diff options
Diffstat (limited to 'crypto')
34 files changed, 9478 insertions, 2061 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig index 083d2e1dfc21..c3166a1a5bb6 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig | |||
@@ -24,10 +24,6 @@ config CRYPTO_ALGAPI | |||
24 | help | 24 | help |
25 | This option provides the API for cryptographic algorithms. | 25 | This option provides the API for cryptographic algorithms. |
26 | 26 | ||
27 | config CRYPTO_ABLKCIPHER | ||
28 | tristate | ||
29 | select CRYPTO_BLKCIPHER | ||
30 | |||
31 | config CRYPTO_AEAD | 27 | config CRYPTO_AEAD |
32 | tristate | 28 | tristate |
33 | select CRYPTO_ALGAPI | 29 | select CRYPTO_ALGAPI |
@@ -36,6 +32,15 @@ config CRYPTO_BLKCIPHER | |||
36 | tristate | 32 | tristate |
37 | select CRYPTO_ALGAPI | 33 | select CRYPTO_ALGAPI |
38 | 34 | ||
35 | config CRYPTO_SEQIV | ||
36 | tristate "Sequence Number IV Generator" | ||
37 | select CRYPTO_AEAD | ||
38 | select CRYPTO_BLKCIPHER | ||
39 | help | ||
40 | This IV generator generates an IV based on a sequence number by | ||
41 | xoring it with a salt. This algorithm is mainly useful for CTR | ||
42 | and similar modes. | ||
43 | |||
39 | config CRYPTO_HASH | 44 | config CRYPTO_HASH |
40 | tristate | 45 | tristate |
41 | select CRYPTO_ALGAPI | 46 | select CRYPTO_ALGAPI |
@@ -91,7 +96,7 @@ config CRYPTO_SHA1 | |||
91 | SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). | 96 | SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). |
92 | 97 | ||
93 | config CRYPTO_SHA256 | 98 | config CRYPTO_SHA256 |
94 | tristate "SHA256 digest algorithm" | 99 | tristate "SHA224 and SHA256 digest algorithm" |
95 | select CRYPTO_ALGAPI | 100 | select CRYPTO_ALGAPI |
96 | help | 101 | help |
97 | SHA256 secure hash standard (DFIPS 180-2). | 102 | SHA256 secure hash standard (DFIPS 180-2). |
@@ -99,6 +104,9 @@ config CRYPTO_SHA256 | |||
99 | This version of SHA implements a 256 bit hash with 128 bits of | 104 | This version of SHA implements a 256 bit hash with 128 bits of |
100 | security against collision attacks. | 105 | security against collision attacks. |
101 | 106 | ||
107 | This code also includes SHA-224, a 224 bit hash with 112 bits | ||
108 | of security against collision attacks. | ||
109 | |||
102 | config CRYPTO_SHA512 | 110 | config CRYPTO_SHA512 |
103 | tristate "SHA384 and SHA512 digest algorithms" | 111 | tristate "SHA384 and SHA512 digest algorithms" |
104 | select CRYPTO_ALGAPI | 112 | select CRYPTO_ALGAPI |
@@ -195,9 +203,34 @@ config CRYPTO_XTS | |||
195 | key size 256, 384 or 512 bits. This implementation currently | 203 | key size 256, 384 or 512 bits. This implementation currently |
196 | can't handle a sectorsize which is not a multiple of 16 bytes. | 204 | can't handle a sectorsize which is not a multiple of 16 bytes. |
197 | 205 | ||
206 | config CRYPTO_CTR | ||
207 | tristate "CTR support" | ||
208 | select CRYPTO_BLKCIPHER | ||
209 | select CRYPTO_SEQIV | ||
210 | select CRYPTO_MANAGER | ||
211 | help | ||
212 | CTR: Counter mode | ||
213 | This block cipher algorithm is required for IPSec. | ||
214 | |||
215 | config CRYPTO_GCM | ||
216 | tristate "GCM/GMAC support" | ||
217 | select CRYPTO_CTR | ||
218 | select CRYPTO_AEAD | ||
219 | select CRYPTO_GF128MUL | ||
220 | help | ||
221 | Support for Galois/Counter Mode (GCM) and Galois Message | ||
222 | Authentication Code (GMAC). Required for IPSec. | ||
223 | |||
224 | config CRYPTO_CCM | ||
225 | tristate "CCM support" | ||
226 | select CRYPTO_CTR | ||
227 | select CRYPTO_AEAD | ||
228 | help | ||
229 | Support for Counter with CBC MAC. Required for IPsec. | ||
230 | |||
198 | config CRYPTO_CRYPTD | 231 | config CRYPTO_CRYPTD |
199 | tristate "Software async crypto daemon" | 232 | tristate "Software async crypto daemon" |
200 | select CRYPTO_ABLKCIPHER | 233 | select CRYPTO_BLKCIPHER |
201 | select CRYPTO_MANAGER | 234 | select CRYPTO_MANAGER |
202 | help | 235 | help |
203 | This is a generic software asynchronous crypto daemon that | 236 | This is a generic software asynchronous crypto daemon that |
@@ -320,6 +353,7 @@ config CRYPTO_AES_586 | |||
320 | tristate "AES cipher algorithms (i586)" | 353 | tristate "AES cipher algorithms (i586)" |
321 | depends on (X86 || UML_X86) && !64BIT | 354 | depends on (X86 || UML_X86) && !64BIT |
322 | select CRYPTO_ALGAPI | 355 | select CRYPTO_ALGAPI |
356 | select CRYPTO_AES | ||
323 | help | 357 | help |
324 | AES cipher algorithms (FIPS-197). AES uses the Rijndael | 358 | AES cipher algorithms (FIPS-197). AES uses the Rijndael |
325 | algorithm. | 359 | algorithm. |
@@ -341,6 +375,7 @@ config CRYPTO_AES_X86_64 | |||
341 | tristate "AES cipher algorithms (x86_64)" | 375 | tristate "AES cipher algorithms (x86_64)" |
342 | depends on (X86 || UML_X86) && 64BIT | 376 | depends on (X86 || UML_X86) && 64BIT |
343 | select CRYPTO_ALGAPI | 377 | select CRYPTO_ALGAPI |
378 | select CRYPTO_AES | ||
344 | help | 379 | help |
345 | AES cipher algorithms (FIPS-197). AES uses the Rijndael | 380 | AES cipher algorithms (FIPS-197). AES uses the Rijndael |
346 | algorithm. | 381 | algorithm. |
@@ -441,6 +476,46 @@ config CRYPTO_SEED | |||
441 | See also: | 476 | See also: |
442 | <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> | 477 | <http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp> |
443 | 478 | ||
479 | config CRYPTO_SALSA20 | ||
480 | tristate "Salsa20 stream cipher algorithm (EXPERIMENTAL)" | ||
481 | depends on EXPERIMENTAL | ||
482 | select CRYPTO_BLKCIPHER | ||
483 | help | ||
484 | Salsa20 stream cipher algorithm. | ||
485 | |||
486 | Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT | ||
487 | Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> | ||
488 | |||
489 | The Salsa20 stream cipher algorithm is designed by Daniel J. | ||
490 | Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> | ||
491 | |||
492 | config CRYPTO_SALSA20_586 | ||
493 | tristate "Salsa20 stream cipher algorithm (i586) (EXPERIMENTAL)" | ||
494 | depends on (X86 || UML_X86) && !64BIT | ||
495 | depends on EXPERIMENTAL | ||
496 | select CRYPTO_BLKCIPHER | ||
497 | help | ||
498 | Salsa20 stream cipher algorithm. | ||
499 | |||
500 | Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT | ||
501 | Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> | ||
502 | |||
503 | The Salsa20 stream cipher algorithm is designed by Daniel J. | ||
504 | Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> | ||
505 | |||
506 | config CRYPTO_SALSA20_X86_64 | ||
507 | tristate "Salsa20 stream cipher algorithm (x86_64) (EXPERIMENTAL)" | ||
508 | depends on (X86 || UML_X86) && 64BIT | ||
509 | depends on EXPERIMENTAL | ||
510 | select CRYPTO_BLKCIPHER | ||
511 | help | ||
512 | Salsa20 stream cipher algorithm. | ||
513 | |||
514 | Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT | ||
515 | Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> | ||
516 | |||
517 | The Salsa20 stream cipher algorithm is designed by Daniel J. | ||
518 | Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> | ||
444 | 519 | ||
445 | config CRYPTO_DEFLATE | 520 | config CRYPTO_DEFLATE |
446 | tristate "Deflate compression algorithm" | 521 | tristate "Deflate compression algorithm" |
@@ -491,6 +566,7 @@ config CRYPTO_TEST | |||
491 | tristate "Testing module" | 566 | tristate "Testing module" |
492 | depends on m | 567 | depends on m |
493 | select CRYPTO_ALGAPI | 568 | select CRYPTO_ALGAPI |
569 | select CRYPTO_AEAD | ||
494 | help | 570 | help |
495 | Quick & dirty crypto test module. | 571 | Quick & dirty crypto test module. |
496 | 572 | ||
@@ -498,10 +574,19 @@ config CRYPTO_AUTHENC | |||
498 | tristate "Authenc support" | 574 | tristate "Authenc support" |
499 | select CRYPTO_AEAD | 575 | select CRYPTO_AEAD |
500 | select CRYPTO_MANAGER | 576 | select CRYPTO_MANAGER |
577 | select CRYPTO_HASH | ||
501 | help | 578 | help |
502 | Authenc: Combined mode wrapper for IPsec. | 579 | Authenc: Combined mode wrapper for IPsec. |
503 | This is required for IPSec. | 580 | This is required for IPSec. |
504 | 581 | ||
582 | config CRYPTO_LZO | ||
583 | tristate "LZO compression algorithm" | ||
584 | select CRYPTO_ALGAPI | ||
585 | select LZO_COMPRESS | ||
586 | select LZO_DECOMPRESS | ||
587 | help | ||
588 | This is the LZO algorithm. | ||
589 | |||
505 | source "drivers/crypto/Kconfig" | 590 | source "drivers/crypto/Kconfig" |
506 | 591 | ||
507 | endif # if CRYPTO | 592 | endif # if CRYPTO |
diff --git a/crypto/Makefile b/crypto/Makefile index 43c2a0dc9936..48c758379954 100644 --- a/crypto/Makefile +++ b/crypto/Makefile | |||
@@ -8,9 +8,14 @@ crypto_algapi-$(CONFIG_PROC_FS) += proc.o | |||
8 | crypto_algapi-objs := algapi.o scatterwalk.o $(crypto_algapi-y) | 8 | crypto_algapi-objs := algapi.o scatterwalk.o $(crypto_algapi-y) |
9 | obj-$(CONFIG_CRYPTO_ALGAPI) += crypto_algapi.o | 9 | obj-$(CONFIG_CRYPTO_ALGAPI) += crypto_algapi.o |
10 | 10 | ||
11 | obj-$(CONFIG_CRYPTO_ABLKCIPHER) += ablkcipher.o | ||
12 | obj-$(CONFIG_CRYPTO_AEAD) += aead.o | 11 | obj-$(CONFIG_CRYPTO_AEAD) += aead.o |
13 | obj-$(CONFIG_CRYPTO_BLKCIPHER) += blkcipher.o | 12 | |
13 | crypto_blkcipher-objs := ablkcipher.o | ||
14 | crypto_blkcipher-objs += blkcipher.o | ||
15 | obj-$(CONFIG_CRYPTO_BLKCIPHER) += crypto_blkcipher.o | ||
16 | obj-$(CONFIG_CRYPTO_BLKCIPHER) += chainiv.o | ||
17 | obj-$(CONFIG_CRYPTO_BLKCIPHER) += eseqiv.o | ||
18 | obj-$(CONFIG_CRYPTO_SEQIV) += seqiv.o | ||
14 | 19 | ||
15 | crypto_hash-objs := hash.o | 20 | crypto_hash-objs := hash.o |
16 | obj-$(CONFIG_CRYPTO_HASH) += crypto_hash.o | 21 | obj-$(CONFIG_CRYPTO_HASH) += crypto_hash.o |
@@ -32,6 +37,9 @@ obj-$(CONFIG_CRYPTO_CBC) += cbc.o | |||
32 | obj-$(CONFIG_CRYPTO_PCBC) += pcbc.o | 37 | obj-$(CONFIG_CRYPTO_PCBC) += pcbc.o |
33 | obj-$(CONFIG_CRYPTO_LRW) += lrw.o | 38 | obj-$(CONFIG_CRYPTO_LRW) += lrw.o |
34 | obj-$(CONFIG_CRYPTO_XTS) += xts.o | 39 | obj-$(CONFIG_CRYPTO_XTS) += xts.o |
40 | obj-$(CONFIG_CRYPTO_CTR) += ctr.o | ||
41 | obj-$(CONFIG_CRYPTO_GCM) += gcm.o | ||
42 | obj-$(CONFIG_CRYPTO_CCM) += ccm.o | ||
35 | obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o | 43 | obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o |
36 | obj-$(CONFIG_CRYPTO_DES) += des_generic.o | 44 | obj-$(CONFIG_CRYPTO_DES) += des_generic.o |
37 | obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o | 45 | obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o |
@@ -48,10 +56,12 @@ obj-$(CONFIG_CRYPTO_TEA) += tea.o | |||
48 | obj-$(CONFIG_CRYPTO_KHAZAD) += khazad.o | 56 | obj-$(CONFIG_CRYPTO_KHAZAD) += khazad.o |
49 | obj-$(CONFIG_CRYPTO_ANUBIS) += anubis.o | 57 | obj-$(CONFIG_CRYPTO_ANUBIS) += anubis.o |
50 | obj-$(CONFIG_CRYPTO_SEED) += seed.o | 58 | obj-$(CONFIG_CRYPTO_SEED) += seed.o |
59 | obj-$(CONFIG_CRYPTO_SALSA20) += salsa20_generic.o | ||
51 | obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o | 60 | obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o |
52 | obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o | 61 | obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o |
53 | obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o | 62 | obj-$(CONFIG_CRYPTO_CRC32C) += crc32c.o |
54 | obj-$(CONFIG_CRYPTO_AUTHENC) += authenc.o | 63 | obj-$(CONFIG_CRYPTO_AUTHENC) += authenc.o |
64 | obj-$(CONFIG_CRYPTO_LZO) += lzo.o | ||
55 | 65 | ||
56 | obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o | 66 | obj-$(CONFIG_CRYPTO_TEST) += tcrypt.o |
57 | 67 | ||
diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c index 2731acb86e7d..3bcb099b4a85 100644 --- a/crypto/ablkcipher.c +++ b/crypto/ablkcipher.c | |||
@@ -13,14 +13,18 @@ | |||
13 | * | 13 | * |
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include <crypto/algapi.h> | 16 | #include <crypto/internal/skcipher.h> |
17 | #include <linux/errno.h> | 17 | #include <linux/err.h> |
18 | #include <linux/init.h> | 18 | #include <linux/init.h> |
19 | #include <linux/kernel.h> | 19 | #include <linux/kernel.h> |
20 | #include <linux/module.h> | 20 | #include <linux/module.h> |
21 | #include <linux/rtnetlink.h> | ||
22 | #include <linux/sched.h> | ||
21 | #include <linux/slab.h> | 23 | #include <linux/slab.h> |
22 | #include <linux/seq_file.h> | 24 | #include <linux/seq_file.h> |
23 | 25 | ||
26 | #include "internal.h" | ||
27 | |||
24 | static int setkey_unaligned(struct crypto_ablkcipher *tfm, const u8 *key, | 28 | static int setkey_unaligned(struct crypto_ablkcipher *tfm, const u8 *key, |
25 | unsigned int keylen) | 29 | unsigned int keylen) |
26 | { | 30 | { |
@@ -66,6 +70,16 @@ static unsigned int crypto_ablkcipher_ctxsize(struct crypto_alg *alg, u32 type, | |||
66 | return alg->cra_ctxsize; | 70 | return alg->cra_ctxsize; |
67 | } | 71 | } |
68 | 72 | ||
73 | int skcipher_null_givencrypt(struct skcipher_givcrypt_request *req) | ||
74 | { | ||
75 | return crypto_ablkcipher_encrypt(&req->creq); | ||
76 | } | ||
77 | |||
78 | int skcipher_null_givdecrypt(struct skcipher_givcrypt_request *req) | ||
79 | { | ||
80 | return crypto_ablkcipher_decrypt(&req->creq); | ||
81 | } | ||
82 | |||
69 | static int crypto_init_ablkcipher_ops(struct crypto_tfm *tfm, u32 type, | 83 | static int crypto_init_ablkcipher_ops(struct crypto_tfm *tfm, u32 type, |
70 | u32 mask) | 84 | u32 mask) |
71 | { | 85 | { |
@@ -78,6 +92,11 @@ static int crypto_init_ablkcipher_ops(struct crypto_tfm *tfm, u32 type, | |||
78 | crt->setkey = setkey; | 92 | crt->setkey = setkey; |
79 | crt->encrypt = alg->encrypt; | 93 | crt->encrypt = alg->encrypt; |
80 | crt->decrypt = alg->decrypt; | 94 | crt->decrypt = alg->decrypt; |
95 | if (!alg->ivsize) { | ||
96 | crt->givencrypt = skcipher_null_givencrypt; | ||
97 | crt->givdecrypt = skcipher_null_givdecrypt; | ||
98 | } | ||
99 | crt->base = __crypto_ablkcipher_cast(tfm); | ||
81 | crt->ivsize = alg->ivsize; | 100 | crt->ivsize = alg->ivsize; |
82 | 101 | ||
83 | return 0; | 102 | return 0; |
@@ -90,10 +109,13 @@ static void crypto_ablkcipher_show(struct seq_file *m, struct crypto_alg *alg) | |||
90 | struct ablkcipher_alg *ablkcipher = &alg->cra_ablkcipher; | 109 | struct ablkcipher_alg *ablkcipher = &alg->cra_ablkcipher; |
91 | 110 | ||
92 | seq_printf(m, "type : ablkcipher\n"); | 111 | seq_printf(m, "type : ablkcipher\n"); |
112 | seq_printf(m, "async : %s\n", alg->cra_flags & CRYPTO_ALG_ASYNC ? | ||
113 | "yes" : "no"); | ||
93 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); | 114 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); |
94 | seq_printf(m, "min keysize : %u\n", ablkcipher->min_keysize); | 115 | seq_printf(m, "min keysize : %u\n", ablkcipher->min_keysize); |
95 | seq_printf(m, "max keysize : %u\n", ablkcipher->max_keysize); | 116 | seq_printf(m, "max keysize : %u\n", ablkcipher->max_keysize); |
96 | seq_printf(m, "ivsize : %u\n", ablkcipher->ivsize); | 117 | seq_printf(m, "ivsize : %u\n", ablkcipher->ivsize); |
118 | seq_printf(m, "geniv : %s\n", ablkcipher->geniv ?: "<default>"); | ||
97 | } | 119 | } |
98 | 120 | ||
99 | const struct crypto_type crypto_ablkcipher_type = { | 121 | const struct crypto_type crypto_ablkcipher_type = { |
@@ -105,5 +127,220 @@ const struct crypto_type crypto_ablkcipher_type = { | |||
105 | }; | 127 | }; |
106 | EXPORT_SYMBOL_GPL(crypto_ablkcipher_type); | 128 | EXPORT_SYMBOL_GPL(crypto_ablkcipher_type); |
107 | 129 | ||
130 | static int no_givdecrypt(struct skcipher_givcrypt_request *req) | ||
131 | { | ||
132 | return -ENOSYS; | ||
133 | } | ||
134 | |||
135 | static int crypto_init_givcipher_ops(struct crypto_tfm *tfm, u32 type, | ||
136 | u32 mask) | ||
137 | { | ||
138 | struct ablkcipher_alg *alg = &tfm->__crt_alg->cra_ablkcipher; | ||
139 | struct ablkcipher_tfm *crt = &tfm->crt_ablkcipher; | ||
140 | |||
141 | if (alg->ivsize > PAGE_SIZE / 8) | ||
142 | return -EINVAL; | ||
143 | |||
144 | crt->setkey = tfm->__crt_alg->cra_flags & CRYPTO_ALG_GENIV ? | ||
145 | alg->setkey : setkey; | ||
146 | crt->encrypt = alg->encrypt; | ||
147 | crt->decrypt = alg->decrypt; | ||
148 | crt->givencrypt = alg->givencrypt; | ||
149 | crt->givdecrypt = alg->givdecrypt ?: no_givdecrypt; | ||
150 | crt->base = __crypto_ablkcipher_cast(tfm); | ||
151 | crt->ivsize = alg->ivsize; | ||
152 | |||
153 | return 0; | ||
154 | } | ||
155 | |||
156 | static void crypto_givcipher_show(struct seq_file *m, struct crypto_alg *alg) | ||
157 | __attribute__ ((unused)); | ||
158 | static void crypto_givcipher_show(struct seq_file *m, struct crypto_alg *alg) | ||
159 | { | ||
160 | struct ablkcipher_alg *ablkcipher = &alg->cra_ablkcipher; | ||
161 | |||
162 | seq_printf(m, "type : givcipher\n"); | ||
163 | seq_printf(m, "async : %s\n", alg->cra_flags & CRYPTO_ALG_ASYNC ? | ||
164 | "yes" : "no"); | ||
165 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); | ||
166 | seq_printf(m, "min keysize : %u\n", ablkcipher->min_keysize); | ||
167 | seq_printf(m, "max keysize : %u\n", ablkcipher->max_keysize); | ||
168 | seq_printf(m, "ivsize : %u\n", ablkcipher->ivsize); | ||
169 | seq_printf(m, "geniv : %s\n", ablkcipher->geniv ?: "<built-in>"); | ||
170 | } | ||
171 | |||
172 | const struct crypto_type crypto_givcipher_type = { | ||
173 | .ctxsize = crypto_ablkcipher_ctxsize, | ||
174 | .init = crypto_init_givcipher_ops, | ||
175 | #ifdef CONFIG_PROC_FS | ||
176 | .show = crypto_givcipher_show, | ||
177 | #endif | ||
178 | }; | ||
179 | EXPORT_SYMBOL_GPL(crypto_givcipher_type); | ||
180 | |||
181 | const char *crypto_default_geniv(const struct crypto_alg *alg) | ||
182 | { | ||
183 | return alg->cra_flags & CRYPTO_ALG_ASYNC ? "eseqiv" : "chainiv"; | ||
184 | } | ||
185 | |||
186 | static int crypto_givcipher_default(struct crypto_alg *alg, u32 type, u32 mask) | ||
187 | { | ||
188 | struct rtattr *tb[3]; | ||
189 | struct { | ||
190 | struct rtattr attr; | ||
191 | struct crypto_attr_type data; | ||
192 | } ptype; | ||
193 | struct { | ||
194 | struct rtattr attr; | ||
195 | struct crypto_attr_alg data; | ||
196 | } palg; | ||
197 | struct crypto_template *tmpl; | ||
198 | struct crypto_instance *inst; | ||
199 | struct crypto_alg *larval; | ||
200 | const char *geniv; | ||
201 | int err; | ||
202 | |||
203 | larval = crypto_larval_lookup(alg->cra_driver_name, | ||
204 | CRYPTO_ALG_TYPE_GIVCIPHER, | ||
205 | CRYPTO_ALG_TYPE_MASK); | ||
206 | err = PTR_ERR(larval); | ||
207 | if (IS_ERR(larval)) | ||
208 | goto out; | ||
209 | |||
210 | err = -EAGAIN; | ||
211 | if (!crypto_is_larval(larval)) | ||
212 | goto drop_larval; | ||
213 | |||
214 | ptype.attr.rta_len = sizeof(ptype); | ||
215 | ptype.attr.rta_type = CRYPTOA_TYPE; | ||
216 | ptype.data.type = type | CRYPTO_ALG_GENIV; | ||
217 | /* GENIV tells the template that we're making a default geniv. */ | ||
218 | ptype.data.mask = mask | CRYPTO_ALG_GENIV; | ||
219 | tb[0] = &ptype.attr; | ||
220 | |||
221 | palg.attr.rta_len = sizeof(palg); | ||
222 | palg.attr.rta_type = CRYPTOA_ALG; | ||
223 | /* Must use the exact name to locate ourselves. */ | ||
