git a/crypto/md5.c b/crypto/md5.c
index 30efc7dad891..7febeaab923b 100644
--- a/crypto/md5.c
+++ b/crypto/md5.c
@@ -21,99 +21,9 @@
21#include <linux/module.h> 21#include <linux/module.h>
22#include <linux/string.h> 22#include <linux/string.h>
23#include <linux/types.h> 23#include <linux/types.h>
24#include <linux/cryptohash.h>
24#include <asm/byteorder.h> 25#include <asm/byteorder.h>
25 26
26#define F1(x, y, z) (z ^ (x & (y ^ z)))
27#define F2(x, y, z) F1(z, x, y)
28#define F3(x, y, z) (x ^ y ^ z)
29#define F4(x, y, z) (y ^ (x | ~z))
30
31#define MD5STEP(f, w, x, y, z, in, s) \
32 (w += f(x, y, z) + in, w = (w<<s | w>>(32-s)) + x)
33
34static void md5_transform(u32 *hash, u32 const *in)
35{
36 u32 a, b, c, d;
37
38 a = hash[0];
39 b = hash[1];
40 c = hash[2];
41 d = hash[3];
42
43 MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
44 MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
45 MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
46 MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
47 MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
48 MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
49 MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
50 MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
51 MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
52 MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
53 MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
54 MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
55 MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
56 MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
57 MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
58 MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
59
60 MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
61 MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
62 MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
63 MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
64 MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
65 MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
66 MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
67 MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
68 MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
69 MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
70 MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
71 MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
72 MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
73 MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
74 MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
75 MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
76
77 MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
78 MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
79 MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
80 MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
81 MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
82 MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
83 MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
84 MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
85 MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
86 MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
87 MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
88 MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
89 MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
90 MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
91 MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
92 MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
93
94 MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
95 MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
96 MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
97 MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
98 MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
99 MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
100 MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
101 MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
102 MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
103 MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
104 MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
105 MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
106 MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
107 MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
108 MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
109 MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
110
111 hash[0] += a;
112 hash[1] += b;
113 hash[2] += c;
114 hash[3] += d;
115}
116
117/* XXX: this stuff can be optimized */ 27/* XXX: this stuff can be optimized */
118static inline void le32_to_cpu_array(u32 *buf, unsigned int words) 28static inline void le32_to_cpu_array(u32 *buf, unsigned int words)
119{ 29{
diff --git a/crypto/pcompress.c b/crypto/pcompress.c
index f7c4a7d7412e..2e458e5482d0 100644
--- a/crypto/pcompress.c
+++ b/crypto/pcompress.c
@@ -24,6 +24,8 @@
24#include <linux/module.h> 24#include <linux/module.h>
25#include <linux/seq_file.h> 25#include <linux/seq_file.h>
26#include <linux/string.h> 26#include <linux/string.h>
27#include <linux/cryptouser.h>
28#include <net/netlink.h>
27 29
28#include <crypto/compress.h> 30#include <crypto/compress.h>
29#include <crypto/internal/compress.h> 31#include <crypto/internal/compress.h>
@@ -46,6 +48,28 @@ static int crypto_pcomp_init_tfm(struct crypto_tfm *tfm)
46 return 0; 48 return 0;
47} 49}
48 50
51#ifdef CONFIG_NET
52static int crypto_pcomp_report(struct sk_buff *skb, struct crypto_alg *alg)
53{
54 struct crypto_report_comp rpcomp;
55
56 snprintf(rpcomp.type, CRYPTO_MAX_ALG_NAME, "%s", "pcomp");
57
58 NLA_PUT(skb, CRYPTOCFGA_REPORT_COMPRESS,
59 sizeof(struct crypto_report_comp), &rpcomp);
60
61 return 0;
62
63nla_put_failure:
64 return -EMSGSIZE;
65}
66#else
67static int crypto_pcomp_report(struct sk_buff *skb, struct crypto_alg *alg)
68{
69 return -ENOSYS;
70}
71#endif
72
49static void crypto_pcomp_show(struct seq_file *m, struct crypto_alg *alg) 73static void crypto_pcomp_show(struct seq_file *m, struct crypto_alg *alg)
50 __attribute__ ((unused)); 74 __attribute__ ((unused));
51static void crypto_pcomp_show(struct seq_file *m, struct crypto_alg *alg) 75static void crypto_pcomp_show(struct seq_file *m, struct crypto_alg *alg)
@@ -60,6 +84,7 @@ static const struct crypto_type crypto_pcomp_type = {
60#ifdef CONFIG_PROC_FS 84#ifdef CONFIG_PROC_FS
61 .show = crypto_pcomp_show, 85 .show = crypto_pcomp_show,
62#endif 86#endif
87 .report = crypto_pcomp_report,
63 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 88 .maskclear = ~CRYPTO_ALG_TYPE_MASK,
64 .maskset = CRYPTO_ALG_TYPE_MASK, 89 .maskset = CRYPTO_ALG_TYPE_MASK,
65 .type = CRYPTO_ALG_TYPE_PCOMPRESS, 90 .type = CRYPTO_ALG_TYPE_PCOMPRESS,
diff --git a/crypto/proc.c b/crypto/proc.c
index 58fef67d4f4d..4a0a7aad2204 100644
--- a/crypto/proc.c
+++ b/crypto/proc.c
@@ -13,9 +13,10 @@