224 | memcpy(palg.data.name, alg->cra_driver_name, CRYPTO_MAX_ALG_NAME); | ||
225 | tb[1] = &palg.attr; | ||
226 | |||
227 | tb[2] = NULL; | ||
228 | |||
229 | if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == | ||
230 | CRYPTO_ALG_TYPE_BLKCIPHER) | ||
231 | geniv = alg->cra_blkcipher.geniv; | ||
232 | else | ||
233 | geniv = alg->cra_ablkcipher.geniv; | ||
234 | |||
235 | if (!geniv) | ||
236 | geniv = crypto_default_geniv(alg); | ||
237 | |||
238 | tmpl = crypto_lookup_template(geniv); | ||
239 | err = -ENOENT; | ||
240 | if (!tmpl) | ||
241 | goto kill_larval; | ||
242 | |||
243 | inst = tmpl->alloc(tb); | ||
244 | err = PTR_ERR(inst); | ||
245 | if (IS_ERR(inst)) | ||
246 | goto put_tmpl; | ||
247 | |||
248 | if ((err = crypto_register_instance(tmpl, inst))) { | ||
249 | tmpl->free(inst); | ||
250 | goto put_tmpl; | ||
251 | } | ||
252 | |||
253 | /* Redo the lookup to use the instance we just registered. */ | ||
254 | err = -EAGAIN; | ||
255 | |||
256 | put_tmpl: | ||
257 | crypto_tmpl_put(tmpl); | ||
258 | kill_larval: | ||
259 | crypto_larval_kill(larval); | ||
260 | drop_larval: | ||
261 | crypto_mod_put(larval); | ||
262 | out: | ||
263 | crypto_mod_put(alg); | ||
264 | return err; | ||
265 | } | ||
266 | |||
267 | static struct crypto_alg *crypto_lookup_skcipher(const char *name, u32 type, | ||
268 | u32 mask) | ||
269 | { | ||
270 | struct crypto_alg *alg; | ||
271 | |||
272 | alg = crypto_alg_mod_lookup(name, type, mask); | ||
273 | if (IS_ERR(alg)) | ||
274 | return alg; | ||
275 | |||
276 | if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == | ||
277 | CRYPTO_ALG_TYPE_GIVCIPHER) | ||
278 | return alg; | ||
279 | |||
280 | if (!((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == | ||
281 | CRYPTO_ALG_TYPE_BLKCIPHER ? alg->cra_blkcipher.ivsize : | ||
282 | alg->cra_ablkcipher.ivsize)) | ||
283 | return alg; | ||
284 | |||
285 | return ERR_PTR(crypto_givcipher_default(alg, type, mask)); | ||
286 | } | ||
287 | |||
288 | int crypto_grab_skcipher(struct crypto_skcipher_spawn *spawn, const char *name, | ||
289 | u32 type, u32 mask) | ||
290 | { | ||
291 | struct crypto_alg *alg; | ||
292 | int err; | ||
293 | |||
294 | type = crypto_skcipher_type(type); | ||
295 | mask = crypto_skcipher_mask(mask); | ||
296 | |||
297 | alg = crypto_lookup_skcipher(name, type, mask); | ||
298 | if (IS_ERR(alg)) | ||
299 | return PTR_ERR(alg); | ||
300 | |||
301 | err = crypto_init_spawn(&spawn->base, alg, spawn->base.inst, mask); | ||
302 | crypto_mod_put(alg); | ||
303 | return err; | ||
304 | } | ||
305 | EXPORT_SYMBOL_GPL(crypto_grab_skcipher); | ||
306 | |||
307 | struct crypto_ablkcipher *crypto_alloc_ablkcipher(const char *alg_name, | ||
308 | u32 type, u32 mask) | ||
309 | { | ||
310 | struct crypto_tfm *tfm; | ||
311 | int err; | ||
312 | |||
313 | type = crypto_skcipher_type(type); | ||
314 | mask = crypto_skcipher_mask(mask); | ||
315 | |||
316 | for (;;) { | ||
317 | struct crypto_alg *alg; | ||
318 | |||
319 | alg = crypto_lookup_skcipher(alg_name, type, mask); | ||
320 | if (IS_ERR(alg)) { | ||
321 | err = PTR_ERR(alg); | ||
322 | goto err; | ||
323 | } | ||
324 | |||
325 | tfm = __crypto_alloc_tfm(alg, type, mask); | ||
326 | if (!IS_ERR(tfm)) | ||
327 | return __crypto_ablkcipher_cast(tfm); | ||
328 | |||
329 | crypto_mod_put(alg); | ||
330 | err = PTR_ERR(tfm); | ||
331 | |||
332 | err: | ||
333 | if (err != -EAGAIN) | ||
334 | break; | ||
335 | if (signal_pending(current)) { | ||
336 | err = -EINTR; | ||
337 | break; | ||
338 | } | ||
339 | } | ||
340 | |||
341 | return ERR_PTR(err); | ||
342 | } | ||
343 | EXPORT_SYMBOL_GPL(crypto_alloc_ablkcipher); | ||
344 | |||
108 | MODULE_LICENSE("GPL"); | 345 | MODULE_LICENSE("GPL"); |
109 | MODULE_DESCRIPTION("Asynchronous block chaining cipher type"); | 346 | MODULE_DESCRIPTION("Asynchronous block chaining cipher type"); |
diff --git a/crypto/aead.c b/crypto/aead.c index 84a3501fb478..3a6f3f52c7c7 100644 --- a/crypto/aead.c +++ b/crypto/aead.c | |||
@@ -12,14 +12,17 @@ | |||
12 | * | 12 | * |
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include <crypto/algapi.h> | 15 | #include <crypto/internal/aead.h> |
16 | #include <linux/errno.h> | 16 | #include <linux/err.h> |
17 | #include <linux/init.h> | 17 | #include <linux/init.h> |
18 | #include <linux/kernel.h> | 18 | #include <linux/kernel.h> |
19 | #include <linux/module.h> | 19 | #include <linux/module.h> |
20 | #include <linux/rtnetlink.h> | ||
20 | #include <linux/slab.h> | 21 | #include <linux/slab.h> |
21 | #include <linux/seq_file.h> | 22 | #include <linux/seq_file.h> |
22 | 23 | ||
24 | #include "internal.h" | ||
25 | |||
23 | static int setkey_unaligned(struct crypto_aead *tfm, const u8 *key, | 26 | static int setkey_unaligned(struct crypto_aead *tfm, const u8 *key, |
24 | unsigned int keylen) | 27 | unsigned int keylen) |
25 | { | 28 | { |
@@ -53,25 +56,54 @@ static int setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen) | |||
53 | return aead->setkey(tfm, key, keylen); | 56 | return aead->setkey(tfm, key, keylen); |
54 | } | 57 | } |
55 | 58 | ||
59 | int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize) | ||
60 | { | ||
61 | struct aead_tfm *crt = crypto_aead_crt(tfm); | ||
62 | int err; | ||
63 | |||
64 | if (authsize > crypto_aead_alg(tfm)->maxauthsize) | ||
65 | return -EINVAL; | ||
66 | |||
67 | if (crypto_aead_alg(tfm)->setauthsize) { | ||
68 | err = crypto_aead_alg(tfm)->setauthsize(crt->base, authsize); | ||
69 | if (err) | ||
70 | return err; | ||
71 | } | ||
72 | |||
73 | crypto_aead_crt(crt->base)->authsize = authsize; | ||
74 | crt->authsize = authsize; | ||
75 | return 0; | ||
76 | } | ||
77 | EXPORT_SYMBOL_GPL(crypto_aead_setauthsize); | ||
78 | |||
56 | static unsigned int crypto_aead_ctxsize(struct crypto_alg *alg, u32 type, | 79 | static unsigned int crypto_aead_ctxsize(struct crypto_alg *alg, u32 type, |
57 | u32 mask) | 80 | u32 mask) |
58 | { | 81 | { |
59 | return alg->cra_ctxsize; | 82 | return alg->cra_ctxsize; |
60 | } | 83 | } |
61 | 84 | ||
85 | static int no_givcrypt(struct aead_givcrypt_request *req) | ||
86 | { | ||
87 | return -ENOSYS; | ||
88 | } | ||
89 | |||
62 | static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask) | 90 | static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask) |
63 | { | 91 | { |
64 | struct aead_alg *alg = &tfm->__crt_alg->cra_aead; | 92 | struct aead_alg *alg = &tfm->__crt_alg->cra_aead; |
65 | struct aead_tfm *crt = &tfm->crt_aead; | 93 | struct aead_tfm *crt = &tfm->crt_aead; |
66 | 94 | ||
67 | if (max(alg->authsize, alg->ivsize) > PAGE_SIZE / 8) | 95 | if (max(alg->maxauthsize, alg->ivsize) > PAGE_SIZE / 8) |
68 | return -EINVAL; | 96 | return -EINVAL; |
69 | 97 | ||
70 | crt->setkey = setkey; | 98 | crt->setkey = tfm->__crt_alg->cra_flags & CRYPTO_ALG_GENIV ? |
99 | alg->setkey : setkey; | ||
71 | crt->encrypt = alg->encrypt; | 100 | crt->encrypt = alg->encrypt; |
72 | crt->decrypt = alg->decrypt; | 101 | crt->decrypt = alg->decrypt; |
102 | crt->givencrypt = alg->givencrypt ?: no_givcrypt; | ||
103 | crt->givdecrypt = alg->givdecrypt ?: no_givcrypt; | ||
104 | crt->base = __crypto_aead_cast(tfm); | ||
73 | crt->ivsize = alg->ivsize; | 105 | crt->ivsize = alg->ivsize; |
74 | crt->authsize = alg->authsize; | 106 | crt->authsize = alg->maxauthsize; |
75 | 107 | ||
76 | return 0; | 108 | return 0; |
77 | } | 109 | } |
@@ -83,9 +115,12 @@ static void crypto_aead_show(struct seq_file *m, struct crypto_alg *alg) | |||
83 | struct aead_alg *aead = &alg->cra_aead; | 115 | struct aead_alg *aead = &alg->cra_aead; |
84 | 116 | ||
85 | seq_printf(m, "type : aead\n"); | 117 | seq_printf(m, "type : aead\n"); |
118 | seq_printf(m, "async : %s\n", alg->cra_flags & CRYPTO_ALG_ASYNC ? | ||
119 | "yes" : "no"); | ||
86 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); | 120 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); |
87 | seq_printf(m, "ivsize : %u\n", aead->ivsize); | 121 | seq_printf(m, "ivsize : %u\n", aead->ivsize); |
88 | seq_printf(m, "authsize : %u\n", aead->authsize); | 122 | seq_printf(m, "maxauthsize : %u\n", aead->maxauthsize); |
123 | seq_printf(m, "geniv : %s\n", aead->geniv ?: "<built-in>"); | ||
89 | } | 124 | } |
90 | 125 | ||
91 | const struct crypto_type crypto_aead_type = { | 126 | const struct crypto_type crypto_aead_type = { |
@@ -97,5 +132,358 @@ const struct crypto_type crypto_aead_type = { | |||
97 | }; | 132 | }; |
98 | EXPORT_SYMBOL_GPL(crypto_aead_type); | 133 | EXPORT_SYMBOL_GPL(crypto_aead_type); |
99 | 134 | ||
135 | static int aead_null_givencrypt(struct aead_givcrypt_request *req) | ||
136 | { | ||
137 | return crypto_aead_encrypt(&req->areq); | ||
138 | } | ||
139 | |||
140 | static int aead_null_givdecrypt(struct aead_givcrypt_request *req) | ||
141 | { | ||
142 | return crypto_aead_decrypt(&req->areq); | ||
143 | } | ||
144 | |||
145 | static int crypto_init_nivaead_ops(struct crypto_tfm *tfm, u32 type, u32 mask) | ||
146 | { | ||
147 | struct aead_alg *alg = &tfm->__crt_alg->cra_aead; | ||
148 | struct aead_tfm *crt = &tfm->crt_aead; | ||
149 | |||
150 | if (max(alg->maxauthsize, alg->ivsize) > PAGE_SIZE / 8) | ||
151 | return -EINVAL; | ||
152 | |||
153 | crt->setkey = setkey; | ||
154 | crt->encrypt = alg->encrypt; | ||
155 | crt->decrypt = alg->decrypt; | ||
156 | if (!alg->ivsize) { | ||
157 | crt->givencrypt = aead_null_givencrypt; | ||
158 | crt->givdecrypt = aead_null_givdecrypt; | ||
159 | } | ||
160 | crt->base = __crypto_aead_cast(tfm); | ||
161 | crt->ivsize = alg->ivsize; | ||
162 | crt->authsize = alg->maxauthsize; | ||
163 | |||
164 | return 0; | ||
165 | } | ||
166 | |||
167 | static void crypto_nivaead_show(struct seq_file *m, struct crypto_alg *alg) | ||
168 | __attribute__ ((unused)); | ||
169 | static void crypto_nivaead_show(struct seq_file *m, struct crypto_alg *alg) | ||
170 | { | ||
171 | struct aead_alg *aead = &alg->cra_aead; | ||
172 | |||
173 | seq_printf(m, "type : nivaead\n"); | ||
174 | seq_printf(m, "async : %s\n", alg->cra_flags & CRYPTO_ALG_ASYNC ? | ||
175 | "yes" : "no"); | ||
176 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); | ||
177 | seq_printf(m, "ivsize : %u\n", aead->ivsize); | ||
178 | seq_printf(m, "maxauthsize : %u\n", aead->maxauthsize); | ||
179 | seq_printf(m, "geniv : %s\n", aead->geniv); | ||
180 | } | ||
181 | |||
182 | const struct crypto_type crypto_nivaead_type = { | ||
183 | .ctxsize = crypto_aead_ctxsize, | ||
184 | .init = crypto_init_nivaead_ops, | ||
185 | #ifdef CONFIG_PROC_FS | ||
186 | .show = crypto_nivaead_show, | ||
187 | #endif | ||
188 | }; | ||
189 | EXPORT_SYMBOL_GPL(crypto_nivaead_type); | ||
190 | |||
191 | static int crypto_grab_nivaead(struct crypto_aead_spawn *spawn, | ||
192 | const char *name, u32 type, u32 mask) | ||
193 | { | ||
194 | struct crypto_alg *alg; | ||
195 | int err; | ||
196 | |||
197 | type &= ~(CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV); | ||
198 | type |= CRYPTO_ALG_TYPE_AEAD; | ||
199 | mask |= CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV; | ||
200 | |||
201 | alg = crypto_alg_mod_lookup(name, type, mask); | ||
202 | if (IS_ERR(alg)) | ||
203 | return PTR_ERR(alg); | ||
204 | |||
205 | err = crypto_init_spawn(&spawn->base, alg, spawn->base.inst, mask); | ||
206 | crypto_mod_put(alg); | ||
207 | return err; | ||
208 | } | ||
209 | |||
210 | struct crypto_instance *aead_geniv_alloc(struct crypto_template *tmpl, | ||
211 | struct rtattr **tb, u32 type, | ||
212 | u32 mask) | ||
213 | { | ||
214 | const char *name; | ||
215 | struct crypto_aead_spawn *spawn; | ||
216 | struct crypto_attr_type *algt; | ||
217 | struct crypto_instance *inst; | ||
218 | struct crypto_alg *alg; | ||
219 | int err; | ||
220 | |||
221 | algt = crypto_get_attr_type(tb); | ||
222 | err = PTR_ERR(algt); | ||
223 | if (IS_ERR(algt)) | ||
224 | return ERR_PTR(err); | ||
225 | |||
226 | if ((algt->type ^ (CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_GENIV)) & | ||
227 | algt->mask) | ||
228 | return ERR_PTR(-EINVAL); | ||
229 | |||
230 | name = crypto_attr_alg_name(tb[1]); | ||
231 | err = PTR_ERR(name); | ||
232 | if (IS_ERR(name)) | ||
233 | return ERR_PTR(err); | ||
234 | |||
235 | inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); | ||
236 | if (!inst) | ||
237 | return ERR_PTR(-ENOMEM); | ||
238 | |||
239 | spawn = crypto_instance_ctx(inst); | ||
240 | |||
241 | /* Ignore async algorithms if necessary. */ | ||
242 | mask |= crypto_requires_sync(algt->type, algt->mask); | ||
243 | |||
244 | crypto_set_aead_spawn(spawn, inst); | ||
245 | err = crypto_grab_nivaead(spawn, name, type, mask); | ||
246 | if (err) | ||
247 | goto err_free_inst; | ||
248 | |||
249 | alg = crypto_aead_spawn_alg(spawn); | ||
250 | |||
251 | err = -EINVAL; | ||
252 | if (!alg->cra_aead.ivsize) | ||
253 | goto err_drop_alg; | ||
254 | |||
255 | /* | ||
256 | * This is only true if we're constructing an algorithm with its | ||
257 | * default IV generator. For the default generator we elide the | ||
258 | * template name and double-check the IV generator. | ||
259 | */ | ||
260 | if (algt->mask & CRYPTO_ALG_GENIV) { | ||
261 | if (strcmp(tmpl->name, alg->cra_aead.geniv)) | ||
262 | goto err_drop_alg; | ||
263 | |||
264 | memcpy(inst->alg.cra_name, alg->cra_name, CRYPTO_MAX_ALG_NAME); | ||
265 | memcpy(inst->alg.cra_driver_name, alg->cra_driver_name, | ||
266 | CRYPTO_MAX_ALG_NAME); | ||
267 | } else { | ||
268 | err = -ENAMETOOLONG; | ||
269 | if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, | ||
270 | "%s(%s)", tmpl->name, alg->cra_name) >= | ||
271 | CRYPTO_MAX_ALG_NAME) | ||
272 | goto err_drop_alg; | ||
273 | if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | ||
274 | "%s(%s)", tmpl->name, alg->cra_driver_name) >= | ||
275 | CRYPTO_MAX_ALG_NAME) | ||
276 | goto err_drop_alg; | ||
277 | } | ||
278 | |||
279 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_GENIV; | ||
280 | inst->alg.cra_flags |= alg->cra_flags & CRYPTO_ALG_ASYNC; | ||
281 | inst->alg.cra_priority = alg->cra_priority; | ||
282 | inst->alg.cra_blocksize = alg->cra_blocksize; | ||
283 | inst->alg.cra_alignmask = alg->cra_alignmask; | ||
284 | inst->alg.cra_type = &crypto_aead_type; | ||
285 | |||
286 | inst->alg.cra_aead.ivsize = alg->cra_aead.ivsize; | ||
287 | inst->alg.cra_aead.maxauthsize = alg->cra_aead.maxauthsize; | ||
288 | inst->alg.cra_aead.geniv = alg->cra_aead.geniv; | ||
289 | |||
290 | inst->alg.cra_aead.setkey = alg->cra_aead.setkey; | ||
291 | inst->alg.cra_aead.setauthsize = alg->cra_aead.setauthsize; | ||
292 | inst->alg.cra_aead.encrypt = alg->cra_aead.encrypt; | ||
293 | inst->alg.cra_aead.decrypt = alg->cra_aead.decrypt; | ||
294 | |||
295 | out: | ||
296 | return inst; | ||
297 | |||
298 | err_drop_alg: | ||
299 | crypto_drop_aead(spawn); | ||
300 | err_free_inst: | ||
301 | kfree(inst); | ||
302 | inst = ERR_PTR(err); | ||
303 | goto out; | ||
304 | } | ||
305 | EXPORT_SYMBOL_GPL(aead_geniv_alloc); | ||
306 | |||
307 | void aead_geniv_free(struct crypto_instance *inst) | ||
308 | { | ||
309 | crypto_drop_aead(crypto_instance_ctx(inst)); | ||
310 | kfree(inst); | ||
311 | } | ||
312 | EXPORT_SYMBOL_GPL(aead_geniv_free); | ||
313 | |||
314 | int aead_geniv_init(struct crypto_tfm *tfm) | ||
315 | { | ||
316 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | ||
317 | struct crypto_aead *aead; | ||
318 | |||
319 | aead = crypto_spawn_aead(crypto_instance_ctx(inst)); | ||
320 | if (IS_ERR(aead)) | ||
321 | return PTR_ERR(aead); | ||
322 | |||
323 | tfm->crt_aead.base = aead; | ||
324 | tfm->crt_aead.reqsize += crypto_aead_reqsize(aead); | ||
325 | |||
326 | return 0; | ||
327 | } | ||
328 | EXPORT_SYMBOL_GPL(aead_geniv_init); | ||
329 | |||
330 | void aead_geniv_exit(struct crypto_tfm *tfm) | ||
331 | { | ||
332 | crypto_free_aead(tfm->crt_aead.base); | ||
333 | } | ||
334 | EXPORT_SYMBOL_GPL(aead_geniv_exit); | ||
335 | |||
336 | static int crypto_nivaead_default(struct crypto_alg *alg, u32 type, u32 mask) | ||
337 | { | ||
338 | struct rtattr *tb[3]; | ||
339 | struct { | ||
340 | struct rtattr attr; | ||
341 | struct crypto_attr_type data; | ||
342 | } ptype; | ||
343 | struct { | ||
344 | struct rtattr attr; | ||
345 | struct crypto_attr_alg data; | ||
346 | } palg; | ||
347 | struct crypto_template *tmpl; | ||
348 | struct crypto_instance *inst; | ||
349 | struct crypto_alg *larval; | ||
350 | const char *geniv; | ||
351 | int err; | ||
352 | |||
353 | larval = crypto_larval_lookup(alg->cra_driver_name, | ||
354 | CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_GENIV, | ||
355 | CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV); | ||
356 | err = PTR_ERR(larval); | ||
357 | if (IS_ERR(larval)) | ||
358 | goto out; | ||
359 | |||
360 | err = -EAGAIN; | ||
361 | if (!crypto_is_larval(larval)) | ||
362 | goto drop_larval; | ||
363 | |||
364 | ptype.attr.rta_len = sizeof(ptype); | ||
365 | ptype.attr.rta_type = CRYPTOA_TYPE; | ||
366 | ptype.data.type = type | CRYPTO_ALG_GENIV; | ||
367 | /* GENIV tells the template that we're making a default geniv. */ | ||
368 | ptype.data.mask = mask | CRYPTO_ALG_GENIV; | ||
369 | tb[0] = &ptype.attr; | ||
370 | |||
371 | palg.attr.rta_len = sizeof(palg); | ||
372 | palg.attr.rta_type = CRYPTOA_ALG; | ||
373 | /* Must use the exact name to locate ourselves. */ | ||
374 | memcpy(palg.data.name, alg->cra_driver_name, CRYPTO_MAX_ALG_NAME); | ||
375 | tb[1] = &palg.attr; | ||
376 | |||
377 | tb[2] = NULL; | ||
378 | |||
379 | geniv = alg->cra_aead.geniv; | ||
380 | |||
381 | tmpl = crypto_lookup_template(geniv); | ||
382 | err = -ENOENT; | ||
383 | if (!tmpl) | ||
384 | goto kill_larval; | ||
385 | |||
386 | inst = tmpl->alloc(tb); | ||
387 | err = PTR_ERR(inst); | ||
388 | if (IS_ERR(inst)) | ||
389 | goto put_tmpl; | ||
390 | |||
391 | if ((err = crypto_register_instance(tmpl, inst))) { | ||
392 | tmpl->free(inst); | ||
393 | goto put_tmpl; | ||
394 | } | ||
395 | |||
396 | /* Redo the lookup to use the instance we just registered. */ | ||
397 | err = -EAGAIN; | ||
398 | |||
399 | put_tmpl: | ||
400 | crypto_tmpl_put(tmpl); | ||
401 | kill_larval: | ||
402 | crypto_larval_kill(larval); | ||
403 | drop_larval: | ||
404 | crypto_mod_put(larval); | ||
405 | out: | ||
406 | crypto_mod_put(alg); | ||
407 | return err; | ||
408 | } | ||
409 | |||
410 | static struct crypto_alg *crypto_lookup_aead(const char *name, u32 type, | ||
411 | u32 mask) | ||
412 | { | ||
413 | struct crypto_alg *alg; | ||
414 | |||
415 | alg = crypto_alg_mod_lookup(name, type, mask); | ||
416 | if (IS_ERR(alg)) | ||
417 | return alg; | ||
418 | |||
419 | if (alg->cra_type == &crypto_aead_type) | ||
420 | return alg; | ||
421 | |||
422 | if (!alg->cra_aead.ivsize) | ||
423 | return alg; | ||
424 | |||
425 | return ERR_PTR(crypto_nivaead_default(alg, type, mask)); | ||
426 | } | ||
427 | |||
428 | int crypto_grab_aead(struct crypto_aead_spawn *spawn, const char *name, | ||
429 | u32 type, u32 mask) | ||
430 | { | ||
431 | struct crypto_alg *alg; | ||