13 * 13 *
14 */ 14 */
15 15
16#include <asm/atomic.h> 16#include <linux/atomic.h>
17#include <linux/init.h> 17#include <linux/init.h>
18#include <linux/crypto.h> 18#include <linux/crypto.h>
19#include <linux/module.h> /* for module_name() */
19#include <linux/rwsem.h> 20#include <linux/rwsem.h>
20#include <linux/proc_fs.h> 21#include <linux/proc_fs.h>
21#include <linux/seq_file.h> 22#include <linux/seq_file.h>
diff --git a/crypto/rng.c b/crypto/rng.c
index f93cb5311182..64f864fa8043 100644
--- a/crypto/rng.c
+++ b/crypto/rng.c
@@ -12,7 +12,7 @@
12 * 12 *
13 */ 13 */
14 14
15#include <asm/atomic.h> 15#include <linux/atomic.h>
16#include <crypto/internal/rng.h> 16#include <crypto/internal/rng.h>
17#include <linux/err.h> 17#include <linux/err.h>
18#include <linux/module.h> 18#include <linux/module.h>
@@ -21,6 +21,8 @@
21#include <linux/seq_file.h> 21#include <linux/seq_file.h>
22#include <linux/slab.h> 22#include <linux/slab.h>
23#include <linux/string.h> 23#include <linux/string.h>
24#include <linux/cryptouser.h>
25#include <net/netlink.h>
24 26
25static DEFINE_MUTEX(crypto_default_rng_lock); 27static DEFINE_MUTEX(crypto_default_rng_lock);
26struct crypto_rng *crypto_default_rng; 28struct crypto_rng *crypto_default_rng;
@@ -58,6 +60,30 @@ static int crypto_init_rng_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
58 return 0; 60 return 0;
59} 61}
60 62
63#ifdef CONFIG_NET
64static int crypto_rng_report(struct sk_buff *skb, struct crypto_alg *alg)
65{
66 struct crypto_report_rng rrng;
67
68 snprintf(rrng.type, CRYPTO_MAX_ALG_NAME, "%s", "rng");
69
70 rrng.seedsize = alg->cra_rng.seedsize;
71
72 NLA_PUT(skb, CRYPTOCFGA_REPORT_RNG,
73 sizeof(struct crypto_report_rng), &rrng);
74
75 return 0;
76
77nla_put_failure:
78 return -EMSGSIZE;
79}
80#else
81static int crypto_rng_report(struct sk_buff *skb, struct crypto_alg *alg)
82{
83 return -ENOSYS;
84}
85#endif
86
61static void crypto_rng_show(struct seq_file *m, struct crypto_alg *alg) 87static void crypto_rng_show(struct seq_file *m, struct crypto_alg *alg)
62 __attribute__ ((unused)); 88 __attribute__ ((unused));
63static void crypto_rng_show(struct seq_file *m, struct crypto_alg *alg) 89static void crypto_rng_show(struct seq_file *m, struct crypto_alg *alg)
@@ -78,6 +104,7 @@ const struct crypto_type crypto_rng_type = {
78#ifdef CONFIG_PROC_FS 104#ifdef CONFIG_PROC_FS
79 .show = crypto_rng_show, 105 .show = crypto_rng_show,
80#endif 106#endif
107 .report = crypto_rng_report,
81}; 108};
82EXPORT_SYMBOL_GPL(crypto_rng_type); 109EXPORT_SYMBOL_GPL(crypto_rng_type);
83 110
diff --git a/crypto/sha1_generic.c b/crypto/sha1_generic.c
index 0416091bf45a..42794803c480 100644
--- a/crypto/sha1_generic.c
+++ b/crypto/sha1_generic.c
@@ -36,32 +36,33 @@ static int sha1_init(struct shash_desc *desc)
36 return 0; 36 return 0;
37} 37}
38 38
39static int sha1_update(struct shash_desc *desc, const u8 *data, 39int crypto_sha1_update(struct shash_desc *desc, const u8 *data,
40 unsigned int len) 40 unsigned int len)
41{ 41{
42 struct sha1_state *sctx = shash_desc_ctx(desc); 42 struct sha1_state *sctx = shash_desc_ctx(desc);
43 unsigned int partial, done; 43 unsigned int partial, done;
44 const u8 *src; 44 const u8 *src;
45 45
46 partial = sctx->count & 0x3f; 46 partial = sctx->count % SHA1_BLOCK_SIZE;
47 sctx->count += len; 47 sctx->count += len;
48 done = 0; 48 done = 0;
49 src = data; 49 src = data;
50 50
51 if ((partial + len) > 63) { 51 if ((partial + len) >= SHA1_BLOCK_SIZE) {
52 u32 temp[SHA_WORKSPACE_WORDS]; 52 u32 temp[SHA_WORKSPACE_WORDS];
53 53
54 if (partial) { 54 if (partial) {
55 done = -partial; 55 done = -partial;
56 memcpy(sctx->buffer + partial, data, done + 64); 56 memcpy(sctx->buffer + partial, data,
57 done + SHA1_BLOCK_SIZE);
57 src = sctx->buffer; 58 src = sctx->buffer;
58 } 59 }
59 60
60 do { 61 do {
61 sha_transform(sctx->state, src, temp); 62 sha_transform(sctx->state, src, temp);
62 done += 64; 63 done += SHA1_BLOCK_SIZE;
63 src = data + done; 64 src = data + done;
64 } while (done + 63 < len); 65 } while (done + SHA1_BLOCK_SIZE <= len);
65 66
66 memset(temp, 0, sizeof(temp)); 67 memset(temp, 0, sizeof(temp));
67 partial = 0; 68 partial = 0;
@@ -70,6 +71,7 @@ static int sha1_update(struct shash_desc *desc, const u8 *data,
70 71
71 return 0; 72 return 0;
72} 73}
74EXPORT_SYMBOL(crypto_sha1_update);
73 75
74 76
75/* Add padding and return the message digest. */ 77/* Add padding and return the message digest. */
@@ -86,10 +88,10 @@ static int sha1_final(struct shash_desc *desc, u8 *out)
86 /* Pad out to 56 mod 64 */ 88 /* Pad out to 56 mod 64 */
87 index = sctx->count & 0x3f; 89 index = sctx->count & 0x3f;
88 padlen = (index < 56) ? (56 - index) : ((64+56) - index); 90 padlen = (index < 56) ? (56 - index) : ((64+56) - index);
89 sha1_update(desc, padding, padlen); 91 crypto_sha1_update(desc, padding, padlen);
90 92
91 /* Append length */ 93 /* Append length */
92 sha1_update(desc, (const u8 *)&bits, sizeof(bits)); 94 crypto_sha1_update(desc, (const u8 *)&bits, sizeof(bits));
93 95
94 /* Store state in digest */ 96 /* Store state in digest */
95 for (i = 0; i < 5; i++) 97 for (i = 0; i < 5; i++)
@@ -120,7 +122,7 @@ static int sha1_import(struct shash_desc *desc, const void *in)
120static struct shash_alg alg = { 122static struct shash_alg alg = {
121 .digestsize = SHA1_DIGEST_SIZE, 123 .digestsize = SHA1_DIGEST_SIZE,
122 .init = sha1_init, 124 .init = sha1_init,
123 .update = sha1_update, 125 .update = crypto_sha1_update,
124 .final = sha1_final, 126 .final = sha1_final,
125 .export = sha1_export, 127 .export = sha1_export,
126 .import = sha1_import, 128 .import = sha1_import,
diff --git a/crypto/shash.c b/crypto/shash.c
index 76f74b963151..9100912716ae 100644
--- a/crypto/shash.c
+++ b/crypto/shash.c
@@ -17,6 +17,8 @@
17#include <linux/module.h> 17#include <linux/module.h>
18#include <linux/slab.h> 18#include <linux/slab.h>
19#include <linux/seq_file.h> 19#include <linux/seq_file.h>
20#include <linux/cryptouser.h>
21#include <net/netlink.h>
20 22
21#include "internal.h" 23#include "internal.h"
22 24
@@ -522,6 +524,31 @@ static unsigned int crypto_shash_extsize(struct crypto_alg *alg)
522 return alg->cra_ctxsize; 524 return alg->cra_ctxsize;
523} 525}
524 526
527#ifdef CONFIG_NET
528static int crypto_shash_report(struct sk_buff *skb, struct crypto_alg *alg)
529{
530 struct crypto_report_hash rhash;
531 struct shash_alg *salg = __crypto_shash_alg(alg);
532
533 snprintf(rhash.type, CRYPTO_MAX_ALG_NAME, "%s", "shash");
534 rhash.blocksize = alg->cra_blocksize;
535 rhash.digestsize = salg->digestsize;
536
537 NLA_PUT(skb, CRYPTOCFGA_REPORT_HASH,
538 sizeof(struct crypto_report_hash), &rhash);
539
540 return 0;
541
542nla_put_failure:
543 return -EMSGSIZE;
544}
545#else
546static int crypto_shash_report(struct sk_buff *skb, struct crypto_alg *alg)
547{
548 return -ENOSYS;
549}
550#endif
551
525static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) 552static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg)
526 __attribute__ ((unused)); 553 __attribute__ ((unused));
527static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) 554static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg)
@@ -541,6 +568,7 @@ static const struct crypto_type crypto_shash_type = {
541#ifdef CONFIG_PROC_FS 568#ifdef CONFIG_PROC_FS
542 .show = crypto_shash_show, 569 .show = crypto_shash_show,
543#endif 570#endif
571 .report = crypto_shash_report,
544 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 572 .maskclear = ~CRYPTO_ALG_TYPE_MASK,
545 .maskset = CRYPTO_ALG_TYPE_MASK, 573 .maskset = CRYPTO_ALG_TYPE_MASK,
546 .type = CRYPTO_ALG_TYPE_SHASH, 574 .type = CRYPTO_ALG_TYPE_SHASH,
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 2222617b3bed..0c4e80f34651 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -782,11 +782,13 @@ static int do_test(int m)
782 case 7: 782 case 7:
783 ret += tcrypt_test("ecb(blowfish)"); 783 ret += tcrypt_test("ecb(blowfish)");
784 ret += tcrypt_test("cbc(blowfish)"); 784 ret += tcrypt_test("cbc(blowfish)");
785 ret += tcrypt_test("ctr(blowfish)");
785 break; 786 break;
786 787
787 case 8: 788 case 8:
788 ret += tcrypt_test("ecb(twofish)"); 789 ret += tcrypt_test("ecb(twofish)");
789 ret += tcrypt_test("cbc(twofish)"); 790 ret += tcrypt_test("cbc(twofish)");
791 ret += tcrypt_test("ctr(twofish)");
790 break; 792 break;
791 793
792 case 9: 794 case 9:
@@ -1039,6 +1041,10 @@ static int do_test(int m)
1039 speed_template_16_24_32); 1041 speed_template_16_24_32);
1040 test_cipher_speed("cbc(twofish)", DECRYPT, sec, NULL, 0, 1042 test_cipher_speed("cbc(twofish)", DECRYPT, sec, NULL, 0,
1041 speed_template_16_24_32); 1043 speed_template_16_24_32);
1044 test_cipher_speed("ctr(twofish)", ENCRYPT, sec, NULL, 0,
1045 speed_template_16_24_32);
1046 test_cipher_speed("ctr(twofish)", DECRYPT, sec, NULL, 0,
1047 speed_template_16_24_32);
1042 break; 1048 break;
1043 1049
1044 case 203: 1050 case 203:
@@ -1050,6 +1056,10 @@ static int do_test(int m)
1050 speed_template_8_32); 1056 speed_template_8_32);
1051 test_cipher_speed("cbc(blowfish)", DECRYPT, sec, NULL, 0, 1057 test_cipher_speed("cbc(blowfish)", DECRYPT, sec, NULL, 0,
1052 speed_template_8_32); 1058 speed_template_8_32);
1059 test_cipher_speed("ctr(blowfish)", ENCRYPT, sec, NULL, 0,
1060 speed_template_8_32);
1061 test_cipher_speed("ctr(blowfish)", DECRYPT, sec, NULL, 0,
1062 speed_template_8_32);
1053 break; 1063 break;
1054 1064
1055 case 204: 1065 case 204:
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index b6b93d416351..e91c1eb1722a 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1756,6 +1756,36 @@ static const struct alg_test_desc alg_test_descs[] = {
1756 } 1756 }
1757 } 1757 }
1758 }, { 1758 }, {
1759 .alg = "ctr(blowfish)",
1760 .test = alg_test_skcipher,
1761 .suite = {
1762 .cipher = {
1763 .enc = {
1764 .vecs = bf_ctr_enc_tv_template,
1765 .count = BF_CTR_ENC_TEST_VECTORS
1766 },
1767 .dec = {
1768 .vecs = bf_ctr_dec_tv_template,
1769 .count = BF_CTR_DEC_TEST_VECTORS
1770 }
1771 }
1772 }
1773 }, {
1774 .alg = "ctr(twofish)",
1775 .test = alg_test_skcipher,
1776 .suite = {
1777 .cipher = {
1778 .enc = {
1779 .vecs = tf_ctr_enc_tv_template,
1780 .count = TF_CTR_ENC_TEST_VECTORS
1781 },
1782 .dec = {
1783 .vecs = tf_ctr_dec_tv_template,
1784 .count = TF_CTR_DEC_TEST_VECTORS
1785 }
1786 }
1787 }
1788 }, {
1759 .alg = "cts(cbc(aes))", 1789 .alg = "cts(cbc(aes))",
1760 .test = alg_test_skcipher, 1790 .test = alg_test_skcipher,
1761 .suite = { 1791 .suite = {
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 27e60619538e..37b4d8f45447 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -2391,10 +2391,12 @@ static struct cipher_testvec des3_ede_cbc_dec_tv_template[] = {
2391/* 2391/*
2392 * Blowfish test vectors. 2392 * Blowfish test vectors.
2393 */ 2393 */
2394#define BF_ENC_TEST_VECTORS 6 2394#define BF_ENC_TEST_VECTORS 7
2395#define BF_DEC_TEST_VECTORS 6 2395#define BF_DEC_TEST_VECTORS 7
2396#define BF_CBC_ENC_TEST_VECTORS 1 2396#define BF_CBC_ENC_TEST_VECTORS 2
2397#define BF_CBC_DEC_TEST_VECTORS 1 2397#define BF_CBC_DEC_TEST_VECTORS 2
2398#define BF_CTR_ENC_TEST_VECTORS 2
2399#define BF_CTR_DEC_TEST_VECTORS 2
2398 2400
2399static struct cipher_testvec bf_enc_tv_template[] = { 2401static struct cipher_testvec bf_enc_tv_template[] = {
2400 { /* DES test vectors from OpenSSL */ 2402 { /* DES test vectors from OpenSSL */
@@ -2448,6 +2450,24 @@ static struct cipher_testvec bf_enc_tv_template[] = {
2448 .ilen = 8, 2450 .ilen = 8,
2449 .result = "\xc0\x45\x04\x01\x2e\x4e\x1f\x53", 2451 .result = "\xc0\x45\x04\x01\x2e\x4e\x1f\x53",
2450 .rlen = 8, 2452 .rlen = 8,
2453 }, { /* Generated with Crypto++ */
2454 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2455 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2456 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2457 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2458 .klen = 32,
2459 .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2460 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2461 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2462 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2463 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9",
2464 .ilen = 40,
2465 .result = "\x96\x87\x3D\x0C\x7B\xFB\xBD\x1F"
2466 "\xE3\xC1\x99\x6D\x39\xD4\xC2\x7D"
2467 "\xD7\x87\xA1\xF2\xDF\x51\x71\x26"
2468 "\xC2\xF4\x6D\xFF\xF6\xCD\x6B\x40"
2469 "\xE1\xB3\xBF\xD4\x38\x2B\xC8\x3B",
2470 .rlen = 40,
2451 }, 2471 },
2452}; 2472};
2453 2473
@@ -2503,6 +2523,24 @@ static struct cipher_testvec bf_dec_tv_template[] = {
2503 .ilen = 8, 2523 .ilen = 8,
2504 .result = "\xfe\xdc\xba\x98\x76\x54\x32\x10", 2524 .result = "\xfe\xdc\xba\x98\x76\x54\x32\x10",
2505 .rlen = 8, 2525 .rlen = 8,
2526 }, { /* Generated with Crypto++ */
2527 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2528 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2529 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2530 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2531 .klen = 32,
2532 .input = "\x96\x87\x3D\x0C\x7B\xFB\xBD\x1F"
2533 "\xE3\xC1\x99\x6D\x39\xD4\xC2\x7D"
2534 "\xD7\x87\xA1\xF2\xDF\x51\x71\x26"
2535 "\xC2\xF4\x6D\xFF\xF6\xCD\x6B\x40"
2536 "\xE1\xB3\xBF\xD4\x38\x2B\xC8\x3B",
2537 .ilen = 40,
2538 .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2539 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2540 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2541 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2542 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9",
2543 .rlen = 40,
2506 }, 2544 },
2507}; 2545};
2508 2546
@@ -2522,6 +2560,25 @@ static struct cipher_testvec bf_cbc_enc_tv_template[] = {
2522 "\x58\xde\xb9\xe7\x15\x46\x16\xd9" 2560 "\x58\xde\xb9\xe7\x15\x46\x16\xd9"
2523 "\x59\xf1\x65\x2b\xd5\xff\x92\xcc", 2561 "\x59\xf1\x65\x2b\xd5\xff\x92\xcc",
2524 .rlen = 32, 2562 .rlen = 32,
2563 }, { /* Generated with Crypto++ */