432 | int err; | ||
433 | |||
434 | type &= ~(CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV); | ||
435 | type |= CRYPTO_ALG_TYPE_AEAD; | ||
436 | mask &= ~(CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV); | ||
437 | mask |= CRYPTO_ALG_TYPE_MASK; | ||
438 | |||
439 | alg = crypto_lookup_aead(name, type, mask); | ||
440 | if (IS_ERR(alg)) | ||
441 | return PTR_ERR(alg); | ||
442 | |||
443 | err = crypto_init_spawn(&spawn->base, alg, spawn->base.inst, mask); | ||
444 | crypto_mod_put(alg); | ||
445 | return err; | ||
446 | } | ||
447 | EXPORT_SYMBOL_GPL(crypto_grab_aead); | ||
448 | |||
449 | struct crypto_aead *crypto_alloc_aead(const char *alg_name, u32 type, u32 mask) | ||
450 | { | ||
451 | struct crypto_tfm *tfm; | ||
452 | int err; | ||
453 | |||
454 | type &= ~(CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV); | ||
455 | type |= CRYPTO_ALG_TYPE_AEAD; | ||
456 | mask &= ~(CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV); | ||
457 | mask |= CRYPTO_ALG_TYPE_MASK; | ||
458 | |||
459 | for (;;) { | ||
460 | struct crypto_alg *alg; | ||
461 | |||
462 | alg = crypto_lookup_aead(alg_name, type, mask); | ||
463 | if (IS_ERR(alg)) { | ||
464 | err = PTR_ERR(alg); | ||
465 | goto err; | ||
466 | } | ||
467 | |||
468 | tfm = __crypto_alloc_tfm(alg, type, mask); | ||
469 | if (!IS_ERR(tfm)) | ||
470 | return __crypto_aead_cast(tfm); | ||
471 | |||
472 | crypto_mod_put(alg); | ||
473 | err = PTR_ERR(tfm); | ||
474 | |||
475 | err: | ||
476 | if (err != -EAGAIN) | ||
477 | break; | ||
478 | if (signal_pending(current)) { | ||
479 | err = -EINTR; | ||
480 | break; | ||
481 | } | ||
482 | } | ||
483 | |||
484 | return ERR_PTR(err); | ||
485 | } | ||
486 | EXPORT_SYMBOL_GPL(crypto_alloc_aead); | ||
487 | |||
100 | MODULE_LICENSE("GPL"); | 488 | MODULE_LICENSE("GPL"); |
101 | MODULE_DESCRIPTION("Authenticated Encryption with Associated Data (AEAD)"); | 489 | MODULE_DESCRIPTION("Authenticated Encryption with Associated Data (AEAD)"); |
diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c index 9401dca85e87..cf30af74480f 100644 --- a/crypto/aes_generic.c +++ b/crypto/aes_generic.c | |||
@@ -47,11 +47,7 @@ | |||
47 | * --------------------------------------------------------------------------- | 47 | * --------------------------------------------------------------------------- |
48 | */ | 48 | */ |
49 | 49 | ||
50 | /* Some changes from the Gladman version: | 50 | #include <crypto/aes.h> |
51 | s/RIJNDAEL(e_key)/E_KEY/g | ||
52 | s/RIJNDAEL(d_key)/D_KEY/g | ||
53 | */ | ||
54 | |||
55 | #include <linux/module.h> | 51 | #include <linux/module.h> |
56 | #include <linux/init.h> | 52 | #include <linux/init.h> |
57 | #include <linux/types.h> | 53 | #include <linux/types.h> |
@@ -59,88 +55,46 @@ | |||
59 | #include <linux/crypto.h> | 55 | #include <linux/crypto.h> |
60 | #include <asm/byteorder.h> | 56 | #include <asm/byteorder.h> |
61 | 57 | ||
62 | #define AES_MIN_KEY_SIZE 16 | 58 | static inline u8 byte(const u32 x, const unsigned n) |
63 | #define AES_MAX_KEY_SIZE 32 | ||
64 | |||
65 | #define AES_BLOCK_SIZE 16 | ||
66 | |||
67 | /* | ||
68 | * #define byte(x, nr) ((unsigned char)((x) >> (nr*8))) | ||
69 | */ | ||
70 | static inline u8 | ||
71 | byte(const u32 x, const unsigned n) | ||
72 | { | 59 | { |
73 | return x >> (n << 3); | 60 | return x >> (n << 3); |
74 | } | 61 | } |
75 | 62 | ||
76 | struct aes_ctx { | ||
77 | int key_length; | ||
78 | u32 buf[120]; | ||
79 | }; | ||
80 | |||
81 | #define E_KEY (&ctx->buf[0]) | ||
82 | #define D_KEY (&ctx->buf[60]) | ||
83 | |||
84 | static u8 pow_tab[256] __initdata; | 63 | static u8 pow_tab[256] __initdata; |
85 | static u8 log_tab[256] __initdata; | 64 | static u8 log_tab[256] __initdata; |
86 | static u8 sbx_tab[256] __initdata; | 65 | static u8 sbx_tab[256] __initdata; |
87 | static u8 isb_tab[256] __initdata; | 66 | static u8 isb_tab[256] __initdata; |
88 | static u32 rco_tab[10]; | 67 | static u32 rco_tab[10]; |
89 | static u32 ft_tab[4][256]; | ||
90 | static u32 it_tab[4][256]; | ||
91 | 68 | ||
92 | static u32 fl_tab[4][256]; | 69 | u32 crypto_ft_tab[4][256]; |
93 | static u32 il_tab[4][256]; | 70 | u32 crypto_fl_tab[4][256]; |
71 | u32 crypto_it_tab[4][256]; | ||
72 | u32 crypto_il_tab[4][256]; | ||
94 | 73 | ||
95 | static inline u8 __init | 74 | EXPORT_SYMBOL_GPL(crypto_ft_tab); |
96 | f_mult (u8 a, u8 b) | 75 | EXPORT_SYMBOL_GPL(crypto_fl_tab); |
76 | EXPORT_SYMBOL_GPL(crypto_it_tab); | ||
77 | EXPORT_SYMBOL_GPL(crypto_il_tab); | ||
78 | |||
79 | static inline u8 __init f_mult(u8 a, u8 b) | ||
97 | { | 80 | { |
98 | u8 aa = log_tab[a], cc = aa + log_tab[b]; | 81 | u8 aa = log_tab[a], cc = aa + log_tab[b]; |
99 | 82 | ||
100 | return pow_tab[cc + (cc < aa ? 1 : 0)]; | 83 | return pow_tab[cc + (cc < aa ? 1 : 0)]; |
101 | } | 84 | } |
102 | 85 | ||
103 | #define ff_mult(a,b) (a && b ? f_mult(a, b) : 0) | 86 | #define ff_mult(a, b) (a && b ? f_mult(a, b) : 0) |
104 | 87 | ||
105 | #define f_rn(bo, bi, n, k) \ | 88 | static void __init gen_tabs(void) |
106 | bo[n] = ft_tab[0][byte(bi[n],0)] ^ \ | ||
107 | ft_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ | ||
108 | ft_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | ||
109 | ft_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) | ||
110 | |||
111 | #define i_rn(bo, bi, n, k) \ | ||
112 | bo[n] = it_tab[0][byte(bi[n],0)] ^ \ | ||
113 | it_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ | ||
114 | it_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | ||
115 | it_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) | ||
116 | |||
117 | #define ls_box(x) \ | ||
118 | ( fl_tab[0][byte(x, 0)] ^ \ | ||
119 | fl_tab[1][byte(x, 1)] ^ \ | ||
120 | fl_tab[2][byte(x, 2)] ^ \ | ||
121 | fl_tab[3][byte(x, 3)] ) | ||
122 | |||
123 | #define f_rl(bo, bi, n, k) \ | ||
124 | bo[n] = fl_tab[0][byte(bi[n],0)] ^ \ | ||
125 | fl_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ | ||
126 | fl_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | ||
127 | fl_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) | ||
128 | |||
129 | #define i_rl(bo, bi, n, k) \ | ||
130 | bo[n] = il_tab[0][byte(bi[n],0)] ^ \ | ||
131 | il_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ | ||
132 | il_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ | ||
133 | il_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) | ||
134 | |||
135 | static void __init | ||
136 | gen_tabs (void) | ||
137 | { | 89 | { |
138 | u32 i, t; | 90 | u32 i, t; |
139 | u8 p, q; | 91 | u8 p, q; |
140 | 92 | ||
141 | /* log and power tables for GF(2**8) finite field with | 93 | /* |
142 | 0x011b as modular polynomial - the simplest primitive | 94 | * log and power tables for GF(2**8) finite field with |
143 | root is 0x03, used here to generate the tables */ | 95 | * 0x011b as modular polynomial - the simplest primitive |
96 | * root is 0x03, used here to generate the tables | ||
97 | */ | ||
144 | 98 | ||
145 | for (i = 0, p = 1; i < 256; ++i) { | 99 | for (i = 0, p = 1; i < 256; ++i) { |
146 | pow_tab[i] = (u8) p; | 100 | pow_tab[i] = (u8) p; |
@@ -169,92 +123,119 @@ gen_tabs (void) | |||
169 | p = sbx_tab[i]; | 123 | p = sbx_tab[i]; |
170 | 124 | ||
171 | t = p; | 125 | t = p; |
172 | fl_tab[0][i] = t; | 126 | crypto_fl_tab[0][i] = t; |
173 | fl_tab[1][i] = rol32(t, 8); | 127 | crypto_fl_tab[1][i] = rol32(t, 8); |
174 | fl_tab[2][i] = rol32(t, 16); | 128 | crypto_fl_tab[2][i] = rol32(t, 16); |
175 | fl_tab[3][i] = rol32(t, 24); | 129 | crypto_fl_tab[3][i] = rol32(t, 24); |
176 | 130 | ||
177 | t = ((u32) ff_mult (2, p)) | | 131 | t = ((u32) ff_mult(2, p)) | |
178 | ((u32) p << 8) | | 132 | ((u32) p << 8) | |
179 | ((u32) p << 16) | ((u32) ff_mult (3, p) << 24); | 133 | ((u32) p << 16) | ((u32) ff_mult(3, p) << 24); |
180 | 134 | ||
181 | ft_tab[0][i] = t; | 135 | crypto_ft_tab[0][i] = t; |
182 | ft_tab[1][i] = rol32(t, 8); | 136 | crypto_ft_tab[1][i] = rol32(t, 8); |
183 | ft_tab[2][i] = rol32(t, 16); | 137 | crypto_ft_tab[2][i] = rol32(t, 16); |
184 | ft_tab[3][i] = rol32(t, 24); | 138 | crypto_ft_tab[3][i] = rol32(t, 24); |
185 | 139 | ||
186 | p = isb_tab[i]; | 140 | p = isb_tab[i]; |
187 | 141 | ||
188 | t = p; | 142 | t = p; |
189 | il_tab[0][i] = t; | 143 | crypto_il_tab[0][i] = t; |
190 | il_tab[1][i] = rol32(t, 8); | 144 | crypto_il_tab[1][i] = rol32(t, 8); |
191 | il_tab[2][i] = rol32(t, 16); | 145 | crypto_il_tab[2][i] = rol32(t, 16); |
192 | il_tab[3][i] = rol32(t, 24); | 146 | crypto_il_tab[3][i] = rol32(t, 24); |
193 | 147 | ||
194 | t = ((u32) ff_mult (14, p)) | | 148 | t = ((u32) ff_mult(14, p)) | |
195 | ((u32) ff_mult (9, p) << 8) | | 149 | ((u32) ff_mult(9, p) << 8) | |
196 | ((u32) ff_mult (13, p) << 16) | | 150 | ((u32) ff_mult(13, p) << 16) | |
197 | ((u32) ff_mult (11, p) << 24); | 151 | ((u32) ff_mult(11, p) << 24); |
198 | 152 | ||
199 | it_tab[0][i] = t; | 153 | crypto_it_tab[0][i] = t; |
200 | it_tab[1][i] = rol32(t, 8); | 154 | crypto_it_tab[1][i] = rol32(t, 8); |
201 | it_tab[2][i] = rol32(t, 16); | 155 | crypto_it_tab[2][i] = rol32(t, 16); |
202 | it_tab[3][i] = rol32(t, 24); | 156 | crypto_it_tab[3][i] = rol32(t, 24); |
203 | } | 157 | } |
204 | } | 158 | } |
205 | 159 | ||
206 | #define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b) | ||
207 | |||
208 | #define imix_col(y,x) \ | ||
209 | u = star_x(x); \ | ||
210 | v = star_x(u); \ | ||
211 | w = star_x(v); \ | ||
212 | t = w ^ (x); \ | ||
213 | (y) = u ^ v ^ w; \ | ||
214 | (y) ^= ror32(u ^ t, 8) ^ \ | ||
215 | ror32(v ^ t, 16) ^ \ | ||
216 | ror32(t,24) | ||
217 | |||
218 | /* initialise the key schedule from the user supplied key */ | 160 | /* initialise the key schedule from the user supplied key */ |
219 | 161 | ||
220 | #define loop4(i) \ | 162 | #define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b) |
221 | { t = ror32(t, 8); t = ls_box(t) ^ rco_tab[i]; \ | ||
222 | t ^= E_KEY[4 * i]; E_KEY[4 * i + 4] = t; \ | ||
223 | t ^= E_KEY[4 * i + 1]; E_KEY[4 * i + 5] = t; \ | ||
224 | t ^= E_KEY[4 * i + 2]; E_KEY[4 * i + 6] = t; \ | ||
225 | t ^= E_KEY[4 * i + 3]; E_KEY[4 * i + 7] = t; \ | ||
226 | } | ||
227 | |||
228 | #define loop6(i) \ | ||
229 | { t = ror32(t, 8); t = ls_box(t) ^ rco_tab[i]; \ | ||
230 | t ^= E_KEY[6 * i]; E_KEY[6 * i + 6] = t; \ | ||
231 | t ^= E_KEY[6 * i + 1]; E_KEY[6 * i + 7] = t; \ | ||
232 | t ^= E_KEY[6 * i + 2]; E_KEY[6 * i + 8] = t; \ | ||
233 | t ^= E_KEY[6 * i + 3]; E_KEY[6 * i + 9] = t; \ | ||
234 | t ^= E_KEY[6 * i + 4]; E_KEY[6 * i + 10] = t; \ | ||
235 | t ^= E_KEY[6 * i + 5]; E_KEY[6 * i + 11] = t; \ | ||
236 | } | ||
237 | |||
238 | #define loop8(i) \ | ||
239 | { t = ror32(t, 8); ; t = ls_box(t) ^ rco_tab[i]; \ | ||
240 | t ^= E_KEY[8 * i]; E_KEY[8 * i + 8] = t; \ | ||
241 | t ^= E_KEY[8 * i + 1]; E_KEY[8 * i + 9] = t; \ | ||
242 | t ^= E_KEY[8 * i + 2]; E_KEY[8 * i + 10] = t; \ | ||
243 | t ^= E_KEY[8 * i + 3]; E_KEY[8 * i + 11] = t; \ | ||
244 | t = E_KEY[8 * i + 4] ^ ls_box(t); \ | ||
245 | E_KEY[8 * i + 12] = t; \ | ||
246 | t ^= E_KEY[8 * i + 5]; E_KEY[8 * i + 13] = t; \ | ||
247 | t ^= E_KEY[8 * i + 6]; E_KEY[8 * i + 14] = t; \ | ||
248 | t ^= E_KEY[8 * i + 7]; E_KEY[8 * i + 15] = t; \ | ||
249 | } | ||
250 | 163 | ||
251 | static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | 164 | #define imix_col(y,x) do { \ |
252 | unsigned int key_len) | 165 | u = star_x(x); \ |
166 | v = star_x(u); \ | ||
167 | w = star_x(v); \ | ||
168 | t = w ^ (x); \ | ||
169 | (y) = u ^ v ^ w; \ | ||
170 | (y) ^= ror32(u ^ t, 8) ^ \ | ||
171 | ror32(v ^ t, 16) ^ \ | ||
172 | ror32(t, 24); \ | ||
173 | } while (0) | ||
174 | |||
175 | #define ls_box(x) \ | ||
176 | crypto_fl_tab[0][byte(x, 0)] ^ \ | ||
177 | crypto_fl_tab[1][byte(x, 1)] ^ \ | ||
178 | crypto_fl_tab[2][byte(x, 2)] ^ \ | ||
179 | crypto_fl_tab[3][byte(x, 3)] | ||
180 | |||
181 | #define loop4(i) do { \ | ||
182 | t = ror32(t, 8); \ | ||
183 | t = ls_box(t) ^ rco_tab[i]; \ | ||
184 | t ^= ctx->key_enc[4 * i]; \ | ||
185 | ctx->key_enc[4 * i + 4] = t; \ | ||
186 | t ^= ctx->key_enc[4 * i + 1]; \ | ||
187 | ctx->key_enc[4 * i + 5] = t; \ | ||
188 | t ^= ctx->key_enc[4 * i + 2]; \ | ||
189 | ctx->key_enc[4 * i + 6] = t; \ | ||
190 | t ^= ctx->key_enc[4 * i + 3]; \ | ||
191 | ctx->key_enc[4 * i + 7] = t; \ | ||
192 | } while (0) | ||
193 | |||
194 | #define loop6(i) do { \ | ||
195 | t = ror32(t, 8); \ | ||
196 | t = ls_box(t) ^ rco_tab[i]; \ | ||
197 | t ^= ctx->key_enc[6 * i]; \ | ||
198 | ctx->key_enc[6 * i + 6] = t; \ | ||
199 | t ^= ctx->key_enc[6 * i + 1]; \ | ||
200 | ctx->key_enc[6 * i + 7] = t; \ | ||
201 | t ^= ctx->key_enc[6 * i + 2]; \ | ||
202 | ctx->key_enc[6 * i + 8] = t; \ | ||
203 | t ^= ctx->key_enc[6 * i + 3]; \ | ||
204 | ctx->key_enc[6 * i + 9] = t; \ | ||
205 | t ^= ctx->key_enc[6 * i + 4]; \ | ||
206 | ctx->key_enc[6 * i + 10] = t; \ | ||
207 | t ^= ctx->key_enc[6 * i + 5]; \ | ||
208 | ctx->key_enc[6 * i + 11] = t; \ | ||
209 | } while (0) | ||
210 | |||
211 | #define loop8(i) do { \ | ||
212 | t = ror32(t, 8); \ | ||
213 | t = ls_box(t) ^ rco_tab[i]; \ | ||
214 | t ^= ctx->key_enc[8 * i]; \ | ||
215 | ctx->key_enc[8 * i + 8] = t; \ | ||
216 | t ^= ctx->key_enc[8 * i + 1]; \ | ||
217 | ctx->key_enc[8 * i + 9] = t; \ | ||
218 | t ^= ctx->key_enc[8 * i + 2]; \ | ||
219 | ctx->key_enc[8 * i + 10] = t; \ | ||
220 | t ^= ctx->key_enc[8 * i + 3]; \ | ||
221 | ctx->key_enc[8 * i + 11] = t; \ | ||
222 | t = ctx->key_enc[8 * i + 4] ^ ls_box(t); \ | ||
223 | ctx->key_enc[8 * i + 12] = t; \ | ||
224 | t ^= ctx->key_enc[8 * i + 5]; \ | ||
225 | ctx->key_enc[8 * i + 13] = t; \ | ||
226 | t ^= ctx->key_enc[8 * i + 6]; \ | ||
227 | ctx->key_enc[8 * i + 14] = t; \ | ||
228 | t ^= ctx->key_enc[8 * i + 7]; \ | ||
229 | ctx->key_enc[8 * i + 15] = t; \ | ||
230 | } while (0) | ||
231 | |||
232 | int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | ||
233 | unsigned int key_len) | ||
253 | { | 234 | { |
254 | struct aes_ctx *ctx = crypto_tfm_ctx(tfm); | 235 | struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm); |
255 | const __le32 *key = (const __le32 *)in_key; | 236 | const __le32 *key = (const __le32 *)in_key; |
256 | u32 *flags = &tfm->crt_flags; | 237 | u32 *flags = &tfm->crt_flags; |
257 | u32 i, t, u, v, w; | 238 | u32 i, t, u, v, w, j; |
258 | 239 | ||
259 | if (key_len % 8) { | 240 | if (key_len % 8) { |
260 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; | 241 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; |
@@ -263,95 +244,113 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
263 | 244 | ||
264 | ctx->key_length = key_len; | 245 | ctx->key_length = key_len; |
265 | 246 | ||
266 | E_KEY[0] = le32_to_cpu(key[0]); | 247 | ctx->key_dec[key_len + 24] = ctx->key_enc[0] = le32_to_cpu(key[0]); |
267 | E_KEY[1] = le32_to_cpu(key[1]); | 248 | ctx->key_dec[key_len + 25] = ctx->key_enc[1] = le32_to_cpu(key[1]); |
268 | E_KEY[2] = le32_to_cpu(key[2]); | 249 | ctx->key_dec[key_len + 26] = ctx->key_enc[2] = le32_to_cpu(key[2]); |
269 | E_KEY[3] = le32_to_cpu(key[3]); | 250 | ctx->key_dec[key_len + 27] = ctx->key_enc[3] = le32_to_cpu(key[3]); |
270 | 251 | ||
271 | switch (key_len) { | 252 | switch (key_len) { |
272 | case 16: | 253 | case 16: |
273 | t = E_KEY[3]; | 254 | t = ctx->key_enc[3]; |
274 | for (i = 0; i < 10; ++i) | 255 | for (i = 0; i < 10; ++i) |
275 | loop4 (i); | 256 | loop4(i); |
276 | break; | 257 | break; |
277 | 258 | ||
278 | case 24: | 259 | case 24: |
279 | E_KEY[4] = le32_to_cpu(key[4]); | 260 | ctx->key_enc[4] = le32_to_cpu(key[4]); |
280 | t = E_KEY[5] = le32_to_cpu(key[5]); | 261 | t = ctx->key_enc[5] = le32_to_cpu(key[5]); |
281 | for (i = 0; i < 8; ++i) | 262 | for (i = 0; i < 8; ++i) |
282 | loop6 (i); | 263 | loop6(i); |
283 | break; | 264 | break; |
284 | 265 | ||
285 | case 32: | 266 | case 32: |
286 | E_KEY[4] = le32_to_cpu(key[4]); | 267 | ctx->key_enc[4] = le32_to_cpu(key[4]); |
287 | E_KEY[5] = le32_to_cpu(key[5]); | 268 | ctx->key_enc[5] = le32_to_cpu(key[5]); |
288 | E_KEY[6] = le32_to_cpu(key[6]); | 269 | ctx->key_enc[6] = le32_to_cpu(key[6]); |
289 | t = E_KEY[7] = le32_to_cpu(key[7]); | 270 | t = ctx->key_enc[7] = le32_to_cpu(key[7]); |
290 | for (i = 0; i < 7; ++i) | 271 | for (i = 0; i < 7; ++i) |
291 | loop8 (i); | 272 | loop8(i); |
292 | break; | 273 | break; |
293 | } | 274 | } |
294 | 275 | ||
295 | D_KEY[0] = E_KEY[0]; | 276 | ctx->key_dec[0] = ctx->key_enc[key_len + 24]; |
296 | D_KEY[1] = E_KEY[1]; | 277 | ctx->key_dec[1] = ctx->key_enc[key_len + 25]; |
297 | D_KEY[2] = E_KEY[2]; | 278 | ctx->key_dec[2] = ctx->key_enc[key_len + 26]; |
298 | D_KEY[3] = E_KEY[3]; | 279 | ctx->key_dec[3] = ctx->key_enc[key_len + 27]; |
299 | 280 | ||
300 | for (i = 4; i < key_len + 24; ++i) { | 281 | for (i = 4; i < key_len + 24; ++i) { |
301 | imix_col (D_KEY[i], E_KEY[i]); | 282 | j = key_len + 24 - (i & ~3) + (i & 3); |
283 | imix_col(ctx->key_dec[j], ctx->key_enc[i]); | ||
302 | } | 284 | } |
303 | |||
304 | return 0; | 285 | return 0; |
305 | } | 286 | } |
287 | EXPORT_SYMBOL_GPL(crypto_aes_set_key); | ||
306 | 288 | ||
307 | /* encrypt a block of text */ | 289 | /* encrypt a block of text */ |
308 | 290 | ||
309 | #define f_nround(bo, bi, k) \ | 291 | #define f_rn(bo, bi, n, k) do { \ |
310 | f_rn(bo, bi, 0, k); \ | 292 | bo[n] = crypto_ft_tab[0][byte(bi[n], 0)] ^ \ |
311 | f_rn(bo, bi, 1, k); \ | 293 | crypto_ft_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \ |
312 | f_rn(bo, bi, 2, k); \ | 294 | crypto_ft_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ |
313 | f_rn(bo, bi, 3, k); \ | 295 | crypto_ft_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \ |
314 | k += 4 | 296 | } while (0) |
315 | 297 | ||
316 | #define f_lround(bo, bi, k) \ | 298 | #define f_nround(bo, bi, k) do {\ |
317 | f_rl(bo, bi, 0, k); \ | 299 | f_rn(bo, bi, 0, k); \ |
318 | f_rl(bo, bi, 1, k); \ | 300 | f_rn(bo, bi, 1, k); \ |
319 | f_rl(bo, bi, 2, k); \ | 301 | f_rn(bo, bi, 2, k); \ |
320 | f_rl(bo, bi, 3, k) | 302 | f_rn(bo, bi, 3, k); \ |
303 | k += 4; \ | ||
304 | } while (0) | ||
305 | |||
306 | #define f_rl(bo, bi, n, k) do { \ | ||
307 | bo[n] = crypto_fl_tab[0][byte(bi[n], 0)] ^ \ | ||
308 | crypto_fl_tab[1][byte(bi[(n + 1) & 3], 1)] ^ \ | ||
309 | crypto_fl_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ | ||
310 | crypto_fl_tab[3][byte(bi[(n + 3) & 3], 3)] ^ *(k + n); \ | ||
311 | } while (0) | ||
312 | |||
313 | #define f_lround(bo, bi, k) do {\ | ||
314 | f_rl(bo, bi, 0, k); \ | ||
315 | f_rl(bo, bi, 1, k); \ | ||
316 | f_rl(bo, bi, 2, k); \ | ||
317 | f_rl(bo, bi, 3, k); \ | ||
318 | } while (0) | ||
321 | 319 | ||
322 | static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 320 | static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
323 | { | 321 | { |
324 | const struct aes_ctx *ctx = crypto_tfm_ctx(tfm); | 322 | const struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm); |
325 | const __le32 *src = (const __le32 *)in; | 323 | const __le32 *src = (const __le32 *)in; |
326 | __le32 *dst = (__le32 *)out; | 324 | __le32 *dst = (__le32 *)out; |
327 | u32 b0[4], b1[4]; | 325 | u32 b0[4], b1[4]; |
328 | const u32 *kp = E_KEY + 4; | 326 | const u32 *kp = ctx->key_enc + 4; |
327 | const int key_len = ctx->key_length; | ||
329 | 328 | ||
330 | b0[0] = le32_to_cpu(src[0]) ^ E_KEY[0]; | 329 | b0[0] = le32_to_cpu(src[0]) ^ ctx->key_enc[0]; |
331 | b0[1] = le32_to_cpu(src[1]) ^ E_KEY[1]; | 330 | b0[1] = le32_to_cpu(src[1]) ^ ctx->key_enc[1]; |
332 | b0[2] = le32_to_cpu(src[2]) ^ E_KEY[2]; | 331 | b0[2] = le32_to_cpu(src[2]) ^ ctx->key_enc[2]; |
333 | b0[3] = le32_to_cpu(src[3]) ^ E_KEY[3]; | 332 | b0[3] = le32_to_cpu(src[3]) ^ ctx->key_enc[3]; |
334 | 333 | ||
335 | if (ctx->key_length > 24) { | 334 | if (key_len > 24) { |
336 | f_nround (b1, b0, kp); | 335 | f_nround(b1, b0, kp); |
337 | f_nround (b0, b1, kp); | 336 | f_nround(b0, b1, kp); |
338 | } | 337 | } |
339 | 338 | ||
340 | if (ctx->key_length > 16) { | 339 | if (key_len > 16) { |
341 | f_nround (b1, b0, kp); | 340 | f_nround(b1, b0, kp); |
342 | f_nround (b0, b1, kp); | 341 | f_nround(b0, b1, kp); |
343 | } | 342 | } |
344 | 343 | ||
345 | f_nround (b1, b0, kp); | 344 | f_nround(b1, b0, kp); |
346 | f_nround (b0, b1, kp); | 345 | f_nround(b0, b1, kp); |
347 | f_nround (b1, b0, kp); | 346 | f_nround(b1, b0, kp); |
348 | f_nround (b0, b1, kp); | 347 | f_nround(b0, b1, kp); |
349 | f_nround (b1, b0, kp); | 348 | f_nround(b1, b0, kp); |
350 | f_nround (b0, b1, kp); | 349 | f_nround(b0, b1, kp); |
351 | f_nround (b1, b0, kp); | 350 | f_nround(b1, b0, kp); |
352 | f_nround (b0, b1, kp); | 351 | f_nround(b0, b1, kp); |
353 | f_nround (b1, b0, kp); | 352 | f_nround(b1, b0, kp); |
354 | f_lround (b0, b1, kp); | 353 | f_lround(b0, b1, kp); |
355 | 354 | ||
356 | dst[0] = cpu_to_le32(b0[0]); | 355 | dst[0] = cpu_to_le32(b0[0]); |
357 | dst[1] = cpu_to_le32(b0[1]); | 356 | dst[1] = cpu_to_le32(b0[1]); |
@@ -361,53 +360,69 @@ static void aes_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | |||
361 | 360 | ||
362 | /* decrypt a block of text */ | 361 | /* decrypt a block of text */ |
363 | 362 | ||
364 | #define i_nround(bo, bi, k) \ | 363 | #define i_rn(bo, bi, n, k) do { \ |
365 | i_rn(bo, bi, 0, k); \ | 364 | bo[n] = crypto_it_tab[0][byte(bi[n], 0)] ^ \ |
366 | i_rn(bo, bi, 1, k); \ | 365 | crypto_it_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \ |
367 | i_rn(bo, bi, 2, k); \ | 366 | crypto_it_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ |
368 | i_rn(bo, bi, 3, k); \ | 367 | crypto_it_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \ |
369 | k -= 4 | 368 | } while (0) |
370 | 369 | ||
371 | #define i_lround(bo, bi, k) \ | 370 | #define i_nround(bo, bi, k) do {\ |
372 | i_rl(bo, bi, 0, k); \ | 371 | i_rn(bo, bi, 0, k); \ |
373 | i_rl(bo, bi, 1, k); \ | 372 | i_rn(bo, bi, 1, k); \ |
374 | i_rl(bo, bi, 2, k); \ | 373 | i_rn(bo, bi, 2, k); \ |
375 | i_rl(bo, bi, 3, k) | 374 | i_rn(bo, bi, 3, k); \ |
375 | k += 4; \ | ||
376 | } while (0) | ||
377 | |||
378 | #define i_rl(bo, bi, n, k) do { \ | ||
379 | bo[n] = crypto_il_tab[0][byte(bi[n], 0)] ^ \ | ||
380 | crypto_il_tab[1][byte(bi[(n + 3) & 3], 1)] ^ \ | ||
381 | crypto_il_tab[2][byte(bi[(n + 2) & 3], 2)] ^ \ | ||
382 | crypto_il_tab[3][byte(bi[(n + 1) & 3], 3)] ^ *(k + n); \ | ||
383 | } while (0) | ||
384 | |||
385 | #define i_lround(bo, bi, k) do {\ | ||
386 | i_rl(bo, bi, 0, k); \ | ||
387 | i_rl(bo, bi, 1, k); \ | ||
388 | i_rl(bo, bi, 2, k); \ | ||
389 | i_rl(bo, bi, 3, k); \ | ||
390 | } while (0) | ||
376 | 391 | ||
377 | static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 392 | static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
378 | { | 393 | { |
379 | const struct aes_ctx *ctx = crypto_tfm_ctx(tfm); | 394 | const struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm); |
380 | const __le32 *src = (const __le32 *)in; | 395 | const __le32 *src = (const __le32 *)in; |
381 | __le32 *dst = (__le32 *)out; | 396 | __le32 *dst = (__le32 *)out; |
382 | u32 b0[4], b1[4]; | 397 | u32 b0[4], b1[4]; |
383 | const int key_len = ctx->key_length; | 398 | const int key_len = ctx->key_length; |
384 | const u32 *kp = D_KEY + key_len + 20; | 399 | const u32 *kp = ctx->key_dec + 4; |
385 | 400 | ||
386 | b0[0] = le32_to_cpu(src[0]) ^ E_KEY[key_len + 24]; | 401 | b0[0] = le32_to_cpu(src[0]) ^ ctx->key_dec[0]; |
387 | b0[1] = le32_to_cpu(src[1]) ^ E_KEY[key_len + 25]; | 402 | b0[1] = le32_to_cpu(src[1]) ^ ctx->key_dec[1]; |
388 | b0[2] = le32_to_cpu(src[2]) ^ E_KEY[key_len + 26]; | 403 | b0[2] = le32_to_cpu(src[2]) ^ ctx->key_dec[2]; |
389 | b0[3] = le32_to_cpu(src[3]) ^ E_KEY[key_len + 27]; | 404 | b0[3] = le32_to_cpu(src[3]) ^ ctx->key_dec[3]; |
390 | 405 | ||
391 | if (key_len > 24) { | 406 | if (key_len > 24) { |
392 | i_nround (b1, b0, kp); | 407 | i_nround(b1, b0, kp); |
393 | i_nround (b0, b1, kp); | 408 | i_nround(b0, b1, kp); |
394 | } | 409 | } |
395 | 410 | ||
396 | if (key_len > 16) { | 411 | if (key_len > 16) { |
397 | i_nround (b1, b0, kp); | 412 | i_nround(b1, b0, kp); |
398 | i_nround (b0, b1, kp); | 413 | i_nround(b0, b1, kp); |
399 | } | 414 | } |
400 | 415 | ||
401 | i_nround (b1, b0, kp); | 416 | i_nround(b1, b0, kp); |
402 | i_nround (b0, b1, kp); | 417 | i_nround(b0, b1, kp); |
403 | i_nround (b1, b0, kp); | 418 | i_nround(b1, b0, kp); |
404 | i_nround (b0, b1, kp); | 419 | i_nround(b0, b1, kp); |
405 | i_nround (b1, b0, kp); | 420 | i_nround(b1, b0, kp); |
406 | i_nround (b0, b1, kp); | 421 | i_nround(b0, b1, kp); |
407 | i_nround (b1, b0, kp); | 422 | i_nround(b1, b0, kp); |
408 | i_nround (b0, b1, kp); | 423 | i_nround(b0, b1, kp); |
409 | i_nround (b1, b0, kp); | 424 | i_nround(b1, b0, kp); |
410 | i_lround (b0, b1, kp); | 425 | i_lround(b0, b1, kp); |
411 | 426 | ||
412 | dst[0] = cpu_to_le32(b0[0]); | 427 | dst[0] = cpu_to_le32(b0[0]); |
413 | dst[1] = cpu_to_le32(b0[1]); | 428 | dst[1] = cpu_to_le32(b0[1]); |
@@ -415,14 +430,13 @@ static void aes_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | |||
415 | dst[3] = cpu_to_le32(b0[3]); | 430 | dst[3] = cpu_to_le32(b0[3]); |
416 | } | 431 | } |
417 | 432 | ||
418 | |||
419 | static struct crypto_alg aes_alg = { | 433 | static struct crypto_alg aes_alg = { |
420 | .cra_name = "aes", | 434 | .cra_name = "aes", |
421 | .cra_driver_name = "aes-generic", | 435 | .cra_driver_name = "aes-generic", |
422 | .cra_priority = 100, | 436 | .cra_priority = 100, |
423 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, | 437 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, |
424 | .cra_blocksize = AES_BLOCK_SIZE, | 438 | .cra_blocksize = AES_BLOCK_SIZE, |
425 | .cra_ctxsize = sizeof(struct aes_ctx), | 439 | .cra_ctxsize = sizeof(struct crypto_aes_ctx), |
426 | .cra_alignmask = 3, | 440 | .cra_alignmask = 3, |
427 | .cra_module = THIS_MODULE, | 441 | .cra_module = THIS_MODULE, |
428 | .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), | 442 | .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), |
@@ -430,9 +444,9 @@ static struct crypto_alg aes_alg = { | |||
430 | .cipher = { | 444 | .cipher = { |
431 | .cia_min_keysize = AES_MIN_KEY_SIZE, | 445 | .cia_min_keysize = AES_MIN_KEY_SIZE, |
432 | .cia_max_keysize = AES_MAX_KEY_SIZE, | 446 | .cia_max_keysize = AES_MAX_KEY_SIZE, |
433 | .cia_setkey = aes_set_key, | 447 | .cia_setkey = crypto_aes_set_key, |
434 | .cia_encrypt = aes_encrypt, | 448 | .cia_encrypt = aes_encrypt, |
435 | .cia_decrypt = aes_decrypt | 449 | .cia_decrypt = aes_decrypt |
436 | } | 450 | } |
437 | } | 451 | } |
438 | }; | 452 | }; |
diff --git a/crypto/algapi.c b/crypto/algapi.c index 8383282de1dd..e65cb50cf4af 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c | |||
@@ -472,7 +472,7 @@ int crypto_check_attr_type(struct rtattr **tb, u32 type) | |||
472 | } | 472 | } |
473 | EXPORT_SYMBOL_GPL(crypto_check_attr_type); | 473 | EXPORT_SYMBOL_GPL(crypto_check_attr_type); |
474 | 474 | ||
475 | struct crypto_alg *crypto_attr_alg(struct rtattr *rta, u32 type, u32 mask) | 475 | const char *crypto_attr_alg_name(struct rtattr *rta) |
476 | { | 476 | { |
477 | struct crypto_attr_alg *alga; | 477 | struct crypto_attr_alg *alga; |
478 | 478 | ||
@@ -486,7 +486,21 @@ struct crypto_alg *crypto_attr_alg(struct rtattr *rta, u32 type, u32 mask) | |||
486 | alga = RTA_DATA(rta); | 486 | alga = RTA_DATA(rta); |
487 | alga->name[CRYPTO_MAX_ALG_NAME - 1] = 0; | 487 | alga->name[CRYPTO_MAX_ALG_NAME - 1] = 0; |
488 | 488 | ||
489 | return crypto_alg_mod_lookup(alga->name, type, mask); | 489 | return alga->name; |
490 | } | ||
491 | EXPORT_SYMBOL_GPL(crypto_attr_alg_name); | ||
492 | |||
493 | struct crypto_alg *crypto_attr_alg(struct rtattr *rta, u32 type, u32 mask) | ||
494 | { | ||
495 | const char *name; | ||
496 | int err; | ||
497 | |||
498 | name = crypto_attr_alg_name(rta); | ||
499 | err = PTR_ERR(name); | ||
500 | if (IS_ERR(name)) | ||
501 | return ERR_PTR(err); | ||
502 | |||
503 | return crypto_alg_mod_lookup(name, type, mask); | ||
490 | } | 504 | } |
491 | EXPORT_SYMBOL_GPL(crypto_attr_alg); | 505 | EXPORT_SYMBOL_GPL(crypto_attr_alg); |
492 | 506 | ||
@@ -605,6 +619,53 @@ int crypto_tfm_in_queue(struct crypto_queue *queue, struct crypto_tfm *tfm) | |||
605 | } | 619 | } |
606 | EXPORT_SYMBOL_GPL(crypto_tfm_in_queue); | 620 | EXPORT_SYMBOL_GPL(crypto_tfm_in_queue); |
607 | 621 | ||
622 | static inline void crypto_inc_byte(u8 *a, unsigned int size) | ||
623 | { | ||
624 | u8 *b = (a + size); | ||
625 | u8 c; | ||
626 | |||
627 | for (; size; size--) { | ||
628 | c = *--b + 1; | ||
629 | *b = c; | ||
630 | if (c) | ||
631 | break; | ||
632 | } | ||
633 | } | ||
634 | |||
635 | void crypto_inc(u8 *a, unsigned int size) | ||
636 | { | ||
637 | __be32 *b = (__be32 *)(a + size); | ||
638 | u32 c; | ||
639 | |||
640 | for (; size >= 4; size -= 4) { | ||
641 | c = be32_to_cpu(*--b) + 1; | ||
642 | *b = cpu_to_be32(c); | ||
643 | if (c) | ||
644 | return; | ||
645 | } | ||
646 | |||
647 | crypto_inc_byte(a, size); | ||
648 | } | ||
649 | EXPORT_SYMBOL_GPL(crypto_inc); | ||
650 | |||
651 | static inline void crypto_xor_byte(u8 *a, const u8 *b, unsigned int size) | ||
652 | { | ||
653 | for (; size; size--) | ||
654 | *a++ ^= *b++; | ||
655 | } | ||
656 | |||
657 | void crypto_xor(u8 *dst, const u8 *src, unsigned int size) | ||
658 | { | ||
659 | u32 *a = (u32 *)dst; | ||
660 | u32 *b = (u32 *)src; | ||
661 | |||
662 | for (; size >= 4; size -= 4) | ||
663 | *a++ ^= *b++; | ||
664 | |||
665 | crypto_xor_byte((u8 *)a, (u8 *)b, size); | ||
666 | } | ||
667 | EXPORT_SYMBOL_GPL(crypto_xor); | ||
668 | |||
608 | static int __init crypto_algapi_init(void) | 669 | static int __init crypto_algapi_init(void) |
609 | { | 670 | { |
610 | crypto_init_proc(); | 671 | crypto_init_proc(); |
diff --git a/crypto/api.c b/crypto/api.c index 1f5c72477356..a2496d1bc6d4 100644 --- a/crypto/api.c +++ b/crypto/api.c | |||
@@ -137,7 +137,7 @@ static struct crypto_alg *crypto_larval_alloc(const char *name, u32 type, | |||
137 | return alg; | 137 | return alg; |
138 | } | 138 | } |
139 | 139 | ||
140 | static void crypto_larval_kill(struct crypto_alg *alg) | 140 | void crypto_larval_kill(struct crypto_alg *alg) |
141 | { | 141 | { |
142 | struct crypto_larval *larval = (void *)alg; | 142 | struct crypto_larval *larval = (void *)alg; |
143 | 143 | ||
@@ -147,6 +147,7 @@ static void crypto_larval_kill(struct crypto_alg *alg) | |||
147 | complete_all(&larval->completion); | 147 | complete_all(&larval->completion); |
148 | crypto_alg_put(alg); | 148 | crypto_alg_put(alg); |
149 | } | 149 | } |
150 | EXPORT_SYMBOL_GPL(crypto_larval_kill); | ||
150 | 151 | ||
151 | static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg) | 152 | static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg) |
152 | { | 153 | { |
@@ -176,11 +177,9 @@ static struct crypto_alg *crypto_alg_lookup(const char *name, u32 type, | |||
176 | return alg; | 177 | return alg; |
177 | } | 178 | } |
178 | 179 | ||
179 | struct crypto_alg *crypto_alg_mod_lookup(const char *name, u32 type, u32 mask) | 180 | struct crypto_alg *crypto_larval_lookup(const char *name, u32 type, u32 mask) |
180 | { | 181 | { |
181 | struct crypto_alg *alg; | 182 | struct crypto_alg *alg; |
182 | struct crypto_alg *larval; | ||
183 | int ok; | ||
184 | 183 | ||
185 | if (!name) | 184 | if (!name) |
186 | return ERR_PTR(-ENOENT); | 185 | return ERR_PTR(-ENOENT); |
@@ -193,7 +192,17 @@ struct crypto_alg *crypto_alg_mod_lookup(const char *name, u32 type, u32 mask) | |||
193 | if (alg) | 192 | if (alg) |
194 | return crypto_is_larval(alg) ? crypto_larval_wait(alg) : alg; | 193 | return crypto_is_larval(alg) ? crypto_larval_wait(alg) : alg; |
195 | 194 | ||
196 | larval = crypto_larval_alloc(name, type, mask); | 195 | return crypto_larval_alloc(name, type, mask); |
196 | } | ||
197 | EXPORT_SYMBOL_GPL(crypto_larval_lookup); | ||
198 | |||
199 | struct crypto_alg *crypto_alg_mod_lookup(const char *name, u32 type, u32 mask) | ||
200 | { | ||
201 | struct crypto_alg *alg; | ||
202 | struct crypto_alg *larval; | ||
203 | int ok; | ||
204 | |||
205 | larval = crypto_larval_lookup(name, type, mask); | ||
197 | if (IS_ERR(larval) || !crypto_is_larval(larval)) | 206 | if (IS_ERR(larval) || !crypto_is_larval(larval)) |
198 | return larval; | 207 | return larval; |
199 | 208 | ||
diff --git a/crypto/authenc.c b/crypto/authenc.c index 126a529b496d..ed8ac5a6fa5f 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c | |||
@@ -10,22 +10,21 @@ | |||
10 | * | 10 | * |
11 | */ | 11 | */ |
12 | 12 | ||
13 | #include <crypto/algapi.h> | 13 | #include <crypto/aead.h> |
14 | #include <crypto/internal/skcipher.h> | ||
15 | #include <crypto/authenc.h> | ||
16 | #include <crypto/scatterwalk.h> | ||
14 | #include <linux/err.h> | 17 | #include <linux/err.h> |
15 | #include <linux/init.h> | 18 | #include <linux/init.h> |
16 | #include <linux/kernel.h> | 19 | #include <linux/kernel.h> |
17 | #include <linux/module.h> | 20 | #include <linux/module.h> |
21 | #include <linux/rtnetlink.h> | ||
18 | #include <linux/slab.h> | 22 | #include <linux/slab.h> |
19 | #include <linux/spinlock.h> | 23 | #include <linux/spinlock.h> |
20 | 24 | ||
21 | #include "scatterwalk.h" | ||
22 | |||
23 | struct authenc_instance_ctx { | 25 | struct authenc_instance_ctx { |
24 | struct crypto_spawn auth; | 26 | struct crypto_spawn auth; |
25 | struct crypto_spawn enc; | 27 | struct crypto_skcipher_spawn enc; |
26 | |||
27 | unsigned int authsize; | ||
28 | unsigned int enckeylen; | ||
29 | }; | 28 | }; |
30 | 29 | ||
31 | struct crypto_authenc_ctx { | 30 | struct crypto_authenc_ctx { |
@@ -37,19 +36,31 @@ struct crypto_authenc_ctx { | |||
37 | static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, | 36 | static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, |
38 | unsigned int keylen) | 37 | unsigned int keylen) |
39 | { | 38 | { |
40 | struct authenc_instance_ctx *ictx = | ||
41 | crypto_instance_ctx(crypto_aead_alg_instance(authenc)); | ||
42 | unsigned int enckeylen = ictx->enckeylen; | ||
43 | unsigned int authkeylen; | 39 | unsigned int authkeylen; |
40 | unsigned int enckeylen; | ||
44 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 41 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
45 | struct crypto_hash *auth = ctx->auth; | 42 | struct crypto_hash *auth = ctx->auth; |
46 | struct crypto_ablkcipher *enc = ctx->enc; | 43 | struct crypto_ablkcipher *enc = ctx->enc; |
44 | struct rtattr *rta = (void *)key; | ||
45 | struct crypto_authenc_key_param *param; | ||
47 | int err = -EINVAL; | 46 | int err = -EINVAL; |
48 | 47 | ||
49 | if (keylen < enckeylen) { | 48 | if (!RTA_OK(rta, keylen)) |
50 | crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN); | 49 | goto badkey; |
51 | goto out; | 50 | if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM) |
52 | } | 51 | goto badkey; |
52 | if (RTA_PAYLOAD(rta) < sizeof(*param)) | ||
53 | goto badkey; | ||
54 | |||
55 | param = RTA_DATA(rta); | ||
56 | enckeylen = be32_to_cpu(param->enckeylen); | ||
57 | |||
58 | key += RTA_ALIGN(rta->rta_len); | ||
59 | keylen -= RTA_ALIGN(rta->rta_len); | ||
60 | |||
61 | if (keylen < enckeylen) | ||
62 | goto badkey; | ||
63 | |||
53 | authkeylen = keylen - enckeylen; | 64 | authkeylen = keylen - enckeylen; |
54 | 65 | ||
55 | crypto_hash_clear_flags(auth, CRYPTO_TFM_REQ_MASK); | 66 | crypto_hash_clear_flags(auth, CRYPTO_TFM_REQ_MASK); |
@@ -71,21 +82,38 @@ static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, | |||
71 | 82 | ||
72 | out: | 83 | out: |
73 | return err; | 84 | return err; |
85 | |||
86 | badkey: | ||
87 | crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN); | ||
88 | goto out; | ||
74 | } | 89 | } |
75 | 90 | ||
76 | static int crypto_authenc_hash(struct aead_request *req) | 91 | static void authenc_chain(struct scatterlist *head, struct scatterlist *sg, |
92 | int chain) | ||
93 | { | ||
94 | if (chain) { | ||
95 | head->length += sg->length; | ||
96 | sg = scatterwalk_sg_next(sg); | ||
97 | } | ||
98 | |||
99 | if (sg) | ||
100 | scatterwalk_sg_chain(head, 2, sg); | ||
101 | else | ||
102 | sg_mark_end(head); | ||
103 | } | ||
104 | |||
105 | static u8 *crypto_authenc_hash(struct aead_request *req, unsigned int flags, | ||
106 | struct scatterlist *cipher, | ||
107 | unsigned int cryptlen) | ||
77 | { | 108 | { |
78 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 109 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
79 | struct authenc_instance_ctx *ictx = | ||
80 | crypto_instance_ctx(crypto_aead_alg_instance(authenc)); | ||
81 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 110 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
82 | struct crypto_hash *auth = ctx->auth; | 111 | struct crypto_hash *auth = ctx->auth; |
83 | struct hash_desc desc = { | 112 | struct hash_desc desc = { |
84 | .tfm = auth, | 113 | .tfm = auth, |
114 | .flags = aead_request_flags(req) & flags, | ||
85 | }; | 115 | }; |
86 | u8 *hash = aead_request_ctx(req); | 116 | u8 *hash = aead_request_ctx(req); |
87 | struct scatterlist *dst = req->dst; | ||
88 | unsigned int cryptlen = req->cryptlen; | ||
89 | int err; | 117 | int err; |
90 | 118 | ||
91 | hash = (u8 *)ALIGN((unsigned long)hash + crypto_hash_alignmask(auth), | 119 | hash = (u8 *)ALIGN((unsigned long)hash + crypto_hash_alignmask(auth), |
@@ -100,7 +128,7 @@ static int crypto_authenc_hash(struct aead_request *req) | |||
100 | if (err) | 128 | if (err) |
101 | goto auth_unlock; | 129 | goto auth_unlock; |
102 | 130 | ||
103 | err = crypto_hash_update(&desc, dst, cryptlen); | 131 | err = crypto_hash_update(&desc, cipher, cryptlen); |
104 | if (err) | 132 | if (err) |
105 | goto auth_unlock; | 133 | goto auth_unlock; |
106 | 134 | ||
@@ -109,17 +137,53 @@ auth_unlock: | |||
109 | spin_unlock_bh(&ctx->auth_lock); | 137 | spin_unlock_bh(&ctx->auth_lock); |
110 | 138 | ||
111 | if (err) | 139 | if (err) |
112 | return err; | 140 | return ERR_PTR(err); |
141 | |||
142 | return hash; | ||
143 | } | ||
113 | 144 | ||