2564 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2565 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2566 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2567 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2568 .klen = 32,
2569 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
2570 .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2571 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2572 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2573 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2574 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9",
2575 .ilen = 40,
2576 .result = "\xB4\xFE\xA5\xBB\x3D\x2C\x27\x06"
2577 "\x06\x2B\x3A\x92\xB2\xF5\x5E\x62"
2578 "\x84\xCD\xF7\x66\x7E\x41\x6C\x8E"
2579 "\x1B\xD9\x02\xB6\x48\xB0\x87\x25"
2580 "\x01\x9C\x93\x63\x51\x60\x82\xD2",
2581 .rlen = 40,
2525 }, 2582 },
2526}; 2583};
2527 2584
@@ -2541,16 +2598,125 @@ static struct cipher_testvec bf_cbc_dec_tv_template[] = {
2541 "\x68\x65\x20\x74\x69\x6d\x65\x20" 2598 "\x68\x65\x20\x74\x69\x6d\x65\x20"
2542 "\x66\x6f\x72\x20\x00\x00\x00\x00", 2599 "\x66\x6f\x72\x20\x00\x00\x00\x00",
2543 .rlen = 32, 2600 .rlen = 32,
2601 }, { /* Generated with Crypto++ */
2602 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2603 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2604 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2605 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2606 .klen = 32,
2607 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
2608 .input = "\xB4\xFE\xA5\xBB\x3D\x2C\x27\x06"
2609 "\x06\x2B\x3A\x92\xB2\xF5\x5E\x62"
2610 "\x84\xCD\xF7\x66\x7E\x41\x6C\x8E"
2611 "\x1B\xD9\x02\xB6\x48\xB0\x87\x25"
2612 "\x01\x9C\x93\x63\x51\x60\x82\xD2",
2613 .ilen = 40,
2614 .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2615 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2616 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2617 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2618 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9",
2619 .rlen = 40,
2620 },
2621};
2622
2623static struct cipher_testvec bf_ctr_enc_tv_template[] = {
2624 { /* Generated with Crypto++ */
2625 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2626 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2627 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2628 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2629 .klen = 32,
2630 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
2631 .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2632 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2633 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2634 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2635 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9",
2636 .ilen = 40,
2637 .result = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
2638 "\x9E\xDF\x38\x18\x83\x07\xEF\xC1"
2639 "\x93\x3C\xAA\xAA\xFE\x06\x42\xCC"
2640 "\x0D\x70\x86\x5A\x44\xAD\x85\x17"
2641 "\xE4\x1F\x5E\xA5\x89\xAC\x32\xBC",
2642 .rlen = 40,
2643 }, { /* Generated with Crypto++ */
2644 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2645 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2646 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2647 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2648 .klen = 32,
2649 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
2650 .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2651 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2652 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2653 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2654 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
2655 "\x6D\x04\x9B",
2656 .ilen = 43,
2657 .result = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
2658 "\x9E\xDF\x38\x18\x83\x07\xEF\xC1"
2659 "\x93\x3C\xAA\xAA\xFE\x06\x42\xCC"
2660 "\x0D\x70\x86\x5A\x44\xAD\x85\x17"
2661 "\xE4\x1F\x5E\xA5\x89\xAC\x32\xBC"
2662 "\x3D\xA7\xE9",
2663 .rlen = 43,
2664 },
2665};
2666
2667static struct cipher_testvec bf_ctr_dec_tv_template[] = {
2668 { /* Generated with Crypto++ */
2669 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2670 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2671 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2672 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2673 .klen = 32,
2674 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
2675 .input = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
2676 "\x9E\xDF\x38\x18\x83\x07\xEF\xC1"
2677 "\x93\x3C\xAA\xAA\xFE\x06\x42\xCC"
2678 "\x0D\x70\x86\x5A\x44\xAD\x85\x17"
2679 "\xE4\x1F\x5E\xA5\x89\xAC\x32\xBC",
2680 .ilen = 40,
2681 .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2682 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2683 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2684 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2685 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9",
2686 .rlen = 40,
2687 }, { /* Generated with Crypto++ */
2688 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2689 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2690 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2691 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2692 .klen = 32,
2693 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F",
2694 .input = "\xC7\xA3\xDF\xB9\x05\xF4\x9E\x8D"
2695 "\x9E\xDF\x38\x18\x83\x07\xEF\xC1"
2696 "\x93\x3C\xAA\xAA\xFE\x06\x42\xCC"
2697 "\x0D\x70\x86\x5A\x44\xAD\x85\x17"
2698 "\xE4\x1F\x5E\xA5\x89\xAC\x32\xBC"
2699 "\x3D\xA7\xE9",
2700 .ilen = 43,
2701 .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2702 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2703 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2704 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2705 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
2706 "\x6D\x04\x9B",
2707 .rlen = 43,
2544 }, 2708 },
2545}; 2709};
2546 2710
2547/* 2711/*
2548 * Twofish test vectors. 2712 * Twofish test vectors.
2549 */ 2713 */
2550#define TF_ENC_TEST_VECTORS 3 2714#define TF_ENC_TEST_VECTORS 4
2551#define TF_DEC_TEST_VECTORS 3 2715#define TF_DEC_TEST_VECTORS 4
2552#define TF_CBC_ENC_TEST_VECTORS 4 2716#define TF_CBC_ENC_TEST_VECTORS 5
2553#define TF_CBC_DEC_TEST_VECTORS 4 2717#define TF_CBC_DEC_TEST_VECTORS 5
2718#define TF_CTR_ENC_TEST_VECTORS 2
2719#define TF_CTR_DEC_TEST_VECTORS 2
2554 2720
2555static struct cipher_testvec tf_enc_tv_template[] = { 2721static struct cipher_testvec tf_enc_tv_template[] = {
2556 { 2722 {
@@ -2582,6 +2748,30 @@ static struct cipher_testvec tf_enc_tv_template[] = {
2582 .result = "\x37\x52\x7b\xe0\x05\x23\x34\xb8" 2748 .result = "\x37\x52\x7b\xe0\x05\x23\x34\xb8"
2583 "\x9f\x0c\xfc\xca\xe8\x7c\xfa\x20", 2749 "\x9f\x0c\xfc\xca\xe8\x7c\xfa\x20",
2584 .rlen = 16, 2750 .rlen = 16,
2751 }, { /* Generated with Crypto++ */
2752 .key = "\x3F\x85\x62\x3F\x1C\xF9\xD6\x1C"
2753 "\xF9\xD6\xB3\x90\x6D\x4A\x90\x6D"