114 | scatterwalk_map_and_copy(hash, dst, cryptlen, ictx->authsize, 1); | 145 | static int crypto_authenc_genicv(struct aead_request *req, u8 *iv, |
146 | unsigned int flags) | ||
147 | { | ||
148 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | ||
149 | struct scatterlist *dst = req->dst; | ||
150 | struct scatterlist cipher[2]; | ||
151 | struct page *dstp; | ||
152 | unsigned int ivsize = crypto_aead_ivsize(authenc); | ||
153 | unsigned int cryptlen; | ||
154 | u8 *vdst; | ||
155 | u8 *hash; | ||
156 | |||
157 | dstp = sg_page(dst); | ||
158 | vdst = PageHighMem(dstp) ? NULL : page_address(dstp) + dst->offset; | ||
159 | |||
160 | sg_init_table(cipher, 2); | ||
161 | sg_set_buf(cipher, iv, ivsize); | ||
162 | authenc_chain(cipher, dst, vdst == iv + ivsize); | ||
163 | |||
164 | cryptlen = req->cryptlen + ivsize; | ||
165 | hash = crypto_authenc_hash(req, flags, cipher, cryptlen); | ||
166 | if (IS_ERR(hash)) | ||
167 | return PTR_ERR(hash); | ||
168 | |||
169 | scatterwalk_map_and_copy(hash, cipher, cryptlen, | ||
170 | crypto_aead_authsize(authenc), 1); | ||
115 | return 0; | 171 | return 0; |
116 | } | 172 | } |
117 | 173 | ||
118 | static void crypto_authenc_encrypt_done(struct crypto_async_request *req, | 174 | static void crypto_authenc_encrypt_done(struct crypto_async_request *req, |
119 | int err) | 175 | int err) |
120 | { | 176 | { |
121 | if (!err) | 177 | if (!err) { |
122 | err = crypto_authenc_hash(req->data); | 178 | struct aead_request *areq = req->data; |
179 | struct crypto_aead *authenc = crypto_aead_reqtfm(areq); | ||
180 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | ||
181 | struct ablkcipher_request *abreq = aead_request_ctx(areq); | ||
182 | u8 *iv = (u8 *)(abreq + 1) + | ||
183 | crypto_ablkcipher_reqsize(ctx->enc); | ||
184 | |||
185 | err = crypto_authenc_genicv(areq, iv, 0); | ||
186 | } | ||
123 | 187 | ||
124 | aead_request_complete(req->data, err); | 188 | aead_request_complete(req->data, err); |
125 | } | 189 | } |
@@ -129,72 +193,99 @@ static int crypto_authenc_encrypt(struct aead_request *req) | |||
129 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 193 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
130 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 194 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
131 | struct ablkcipher_request *abreq = aead_request_ctx(req); | 195 | struct ablkcipher_request *abreq = aead_request_ctx(req); |
196 | struct crypto_ablkcipher *enc = ctx->enc; | ||
197 | struct scatterlist *dst = req->dst; | ||
198 | unsigned int cryptlen = req->cryptlen; | ||
199 | u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc); | ||
132 | int err; | 200 | int err; |
133 | 201 | ||
134 | ablkcipher_request_set_tfm(abreq, ctx->enc); | 202 | ablkcipher_request_set_tfm(abreq, enc); |
135 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), | 203 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), |
136 | crypto_authenc_encrypt_done, req); | 204 | crypto_authenc_encrypt_done, req); |
137 | ablkcipher_request_set_crypt(abreq, req->src, req->dst, req->cryptlen, | 205 | ablkcipher_request_set_crypt(abreq, req->src, dst, cryptlen, req->iv); |
138 | req->iv); | 206 | |
207 | memcpy(iv, req->iv, crypto_aead_ivsize(authenc)); | ||
139 | 208 | ||
140 | err = crypto_ablkcipher_encrypt(abreq); | 209 | err = crypto_ablkcipher_encrypt(abreq); |
141 | if (err) | 210 | if (err) |
142 | return err; | 211 | return err; |
143 | 212 | ||
144 | return crypto_authenc_hash(req); | 213 | return crypto_authenc_genicv(req, iv, CRYPTO_TFM_REQ_MAY_SLEEP); |
145 | } | 214 | } |
146 | 215 | ||
147 | static int crypto_authenc_verify(struct aead_request *req) | 216 | static void crypto_authenc_givencrypt_done(struct crypto_async_request *req, |
217 | int err) | ||
148 | { | 218 | { |
149 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 219 | if (!err) { |
150 | struct authenc_instance_ctx *ictx = | 220 | struct aead_givcrypt_request *greq = req->data; |
151 | crypto_instance_ctx(crypto_aead_alg_instance(authenc)); | 221 | |
222 | err = crypto_authenc_genicv(&greq->areq, greq->giv, 0); | ||
223 | } | ||
224 | |||
225 | aead_request_complete(req->data, err); | ||
226 | } | ||
227 | |||
228 | static int crypto_authenc_givencrypt(struct aead_givcrypt_request *req) | ||
229 | { | ||
230 | struct crypto_aead *authenc = aead_givcrypt_reqtfm(req); | ||
152 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 231 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
153 | struct crypto_hash *auth = ctx->auth; | 232 | struct aead_request *areq = &req->areq; |
154 | struct hash_desc desc = { | 233 | struct skcipher_givcrypt_request *greq = aead_request_ctx(areq); |
155 | .tfm = auth, | 234 | u8 *iv = req->giv; |
156 | .flags = aead_request_flags(req), | ||
157 | }; | ||
158 | u8 *ohash = aead_request_ctx(req); | ||
159 | u8 *ihash; | ||
160 | struct scatterlist *src = req->src; | ||
161 | unsigned int cryptlen = req->cryptlen; | ||
162 | unsigned int authsize; | ||
163 | int err; | 235 | int err; |
164 | 236 | ||
165 | ohash = (u8 *)ALIGN((unsigned long)ohash + crypto_hash_alignmask(auth), | 237 | skcipher_givcrypt_set_tfm(greq, ctx->enc); |
166 | crypto_hash_alignmask(auth) + 1); | 238 | skcipher_givcrypt_set_callback(greq, aead_request_flags(areq), |
167 | ihash = ohash + crypto_hash_digestsize(auth); | 239 | crypto_authenc_givencrypt_done, areq); |
168 | 240 | skcipher_givcrypt_set_crypt(greq, areq->src, areq->dst, areq->cryptlen, | |
169 | spin_lock_bh(&ctx->auth_lock); | 241 | areq->iv); |
170 | err = crypto_hash_init(&desc); | 242 | skcipher_givcrypt_set_giv(greq, iv, req->seq); |
171 | if (err) | ||
172 | goto auth_unlock; | ||
173 | 243 | ||
174 | err = crypto_hash_update(&desc, req->assoc, req->assoclen); | 244 | err = crypto_skcipher_givencrypt(greq); |
175 | if (err) | 245 | if (err) |
176 | goto auth_unlock; | 246 | return err; |
177 | 247 | ||
178 | err = crypto_hash_update(&desc, src, cryptlen); | 248 | return crypto_authenc_genicv(areq, iv, CRYPTO_TFM_REQ_MAY_SLEEP); |
179 | if (err) | 249 | } |
180 | goto auth_unlock; | ||
181 | 250 | ||
182 | err = crypto_hash_final(&desc, ohash); | 251 | static int crypto_authenc_verify(struct aead_request *req, |
183 | auth_unlock: | 252 | struct scatterlist *cipher, |
184 | spin_unlock_bh(&ctx->auth_lock); | 253 | unsigned int cryptlen) |
254 | { | ||
255 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | ||
256 | u8 *ohash; | ||
257 | u8 *ihash; | ||
258 | unsigned int authsize; | ||
185 | 259 | ||
186 | if (err) | 260 | ohash = crypto_authenc_hash(req, CRYPTO_TFM_REQ_MAY_SLEEP, cipher, |
187 | return err; | 261 | cryptlen); |
262 | if (IS_ERR(ohash)) | ||
263 | return PTR_ERR(ohash); | ||
188 | 264 | ||
189 | authsize = ictx->authsize; | 265 | authsize = crypto_aead_authsize(authenc); |
190 | scatterwalk_map_and_copy(ihash, src, cryptlen, authsize, 0); | 266 | ihash = ohash + authsize; |
191 | return memcmp(ihash, ohash, authsize) ? -EINVAL : 0; | 267 | scatterwalk_map_and_copy(ihash, cipher, cryptlen, authsize, 0); |
268 | return memcmp(ihash, ohash, authsize) ? -EBADMSG: 0; | ||
192 | } | 269 | } |
193 | 270 | ||
194 | static void crypto_authenc_decrypt_done(struct crypto_async_request *req, | 271 | static int crypto_authenc_iverify(struct aead_request *req, u8 *iv, |
195 | int err) | 272 | unsigned int cryptlen) |
196 | { | 273 | { |
197 | aead_request_complete(req->data, err); | 274 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
275 | struct scatterlist *src = req->src; | ||
276 | struct scatterlist cipher[2]; | ||
277 | struct page *srcp; | ||
278 | unsigned int ivsize = crypto_aead_ivsize(authenc); | ||
279 | u8 *vsrc; | ||
280 | |||
281 | srcp = sg_page(src); | ||
282 | vsrc = PageHighMem(srcp) ? NULL : page_address(srcp) + src->offset; | ||
283 | |||
284 | sg_init_table(cipher, 2); | ||
285 | sg_set_buf(cipher, iv, ivsize); | ||
286 | authenc_chain(cipher, src, vsrc == iv + ivsize); | ||
287 | |||
288 | return crypto_authenc_verify(req, cipher, cryptlen + ivsize); | ||
198 | } | 289 | } |
199 | 290 | ||
200 | static int crypto_authenc_decrypt(struct aead_request *req) | 291 | static int crypto_authenc_decrypt(struct aead_request *req) |
@@ -202,17 +293,23 @@ static int crypto_authenc_decrypt(struct aead_request *req) | |||
202 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 293 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
203 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 294 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
204 | struct ablkcipher_request *abreq = aead_request_ctx(req); | 295 | struct ablkcipher_request *abreq = aead_request_ctx(req); |
296 | unsigned int cryptlen = req->cryptlen; | ||
297 | unsigned int authsize = crypto_aead_authsize(authenc); | ||
298 | u8 *iv = req->iv; | ||
205 | int err; | 299 | int err; |
206 | 300 | ||
207 | err = crypto_authenc_verify(req); | 301 | if (cryptlen < authsize) |
302 | return -EINVAL; | ||
303 | cryptlen -= authsize; | ||
304 | |||
305 | err = crypto_authenc_iverify(req, iv, cryptlen); | ||
208 | if (err) | 306 | if (err) |
209 | return err; | 307 | return err; |
210 | 308 | ||
211 | ablkcipher_request_set_tfm(abreq, ctx->enc); | 309 | ablkcipher_request_set_tfm(abreq, ctx->enc); |
212 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), | 310 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), |
213 | crypto_authenc_decrypt_done, req); | 311 | req->base.complete, req->base.data); |
214 | ablkcipher_request_set_crypt(abreq, req->src, req->dst, req->cryptlen, | 312 | ablkcipher_request_set_crypt(abreq, req->src, req->dst, cryptlen, iv); |
215 | req->iv); | ||
216 | 313 | ||
217 | return crypto_ablkcipher_decrypt(abreq); | 314 | return crypto_ablkcipher_decrypt(abreq); |
218 | } | 315 | } |
@@ -224,19 +321,13 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm) | |||
224 | struct crypto_authenc_ctx *ctx = crypto_tfm_ctx(tfm); | 321 | struct crypto_authenc_ctx *ctx = crypto_tfm_ctx(tfm); |
225 | struct crypto_hash *auth; | 322 | struct crypto_hash *auth; |
226 | struct crypto_ablkcipher *enc; | 323 | struct crypto_ablkcipher *enc; |
227 | unsigned int digestsize; | ||
228 | int err; | 324 | int err; |
229 | 325 | ||
230 | auth = crypto_spawn_hash(&ictx->auth); | 326 | auth = crypto_spawn_hash(&ictx->auth); |
231 | if (IS_ERR(auth)) | 327 | if (IS_ERR(auth)) |
232 | return PTR_ERR(auth); | 328 | return PTR_ERR(auth); |
233 | 329 | ||
234 | err = -EINVAL; | 330 | enc = crypto_spawn_skcipher(&ictx->enc); |
235 | digestsize = crypto_hash_digestsize(auth); | ||
236 | if (ictx->authsize > digestsize) | ||
237 | goto err_free_hash; | ||
238 | |||
239 | enc = crypto_spawn_ablkcipher(&ictx->enc); | ||
240 | err = PTR_ERR(enc); | 331 | err = PTR_ERR(enc); |
241 | if (IS_ERR(enc)) | 332 | if (IS_ERR(enc)) |
242 | goto err_free_hash; | 333 | goto err_free_hash; |
@@ -246,9 +337,10 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm) | |||
246 | tfm->crt_aead.reqsize = max_t(unsigned int, | 337 | tfm->crt_aead.reqsize = max_t(unsigned int, |
247 | (crypto_hash_alignmask(auth) & | 338 | (crypto_hash_alignmask(auth) & |
248 | ~(crypto_tfm_ctx_alignment() - 1)) + | 339 | ~(crypto_tfm_ctx_alignment() - 1)) + |
249 | digestsize * 2, | 340 | crypto_hash_digestsize(auth) * 2, |
250 | sizeof(struct ablkcipher_request) + | 341 | sizeof(struct skcipher_givcrypt_request) + |
251 | crypto_ablkcipher_reqsize(enc)); | 342 | crypto_ablkcipher_reqsize(enc) + |
343 | crypto_ablkcipher_ivsize(enc)); | ||
252 | 344 | ||
253 | spin_lock_init(&ctx->auth_lock); | 345 | spin_lock_init(&ctx->auth_lock); |
254 | 346 | ||
@@ -269,75 +361,74 @@ static void crypto_authenc_exit_tfm(struct crypto_tfm *tfm) | |||
269 | 361 | ||
270 | static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) | 362 | static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) |
271 | { | 363 | { |
364 | struct crypto_attr_type *algt; | ||
272 | struct crypto_instance *inst; | 365 | struct crypto_instance *inst; |
273 | struct crypto_alg *auth; | 366 | struct crypto_alg *auth; |
274 | struct crypto_alg *enc; | 367 | struct crypto_alg *enc; |
275 | struct authenc_instance_ctx *ctx; | 368 | struct authenc_instance_ctx *ctx; |
276 | unsigned int authsize; | 369 | const char *enc_name; |
277 | unsigned int enckeylen; | ||
278 | int err; | 370 | int err; |
279 | 371 | ||
280 | err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_AEAD); | 372 | algt = crypto_get_attr_type(tb); |
281 | if (err) | 373 | err = PTR_ERR(algt); |
374 | if (IS_ERR(algt)) | ||
282 | return ERR_PTR(err); | 375 | return ERR_PTR(err); |
283 | 376 | ||
377 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask) | ||
378 | return ERR_PTR(-EINVAL); | ||
379 | |||
284 | auth = crypto_attr_alg(tb[1], CRYPTO_ALG_TYPE_HASH, | 380 | auth = crypto_attr_alg(tb[1], CRYPTO_ALG_TYPE_HASH, |
285 | CRYPTO_ALG_TYPE_HASH_MASK); | 381 | CRYPTO_ALG_TYPE_HASH_MASK); |
286 | if (IS_ERR(auth)) | 382 | if (IS_ERR(auth)) |
287 | return ERR_PTR(PTR_ERR(auth)); | 383 | return ERR_PTR(PTR_ERR(auth)); |
288 | 384 | ||
289 | err = crypto_attr_u32(tb[2], &authsize); | 385 | enc_name = crypto_attr_alg_name(tb[2]); |
290 | inst = ERR_PTR(err); | 386 | err = PTR_ERR(enc_name); |
291 | if (err) | 387 | if (IS_ERR(enc_name)) |
292 | goto out_put_auth; | ||
293 | |||
294 | enc = crypto_attr_alg(tb[3], CRYPTO_ALG_TYPE_BLKCIPHER, | ||
295 | CRYPTO_ALG_TYPE_MASK); | ||
296 | inst = ERR_PTR(PTR_ERR(enc)); | ||
297 | if (IS_ERR(enc)) | ||
298 | goto out_put_auth; | 388 | goto out_put_auth; |
299 | 389 | ||
300 | err = crypto_attr_u32(tb[4], &enckeylen); | ||
301 | if (err) | ||
302 | goto out_put_enc; | ||
303 | |||
304 | inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); | 390 | inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); |
305 | err = -ENOMEM; | 391 | err = -ENOMEM; |
306 | if (!inst) | 392 | if (!inst) |
307 | goto out_put_enc; | 393 | goto out_put_auth; |
308 | |||
309 | err = -ENAMETOOLONG; | ||
310 | if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, | ||
311 | "authenc(%s,%u,%s,%u)", auth->cra_name, authsize, | ||
312 | enc->cra_name, enckeylen) >= CRYPTO_MAX_ALG_NAME) | ||
313 | goto err_free_inst; | ||
314 | |||
315 | if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | ||
316 | "authenc(%s,%u,%s,%u)", auth->cra_driver_name, | ||
317 | authsize, enc->cra_driver_name, enckeylen) >= | ||
318 | CRYPTO_MAX_ALG_NAME) | ||
319 | goto err_free_inst; | ||
320 | 394 | ||
321 | ctx = crypto_instance_ctx(inst); | 395 | ctx = crypto_instance_ctx(inst); |
322 | ctx->authsize = authsize; | ||
323 | ctx->enckeylen = enckeylen; | ||
324 | 396 | ||
325 | err = crypto_init_spawn(&ctx->auth, auth, inst, CRYPTO_ALG_TYPE_MASK); | 397 | err = crypto_init_spawn(&ctx->auth, auth, inst, CRYPTO_ALG_TYPE_MASK); |
326 | if (err) | 398 | if (err) |
327 | goto err_free_inst; | 399 | goto err_free_inst; |
328 | 400 | ||
329 | err = crypto_init_spawn(&ctx->enc, enc, inst, CRYPTO_ALG_TYPE_MASK); | 401 | crypto_set_skcipher_spawn(&ctx->enc, inst); |
402 | err = crypto_grab_skcipher(&ctx->enc, enc_name, 0, | ||
403 | crypto_requires_sync(algt->type, | ||
404 | algt->mask)); | ||
330 | if (err) | 405 | if (err) |
331 | goto err_drop_auth; | 406 | goto err_drop_auth; |
332 | 407 | ||
333 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC; | 408 | enc = crypto_skcipher_spawn_alg(&ctx->enc); |
409 | |||
410 | err = -ENAMETOOLONG; | ||
411 | if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, | ||
412 | "authenc(%s,%s)", auth->cra_name, enc->cra_name) >= | ||
413 | CRYPTO_MAX_ALG_NAME) | ||
414 | goto err_drop_enc; | ||
415 | |||
416 | if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | ||
417 | "authenc(%s,%s)", auth->cra_driver_name, | ||
418 | enc->cra_driver_name) >= CRYPTO_MAX_ALG_NAME) | ||
419 | goto err_drop_enc; | ||
420 | |||
421 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD; | ||
422 | inst->alg.cra_flags |= enc->cra_flags & CRYPTO_ALG_ASYNC; | ||
334 | inst->alg.cra_priority = enc->cra_priority * 10 + auth->cra_priority; | 423 | inst->alg.cra_priority = enc->cra_priority * 10 + auth->cra_priority; |
335 | inst->alg.cra_blocksize = enc->cra_blocksize; | 424 | inst->alg.cra_blocksize = enc->cra_blocksize; |
336 | inst->alg.cra_alignmask = max(auth->cra_alignmask, enc->cra_alignmask); | 425 | inst->alg.cra_alignmask = auth->cra_alignmask | enc->cra_alignmask; |
337 | inst->alg.cra_type = &crypto_aead_type; | 426 | inst->alg.cra_type = &crypto_aead_type; |
338 | 427 | ||
339 | inst->alg.cra_aead.ivsize = enc->cra_blkcipher.ivsize; | 428 | inst->alg.cra_aead.ivsize = enc->cra_ablkcipher.ivsize; |
340 | inst->alg.cra_aead.authsize = authsize; | 429 | inst->alg.cra_aead.maxauthsize = auth->cra_type == &crypto_hash_type ? |
430 | auth->cra_hash.digestsize : | ||
431 | auth->cra_digest.dia_digestsize; | ||
341 | 432 | ||
342 | inst->alg.cra_ctxsize = sizeof(struct crypto_authenc_ctx); | 433 | inst->alg.cra_ctxsize = sizeof(struct crypto_authenc_ctx); |
343 | 434 | ||
@@ -347,18 +438,19 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) | |||
347 | inst->alg.cra_aead.setkey = crypto_authenc_setkey; | 438 | inst->alg.cra_aead.setkey = crypto_authenc_setkey; |
348 | inst->alg.cra_aead.encrypt = crypto_authenc_encrypt; | 439 | inst->alg.cra_aead.encrypt = crypto_authenc_encrypt; |
349 | inst->alg.cra_aead.decrypt = crypto_authenc_decrypt; | 440 | inst->alg.cra_aead.decrypt = crypto_authenc_decrypt; |
441 | inst->alg.cra_aead.givencrypt = crypto_authenc_givencrypt; | ||
350 | 442 | ||
351 | out: | 443 | out: |
352 | crypto_mod_put(enc); | ||
353 | out_put_auth: | ||
354 | crypto_mod_put(auth); | 444 | crypto_mod_put(auth); |
355 | return inst; | 445 | return inst; |
356 | 446 | ||
447 | err_drop_enc: | ||
448 | crypto_drop_skcipher(&ctx->enc); | ||
357 | err_drop_auth: | 449 | err_drop_auth: |
358 | crypto_drop_spawn(&ctx->auth); | 450 | crypto_drop_spawn(&ctx->auth); |
359 | err_free_inst: | 451 | err_free_inst: |
360 | kfree(inst); | 452 | kfree(inst); |
361 | out_put_enc: | 453 | out_put_auth: |
362 | inst = ERR_PTR(err); | 454 | inst = ERR_PTR(err); |
363 | goto out; | 455 | goto out; |
364 | } | 456 | } |
@@ -367,7 +459,7 @@ static void crypto_authenc_free(struct crypto_instance *inst) | |||
367 | { | 459 | { |
368 | struct authenc_instance_ctx *ctx = crypto_instance_ctx(inst); | 460 | struct authenc_instance_ctx *ctx = crypto_instance_ctx(inst); |
369 | 461 | ||
370 | crypto_drop_spawn(&ctx->enc); | 462 | crypto_drop_skcipher(&ctx->enc); |
371 | crypto_drop_spawn(&ctx->auth); | 463 | crypto_drop_spawn(&ctx->auth); |
372 | kfree(inst); | 464 | kfree(inst); |
373 | } | 465 | } |
diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c index f6c67f9d4e5c..4a7e65c4df4d 100644 --- a/crypto/blkcipher.c +++ b/crypto/blkcipher.c | |||
@@ -14,7 +14,8 @@ | |||
14 | * | 14 | * |
15 | */ | 15 | */ |
16 | 16 | ||
17 | #include <linux/crypto.h> | 17 | #include <crypto/internal/skcipher.h> |
18 | #include <crypto/scatterwalk.h> | ||
18 | #include <linux/errno.h> | 19 | #include <linux/errno.h> |
19 | #include <linux/hardirq.h> | 20 | #include <linux/hardirq.h> |
20 | #include <linux/kernel.h> | 21 | #include <linux/kernel.h> |
@@ -25,7 +26,6 @@ | |||
25 | #include <linux/string.h> | 26 | #include <linux/string.h> |
26 | 27 | ||
27 | #include "internal.h" | 28 | #include "internal.h" |
28 | #include "scatterwalk.h" | ||
29 | 29 | ||
30 | enum { | 30 | enum { |
31 | BLKCIPHER_WALK_PHYS = 1 << 0, | 31 | BLKCIPHER_WALK_PHYS = 1 << 0, |
@@ -433,9 +433,8 @@ static unsigned int crypto_blkcipher_ctxsize(struct crypto_alg *alg, u32 type, | |||
433 | struct blkcipher_alg *cipher = &alg->cra_blkcipher; | 433 | struct blkcipher_alg *cipher = &alg->cra_blkcipher; |
434 | unsigned int len = alg->cra_ctxsize; | 434 | unsigned int len = alg->cra_ctxsize; |
435 | 435 | ||
436 | type ^= CRYPTO_ALG_ASYNC; | 436 | if ((mask & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_MASK && |
437 | mask &= CRYPTO_ALG_ASYNC; | 437 | cipher->ivsize) { |
438 | if ((type & mask) && cipher->ivsize) { | ||
439 | len = ALIGN(len, (unsigned long)alg->cra_alignmask + 1); | 438 | len = ALIGN(len, (unsigned long)alg->cra_alignmask + 1); |
440 | len += cipher->ivsize; | 439 | len += cipher->ivsize; |
441 | } | 440 | } |
@@ -451,6 +450,11 @@ static int crypto_init_blkcipher_ops_async(struct crypto_tfm *tfm) | |||
451 | crt->setkey = async_setkey; | 450 | crt->setkey = async_setkey; |
452 | crt->encrypt = async_encrypt; | 451 | crt->encrypt = async_encrypt; |
453 | crt->decrypt = async_decrypt; | 452 | crt->decrypt = async_decrypt; |
453 | if (!alg->ivsize) { | ||
454 | crt->givencrypt = skcipher_null_givencrypt; | ||
455 | crt->givdecrypt = skcipher_null_givdecrypt; | ||
456 | } | ||
457 | crt->base = __crypto_ablkcipher_cast(tfm); | ||
454 | crt->ivsize = alg->ivsize; | 458 | crt->ivsize = alg->ivsize; |
455 | 459 | ||
456 | return 0; | 460 | return 0; |
@@ -482,9 +486,7 @@ static int crypto_init_blkcipher_ops(struct crypto_tfm *tfm, u32 type, u32 mask) | |||
482 | if (alg->ivsize > PAGE_SIZE / 8) | 486 | if (alg->ivsize > PAGE_SIZE / 8) |
483 | return -EINVAL; | 487 | return -EINVAL; |
484 | 488 | ||
485 | type ^= CRYPTO_ALG_ASYNC; | 489 | if ((mask & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_MASK) |
486 | mask &= CRYPTO_ALG_ASYNC; | ||
487 | if (type & mask) | ||
488 | return crypto_init_blkcipher_ops_sync(tfm); | 490 | return crypto_init_blkcipher_ops_sync(tfm); |
489 | else | 491 | else |
490 | return crypto_init_blkcipher_ops_async(tfm); | 492 | return crypto_init_blkcipher_ops_async(tfm); |
@@ -499,6 +501,8 @@ static void crypto_blkcipher_show(struct seq_file *m, struct crypto_alg *alg) | |||
499 | seq_printf(m, "min keysize : %u\n", alg->cra_blkcipher.min_keysize); | 501 | seq_printf(m, "min keysize : %u\n", alg->cra_blkcipher.min_keysize); |
500 | seq_printf(m, "max keysize : %u\n", alg->cra_blkcipher.max_keysize); | 502 | seq_printf(m, "max keysize : %u\n", alg->cra_blkcipher.max_keysize); |
501 | seq_printf(m, "ivsize : %u\n", alg->cra_blkcipher.ivsize); | 503 | seq_printf(m, "ivsize : %u\n", alg->cra_blkcipher.ivsize); |
504 | seq_printf(m, "geniv : %s\n", alg->cra_blkcipher.geniv ?: | ||
505 | "<default>"); | ||
502 | } | 506 | } |
503 | 507 | ||
504 | const struct crypto_type crypto_blkcipher_type = { | 508 | const struct crypto_type crypto_blkcipher_type = { |
@@ -510,5 +514,187 @@ const struct crypto_type crypto_blkcipher_type = { | |||
510 | }; | 514 | }; |
511 | EXPORT_SYMBOL_GPL(crypto_blkcipher_type); | 515 | EXPORT_SYMBOL_GPL(crypto_blkcipher_type); |
512 | 516 | ||
517 | static int crypto_grab_nivcipher(struct crypto_skcipher_spawn *spawn, | ||
518 | const char *name, u32 type, u32 mask) | ||
519 | { | ||
520 | struct crypto_alg *alg; | ||
521 | int err; | ||
522 | |||
523 | type = crypto_skcipher_type(type); | ||
524 | mask = crypto_skcipher_mask(mask) | CRYPTO_ALG_GENIV; | ||
525 | |||
526 | alg = crypto_alg_mod_lookup(name, type, mask); | ||
527 | if (IS_ERR(alg)) | ||
528 | return PTR_ERR(alg); | ||
529 | |||
530 | err = crypto_init_spawn(&spawn->base, alg, spawn->base.inst, mask); | ||
531 | crypto_mod_put(alg); | ||
532 | return err; | ||
533 | } | ||
534 | |||
535 | struct crypto_instance *skcipher_geniv_alloc(struct crypto_template *tmpl, | ||
536 | struct rtattr **tb, u32 type, | ||
537 | u32 mask) | ||
538 | { | ||
539 | struct { | ||
540 | int (*setkey)(struct crypto_ablkcipher *tfm, const u8 *key, | ||
541 | unsigned int keylen); | ||
542 | int (*encrypt)(struct ablkcipher_request *req); | ||
543 | int (*decrypt)(struct ablkcipher_request *req); | ||
544 | |||
545 | unsigned int min_keysize; | ||
546 | unsigned int max_keysize; | ||
547 | unsigned int ivsize; | ||
548 | |||
549 | const char *geniv; | ||
550 | } balg; | ||
551 | const char *name; | ||
552 | struct crypto_skcipher_spawn *spawn; | ||
553 | struct crypto_attr_type *algt; | ||
554 | struct crypto_instance *inst; | ||
555 | struct crypto_alg *alg; | ||
556 | int err; | ||
557 | |||
558 | algt = crypto_get_attr_type(tb); | ||
559 | err = PTR_ERR(algt); | ||
560 | if (IS_ERR(algt)) | ||
561 | return ERR_PTR(err); | ||
562 | |||
563 | if ((algt->type ^ (CRYPTO_ALG_TYPE_GIVCIPHER | CRYPTO_ALG_GENIV)) & | ||
564 | algt->mask) | ||
565 | return ERR_PTR(-EINVAL); | ||
566 | |||
567 | name = crypto_attr_alg_name(tb[1]); | ||
568 | err = PTR_ERR(name); | ||
569 | if (IS_ERR(name)) | ||
570 | return ERR_PTR(err); | ||
571 | |||
572 | inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); | ||
573 | if (!inst) | ||
574 | return ERR_PTR(-ENOMEM); | ||
575 | |||
576 | spawn = crypto_instance_ctx(inst); | ||
577 | |||
578 | /* Ignore async algorithms if necessary. */ | ||
579 | mask |= crypto_requires_sync(algt->type, algt->mask); | ||
580 | |||
581 | crypto_set_skcipher_spawn(spawn, inst); | ||
582 | err = crypto_grab_nivcipher(spawn, name, type, mask); | ||
583 | if (err) | ||
584 | goto err_free_inst; | ||
585 | |||
586 | alg = crypto_skcipher_spawn_alg(spawn); | ||
587 | |||
588 | if ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == | ||
589 | CRYPTO_ALG_TYPE_BLKCIPHER) { | ||
590 | balg.ivsize = alg->cra_blkcipher.ivsize; | ||
591 | balg.min_keysize = alg->cra_blkcipher.min_keysize; | ||
592 | balg.max_keysize = alg->cra_blkcipher.max_keysize; | ||
593 | |||
594 | balg.setkey = async_setkey; | ||
595 | balg.encrypt = async_encrypt; | ||
596 | balg.decrypt = async_decrypt; | ||
597 | |||
598 | balg.geniv = alg->cra_blkcipher.geniv; | ||
599 | } else { | ||
600 | balg.ivsize = alg->cra_ablkcipher.ivsize; | ||
601 | balg.min_keysize = alg->cra_ablkcipher.min_keysize; | ||
602 | balg.max_keysize = alg->cra_ablkcipher.max_keysize; | ||
603 | |||
604 | balg.setkey = alg->cra_ablkcipher.setkey; | ||
605 | balg.encrypt = alg->cra_ablkcipher.encrypt; | ||
606 | balg.decrypt = alg->cra_ablkcipher.decrypt; | ||
607 | |||
608 | balg.geniv = alg->cra_ablkcipher.geniv; | ||
609 | } | ||
610 | |||
611 | err = -EINVAL; | ||
612 | if (!balg.ivsize) | ||
613 | goto err_drop_alg; | ||
614 | |||
615 | /* | ||
616 | * This is only true if we're constructing an algorithm with its | ||
617 | * default IV generator. For the default generator we elide the | ||
618 | * template name and double-check the IV generator. | ||
619 | */ | ||
620 | if (algt->mask & CRYPTO_ALG_GENIV) { | ||
621 | if (!balg.geniv) | ||
622 | balg.geniv = crypto_default_geniv(alg); | ||
623 | err = -EAGAIN; | ||
624 | if (strcmp(tmpl->name, balg.geniv)) | ||
625 | goto err_drop_alg; | ||
626 | |||
627 | memcpy(inst->alg.cra_name, alg->cra_name, CRYPTO_MAX_ALG_NAME); | ||
628 | memcpy(inst->alg.cra_driver_name, alg->cra_driver_name, | ||
629 | CRYPTO_MAX_ALG_NAME); | ||
630 | } else { | ||
631 | err = -ENAMETOOLONG; | ||
632 | if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, | ||
633 | "%s(%s)", tmpl->name, alg->cra_name) >= | ||
634 | CRYPTO_MAX_ALG_NAME) | ||
635 | goto err_drop_alg; | ||
636 | if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | ||
637 | "%s(%s)", tmpl->name, alg->cra_driver_name) >= | ||
638 | CRYPTO_MAX_ALG_NAME) | ||
639 | goto err_drop_alg; | ||
640 | } | ||
641 | |||
642 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_GIVCIPHER | CRYPTO_ALG_GENIV; | ||
643 | inst->alg.cra_flags |= alg->cra_flags & CRYPTO_ALG_ASYNC; | ||
644 | inst->alg.cra_priority = alg->cra_priority; | ||
645 | inst->alg.cra_blocksize = alg->cra_blocksize; | ||
646 | inst->alg.cra_alignmask = alg->cra_alignmask; | ||
647 | inst->alg.cra_type = &crypto_givcipher_type; | ||
648 | |||
649 | inst->alg.cra_ablkcipher.ivsize = balg.ivsize; | ||
650 | inst->alg.cra_ablkcipher.min_keysize = balg.min_keysize; | ||
651 | inst->alg.cra_ablkcipher.max_keysize = balg.max_keysize; | ||
652 | inst->alg.cra_ablkcipher.geniv = balg.geniv; | ||
653 | |||
654 | inst->alg.cra_ablkcipher.setkey = balg.setkey; | ||
655 | inst->alg.cra_ablkcipher.encrypt = balg.encrypt; | ||
656 | inst->alg.cra_ablkcipher.decrypt = balg.decrypt; | ||
657 | |||
658 | out: | ||
659 | return inst; | ||
660 | |||
661 | err_drop_alg: | ||
662 | crypto_drop_skcipher(spawn); | ||
663 | err_free_inst: | ||
664 | kfree(inst); | ||
665 | inst = ERR_PTR(err); | ||
666 | goto out; | ||
667 | } | ||
668 | EXPORT_SYMBOL_GPL(skcipher_geniv_alloc); | ||
669 | |||
670 | void skcipher_geniv_free(struct crypto_instance *inst) | ||
671 | { | ||
672 | crypto_drop_skcipher(crypto_instance_ctx(inst)); | ||
673 | kfree(inst); | ||
674 | } | ||
675 | EXPORT_SYMBOL_GPL(skcipher_geniv_free); | ||
676 | |||
677 | int skcipher_geniv_init(struct crypto_tfm *tfm) | ||
678 | { | ||
679 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | ||
680 | struct crypto_ablkcipher *cipher; | ||
681 | |||
682 | cipher = crypto_spawn_skcipher(crypto_instance_ctx(inst)); | ||
683 | if (IS_ERR(cipher)) | ||
684 | return PTR_ERR(cipher); | ||
685 | |||
686 | tfm->crt_ablkcipher.base = cipher; | ||
687 | tfm->crt_ablkcipher.reqsize += crypto_ablkcipher_reqsize(cipher); | ||
688 | |||
689 | return 0; | ||
690 | } | ||
691 | EXPORT_SYMBOL_GPL(skcipher_geniv_init); | ||
692 | |||
693 | void skcipher_geniv_exit(struct crypto_tfm *tfm) | ||
694 | { | ||
695 | crypto_free_ablkcipher(tfm->crt_ablkcipher.base); | ||
696 | } | ||
697 | EXPORT_SYMBOL_GPL(skcipher_geniv_exit); | ||
698 | |||
513 | MODULE_LICENSE("GPL"); | 699 | MODULE_LICENSE("GPL"); |
514 | MODULE_DESCRIPTION("Generic block chaining cipher type"); | 700 | MODULE_DESCRIPTION("Generic block chaining cipher type"); |
diff --git a/crypto/camellia.c b/crypto/camellia.c index 6877ecfd90bb..493fee7e0a8b 100644 --- a/crypto/camellia.c +++ b/crypto/camellia.c | |||
@@ -36,176 +36,6 @@ | |||
36 | #include <linux/kernel.h> | 36 | #include <linux/kernel.h> |
37 | #include <linux/module.h> | 37 | #include <linux/module.h> |
38 | 38 | ||
39 | |||
40 | #define CAMELLIA_MIN_KEY_SIZE 16 | ||
41 | #define CAMELLIA_MAX_KEY_SIZE 32 | ||
42 | #define CAMELLIA_BLOCK_SIZE 16 | ||
43 | #define CAMELLIA_TABLE_BYTE_LEN 272 | ||
44 | #define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4) | ||
45 | |||
46 | typedef u32 KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; | ||
47 | |||
48 | |||
49 | /* key constants */ | ||
50 | |||
51 | #define CAMELLIA_SIGMA1L (0xA09E667FL) | ||
52 | #define CAMELLIA_SIGMA1R (0x3BCC908BL) | ||
53 | #define CAMELLIA_SIGMA2L (0xB67AE858L) | ||
54 | #define CAMELLIA_SIGMA2R (0x4CAA73B2L) | ||
55 | #define CAMELLIA_SIGMA3L (0xC6EF372FL) | ||
56 | #define CAMELLIA_SIGMA3R (0xE94F82BEL) | ||
57 | #define CAMELLIA_SIGMA4L (0x54FF53A5L) | ||
58 | #define CAMELLIA_SIGMA4R (0xF1D36F1CL) | ||
59 | #define CAMELLIA_SIGMA5L (0x10E527FAL) | ||
60 | #define CAMELLIA_SIGMA5R (0xDE682D1DL) | ||
61 | #define CAMELLIA_SIGMA6L (0xB05688C2L) | ||
62 | #define CAMELLIA_SIGMA6R (0xB3E6C1FDL) | ||
63 | |||
64 | struct camellia_ctx { | ||
65 | int key_length; | ||
66 | KEY_TABLE_TYPE key_table; | ||
67 | }; | ||
68 | |||
69 | |||
70 | /* | ||
71 | * macros | ||
72 | */ | ||
73 | |||
74 | |||
75 | # define GETU32(pt) (((u32)(pt)[0] << 24) \ | ||
76 | ^ ((u32)(pt)[1] << 16) \ | ||
77 | ^ ((u32)(pt)[2] << 8) \ | ||
78 | ^ ((u32)(pt)[3])) | ||
79 | |||
80 | #define COPY4WORD(dst, src) \ | ||
81 | do { \ | ||
82 | (dst)[0]=(src)[0]; \ | ||
83 | (dst)[1]=(src)[1]; \ | ||
84 | (dst)[2]=(src)[2]; \ | ||
85 | (dst)[3]=(src)[3]; \ | ||
86 | }while(0) | ||
87 | |||
88 | #define SWAP4WORD(word) \ | ||
89 | do { \ | ||
90 | CAMELLIA_SWAP4((word)[0]); \ | ||
91 | CAMELLIA_SWAP4((word)[1]); \ | ||
92 | CAMELLIA_SWAP4((word)[2]); \ | ||
93 | CAMELLIA_SWAP4((word)[3]); \ | ||
94 | }while(0) | ||
95 | |||
96 | #define XOR4WORD(a, b)/* a = a ^ b */ \ | ||
97 | do { \ | ||
98 | (a)[0]^=(b)[0]; \ | ||
99 | (a)[1]^=(b)[1]; \ | ||
100 | (a)[2]^=(b)[2]; \ | ||
101 | (a)[3]^=(b)[3]; \ | ||
102 | }while(0) | ||
103 | |||
104 | #define XOR4WORD2(a, b, c)/* a = b ^ c */ \ | ||
105 | do { \ | ||
106 | (a)[0]=(b)[0]^(c)[0]; \ | ||
107 | (a)[1]=(b)[1]^(c)[1]; \ | ||
108 | (a)[2]=(b)[2]^(c)[2]; \ | ||
109 | (a)[3]=(b)[3]^(c)[3]; \ | ||
110 | }while(0) | ||
111 | |||
112 | #define CAMELLIA_SUBKEY_L(INDEX) (subkey[(INDEX)*2]) | ||
113 | #define CAMELLIA_SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1]) | ||
114 | |||
115 | /* rotation right shift 1byte */ | ||
116 | #define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24)) | ||
117 | /* rotation left shift 1bit */ | ||
118 | #define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31)) | ||
119 | /* rotation left shift 1byte */ | ||
120 | #define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24)) | ||
121 | |||
122 | #define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \ | ||
123 | do { \ | ||
124 | w0 = ll; \ | ||
125 | ll = (ll << bits) + (lr >> (32 - bits)); \ | ||
126 | lr = (lr << bits) + (rl >> (32 - bits)); \ | ||
127 | rl = (rl << bits) + (rr >> (32 - bits)); \ | ||
128 | rr = (rr << bits) + (w0 >> (32 - bits)); \ | ||
129 | } while(0) | ||
130 | |||
131 | #define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ | ||
132 | do { \ | ||
133 | w0 = ll; \ | ||
134 | w1 = lr; \ | ||
135 | ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \ | ||
136 | lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ | ||
137 | rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ | ||
138 | rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ | ||
139 | } while(0) | ||
140 | |||
141 | #define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)]) | ||
142 | #define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)]) | ||
143 | #define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)]) | ||
144 | #define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)]) | ||
145 | |||
146 | #define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ | ||
147 | do { \ | ||
148 | il = xl ^ kl; \ | ||
149 | ir = xr ^ kr; \ | ||
150 | t0 = il >> 16; \ | ||
151 | t1 = ir >> 16; \ | ||
152 | yl = CAMELLIA_SP1110(ir & 0xff) \ | ||
153 | ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \ | ||
154 | ^ CAMELLIA_SP3033(t1 & 0xff) \ | ||
155 | ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \ | ||
156 | yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) \ | ||
157 | ^ CAMELLIA_SP0222(t0 & 0xff) \ | ||
158 | ^ CAMELLIA_SP3033((il >> 8) & 0xff) \ | ||
159 | ^ CAMELLIA_SP4404(il & 0xff); \ | ||
160 | yl ^= yr; \ | ||
161 | yr = CAMELLIA_RR8(yr); \ | ||
162 | yr ^= yl; \ | ||
163 | } while(0) | ||
164 | |||
165 | |||
166 | /* | ||
167 | * for speed up | ||
168 | * | ||
169 | */ | ||
170 | #define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ | ||
171 | do { \ | ||
172 | t0 = kll; \ | ||
173 | t2 = krr; \ | ||
174 | t0 &= ll; \ | ||
175 | t2 |= rr; \ | ||
176 | rl ^= t2; \ | ||
177 | lr ^= CAMELLIA_RL1(t0); \ | ||
178 | t3 = krl; \ | ||
179 | t1 = klr; \ | ||
180 | t3 &= rl; \ | ||
181 | t1 |= lr; \ | ||
182 | ll ^= t1; \ | ||
183 | rr ^= CAMELLIA_RL1(t3); \ | ||
184 | } while(0) | ||
185 | |||
186 | #define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ | ||
187 | do { \ | ||
188 | ir = CAMELLIA_SP1110(xr & 0xff); \ | ||
189 | il = CAMELLIA_SP1110((xl>>24) & 0xff); \ | ||
190 | ir ^= CAMELLIA_SP0222((xr>>24) & 0xff); \ | ||
191 | il ^= CAMELLIA_SP0222((xl>>16) & 0xff); \ | ||
192 | ir ^= CAMELLIA_SP3033((xr>>16) & 0xff); \ | ||
193 | il ^= CAMELLIA_SP3033((xl>>8) & 0xff); \ | ||
194 | ir ^= CAMELLIA_SP4404((xr>>8) & 0xff); \ | ||
195 | il ^= CAMELLIA_SP4404(xl & 0xff); \ | ||
196 | il ^= kl; \ | ||
197 | ir ^= il ^ kr; \ | ||
198 | yl ^= ir; \ | ||
199 | yr ^= CAMELLIA_RR8(il) ^ ir; \ | ||
200 | } while(0) | ||
201 | |||
202 | /** | ||
203 | * Stuff related to the Camellia key schedule | ||
204 | */ | ||
205 | #define SUBL(x) subL[(x)] | ||
206 | #define SUBR(x) subR[(x)] | ||
207 | |||
208 | |||
209 | static const u32 camellia_sp1110[256] = { | 39 | static const u32 camellia_sp1110[256] = { |
210 | 0x70707000,0x82828200,0x2c2c2c00,0xececec00, | 40 | 0x70707000,0x82828200,0x2c2c2c00,0xececec00, |
211 | 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, | 41 | 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, |
@@ -475,67 +305,348 @@ static const u32 camellia_sp4404[256] = { | |||
475 | }; | 305 | }; |
476 | 306 | ||
477 | 307 | ||
308 | #define CAMELLIA_MIN_KEY_SIZE 16 | ||
309 | #define CAMELLIA_MAX_KEY_SIZE 32 | ||
310 | #define CAMELLIA_BLOCK_SIZE 16 | ||
311 | #define CAMELLIA_TABLE_BYTE_LEN 272 | ||
312 | |||
313 | /* | ||
314 | * NB: L and R below stand for 'left' and 'right' as in written numbers. | ||
315 | * That is, in (xxxL,xxxR) pair xxxL holds most significant digits, | ||
316 | * _not_ least significant ones! | ||
317 | */ | ||
318 | |||
319 | |||
320 | /* key constants */ | ||
321 | |||
322 | #define CAMELLIA_SIGMA1L (0xA09E667FL) | ||
323 | #define CAMELLIA_SIGMA1R (0x3BCC908BL) | ||
324 | #define CAMELLIA_SIGMA2L (0xB67AE858L) | ||
325 | #define CAMELLIA_SIGMA2R (0x4CAA73B2L) | ||
326 | #define CAMELLIA_SIGMA3L (0xC6EF372FL) | ||
327 | #define CAMELLIA_SIGMA3R (0xE94F82BEL) | ||
328 | #define CAMELLIA_SIGMA4L (0x54FF53A5L) | ||
329 | #define CAMELLIA_SIGMA4R (0xF1D36F1CL) | ||
330 | #define CAMELLIA_SIGMA5L (0x10E527FAL) | ||
331 | #define CAMELLIA_SIGMA5R (0xDE682D1DL) | ||
332 | #define CAMELLIA_SIGMA6L (0xB05688C2L) | ||
333 | #define CAMELLIA_SIGMA6R (0xB3E6C1FDL) | ||
334 | |||
335 | /* | ||
336 | * macros | ||
337 | */ | ||
338 | #define GETU32(v, pt) \ | ||
339 | do { \ | ||
340 | /* latest breed of gcc is clever enough to use move */ \ | ||
341 | memcpy(&(v), (pt), 4); \ | ||
342 | (v) = be32_to_cpu(v); \ | ||
343 | } while(0) | ||
344 | |||
345 | /* rotation right shift 1byte */ | ||
346 | #define ROR8(x) (((x) >> 8) + ((x) << 24)) | ||
347 | /* rotation left shift 1bit */ | ||
348 | #define ROL1(x) (((x) << 1) + ((x) >> 31)) | ||
349 | /* rotation left shift 1byte */ | ||
350 | #define ROL8(x) (((x) << 8) + ((x) >> 24)) | ||
351 | |||