2754 "\x4A\x27\x04\xE1\x27\x04\xE1\xBE"
2755 "\x9B\x78\xBE\x9B\x78\x55\x32\x0F",
2756 .klen = 32,
2757 .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2758 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2759 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2760 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2761 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
2762 "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
2763 "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
2764 "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C",
2765 .ilen = 64,
2766 .result = "\x88\xCB\x1E\xC2\xAF\x8A\x97\xFF"
2767 "\xF6\x90\x46\x9C\x4A\x0F\x08\xDC"
2768 "\xDE\xAB\xAD\xFA\xFC\xA8\xC2\x3D"
2769 "\xE0\xE4\x8B\x3F\xD5\xA3\xF7\x14"
2770 "\x34\x9E\xB6\x08\xB2\xDD\xA8\xF5"
2771 "\xDF\xFA\xC7\xE8\x09\x50\x76\x08"
2772 "\xA2\xB6\x6A\x59\xC0\x2B\x6D\x05"
2773 "\x89\xF6\x82\xF0\xD3\xDB\x06\x02",
2774 .rlen = 64,
2585 }, 2775 },
2586}; 2776};
2587 2777
@@ -2615,6 +2805,30 @@ static struct cipher_testvec tf_dec_tv_template[] = {
2615 .ilen = 16, 2805 .ilen = 16,
2616 .result = zeroed_string, 2806 .result = zeroed_string,
2617 .rlen = 16, 2807 .rlen = 16,
2808 }, { /* Generated with Crypto++ */
2809 .key = "\x3F\x85\x62\x3F\x1C\xF9\xD6\x1C"
2810 "\xF9\xD6\xB3\x90\x6D\x4A\x90\x6D"
2811 "\x4A\x27\x04\xE1\x27\x04\xE1\xBE"
2812 "\x9B\x78\xBE\x9B\x78\x55\x32\x0F",
2813 .klen = 32,
2814 .input = "\x88\xCB\x1E\xC2\xAF\x8A\x97\xFF"
2815 "\xF6\x90\x46\x9C\x4A\x0F\x08\xDC"
2816 "\xDE\xAB\xAD\xFA\xFC\xA8\xC2\x3D"
2817 "\xE0\xE4\x8B\x3F\xD5\xA3\xF7\x14"
2818 "\x34\x9E\xB6\x08\xB2\xDD\xA8\xF5"
2819 "\xDF\xFA\xC7\xE8\x09\x50\x76\x08"
2820 "\xA2\xB6\x6A\x59\xC0\x2B\x6D\x05"
2821 "\x89\xF6\x82\xF0\xD3\xDB\x06\x02",
2822 .ilen = 64,
2823 .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2824 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2825 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2826 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2827 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
2828 "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
2829 "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
2830 "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C",
2831 .rlen = 64,
2618 }, 2832 },
2619}; 2833};
2620 2834
@@ -2661,6 +2875,32 @@ static struct cipher_testvec tf_cbc_enc_tv_template[] = {
2661 "\x05\xef\x8c\x61\xa8\x11\x58\x26" 2875 "\x05\xef\x8c\x61\xa8\x11\x58\x26"
2662 "\x34\xba\x5c\xb7\x10\x6a\xa6\x41", 2876 "\x34\xba\x5c\xb7\x10\x6a\xa6\x41",
2663 .rlen = 48, 2877 .rlen = 48,
2878 }, { /* Generated with Crypto++ */
2879 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2880 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2881 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2882 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2883 .klen = 32,
2884 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
2885 "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
2886 .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2887 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2888 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2889 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2890 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
2891 "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
2892 "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
2893 "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C",
2894 .ilen = 64,
2895 .result = "\xC8\xFF\xF2\x53\xA6\x27\x09\xD1"
2896 "\x33\x38\xC2\xC0\x0C\x14\x7E\xB5"
2897 "\x26\x1B\x05\x0C\x05\x12\x3F\xC0"
2898 "\xF9\x1C\x02\x28\x40\x96\x6F\xD0"
2899 "\x3D\x32\xDF\xDA\x56\x00\x6E\xEE"
2900 "\x5B\x2A\x72\x9D\xC2\x4D\x19\xBC"
2901 "\x8C\x53\xFA\x87\x6F\xDD\x81\xA3"
2902 "\xB1\xD3\x44\x65\xDF\xE7\x63\x38",
2903 .rlen = 64,
2664 }, 2904 },
2665}; 2905};
2666 2906
@@ -2707,6 +2947,148 @@ static struct cipher_testvec tf_cbc_dec_tv_template[] = {
2707 .ilen = 48, 2947 .ilen = 48,
2708 .result = zeroed_string, 2948 .result = zeroed_string,
2709 .rlen = 48, 2949 .rlen = 48,
2950 }, { /* Generated with Crypto++ */
2951 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2952 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2953 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2954 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2955 .klen = 32,
2956 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
2957 "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
2958 .input = "\xC8\xFF\xF2\x53\xA6\x27\x09\xD1"
2959 "\x33\x38\xC2\xC0\x0C\x14\x7E\xB5"
2960 "\x26\x1B\x05\x0C\x05\x12\x3F\xC0"
2961 "\xF9\x1C\x02\x28\x40\x96\x6F\xD0"
2962 "\x3D\x32\xDF\xDA\x56\x00\x6E\xEE"
2963 "\x5B\x2A\x72\x9D\xC2\x4D\x19\xBC"
2964 "\x8C\x53\xFA\x87\x6F\xDD\x81\xA3"
2965 "\xB1\xD3\x44\x65\xDF\xE7\x63\x38",
2966 .ilen = 64,
2967 .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2968 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2969 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2970 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2971 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
2972 "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
2973 "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
2974 "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C",
2975 .rlen = 64,
2976 },
2977};
2978
2979static struct cipher_testvec tf_ctr_enc_tv_template[] = {
2980 { /* Generated with Crypto++ */
2981 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
2982 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
2983 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
2984 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
2985 .klen = 32,
2986 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
2987 "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
2988 .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
2989 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
2990 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
2991 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
2992 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
2993 "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
2994 "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
2995 "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C",
2996 .ilen = 64,
2997 .result = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
2998 "\x70\x9E\xC5\x4B\xC9\xD4\xA1\x30"
2999 "\x26\x9B\x89\xA1\xEE\x43\xE0\x52"
3000 "\x55\x17\x4E\xC7\x0E\x33\x1F\xF1"
3001 "\x9F\x8D\x40\x9F\x24\xFD\x92\xA0"
3002 "\xBC\x8F\x35\xDD\x67\x38\xD8\xAA"
3003 "\xCF\xF8\x48\xCA\xFB\xE4\x5C\x60"
3004 "\x01\x41\x21\x12\x38\xAB\x52\x4F",
3005 .rlen = 64,
3006 }, { /* Generated with Crypto++ */
3007 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
3008 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
3009 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
3010 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
3011 .klen = 32,