352 | #define ROLDQ(ll, lr, rl, rr, w0, w1, bits) \ | ||
353 | do { \ | ||
354 | w0 = ll; \ | ||
355 | ll = (ll << bits) + (lr >> (32 - bits)); \ | ||
356 | lr = (lr << bits) + (rl >> (32 - bits)); \ | ||
357 | rl = (rl << bits) + (rr >> (32 - bits)); \ | ||
358 | rr = (rr << bits) + (w0 >> (32 - bits)); \ | ||
359 | } while(0) | ||
360 | |||
361 | #define ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ | ||
362 | do { \ | ||
363 | w0 = ll; \ | ||
364 | w1 = lr; \ | ||
365 | ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \ | ||
366 | lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ | ||
367 | rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ | ||
368 | rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ | ||
369 | } while(0) | ||
370 | |||
371 | #define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ | ||
372 | do { \ | ||
373 | il = xl ^ kl; \ | ||
374 | ir = xr ^ kr; \ | ||
375 | t0 = il >> 16; \ | ||
376 | t1 = ir >> 16; \ | ||
377 | yl = camellia_sp1110[(u8)(ir )] \ | ||
378 | ^ camellia_sp0222[ (t1 >> 8)] \ | ||
379 | ^ camellia_sp3033[(u8)(t1 )] \ | ||
380 | ^ camellia_sp4404[(u8)(ir >> 8)]; \ | ||
381 | yr = camellia_sp1110[ (t0 >> 8)] \ | ||
382 | ^ camellia_sp0222[(u8)(t0 )] \ | ||
383 | ^ camellia_sp3033[(u8)(il >> 8)] \ | ||
384 | ^ camellia_sp4404[(u8)(il )]; \ | ||
385 | yl ^= yr; \ | ||
386 | yr = ROR8(yr); \ | ||
387 | yr ^= yl; \ | ||
388 | } while(0) | ||
389 | |||
390 | #define SUBKEY_L(INDEX) (subkey[(INDEX)*2]) | ||
391 | #define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1]) | ||
392 | |||
393 | static void camellia_setup_tail(u32 *subkey, u32 *subL, u32 *subR, int max) | ||
394 | { | ||
395 | u32 dw, tl, tr; | ||
396 | u32 kw4l, kw4r; | ||
397 | int i; | ||
398 | |||
399 | /* absorb kw2 to other subkeys */ | ||
400 | /* round 2 */ | ||
401 | subL[3] ^= subL[1]; subR[3] ^= subR[1]; | ||
402 | /* round 4 */ | ||
403 | subL[5] ^= subL[1]; subR[5] ^= subR[1]; | ||
404 | /* round 6 */ | ||
405 | subL[7] ^= subL[1]; subR[7] ^= subR[1]; | ||
406 | subL[1] ^= subR[1] & ~subR[9]; | ||
407 | dw = subL[1] & subL[9], | ||
408 | subR[1] ^= ROL1(dw); /* modified for FLinv(kl2) */ | ||
409 | /* round 8 */ | ||
410 | subL[11] ^= subL[1]; subR[11] ^= subR[1]; | ||
411 | /* round 10 */ | ||
412 | subL[13] ^= subL[1]; subR[13] ^= subR[1]; | ||
413 | /* round 12 */ | ||
414 | subL[15] ^= subL[1]; subR[15] ^= subR[1]; | ||
415 | subL[1] ^= subR[1] & ~subR[17]; | ||
416 | dw = subL[1] & subL[17], | ||
417 | subR[1] ^= ROL1(dw); /* modified for FLinv(kl4) */ | ||
418 | /* round 14 */ | ||
419 | subL[19] ^= subL[1]; subR[19] ^= subR[1]; | ||
420 | /* round 16 */ | ||
421 | subL[21] ^= subL[1]; subR[21] ^= subR[1]; | ||
422 | /* round 18 */ | ||
423 | subL[23] ^= subL[1]; subR[23] ^= subR[1]; | ||
424 | if (max == 24) { | ||
425 | /* kw3 */ | ||
426 | subL[24] ^= subL[1]; subR[24] ^= subR[1]; | ||
427 | |||
428 | /* absorb kw4 to other subkeys */ | ||
429 | kw4l = subL[25]; kw4r = subR[25]; | ||
430 | } else { | ||
431 | subL[1] ^= subR[1] & ~subR[25]; | ||
432 | dw = subL[1] & subL[25], | ||
433 | subR[1] ^= ROL1(dw); /* modified for FLinv(kl6) */ | ||
434 | /* round 20 */ | ||
435 | subL[27] ^= subL[1]; subR[27] ^= subR[1]; | ||
436 | /* round 22 */ | ||
437 | subL[29] ^= subL[1]; subR[29] ^= subR[1]; | ||
438 | /* round 24 */ | ||
439 | subL[31] ^= subL[1]; subR[31] ^= subR[1]; | ||
440 | /* kw3 */ | ||
441 | subL[32] ^= subL[1]; subR[32] ^= subR[1]; | ||
442 | |||
443 | /* absorb kw4 to other subkeys */ | ||
444 | kw4l = subL[33]; kw4r = subR[33]; | ||
445 | /* round 23 */ | ||
446 | subL[30] ^= kw4l; subR[30] ^= kw4r; | ||
447 | /* round 21 */ | ||
448 | subL[28] ^= kw4l; subR[28] ^= kw4r; | ||
449 | /* round 19 */ | ||
450 | subL[26] ^= kw4l; subR[26] ^= kw4r; | ||
451 | kw4l ^= kw4r & ~subR[24]; | ||
452 | dw = kw4l & subL[24], | ||
453 | kw4r ^= ROL1(dw); /* modified for FL(kl5) */ | ||
454 | } | ||
455 | /* round 17 */ | ||
456 | subL[22] ^= kw4l; subR[22] ^= kw4r; | ||
457 | /* round 15 */ | ||
458 | subL[20] ^= kw4l; subR[20] ^= kw4r; | ||
459 | /* round 13 */ | ||
460 | subL[18] ^= kw4l; subR[18] ^= kw4r; | ||
461 | kw4l ^= kw4r & ~subR[16]; | ||
462 | dw = kw4l & subL[16], | ||
463 | kw4r ^= ROL1(dw); /* modified for FL(kl3) */ | ||
464 | /* round 11 */ | ||
465 | subL[14] ^= kw4l; subR[14] ^= kw4r; | ||
466 | /* round 9 */ | ||
467 | subL[12] ^= kw4l; subR[12] ^= kw4r; | ||
468 | /* round 7 */ | ||
469 | subL[10] ^= kw4l; subR[10] ^= kw4r; | ||
470 | kw4l ^= kw4r & ~subR[8]; | ||
471 | dw = kw4l & subL[8], | ||
472 | kw4r ^= ROL1(dw); /* modified for FL(kl1) */ | ||
473 | /* round 5 */ | ||
474 | subL[6] ^= kw4l; subR[6] ^= kw4r; | ||
475 | /* round 3 */ | ||
476 | subL[4] ^= kw4l; subR[4] ^= kw4r; | ||
477 | /* round 1 */ | ||
478 | subL[2] ^= kw4l; subR[2] ^= kw4r; | ||
479 | /* kw1 */ | ||
480 | subL[0] ^= kw4l; subR[0] ^= kw4r; | ||
481 | |||
482 | /* key XOR is end of F-function */ | ||
483 | SUBKEY_L(0) = subL[0] ^ subL[2];/* kw1 */ | ||
484 | SUBKEY_R(0) = subR[0] ^ subR[2]; | ||
485 | SUBKEY_L(2) = subL[3]; /* round 1 */ | ||
486 | SUBKEY_R(2) = subR[3]; | ||
487 | SUBKEY_L(3) = subL[2] ^ subL[4]; /* round 2 */ | ||
488 | SUBKEY_R(3) = subR[2] ^ subR[4]; | ||
489 | SUBKEY_L(4) = subL[3] ^ subL[5]; /* round 3 */ | ||
490 | SUBKEY_R(4) = subR[3] ^ subR[5]; | ||
491 | SUBKEY_L(5) = subL[4] ^ subL[6]; /* round 4 */ | ||
492 | SUBKEY_R(5) = subR[4] ^ subR[6]; | ||
493 | SUBKEY_L(6) = subL[5] ^ subL[7]; /* round 5 */ | ||
494 | SUBKEY_R(6) = subR[5] ^ subR[7]; | ||
495 | tl = subL[10] ^ (subR[10] & ~subR[8]); | ||
496 | dw = tl & subL[8], /* FL(kl1) */ | ||
497 | tr = subR[10] ^ ROL1(dw); | ||
498 | SUBKEY_L(7) = subL[6] ^ tl; /* round 6 */ | ||
499 | SUBKEY_R(7) = subR[6] ^ tr; | ||
500 | SUBKEY_L(8) = subL[8]; /* FL(kl1) */ | ||
501 | SUBKEY_R(8) = subR[8]; | ||
502 | SUBKEY_L(9) = subL[9]; /* FLinv(kl2) */ | ||
503 | SUBKEY_R(9) = subR[9]; | ||
504 | tl = subL[7] ^ (subR[7] & ~subR[9]); | ||
505 | dw = tl & subL[9], /* FLinv(kl2) */ | ||
506 | tr = subR[7] ^ ROL1(dw); | ||
507 | SUBKEY_L(10) = tl ^ subL[11]; /* round 7 */ | ||
508 | SUBKEY_R(10) = tr ^ subR[11]; | ||
509 | SUBKEY_L(11) = subL[10] ^ subL[12]; /* round 8 */ | ||
510 | SUBKEY_R(11) = subR[10] ^ subR[12]; | ||
511 | SUBKEY_L(12) = subL[11] ^ subL[13]; /* round 9 */ | ||
512 | SUBKEY_R(12) = subR[11] ^ subR[13]; | ||
513 | SUBKEY_L(13) = subL[12] ^ subL[14]; /* round 10 */ | ||
514 | SUBKEY_R(13) = subR[12] ^ subR[14]; | ||
515 | SUBKEY_L(14) = subL[13] ^ subL[15]; /* round 11 */ | ||
516 | SUBKEY_R(14) = subR[13] ^ subR[15]; | ||
517 | tl = subL[18] ^ (subR[18] & ~subR[16]); | ||
518 | dw = tl & subL[16], /* FL(kl3) */ | ||
519 | tr = subR[18] ^ ROL1(dw); | ||
520 | SUBKEY_L(15) = subL[14] ^ tl; /* round 12 */ | ||
521 | SUBKEY_R(15) = subR[14] ^ tr; | ||
522 | SUBKEY_L(16) = subL[16]; /* FL(kl3) */ | ||
523 | SUBKEY_R(16) = subR[16]; | ||
524 | SUBKEY_L(17) = subL[17]; /* FLinv(kl4) */ | ||
525 | SUBKEY_R(17) = subR[17]; | ||
526 | tl = subL[15] ^ (subR[15] & ~subR[17]); | ||
527 | dw = tl & subL[17], /* FLinv(kl4) */ | ||
528 | tr = subR[15] ^ ROL1(dw); | ||
529 | SUBKEY_L(18) = tl ^ subL[19]; /* round 13 */ | ||
530 | SUBKEY_R(18) = tr ^ subR[19]; | ||
531 | SUBKEY_L(19) = subL[18] ^ subL[20]; /* round 14 */ | ||
532 | SUBKEY_R(19) = subR[18] ^ subR[20]; | ||
533 | SUBKEY_L(20) = subL[19] ^ subL[21]; /* round 15 */ | ||
534 | SUBKEY_R(20) = subR[19] ^ subR[21]; | ||
535 | SUBKEY_L(21) = subL[20] ^ subL[22]; /* round 16 */ | ||
536 | SUBKEY_R(21) = subR[20] ^ subR[22]; | ||
537 | SUBKEY_L(22) = subL[21] ^ subL[23]; /* round 17 */ | ||
538 | SUBKEY_R(22) = subR[21] ^ subR[23]; | ||
539 | if (max == 24) { | ||
540 | SUBKEY_L(23) = subL[22]; /* round 18 */ | ||
541 | SUBKEY_R(23) = subR[22]; | ||
542 | SUBKEY_L(24) = subL[24] ^ subL[23]; /* kw3 */ | ||
543 | SUBKEY_R(24) = subR[24] ^ subR[23]; | ||
544 | } else { | ||
545 | tl = subL[26] ^ (subR[26] & ~subR[24]); | ||
546 | dw = tl & subL[24], /* FL(kl5) */ | ||
547 | tr = subR[26] ^ ROL1(dw); | ||
548 | SUBKEY_L(23) = subL[22] ^ tl; /* round 18 */ | ||
549 | SUBKEY_R(23) = subR[22] ^ tr; | ||
550 | SUBKEY_L(24) = subL[24]; /* FL(kl5) */ | ||
551 | SUBKEY_R(24) = subR[24]; | ||
552 | SUBKEY_L(25) = subL[25]; /* FLinv(kl6) */ | ||
553 | SUBKEY_R(25) = subR[25]; | ||
554 | tl = subL[23] ^ (subR[23] & ~subR[25]); | ||
555 | dw = tl & subL[25], /* FLinv(kl6) */ | ||
556 | tr = subR[23] ^ ROL1(dw); | ||
557 | SUBKEY_L(26) = tl ^ subL[27]; /* round 19 */ | ||
558 | SUBKEY_R(26) = tr ^ subR[27]; | ||
559 | SUBKEY_L(27) = subL[26] ^ subL[28]; /* round 20 */ | ||
560 | SUBKEY_R(27) = subR[26] ^ subR[28]; | ||
561 | SUBKEY_L(28) = subL[27] ^ subL[29]; /* round 21 */ | ||
562 | SUBKEY_R(28) = subR[27] ^ subR[29]; | ||
563 | SUBKEY_L(29) = subL[28] ^ subL[30]; /* round 22 */ | ||
564 | SUBKEY_R(29) = subR[28] ^ subR[30]; | ||
565 | SUBKEY_L(30) = subL[29] ^ subL[31]; /* round 23 */ | ||
566 | SUBKEY_R(30) = subR[29] ^ subR[31]; | ||
567 | SUBKEY_L(31) = subL[30]; /* round 24 */ | ||
568 | SUBKEY_R(31) = subR[30]; | ||
569 | SUBKEY_L(32) = subL[32] ^ subL[31]; /* kw3 */ | ||
570 | SUBKEY_R(32) = subR[32] ^ subR[31]; | ||
571 | } | ||
572 | |||
573 | /* apply the inverse of the last half of P-function */ | ||
574 | i = 2; | ||
575 | do { | ||
576 | dw = SUBKEY_L(i + 0) ^ SUBKEY_R(i + 0); dw = ROL8(dw);/* round 1 */ | ||
577 | SUBKEY_R(i + 0) = SUBKEY_L(i + 0) ^ dw; SUBKEY_L(i + 0) = dw; | ||
578 | dw = SUBKEY_L(i + 1) ^ SUBKEY_R(i + 1); dw = ROL8(dw);/* round 2 */ | ||
579 | SUBKEY_R(i + 1) = SUBKEY_L(i + 1) ^ dw; SUBKEY_L(i + 1) = dw; | ||
580 | dw = SUBKEY_L(i + 2) ^ SUBKEY_R(i + 2); dw = ROL8(dw);/* round 3 */ | ||
581 | SUBKEY_R(i + 2) = SUBKEY_L(i + 2) ^ dw; SUBKEY_L(i + 2) = dw; | ||
582 | dw = SUBKEY_L(i + 3) ^ SUBKEY_R(i + 3); dw = ROL8(dw);/* round 4 */ | ||
583 | SUBKEY_R(i + 3) = SUBKEY_L(i + 3) ^ dw; SUBKEY_L(i + 3) = dw; | ||
584 | dw = SUBKEY_L(i + 4) ^ SUBKEY_R(i + 4); dw = ROL8(dw);/* round 5 */ | ||
585 | SUBKEY_R(i + 4) = SUBKEY_L(i + 4) ^ dw; SUBKEY_L(i + 4) = dw; | ||
586 | dw = SUBKEY_L(i + 5) ^ SUBKEY_R(i + 5); dw = ROL8(dw);/* round 6 */ | ||
587 | SUBKEY_R(i + 5) = SUBKEY_L(i + 5) ^ dw; SUBKEY_L(i + 5) = dw; | ||
588 | i += 8; | ||
589 | } while (i < max); | ||
590 | } | ||
478 | 591 | ||
479 | static void camellia_setup128(const unsigned char *key, u32 *subkey) | 592 | static void camellia_setup128(const unsigned char *key, u32 *subkey) |
480 | { | 593 | { |
481 | u32 kll, klr, krl, krr; | 594 | u32 kll, klr, krl, krr; |
482 | u32 il, ir, t0, t1, w0, w1; | 595 | u32 il, ir, t0, t1, w0, w1; |
483 | u32 kw4l, kw4r, dw, tl, tr; | ||
484 | u32 subL[26]; | 596 | u32 subL[26]; |
485 | u32 subR[26]; | 597 | u32 subR[26]; |
486 | 598 | ||
487 | /** | 599 | /** |
488 | * k == kll || klr || krl || krr (|| is concatination) | 600 | * k == kll || klr || krl || krr (|| is concatenation) |
489 | */ | ||
490 | kll = GETU32(key ); | ||
491 | klr = GETU32(key + 4); | ||
492 | krl = GETU32(key + 8); | ||
493 | krr = GETU32(key + 12); | ||
494 | /** | ||
495 | * generate KL dependent subkeys | ||
496 | */ | 601 | */ |
602 | GETU32(kll, key ); | ||
603 | GETU32(klr, key + 4); | ||
604 | GETU32(krl, key + 8); | ||
605 | GETU32(krr, key + 12); | ||
606 | |||
607 | /* generate KL dependent subkeys */ | ||
497 | /* kw1 */ | 608 | /* kw1 */ |
498 | SUBL(0) = kll; SUBR(0) = klr; | 609 | subL[0] = kll; subR[0] = klr; |
499 | /* kw2 */ | 610 | /* kw2 */ |
500 | SUBL(1) = krl; SUBR(1) = krr; | 611 | subL[1] = krl; subR[1] = krr; |
501 | /* rotation left shift 15bit */ | 612 | /* rotation left shift 15bit */ |
502 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); | 613 | ROLDQ(kll, klr, krl, krr, w0, w1, 15); |
503 | /* k3 */ | 614 | /* k3 */ |
504 | SUBL(4) = kll; SUBR(4) = klr; | 615 | subL[4] = kll; subR[4] = klr; |
505 | /* k4 */ | 616 | /* k4 */ |
506 | SUBL(5) = krl; SUBR(5) = krr; | 617 | subL[5] = krl; subR[5] = krr; |
507 | /* rotation left shift 15+30bit */ | 618 | /* rotation left shift 15+30bit */ |
508 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); | 619 | ROLDQ(kll, klr, krl, krr, w0, w1, 30); |
509 | /* k7 */ | 620 | /* k7 */ |
510 | SUBL(10) = kll; SUBR(10) = klr; | 621 | subL[10] = kll; subR[10] = klr; |
511 | /* k8 */ | 622 | /* k8 */ |
512 | SUBL(11) = krl; SUBR(11) = krr; | 623 | subL[11] = krl; subR[11] = krr; |
513 | /* rotation left shift 15+30+15bit */ | 624 | /* rotation left shift 15+30+15bit */ |
514 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); | 625 | ROLDQ(kll, klr, krl, krr, w0, w1, 15); |
515 | /* k10 */ | 626 | /* k10 */ |
516 | SUBL(13) = krl; SUBR(13) = krr; | 627 | subL[13] = krl; subR[13] = krr; |
517 | /* rotation left shift 15+30+15+17 bit */ | 628 | /* rotation left shift 15+30+15+17 bit */ |
518 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); | 629 | ROLDQ(kll, klr, krl, krr, w0, w1, 17); |
519 | /* kl3 */ | 630 | /* kl3 */ |
520 | SUBL(16) = kll; SUBR(16) = klr; | 631 | subL[16] = kll; subR[16] = klr; |
521 | /* kl4 */ | 632 | /* kl4 */ |
522 | SUBL(17) = krl; SUBR(17) = krr; | 633 | subL[17] = krl; subR[17] = krr; |
523 | /* rotation left shift 15+30+15+17+17 bit */ | 634 | /* rotation left shift 15+30+15+17+17 bit */ |
524 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); | 635 | ROLDQ(kll, klr, krl, krr, w0, w1, 17); |
525 | /* k13 */ | 636 | /* k13 */ |
526 | SUBL(18) = kll; SUBR(18) = klr; | 637 | subL[18] = kll; subR[18] = klr; |
527 | /* k14 */ | 638 | /* k14 */ |
528 | SUBL(19) = krl; SUBR(19) = krr; | 639 | subL[19] = krl; subR[19] = krr; |
529 | /* rotation left shift 15+30+15+17+17+17 bit */ | 640 | /* rotation left shift 15+30+15+17+17+17 bit */ |
530 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); | 641 | ROLDQ(kll, klr, krl, krr, w0, w1, 17); |
531 | /* k17 */ | 642 | /* k17 */ |
532 | SUBL(22) = kll; SUBR(22) = klr; | 643 | subL[22] = kll; subR[22] = klr; |
533 | /* k18 */ | 644 | /* k18 */ |
534 | SUBL(23) = krl; SUBR(23) = krr; | 645 | subL[23] = krl; subR[23] = krr; |
535 | 646 | ||
536 | /* generate KA */ | 647 | /* generate KA */ |
537 | kll = SUBL(0); klr = SUBR(0); | 648 | kll = subL[0]; klr = subR[0]; |
538 | krl = SUBL(1); krr = SUBR(1); | 649 | krl = subL[1]; krr = subR[1]; |
539 | CAMELLIA_F(kll, klr, | 650 | CAMELLIA_F(kll, klr, |
540 | CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, | 651 | CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, |
541 | w0, w1, il, ir, t0, t1); | 652 | w0, w1, il, ir, t0, t1); |
@@ -555,306 +666,108 @@ static void camellia_setup128(const unsigned char *key, u32 *subkey) | |||
555 | 666 | ||
556 | /* generate KA dependent subkeys */ | 667 | /* generate KA dependent subkeys */ |
557 | /* k1, k2 */ | 668 | /* k1, k2 */ |
558 | SUBL(2) = kll; SUBR(2) = klr; | 669 | subL[2] = kll; subR[2] = klr; |
559 | SUBL(3) = krl; SUBR(3) = krr; | 670 | subL[3] = krl; subR[3] = krr; |
560 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); | 671 | ROLDQ(kll, klr, krl, krr, w0, w1, 15); |
561 | /* k5,k6 */ | 672 | /* k5,k6 */ |
562 | SUBL(6) = kll; SUBR(6) = klr; | 673 | subL[6] = kll; subR[6] = klr; |
563 | SUBL(7) = krl; SUBR(7) = krr; | 674 | subL[7] = krl; subR[7] = krr; |
564 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); | 675 | ROLDQ(kll, klr, krl, krr, w0, w1, 15); |
565 | /* kl1, kl2 */ | 676 | /* kl1, kl2 */ |
566 | SUBL(8) = kll; SUBR(8) = klr; | 677 | subL[8] = kll; subR[8] = klr; |
567 | SUBL(9) = krl; SUBR(9) = krr; | 678 | subL[9] = krl; subR[9] = krr; |
568 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); | 679 | ROLDQ(kll, klr, krl, krr, w0, w1, 15); |
569 | /* k9 */ | 680 | /* k9 */ |
570 | SUBL(12) = kll; SUBR(12) = klr; | 681 | subL[12] = kll; subR[12] = klr; |
571 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); | 682 | ROLDQ(kll, klr, krl, krr, w0, w1, 15); |
572 | /* k11, k12 */ | 683 | /* k11, k12 */ |
573 | SUBL(14) = kll; SUBR(14) = klr; | 684 | subL[14] = kll; subR[14] = klr; |
574 | SUBL(15) = krl; SUBR(15) = krr; | 685 | subL[15] = krl; subR[15] = krr; |
575 | CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); | 686 | ROLDQo32(kll, klr, krl, krr, w0, w1, 34); |
576 | /* k15, k16 */ | 687 | /* k15, k16 */ |
577 | SUBL(20) = kll; SUBR(20) = klr; | 688 | subL[20] = kll; subR[20] = klr; |
578 | SUBL(21) = krl; SUBR(21) = krr; | 689 | subL[21] = krl; subR[21] = krr; |
579 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); | 690 | ROLDQ(kll, klr, krl, krr, w0, w1, 17); |
580 | /* kw3, kw4 */ | 691 | /* kw3, kw4 */ |
581 | SUBL(24) = kll; SUBR(24) = klr; | 692 | subL[24] = kll; subR[24] = klr; |
582 | SUBL(25) = krl; SUBR(25) = krr; | 693 | subL[25] = krl; subR[25] = krr; |
583 | 694 | ||
584 | 695 | camellia_setup_tail(subkey, subL, subR, 24); | |
585 | /* absorb kw2 to other subkeys */ | ||
586 | /* round 2 */ | ||
587 | SUBL(3) ^= SUBL(1); SUBR(3) ^= SUBR(1); | ||
588 | /* round 4 */ | ||
589 | SUBL(5) ^= SUBL(1); SUBR(5) ^= SUBR(1); | ||
590 | /* round 6 */ | ||
591 | SUBL(7) ^= SUBL(1); SUBR(7) ^= SUBR(1); | ||
592 | SUBL(1) ^= SUBR(1) & ~SUBR(9); | ||
593 | dw = SUBL(1) & SUBL(9), | ||
594 | SUBR(1) ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl2) */ | ||
595 | /* round 8 */ | ||
596 | SUBL(11) ^= SUBL(1); SUBR(11) ^= SUBR(1); | ||
597 | /* round 10 */ | ||
598 | SUBL(13) ^= SUBL(1); SUBR(13) ^= SUBR(1); | ||
599 | /* round 12 */ | ||
600 | SUBL(15) ^= SUBL(1); SUBR(15) ^= SUBR(1); | ||
601 | SUBL(1) ^= SUBR(1) & ~SUBR(17); | ||
602 | dw = SUBL(1) & SUBL(17), | ||
603 | SUBR(1) ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl4) */ | ||
604 | /* round 14 */ | ||
605 | SUBL(19) ^= SUBL(1); SUBR(19) ^= SUBR(1); | ||
606 | /* round 16 */ | ||
607 | SUBL(21) ^= SUBL(1); SUBR(21) ^= SUBR(1); | ||
608 | /* round 18 */ | ||
609 | SUBL(23) ^= SUBL(1); SUBR(23) ^= SUBR(1); | ||
610 | /* kw3 */ | ||
611 | SUBL(24) ^= SUBL(1); SUBR(24) ^= SUBR(1); | ||
612 | |||
613 | /* absorb kw4 to other subkeys */ | ||
614 | kw4l = SUBL(25); kw4r = SUBR(25); | ||
615 | /* round 17 */ | ||
616 | SUBL(22) ^= kw4l; SUBR(22) ^= kw4r; | ||
617 | /* round 15 */ | ||
618 | SUBL(20) ^= kw4l; SUBR(20) ^= kw4r; | ||
619 | /* round 13 */ | ||
620 | SUBL(18) ^= kw4l; SUBR(18) ^= kw4r; | ||
621 | kw4l ^= kw4r & ~SUBR(16); | ||
622 | dw = kw4l & SUBL(16), | ||
623 | kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl3) */ | ||
624 | /* round 11 */ | ||
625 | SUBL(14) ^= kw4l; SUBR(14) ^= kw4r; | ||
626 | /* round 9 */ | ||
627 | SUBL(12) ^= kw4l; SUBR(12) ^= kw4r; | ||
628 | /* round 7 */ | ||
629 | SUBL(10) ^= kw4l; SUBR(10) ^= kw4r; | ||
630 | kw4l ^= kw4r & ~SUBR(8); | ||
631 | dw = kw4l & SUBL(8), | ||
632 | kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl1) */ | ||
633 | /* round 5 */ | ||
634 | SUBL(6) ^= kw4l; SUBR(6) ^= kw4r; | ||
635 | /* round 3 */ | ||
636 | SUBL(4) ^= kw4l; SUBR(4) ^= kw4r; | ||
637 | /* round 1 */ | ||
638 | SUBL(2) ^= kw4l; SUBR(2) ^= kw4r; | ||
639 | /* kw1 */ | ||
640 | SUBL(0) ^= kw4l; SUBR(0) ^= kw4r; | ||