3012 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
3013 "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
3014 .input = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
3015 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
3016 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
3017 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
3018 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
3019 "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
3020 "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
3021 "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
3022 "\xC3\x37\xCE",
3023 .ilen = 67,
3024 .result = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
3025 "\x70\x9E\xC5\x4B\xC9\xD4\xA1\x30"
3026 "\x26\x9B\x89\xA1\xEE\x43\xE0\x52"
3027 "\x55\x17\x4E\xC7\x0E\x33\x1F\xF1"
3028 "\x9F\x8D\x40\x9F\x24\xFD\x92\xA0"
3029 "\xBC\x8F\x35\xDD\x67\x38\xD8\xAA"
3030 "\xCF\xF8\x48\xCA\xFB\xE4\x5C\x60"
3031 "\x01\x41\x21\x12\x38\xAB\x52\x4F"
3032 "\xA8\x57\x20",
3033 .rlen = 67,
3034 },
3035};
3036
3037static struct cipher_testvec tf_ctr_dec_tv_template[] = {
3038 { /* Generated with Crypto++ */
3039 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
3040 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
3041 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
3042 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
3043 .klen = 32,
3044 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
3045 "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
3046 .input = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
3047 "\x70\x9E\xC5\x4B\xC9\xD4\xA1\x30"
3048 "\x26\x9B\x89\xA1\xEE\x43\xE0\x52"
3049 "\x55\x17\x4E\xC7\x0E\x33\x1F\xF1"
3050 "\x9F\x8D\x40\x9F\x24\xFD\x92\xA0"
3051 "\xBC\x8F\x35\xDD\x67\x38\xD8\xAA"
3052 "\xCF\xF8\x48\xCA\xFB\xE4\x5C\x60"
3053 "\x01\x41\x21\x12\x38\xAB\x52\x4F",
3054 .ilen = 64,
3055 .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
3056 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
3057 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
3058 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
3059 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
3060 "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
3061 "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
3062 "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C",
3063 .rlen = 64,
3064 }, { /* Generated with Crypto++ */
3065 .key = "\x85\x62\x3F\x1C\xF9\xD6\x1C\xF9"
3066 "\xD6\xB3\x90\x6D\x4A\x90\x6D\x4A"
3067 "\x27\x04\xE1\x27\x04\xE1\xBE\x9B"
3068 "\x78\xBE\x9B\x78\x55\x32\x0F\x55",
3069 .klen = 32,
3070 .iv = "\xE2\x24\x89\xEE\x53\xB8\x1D\x5F"
3071 "\xC4\x29\x8E\xF3\x35\x9A\xFF\x64",
3072 .input = "\xDF\xDD\x69\xFA\xB0\x2E\xFD\xFE"
3073 "\x70\x9E\xC5\x4B\xC9\xD4\xA1\x30"
3074 "\x26\x9B\x89\xA1\xEE\x43\xE0\x52"
3075 "\x55\x17\x4E\xC7\x0E\x33\x1F\xF1"
3076 "\x9F\x8D\x40\x9F\x24\xFD\x92\xA0"
3077 "\xBC\x8F\x35\xDD\x67\x38\xD8\xAA"
3078 "\xCF\xF8\x48\xCA\xFB\xE4\x5C\x60"
3079 "\x01\x41\x21\x12\x38\xAB\x52\x4F"
3080 "\xA8\x57\x20",
3081 .ilen = 67,
3082 .result = "\x56\xED\x84\x1B\x8F\x26\xBD\x31"
3083 "\xC8\x5F\xF6\x6A\x01\x98\x0C\xA3"
3084 "\x3A\xD1\x45\xDC\x73\x0A\x7E\x15"
3085 "\xAC\x20\xB7\x4E\xE5\x59\xF0\x87"
3086 "\x1E\x92\x29\xC0\x34\xCB\x62\xF9"
3087 "\x6D\x04\x9B\x0F\xA6\x3D\xD4\x48"
3088 "\xDF\x76\x0D\x81\x18\xAF\x23\xBA"
3089 "\x51\xE8\x5C\xF3\x8A\x21\x95\x2C"
3090 "\xC3\x37\xCE",
3091 .rlen = 67,
2710 }, 3092 },
2711}; 3093};
2712 3094
@@ -2976,8 +3358,8 @@ static struct cipher_testvec cast6_dec_tv_template[] = {
2976#define AES_CBC_DEC_TEST_VECTORS 4 3358#define AES_CBC_DEC_TEST_VECTORS 4
2977#define AES_LRW_ENC_TEST_VECTORS 8 3359#define AES_LRW_ENC_TEST_VECTORS 8
2978#define AES_LRW_DEC_TEST_VECTORS 8 3360#define AES_LRW_DEC_TEST_VECTORS 8
2979#define AES_XTS_ENC_TEST_VECTORS 4 3361#define AES_XTS_ENC_TEST_VECTORS 5
2980#define AES_XTS_DEC_TEST_VECTORS 4 3362#define AES_XTS_DEC_TEST_VECTORS 5
2981#define AES_CTR_ENC_TEST_VECTORS 3 3363#define AES_CTR_ENC_TEST_VECTORS 3
2982#define AES_CTR_DEC_TEST_VECTORS 3 3364#define AES_CTR_DEC_TEST_VECTORS 3
2983#define AES_OFB_ENC_TEST_VECTORS 1 3365#define AES_OFB_ENC_TEST_VECTORS 1
@@ -3926,6 +4308,150 @@ static struct cipher_testvec aes_xts_enc_tv_template[] = {
3926 "\x0a\x28\x2d\xf9\x20\x14\x7b\xea" 4308 "\x0a\x28\x2d\xf9\x20\x14\x7b\xea"
3927 "\xbe\x42\x1e\xe5\x31\x9d\x05\x68", 4309 "\xbe\x42\x1e\xe5\x31\x9d\x05\x68",
3928 .rlen = 512, 4310 .rlen = 512,
4311 }, { /* XTS-AES 10, XTS-AES-256, data unit 512 bytes */
4312 .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
4313 "\x23\x53\x60\x28\x74\x71\x35\x26"
4314 "\x62\x49\x77\x57\x24\x70\x93\x69"
4315 "\x99\x59\x57\x49\x66\x96\x76\x27"
4316 "\x31\x41\x59\x26\x53\x58\x97\x93"
4317 "\x23\x84\x62\x64\x33\x83\x27\x95"
4318 "\x02\x88\x41\x97\x16\x93\x99\x37"
4319 "\x51\x05\x82\x09\x74\x94\x45\x92",
4320 .klen = 64,
4321 .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
4322 "\x00\x00\x00\x00\x00\x00\x00\x00",
4323 "\x00\x00\x00\x00\x00\x00\x00\x00",
4324 "\x00\x00\x00\x00\x00\x00\x00\x00",
4325 .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
4326 "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
4327 "\x10\x11\x12\x13\x14\x15\x16\x17"
4328 "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
4329 "\x20\x21\x22\x23\x24\x25\x26\x27"
4330 "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
4331 "\x30\x31\x32\x33\x34\x35\x36\x37"
4332 "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
4333 "\x40\x41\x42\x43\x44\x45\x46\x47"
4334 "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
4335 "\x50\x51\x52\x53\x54\x55\x56\x57"
4336 "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
4337 "\x60\x61\x62\x63\x64\x65\x66\x67"
4338 "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
4339 "\x70\x71\x72\x73\x74\x75\x76\x77"
4340 "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
4341 "\x80\x81\x82\x83\x84\x85\x86\x87"
4342 "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
4343 "\x90\x91\x92\x93\x94\x95\x96\x97"
4344 "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
4345 "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
4346 "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
4347 "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
4348 "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
4349 "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
4350 "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
4351 "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
4352 "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
4353 "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
4354 "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
4355 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
4356 "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
4357 "\x00\x01\x02\x03\x04\x05\x06\x07"
4358 "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
4359 "\x10\x11\x12\x13\x14\x15\x16\x17"
4360 "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
4361 "\x20\x21\x22\x23\x24\x25\x26\x27"
4362 "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
4363 "\x30\x31\x32\x33\x34\x35\x36\x37"
4364 "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
4365 "\x40\x41\x42\x43\x44\x45\x46\x47"
4366 "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
4367 "\x50\x51\x52\x53\x54\x55\x56\x57"
4368 "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
4369 "\x60\x61\x62\x63\x64\x65\x66\x67"
4370 "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
4371 "\x70\x71\x72\x73\x74\x75\x76\x77"
4372 "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
4373 "\x80\x81\x82\x83\x84\x85\x86\x87"
4374 "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
4375 "\x90\x91\x92\x93\x94\x95\x96\x97"
4376 "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
4377 "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
4378 "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
4379 "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
4380 "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
4381 "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
4382 "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
4383 "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
4384 "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
4385 "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
4386 "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
4387 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
4388 "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
4389 .ilen = 512,
4390 .result = "\x1c\x3b\x3a\x10\x2f\x77\x03\x86"
4391 "\xe4\x83\x6c\x99\xe3\x70\xcf\x9b"
4392 "\xea\x00\x80\x3f\x5e\x48\x23\x57"
4393 "\xa4\xae\x12\xd4\x14\xa3\xe6\x3b"
4394 "\x5d\x31\xe2\x76\xf8\xfe\x4a\x8d"
4395 "\x66\xb3\x17\xf9\xac\x68\x3f\x44"
4396 "\x68\x0a\x86\xac\x35\xad\xfc\x33"
4397 "\x45\xbe\xfe\xcb\x4b\xb1\x88\xfd"
4398 "\x57\x76\x92\x6c\x49\xa3\x09\x5e"
4399 "\xb1\x08\xfd\x10\x98\xba\xec\x70"
4400 "\xaa\xa6\x69\x99\xa7\x2a\x82\xf2"
4401 "\x7d\x84\x8b\x21\xd4\xa7\x41\xb0"
4402 "\xc5\xcd\x4d\x5f\xff\x9d\xac\x89"
4403 "\xae\xba\x12\x29\x61\xd0\x3a\x75"
4404 "\x71\x23\xe9\x87\x0f\x8a\xcf\x10"
4405 "\x00\x02\x08\x87\x89\x14\x29\xca"
4406 "\x2a\x3e\x7a\x7d\x7d\xf7\xb1\x03"
4407 "\x55\x16\x5c\x8b\x9a\x6d\x0a\x7d"
4408 "\xe8\xb0\x62\xc4\x50\x0d\xc4\xcd"
4409 "\x12\x0c\x0f\x74\x18\xda\xe3\xd0"
4410 "\xb5\x78\x1c\x34\x80\x3f\xa7\x54"
4411 "\x21\xc7\x90\xdf\xe1\xde\x18\x34"
4412 "\xf2\x80\xd7\x66\x7b\x32\x7f\x6c"
4413 "\x8c\xd7\x55\x7e\x12\xac\x3a\x0f"
4414 "\x93\xec\x05\xc5\x2e\x04\x93\xef"
4415 "\x31\xa1\x2d\x3d\x92\x60\xf7\x9a"
4416 "\x28\x9d\x6a\x37\x9b\xc7\x0c\x50"
4417 "\x84\x14\x73\xd1\xa8\xcc\x81\xec"
4418 "\x58\x3e\x96\x45\xe0\x7b\x8d\x96"
4419 "\x70\x65\x5b\xa5\xbb\xcf\xec\xc6"
4420 "\xdc\x39\x66\x38\x0a\xd8\xfe\xcb"
4421 "\x17\xb6\xba\x02\x46\x9a\x02\x0a"
4422 "\x84\xe1\x8e\x8f\x84\x25\x20\x70"
4423 "\xc1\x3e\x9f\x1f\x28\x9b\xe5\x4f"
4424 "\xbc\x48\x14\x57\x77\x8f\x61\x60"
4425 "\x15\xe1\x32\x7a\x02\xb1\x40\xf1"
4426 "\x50\x5e\xb3\x09\x32\x6d\x68\x37"
4427 "\x8f\x83\x74\x59\x5c\x84\x9d\x84"
4428 "\xf4\xc3\x33\xec\x44\x23\x88\x51"
4429 "\x43\xcb\x47\xbd\x71\xc5\xed\xae"
4430 "\x9b\xe6\x9a\x2f\xfe\xce\xb1\xbe"
4431 "\xc9\xde\x24\x4f\xbe\x15\x99\x2b"
4432 "\x11\xb7\x7c\x04\x0f\x12\xbd\x8f"
4433 "\x6a\x97\x5a\x44\xa0\xf9\x0c\x29"
4434 "\xa9\xab\xc3\xd4\xd8\x93\x92\x72"
4435 "\x84\xc5\x87\x54\xcc\xe2\x94\x52"
4436 "\x9f\x86\x14\xdc\xd2\xab\xa9\x91"
4437 "\x92\x5f\xed\xc4\xae\x74\xff\xac"
4438 "\x6e\x33\x3b\x93\xeb\x4a\xff\x04"
4439 "\x79\xda\x9a\x41\x0e\x44\x50\xe0"
4440 "\xdd\x7a\xe4\xc6\xe2\x91\x09\x00"
4441 "\x57\x5d\xa4\x01\xfc\x07\x05\x9f"
4442 "\x64\x5e\x8b\x7e\x9b\xfd\xef\x33"
4443 "\x94\x30\x54\xff\x84\x01\x14\x93"
4444 "\xc2\x7b\x34\x29\xea\xed\xb4\xed"
4445 "\x53\x76\x44\x1a\x77\xed\x43\x85"
4446 "\x1a\xd7\x7f\x16\xf5\x41\xdf\xd2"
4447 "\x69\xd5\x0d\x6a\x5f\x14\xfb\x0a"
4448 "\xab\x1c\xbb\x4c\x15\x50\xbe\x97"
4449 "\xf7\xab\x40\x66\x19\x3c\x4c\xaa"
4450 "\x77\x3d\xad\x38\x01\x4b\xd2\x09"
4451 "\x2f\xa7\x55\xc8\x24\xbb\x5e\x54"
4452 "\xc4\xf3\x6f\xfd\xa9\xfc\xea\x70"
4453 "\xb9\xc6\xe6\x93\xe1\x48\xc1\x51",
4454 .rlen = 512,
3929 } 4455 }
3930}; 4456};
3931 4457
@@ -4123,6 +4649,151 @@ static struct cipher_testvec aes_xts_dec_tv_template[] = {
4123 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7" 4649 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
4124 "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff", 4650 "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
4125 .rlen = 512, 4651 .rlen = 512,
4652 }, { /* XTS-AES 10, XTS-AES-256, data unit 512 bytes */
4653 .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
4654 "\x23\x53\x60\x28\x74\x71\x35\x26"
4655 "\x62\x49\x77\x57\x24\x70\x93\x69"
4656 "\x99\x59\x57\x49\x66\x96\x76\x27"
4657 "\x31\x41\x59\x26\x53\x58\x97\x93"
4658 "\x23\x84\x62\x64\x33\x83\x27\x95"
4659 "\x02\x88\x41\x97\x16\x93\x99\x37"
4660 "\x51\x05\x82\x09\x74\x94\x45\x92",
4661 .klen = 64,
4662 .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
4663 "\x00\x00\x00\x00\x00\x00\x00\x00",
4664 "\x00\x00\x00\x00\x00\x00\x00\x00",
4665 "\x00\x00\x00\x00\x00\x00\x00\x00",
4666 .input = "\x1c\x3b\x3a\x10\x2f\x77\x03\x86"
4667 "\xe4\x83\x6c\x99\xe3\x70\xcf\x9b"
4668 "\xea\x00\x80\x3f\x5e\x48\x23\x57"
4669 "\xa4\xae\x12\xd4\x14\xa3\xe6\x3b"
4670 "\x5d\x31\xe2\x76\xf8\xfe\x4a\x8d"
4671 "\x66\xb3\x17\xf9\xac\x68\x3f\x44"
4672 "\x68\x0a\x86\xac\x35\xad\xfc\x33"
4673 "\x45\xbe\xfe\xcb\x4b\xb1\x88\xfd"
4674 "\x57\x76\x92\x6c\x49\xa3\x09\x5e"
4675 "\xb1\x08\xfd\x10\x98\xba\xec\x70"
4676 "\xaa\xa6\x69\x99\xa7\x2a\x82\xf2"
4677 "\x7d\x84\x8b\x21\xd4\xa7\x41\xb0"
4678 "\xc5\xcd\x4d\x5f\xff\x9d\xac\x89"
4679 "\xae\xba\x12\x29\x61\xd0\x3a\x75"
4680 "\x71\x23\xe9\x87\x0f\x8a\xcf\x10"
4681 "\x00\x02\x08\x87\x89\x14\x29\xca"
4682 "\x2a\x3e\x7a\x7d\x7d\xf7\xb1\x03"
4683 "\x55\x16\x5c\x8b\x9a\x6d\x0a\x7d"
4684 "\xe8\xb0\x62\xc4\x50\x0d\xc4\xcd"
4685 "\x12\x0c\x0f\x74\x18\xda\xe3\xd0"
4686 "\xb5\x78\x1c\x34\x80\x3f\xa7\x54"
4687 "\x21\xc7\x90\xdf\xe1\xde\x18\x34"
4688 "\xf2\x80\xd7\x66\x7b\x32\x7f\x6c"
4689 "\x8c\xd7\x55\x7e\x12\xac\x3a\x0f"
4690 "\x93\xec\x05\xc5\x2e\x04\x93\xef"
4691 "\x31\xa1\x2d\x3d\x92\x60\xf7\x9a"
4692 "\x28\x9d\x6a\x37\x9b\xc7\x0c\x50"
4693 "\x84\x14\x73\xd1\xa8\xcc\x81\xec"
4694 "\x58\x3e\x96\x45\xe0\x7b\x8d\x96"
4695 "\x70\x65\x5b\xa5\xbb\xcf\xec\xc6"
4696 "\xdc\x39\x66\x38\x0a\xd8\xfe\xcb"
4697 "\x17\xb6\xba\x02\x46\x9a\x02\x0a"
4698 "\x84\xe1\x8e\x8f\x84\x25\x20\x70"
4699 "\xc1\x3e\x9f\x1f\x28\x9b\xe5\x4f"
4700 "\xbc\x48\x14\x57\x77\x8f\x61\x60"
4701 "\x15\xe1\x32\x7a\x02\xb1\x40\xf1"
4702 "\x50\x5e\xb3\x09\x32\x6d\x68\x37"
4703 "\x8f\x83\x74\x59\x5c\x84\x9d\x84"
4704 "\xf4\xc3\x33\xec\x44\x23\x88\x51"
4705 "\x43\xcb\x47\xbd\x71\xc5\xed\xae"
4706 "\x9b\xe6\x9a\x2f\xfe\xce\xb1\xbe"
4707 "\xc9\xde\x24\x4f\xbe\x15\x99\x2b"
4708 "\x11\xb7\x7c\x04\x0f\x12\xbd\x8f"
4709 "\x6a\x97\x5a\x44\xa0\xf9\x0c\x29"
4710 "\xa9\xab\xc3\xd4\xd8\x93\x92\x72"
4711 "\x84\xc5\x87\x54\xcc\xe2\x94\x52"
4712 "\x9f\x86\x14\xdc\xd2\xab\xa9\x91"
4713 "\x92\x5f\xed\xc4\xae\x74\xff\xac"
4714 "\x6e\x33\x3b\x93\xeb\x4a\xff\x04"
4715 "\x79\xda\x9a\x41\x0e\x44\x50\xe0"
4716 "\xdd\x7a\xe4\xc6\xe2\x91\x09\x00"
4717 "\x57\x5d\xa4\x01\xfc\x07\x05\x9f"
4718 "\x64\x5e\x8b\x7e\x9b\xfd\xef\x33"
4719 "\x94\x30\x54\xff\x84\x01\x14\x93"
4720 "\xc2\x7b\x34\x29\xea\xed\xb4\xed"
4721 "\x53\x76\x44\x1a\x77\xed\x43\x85"
4722 "\x1a\xd7\x7f\x16\xf5\x41\xdf\xd2"
4723 "\x69\xd5\x0d\x6a\x5f\x14\xfb\x0a"
4724 "\xab\x1c\xbb\x4c\x15\x50\xbe\x97"
4725 "\xf7\xab\x40\x66\x19\x3c\x4c\xaa"
4726 "\x77\x3d\xad\x38\x01\x4b\xd2\x09"
4727 "\x2f\xa7\x55\xc8\x24\xbb\x5e\x54"
4728 "\xc4\xf3\x6f\xfd\xa9\xfc\xea\x70"
4729 "\xb9\xc6\xe6\x93\xe1\x48\xc1\x51",
4730 .ilen = 512,
4731 .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
4732 "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
4733 "\x10\x11\x12\x13\x14\x15\x16\x17"
4734 "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
4735 "\x20\x21\x22\x23\x24\x25\x26\x27"
4736 "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
4737 "\x30\x31\x32\x33\x34\x35\x36\x37"
4738 "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
4739 "\x40\x41\x42\x43\x44\x45\x46\x47"
4740 "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
4741 "\x50\x51\x52\x53\x54\x55\x56\x57"
4742 "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
4743 "\x60\x61\x62\x63\x64\x65\x66\x67"
4744 "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
4745 "\x70\x71\x72\x73\x74\x75\x76\x77"
4746 "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
4747 "\x80\x81\x82\x83\x84\x85\x86\x87"
4748 "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
4749 "\x90\x91\x92\x93\x94\x95\x96\x97"
4750 "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
4751 "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
4752 "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
4753 "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
4754 "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
4755 "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
4756 "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
4757 "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
4758 "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
4759 "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
4760 "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
4761 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
4762 "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
4763 "\x00\x01\x02\x03\x04\x05\x06\x07"
4764 "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
4765 "\x10\x11\x12\x13\x14\x15\x16\x17"
4766 "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
4767 "\x20\x21\x22\x23\x24\x25\x26\x27"
4768 "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
4769 "\x30\x31\x32\x33\x34\x35\x36\x37"
4770 "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
4771 "\x40\x41\x42\x43\x44\x45\x46\x47"
4772 "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
4773 "\x50\x51\x52\x53\x54\x55\x56\x57"
4774 "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
4775 "\x60\x61\x62\x63\x64\x65\x66\x67"
4776 "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
4777 "\x70\x71\x72\x73\x74\x75\x76\x77"
4778 "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
4779 "\x80\x81\x82\x83\x84\x85\x86\x87"
4780 "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
4781 "\x90\x91\x92\x93\x94\x95\x96\x97"
4782 "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
4783 "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
4784 "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
4785 "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
4786 "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
4787 "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
4788 "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
4789 "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
4790 "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
4791 "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
4792 "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
4793 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
4794 "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
4795 .rlen = 512,
4796
4126 } 4797 }
4127}; 4798};
4128 4799
diff --git a/crypto/vmac.c b/crypto/vmac.c
index f35ff8a3926e..4243905ba135 100644
--- a/crypto/vmac.c
+++ b/crypto/vmac.c
@@ -27,6 +27,7 @@
27#include <linux/init.h> 27#include <linux/init.h>
28#include <linux/types.h> 28#include <linux/types.h>
29#include <linux/crypto.h> 29#include <linux/crypto.h>
30#include <linux/module.h>
30#include <linux/scatterlist.h> 31#include <linux/scatterlist.h>
31#include <asm/byteorder.h> 32#include <asm/byteorder.h>
32#include <crypto/scatterwalk.h> 33#include <crypto/scatterwalk.h>
diff --git a/crypto/wp512.c b/crypto/wp512.c
index 723427273687..71719a2be25a 100644
--- a/crypto/wp512.c
+++ b/crypto/wp512.c
@@ -762,11 +762,17 @@ static const u64 C7[256] = {
762 0x86228644a411c286ULL, 762 0x86228644a411c286ULL,
763}; 763};
764 764
765static const u64 rc[WHIRLPOOL_ROUNDS + 1] = { 765static const u64 rc[WHIRLPOOL_ROUNDS] = {
766 0x0000000000000000ULL, 0x1823c6e887b8014fULL, 0x36a6d2f5796f9152ULL, 766 0x1823c6e887b8014fULL,
767 0x60bc9b8ea30c7b35ULL, 0x1de0d7c22e4bfe57ULL, 0x157737e59ff04adaULL, 767 0x36a6d2f5796f9152ULL,
768 0x58c9290ab1a06b85ULL, 0xbd5d10f4cb3e0567ULL, 0xe427418ba77d95d8ULL, 768 0x60bc9b8ea30c7b35ULL,
769 0xfbee7c66dd17479eULL, 0xca2dbf07ad5a8333ULL, 769 0x1de0d7c22e4bfe57ULL,
770 0x157737e59ff04adaULL,
771 0x58c9290ab1a06b85ULL,
772 0xbd5d10f4cb3e0567ULL,
773 0xe427418ba77d95d8ULL,
774 0xfbee7c66dd17479eULL,
775 0xca2dbf07ad5a8333ULL,
770}; 776};
771 777
772/** 778/**
@@ -793,7 +799,7 @@ static void wp512_process_buffer(struct wp512_ctx *wctx) {
793 state[6] = block[6] ^ (K[6] = wctx->hash[6]); 799 state[6] = block[6] ^ (K[6] = wctx->hash[6]);
794 state[7] = block[7] ^ (K[7] = wctx->hash[7]); 800 state[7] = block[7] ^ (K[7] = wctx->hash[7]);
795 801
796 for (r = 1; r <= WHIRLPOOL_ROUNDS; r++) { 802 for (r = 0; r < WHIRLPOOL_ROUNDS; r++) {
797 803
798 L[0] = C0[(int)(K[0] >> 56) ] ^ 804 L[0] = C0[(int)(K[0] >> 56) ] ^
799 C1[(int)(K[7] >> 48) & 0xff] ^ 805 C1[(int)(K[7] >> 48) & 0xff] ^
diff --git a/crypto/xcbc.c b/crypto/xcbc.c
index bb7b67fba349..a5fbdf3738cf 100644
--- a/crypto/xcbc.c
+++ b/crypto/xcbc.c
@@ -22,6 +22,7 @@
22#include <crypto/internal/hash.h> 22#include <crypto/internal/hash.h>
23#include <linux/err.h> 23#include <linux/err.h>
24#include <linux/kernel.h> 24#include <linux/kernel.h>
25#include <linux/module.h>
25 26
26static u_int32_t ks[12] = {0x01010101, 0x01010101, 0x01010101, 0x01010101, 27static u_int32_t ks[12] = {0x01010101, 0x01010101, 0x01010101, 0x01010101,
27 0x02020202, 0x02020202, 0x02020202, 0x02020202, 28 0x02020202, 0x02020202, 0x02020202, 0x02020202,
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-28 01:26:26 -0500