641 | |||
642 | |||
643 | /* key XOR is end of F-function */ | ||
644 | CAMELLIA_SUBKEY_L(0) = SUBL(0) ^ SUBL(2);/* kw1 */ | ||
645 | CAMELLIA_SUBKEY_R(0) = SUBR(0) ^ SUBR(2); | ||
646 | CAMELLIA_SUBKEY_L(2) = SUBL(3); /* round 1 */ | ||
647 | CAMELLIA_SUBKEY_R(2) = SUBR(3); | ||
648 | CAMELLIA_SUBKEY_L(3) = SUBL(2) ^ SUBL(4); /* round 2 */ | ||
649 | CAMELLIA_SUBKEY_R(3) = SUBR(2) ^ SUBR(4); | ||
650 | CAMELLIA_SUBKEY_L(4) = SUBL(3) ^ SUBL(5); /* round 3 */ | ||
651 | CAMELLIA_SUBKEY_R(4) = SUBR(3) ^ SUBR(5); | ||
652 | CAMELLIA_SUBKEY_L(5) = SUBL(4) ^ SUBL(6); /* round 4 */ | ||
653 | CAMELLIA_SUBKEY_R(5) = SUBR(4) ^ SUBR(6); | ||
654 | CAMELLIA_SUBKEY_L(6) = SUBL(5) ^ SUBL(7); /* round 5 */ | ||
655 | CAMELLIA_SUBKEY_R(6) = SUBR(5) ^ SUBR(7); | ||
656 | tl = SUBL(10) ^ (SUBR(10) & ~SUBR(8)); | ||
657 | dw = tl & SUBL(8), /* FL(kl1) */ | ||
658 | tr = SUBR(10) ^ CAMELLIA_RL1(dw); | ||
659 | CAMELLIA_SUBKEY_L(7) = SUBL(6) ^ tl; /* round 6 */ | ||
660 | CAMELLIA_SUBKEY_R(7) = SUBR(6) ^ tr; | ||
661 | CAMELLIA_SUBKEY_L(8) = SUBL(8); /* FL(kl1) */ | ||
662 | CAMELLIA_SUBKEY_R(8) = SUBR(8); | ||
663 | CAMELLIA_SUBKEY_L(9) = SUBL(9); /* FLinv(kl2) */ | ||
664 | CAMELLIA_SUBKEY_R(9) = SUBR(9); | ||
665 | tl = SUBL(7) ^ (SUBR(7) & ~SUBR(9)); | ||
666 | dw = tl & SUBL(9), /* FLinv(kl2) */ | ||
667 | tr = SUBR(7) ^ CAMELLIA_RL1(dw); | ||
668 | CAMELLIA_SUBKEY_L(10) = tl ^ SUBL(11); /* round 7 */ | ||
669 | CAMELLIA_SUBKEY_R(10) = tr ^ SUBR(11); | ||
670 | CAMELLIA_SUBKEY_L(11) = SUBL(10) ^ SUBL(12); /* round 8 */ | ||
671 | CAMELLIA_SUBKEY_R(11) = SUBR(10) ^ SUBR(12); | ||
672 | CAMELLIA_SUBKEY_L(12) = SUBL(11) ^ SUBL(13); /* round 9 */ | ||
673 | CAMELLIA_SUBKEY_R(12) = SUBR(11) ^ SUBR(13); | ||
674 | CAMELLIA_SUBKEY_L(13) = SUBL(12) ^ SUBL(14); /* round 10 */ | ||
675 | CAMELLIA_SUBKEY_R(13) = SUBR(12) ^ SUBR(14); | ||
676 | CAMELLIA_SUBKEY_L(14) = SUBL(13) ^ SUBL(15); /* round 11 */ | ||
677 | CAMELLIA_SUBKEY_R(14) = SUBR(13) ^ SUBR(15); | ||
678 | tl = SUBL(18) ^ (SUBR(18) & ~SUBR(16)); | ||
679 | dw = tl & SUBL(16), /* FL(kl3) */ | ||
680 | tr = SUBR(18) ^ CAMELLIA_RL1(dw); | ||
681 | CAMELLIA_SUBKEY_L(15) = SUBL(14) ^ tl; /* round 12 */ | ||
682 | CAMELLIA_SUBKEY_R(15) = SUBR(14) ^ tr; | ||
683 | CAMELLIA_SUBKEY_L(16) = SUBL(16); /* FL(kl3) */ | ||
684 | CAMELLIA_SUBKEY_R(16) = SUBR(16); | ||
685 | CAMELLIA_SUBKEY_L(17) = SUBL(17); /* FLinv(kl4) */ | ||
686 | CAMELLIA_SUBKEY_R(17) = SUBR(17); | ||
687 | tl = SUBL(15) ^ (SUBR(15) & ~SUBR(17)); | ||
688 | dw = tl & SUBL(17), /* FLinv(kl4) */ | ||
689 | tr = SUBR(15) ^ CAMELLIA_RL1(dw); | ||
690 | CAMELLIA_SUBKEY_L(18) = tl ^ SUBL(19); /* round 13 */ | ||
691 | CAMELLIA_SUBKEY_R(18) = tr ^ SUBR(19); | ||
692 | CAMELLIA_SUBKEY_L(19) = SUBL(18) ^ SUBL(20); /* round 14 */ | ||
693 | CAMELLIA_SUBKEY_R(19) = SUBR(18) ^ SUBR(20); | ||
694 | CAMELLIA_SUBKEY_L(20) = SUBL(19) ^ SUBL(21); /* round 15 */ | ||
695 | CAMELLIA_SUBKEY_R(20) = SUBR(19) ^ SUBR(21); | ||
696 | CAMELLIA_SUBKEY_L(21) = SUBL(20) ^ SUBL(22); /* round 16 */ | ||
697 | CAMELLIA_SUBKEY_R(21) = SUBR(20) ^ SUBR(22); | ||
698 | CAMELLIA_SUBKEY_L(22) = SUBL(21) ^ SUBL(23); /* round 17 */ | ||
699 | CAMELLIA_SUBKEY_R(22) = SUBR(21) ^ SUBR(23); | ||
700 | CAMELLIA_SUBKEY_L(23) = SUBL(22); /* round 18 */ | ||
701 | CAMELLIA_SUBKEY_R(23) = SUBR(22); | ||
702 | CAMELLIA_SUBKEY_L(24) = SUBL(24) ^ SUBL(23); /* kw3 */ | ||
703 | CAMELLIA_SUBKEY_R(24) = SUBR(24) ^ SUBR(23); | ||
704 | |||
705 | /* apply the inverse of the last half of P-function */ | ||
706 | dw = CAMELLIA_SUBKEY_L(2) ^ CAMELLIA_SUBKEY_R(2), | ||
707 | dw = CAMELLIA_RL8(dw);/* round 1 */ | ||
708 | CAMELLIA_SUBKEY_R(2) = CAMELLIA_SUBKEY_L(2) ^ dw, | ||
709 | CAMELLIA_SUBKEY_L(2) = dw; | ||
710 | dw = CAMELLIA_SUBKEY_L(3) ^ CAMELLIA_SUBKEY_R(3), | ||
711 | dw = CAMELLIA_RL8(dw);/* round 2 */ | ||
712 | CAMELLIA_SUBKEY_R(3) = CAMELLIA_SUBKEY_L(3) ^ dw, | ||
713 | CAMELLIA_SUBKEY_L(3) = dw; | ||
714 | dw = CAMELLIA_SUBKEY_L(4) ^ CAMELLIA_SUBKEY_R(4), | ||
715 | dw = CAMELLIA_RL8(dw);/* round 3 */ | ||
716 | CAMELLIA_SUBKEY_R(4) = CAMELLIA_SUBKEY_L(4) ^ dw, | ||
717 | CAMELLIA_SUBKEY_L(4) = dw; | ||
718 | dw = CAMELLIA_SUBKEY_L(5) ^ CAMELLIA_SUBKEY_R(5), | ||
719 | dw = CAMELLIA_RL8(dw);/* round 4 */ | ||
720 | CAMELLIA_SUBKEY_R(5) = CAMELLIA_SUBKEY_L(5) ^ dw, | ||
721 | CAMELLIA_SUBKEY_L(5) = dw; | ||
722 | dw = CAMELLIA_SUBKEY_L(6) ^ CAMELLIA_SUBKEY_R(6), | ||
723 | dw = CAMELLIA_RL8(dw);/* round 5 */ | ||
724 | CAMELLIA_SUBKEY_R(6) = CAMELLIA_SUBKEY_L(6) ^ dw, | ||
725 | CAMELLIA_SUBKEY_L(6) = dw; | ||
726 | dw = CAMELLIA_SUBKEY_L(7) ^ CAMELLIA_SUBKEY_R(7), | ||
727 | dw = CAMELLIA_RL8(dw);/* round 6 */ | ||
728 | CAMELLIA_SUBKEY_R(7) = CAMELLIA_SUBKEY_L(7) ^ dw, | ||
729 | CAMELLIA_SUBKEY_L(7) = dw; | ||
730 | dw = CAMELLIA_SUBKEY_L(10) ^ CAMELLIA_SUBKEY_R(10), | ||
731 | dw = CAMELLIA_RL8(dw);/* round 7 */ | ||
732 | CAMELLIA_SUBKEY_R(10) = CAMELLIA_SUBKEY_L(10) ^ dw, | ||
733 | CAMELLIA_SUBKEY_L(10) = dw; | ||
734 | dw = CAMELLIA_SUBKEY_L(11) ^ CAMELLIA_SUBKEY_R(11), | ||
735 | dw = CAMELLIA_RL8(dw);/* round 8 */ | ||
736 | CAMELLIA_SUBKEY_R(11) = CAMELLIA_SUBKEY_L(11) ^ dw, | ||
737 | CAMELLIA_SUBKEY_L(11) = dw; | ||
738 | dw = CAMELLIA_SUBKEY_L(12) ^ CAMELLIA_SUBKEY_R(12), | ||
739 | dw = CAMELLIA_RL8(dw);/* round 9 */ | ||
740 | CAMELLIA_SUBKEY_R(12) = CAMELLIA_SUBKEY_L(12) ^ dw, | ||
741 | CAMELLIA_SUBKEY_L(12) = dw; | ||
742 | dw = CAMELLIA_SUBKEY_L(13) ^ CAMELLIA_SUBKEY_R(13), | ||
743 | dw = CAMELLIA_RL8(dw);/* round 10 */ | ||
744 | CAMELLIA_SUBKEY_R(13) = CAMELLIA_SUBKEY_L(13) ^ dw, | ||
745 | CAMELLIA_SUBKEY_L(13) = dw; | ||
746 | dw = CAMELLIA_SUBKEY_L(14) ^ CAMELLIA_SUBKEY_R(14), | ||
747 | dw = CAMELLIA_RL8(dw);/* round 11 */ | ||
748 | CAMELLIA_SUBKEY_R(14) = CAMELLIA_SUBKEY_L(14) ^ dw, | ||
749 | CAMELLIA_SUBKEY_L(14) = dw; | ||
750 | dw = CAMELLIA_SUBKEY_L(15) ^ CAMELLIA_SUBKEY_R(15), | ||
751 | dw = CAMELLIA_RL8(dw);/* round 12 */ | ||
752 | CAMELLIA_SUBKEY_R(15) = CAMELLIA_SUBKEY_L(15) ^ dw, | ||
753 | CAMELLIA_SUBKEY_L(15) = dw; | ||
754 | dw = CAMELLIA_SUBKEY_L(18) ^ CAMELLIA_SUBKEY_R(18), | ||
755 | dw = CAMELLIA_RL8(dw);/* round 13 */ | ||
756 | CAMELLIA_SUBKEY_R(18) = CAMELLIA_SUBKEY_L(18) ^ dw, | ||
757 | CAMELLIA_SUBKEY_L(18) = dw; | ||
758 | dw = CAMELLIA_SUBKEY_L(19) ^ CAMELLIA_SUBKEY_R(19), | ||
759 | dw = CAMELLIA_RL8(dw);/* round 14 */ | ||
760 | CAMELLIA_SUBKEY_R(19) = CAMELLIA_SUBKEY_L(19) ^ dw, | ||
761 | CAMELLIA_SUBKEY_L(19) = dw; | ||
762 | dw = CAMELLIA_SUBKEY_L(20) ^ CAMELLIA_SUBKEY_R(20), | ||
763 | dw = CAMELLIA_RL8(dw);/* round 15 */ | ||
764 | CAMELLIA_SUBKEY_R(20) = CAMELLIA_SUBKEY_L(20) ^ dw, | ||
765 | CAMELLIA_SUBKEY_L(20) = dw; | ||
766 | dw = CAMELLIA_SUBKEY_L(21) ^ CAMELLIA_SUBKEY_R(21), | ||
767 | dw = CAMELLIA_RL8(dw);/* round 16 */ | ||
768 | CAMELLIA_SUBKEY_R(21) = CAMELLIA_SUBKEY_L(21) ^ dw, | ||
769 | CAMELLIA_SUBKEY_L(21) = dw; | ||
770 | dw = CAMELLIA_SUBKEY_L(22) ^ CAMELLIA_SUBKEY_R(22), | ||
771 | dw = CAMELLIA_RL8(dw);/* round 17 */ | ||
772 | CAMELLIA_SUBKEY_R(22) = CAMELLIA_SUBKEY_L(22) ^ dw, | ||
773 | CAMELLIA_SUBKEY_L(22) = dw; | ||
774 | dw = CAMELLIA_SUBKEY_L(23) ^ CAMELLIA_SUBKEY_R(23), | ||
775 | dw = CAMELLIA_RL8(dw);/* round 18 */ | ||
776 | CAMELLIA_SUBKEY_R(23) = CAMELLIA_SUBKEY_L(23) ^ dw, | ||
777 | CAMELLIA_SUBKEY_L(23) = dw; | ||
778 | |||
779 | return; | ||
780 | } | 696 | } |
781 | 697 | ||
782 | |||
783 | static void camellia_setup256(const unsigned char *key, u32 *subkey) | 698 | static void camellia_setup256(const unsigned char *key, u32 *subkey) |
784 | { | 699 | { |
785 | u32 kll,klr,krl,krr; /* left half of key */ | 700 | u32 kll, klr, krl, krr; /* left half of key */ |
786 | u32 krll,krlr,krrl,krrr; /* right half of key */ | 701 | u32 krll, krlr, krrl, krrr; /* right half of key */ |
787 | u32 il, ir, t0, t1, w0, w1; /* temporary variables */ | 702 | u32 il, ir, t0, t1, w0, w1; /* temporary variables */ |
788 | u32 kw4l, kw4r, dw, tl, tr; | ||
789 | u32 subL[34]; | 703 | u32 subL[34]; |
790 | u32 subR[34]; | 704 | u32 subR[34]; |
791 | 705 | ||
792 | /** | 706 | /** |
793 | * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) | 707 | * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) |
794 | * (|| is concatination) | 708 | * (|| is concatenation) |
795 | */ | 709 | */ |
796 | 710 | GETU32(kll, key ); | |
797 | kll = GETU32(key ); | 711 | GETU32(klr, key + 4); |
798 | klr = GETU32(key + 4); | 712 | GETU32(krl, key + 8); |
799 | krl = GETU32(key + 8); | 713 | GETU32(krr, key + 12); |
800 | krr = GETU32(key + 12); | 714 | GETU32(krll, key + 16); |
801 | krll = GETU32(key + 16); | 715 | GETU32(krlr, key + 20); |
802 | krlr = GETU32(key + 20); | 716 | GETU32(krrl, key + 24); |
803 | krrl = GETU32(key + 24); | 717 | GETU32(krrr, key + 28); |
804 | krrr = GETU32(key + 28); | ||
805 | 718 | ||
806 | /* generate KL dependent subkeys */ | 719 | /* generate KL dependent subkeys */ |
807 | /* kw1 */ | 720 | /* kw1 */ |
808 | SUBL(0) = kll; SUBR(0) = klr; | 721 | subL[0] = kll; subR[0] = klr; |
809 | /* kw2 */ | 722 | /* kw2 */ |
810 | SUBL(1) = krl; SUBR(1) = krr; | 723 | subL[1] = krl; subR[1] = krr; |
811 | CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45); | 724 | ROLDQo32(kll, klr, krl, krr, w0, w1, 45); |
812 | /* k9 */ | 725 | /* k9 */ |
813 | SUBL(12) = kll; SUBR(12) = klr; | 726 | subL[12] = kll; subR[12] = klr; |
814 | /* k10 */ | 727 | /* k10 */ |
815 | SUBL(13) = krl; SUBR(13) = krr; | 728 | subL[13] = krl; subR[13] = krr; |
816 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); | 729 | ROLDQ(kll, klr, krl, krr, w0, w1, 15); |
817 | /* kl3 */ | 730 | /* kl3 */ |
818 | SUBL(16) = kll; SUBR(16) = klr; | 731 | subL[16] = kll; subR[16] = klr; |
819 | /* kl4 */ | 732 | /* kl4 */ |
820 | SUBL(17) = krl; SUBR(17) = krr; | 733 | subL[17] = krl; subR[17] = krr; |
821 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); | 734 | ROLDQ(kll, klr, krl, krr, w0, w1, 17); |
822 | /* k17 */ | 735 | /* k17 */ |
823 | SUBL(22) = kll; SUBR(22) = klr; | 736 | subL[22] = kll; subR[22] = klr; |
824 | /* k18 */ | 737 | /* k18 */ |
825 | SUBL(23) = krl; SUBR(23) = krr; | 738 | subL[23] = krl; subR[23] = krr; |
826 | CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); | 739 | ROLDQo32(kll, klr, krl, krr, w0, w1, 34); |
827 | /* k23 */ | 740 | /* k23 */ |
828 | SUBL(30) = kll; SUBR(30) = klr; | 741 | subL[30] = kll; subR[30] = klr; |
829 | /* k24 */ | 742 | /* k24 */ |
830 | SUBL(31) = krl; SUBR(31) = krr; | 743 | subL[31] = krl; subR[31] = krr; |
831 | 744 | ||
832 | /* generate KR dependent subkeys */ | 745 | /* generate KR dependent subkeys */ |
833 | CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); | 746 | ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); |
834 | /* k3 */ | 747 | /* k3 */ |
835 | SUBL(4) = krll; SUBR(4) = krlr; | 748 | subL[4] = krll; subR[4] = krlr; |
836 | /* k4 */ | 749 | /* k4 */ |
837 | SUBL(5) = krrl; SUBR(5) = krrr; | 750 | subL[5] = krrl; subR[5] = krrr; |
838 | CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); | 751 | ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); |
839 | /* kl1 */ | 752 | /* kl1 */ |
840 | SUBL(8) = krll; SUBR(8) = krlr; | 753 | subL[8] = krll; subR[8] = krlr; |
841 | /* kl2 */ | 754 | /* kl2 */ |
842 | SUBL(9) = krrl; SUBR(9) = krrr; | 755 | subL[9] = krrl; subR[9] = krrr; |
843 | CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); | 756 | ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); |
844 | /* k13 */ | 757 | /* k13 */ |
845 | SUBL(18) = krll; SUBR(18) = krlr; | 758 | subL[18] = krll; subR[18] = krlr; |
846 | /* k14 */ | 759 | /* k14 */ |
847 | SUBL(19) = krrl; SUBR(19) = krrr; | 760 | subL[19] = krrl; subR[19] = krrr; |
848 | CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); | 761 | ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); |
849 | /* k19 */ | 762 | /* k19 */ |
850 | SUBL(26) = krll; SUBR(26) = krlr; | 763 | subL[26] = krll; subR[26] = krlr; |
851 | /* k20 */ | 764 | /* k20 */ |
852 | SUBL(27) = krrl; SUBR(27) = krrr; | 765 | subL[27] = krrl; subR[27] = krrr; |
853 | CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); | 766 | ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); |
854 | 767 | ||
855 | /* generate KA */ | 768 | /* generate KA */ |
856 | kll = SUBL(0) ^ krll; klr = SUBR(0) ^ krlr; | 769 | kll = subL[0] ^ krll; klr = subR[0] ^ krlr; |
857 | krl = SUBL(1) ^ krrl; krr = SUBR(1) ^ krrr; | 770 | krl = subL[1] ^ krrl; krr = subR[1] ^ krrr; |
858 | CAMELLIA_F(kll, klr, | 771 | CAMELLIA_F(kll, klr, |
859 | CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, | 772 | CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, |
860 | w0, w1, il, ir, t0, t1); | 773 | w0, w1, il, ir, t0, t1); |
@@ -885,310 +798,50 @@ static void camellia_setup256(const unsigned char *key, u32 *subkey) | |||
885 | krll ^= w0; krlr ^= w1; | 798 | krll ^= w0; krlr ^= w1; |
886 | 799 | ||
887 | /* generate KA dependent subkeys */ | 800 | /* generate KA dependent subkeys */ |
888 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); | 801 | ROLDQ(kll, klr, krl, krr, w0, w1, 15); |
889 | /* k5 */ | 802 | /* k5 */ |
890 | SUBL(6) = kll; SUBR(6) = klr; | 803 | subL[6] = kll; subR[6] = klr; |
891 | /* k6 */ | 804 | /* k6 */ |
892 | SUBL(7) = krl; SUBR(7) = krr; | 805 | subL[7] = krl; subR[7] = krr; |
893 | CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); | 806 | ROLDQ(kll, klr, krl, krr, w0, w1, 30); |
894 | /* k11 */ | 807 | /* k11 */ |
895 | SUBL(14) = kll; SUBR(14) = klr; | 808 | subL[14] = kll; subR[14] = klr; |
896 | /* k12 */ | 809 | /* k12 */ |
897 | SUBL(15) = krl; SUBR(15) = krr; | 810 | subL[15] = krl; subR[15] = krr; |
898 | /* rotation left shift 32bit */ | 811 | /* rotation left shift 32bit */ |
899 | /* kl5 */ | 812 | /* kl5 */ |
900 | SUBL(24) = klr; SUBR(24) = krl; | 813 | subL[24] = klr; subR[24] = krl; |
901 | /* kl6 */ | 814 | /* kl6 */ |
902 | SUBL(25) = krr; SUBR(25) = kll; | 815 | subL[25] = krr; subR[25] = kll; |
903 | /* rotation left shift 49 from k11,k12 -> k21,k22 */ | 816 | /* rotation left shift 49 from k11,k12 -> k21,k22 */ |
904 | CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49); | 817 | ROLDQo32(kll, klr, krl, krr, w0, w1, 49); |
905 | /* k21 */ | 818 | /* k21 */ |
906 | SUBL(28) = kll; SUBR(28) = klr; | 819 | subL[28] = kll; subR[28] = klr; |
907 | /* k22 */ | 820 | /* k22 */ |
908 | SUBL(29) = krl; SUBR(29) = krr; | 821 | subL[29] = krl; subR[29] = krr; |
909 | 822 | ||
910 | /* generate KB dependent subkeys */ | 823 | /* generate KB dependent subkeys */ |
911 | /* k1 */ | 824 | /* k1 */ |
912 | SUBL(2) = krll; SUBR(2) = krlr; | 825 | subL[2] = krll; subR[2] = krlr; |
913 | /* k2 */ | 826 | /* k2 */ |
914 | SUBL(3) = krrl; SUBR(3) = krrr; | 827 | subL[3] = krrl; subR[3] = krrr; |
915 | CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); | 828 | ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); |
916 | /* k7 */ | 829 | /* k7 */ |
917 | SUBL(10) = krll; SUBR(10) = krlr; | 830 | subL[10] = krll; subR[10] = krlr; |
918 | /* k8 */ | 831 | /* k8 */ |
919 | SUBL(11) = krrl; SUBR(11) = krrr; | 832 | subL[11] = krrl; subR[11] = krrr; |
920 | CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); | 833 | ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); |
921 | /* k15 */ | 834 | /* k15 */ |
922 | SUBL(20) = krll; SUBR(20) = krlr; | 835 | subL[20] = krll; subR[20] = krlr; |
923 | /* k16 */ | 836 | /* k16 */ |
924 | SUBL(21) = krrl; SUBR(21) = krrr; | 837 | subL[21] = krrl; subR[21] = krrr; |
925 | CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51); | 838 | ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51); |
926 | /* kw3 */ | 839 | /* kw3 */ |
927 | SUBL(32) = krll; SUBR(32) = krlr; | 840 | subL[32] = krll; subR[32] = krlr; |
928 | /* kw4 */ | 841 | /* kw4 */ |
929 | SUBL(33) = krrl; SUBR(33) = krrr; | 842 | subL[33] = krrl; subR[33] = krrr; |
930 | |||
931 | /* absorb kw2 to other subkeys */ | ||
932 | /* round 2 */ | ||
933 | SUBL(3) ^= SUBL(1); SUBR(3) ^= SUBR(1); | ||
934 | /* round 4 */ | ||
935 | SUBL(5) ^= SUBL(1); SUBR(5) ^= SUBR(1); | ||
936 | /* round 6 */ | ||
937 | SUBL(7) ^= SUBL(1); SUBR(7) ^= SUBR(1); | ||
938 | SUBL(1) ^= SUBR(1) & ~SUBR(9); | ||
939 | dw = SUBL(1) & SUBL(9), | ||
940 | SUBR(1) ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl2) */ | ||
941 | /* round 8 */ | ||
942 | SUBL(11) ^= SUBL(1); SUBR(11) ^= SUBR(1); | ||
943 | /* round 10 */ | ||
944 | SUBL(13) ^= SUBL(1); SUBR(13) ^= SUBR(1); | ||
945 | /* round 12 */ | ||
946 | SUBL(15) ^= SUBL(1); SUBR(15) ^= SUBR(1); | ||
947 | SUBL(1) ^= SUBR(1) & ~SUBR(17); | ||
948 | dw = SUBL(1) & SUBL(17), | ||
949 | SUBR(1) ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl4) */ | ||
950 | /* round 14 */ | ||
951 | SUBL(19) ^= SUBL(1); SUBR(19) ^= SUBR(1); | ||
952 | /* round 16 */ | ||
953 | SUBL(21) ^= SUBL(1); SUBR(21) ^= SUBR(1); | ||
954 | /* round 18 */ | ||
955 | SUBL(23) ^= SUBL(1); SUBR(23) ^= SUBR(1); | ||
956 | SUBL(1) ^= SUBR(1) & ~SUBR(25); | ||
957 | dw = SUBL(1) & SUBL(25), | ||
958 | SUBR(1) ^= CAMELLIA_RL1(dw); /* modified for FLinv(kl6) */ | ||
959 | /* round 20 */ | ||
960 | SUBL(27) ^= SUBL(1); SUBR(27) ^= SUBR(1); | ||
961 | /* round 22 */ | ||
962 | SUBL(29) ^= SUBL(1); SUBR(29) ^= SUBR(1); | ||
963 | /* round 24 */ | ||
964 | SUBL(31) ^= SUBL(1); SUBR(31) ^= SUBR(1); | ||
965 | /* kw3 */ | ||
966 | SUBL(32) ^= SUBL(1); SUBR(32) ^= SUBR(1); | ||
967 | |||
968 | |||
969 | /* absorb kw4 to other subkeys */ | ||
970 | kw4l = SUBL(33); kw4r = SUBR(33); | ||
971 | /* round 23 */ | ||
972 | SUBL(30) ^= kw4l; SUBR(30) ^= kw4r; | ||
973 | /* round 21 */ | ||
974 | SUBL(28) ^= kw4l; SUBR(28) ^= kw4r; | ||
975 | /* round 19 */ | ||
976 | SUBL(26) ^= kw4l; SUBR(26) ^= kw4r; | ||
977 | kw4l ^= kw4r & ~SUBR(24); | ||
978 | dw = kw4l & SUBL(24), | ||
979 | kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl5) */ | ||
980 | /* round 17 */ | ||
981 | SUBL(22) ^= kw4l; SUBR(22) ^= kw4r; | ||
982 | /* round 15 */ | ||
983 | SUBL(20) ^= kw4l; SUBR(20) ^= kw4r; | ||
984 | /* round 13 */ | ||
985 | SUBL(18) ^= kw4l; SUBR(18) ^= kw4r; | ||
986 | kw4l ^= kw4r & ~SUBR(16); | ||
987 | dw = kw4l & SUBL(16), | ||
988 | kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl3) */ | ||
989 | /* round 11 */ | ||
990 | SUBL(14) ^= kw4l; SUBR(14) ^= kw4r; | ||
991 | /* round 9 */ | ||
992 | SUBL(12) ^= kw4l; SUBR(12) ^= kw4r; | ||
993 | /* round 7 */ | ||
994 | SUBL(10) ^= kw4l; SUBR(10) ^= kw4r; | ||
995 | kw4l ^= kw4r & ~SUBR(8); | ||
996 | dw = kw4l & SUBL(8), | ||
997 | kw4r ^= CAMELLIA_RL1(dw); /* modified for FL(kl1) */ | ||
998 | /* round 5 */ | ||
999 | SUBL(6) ^= kw4l; SUBR(6) ^= kw4r; | ||
1000 | /* round 3 */ | ||
1001 | SUBL(4) ^= kw4l; SUBR(4) ^= kw4r; | ||
1002 | /* round 1 */ | ||
1003 | SUBL(2) ^= kw4l; SUBR(2) ^= kw4r; | ||
1004 | /* kw1 */ | ||
1005 | SUBL(0) ^= kw4l; SUBR(0) ^= kw4r; | ||
1006 | 843 | ||
1007 | /* key XOR is end of F-function */ | 844 | camellia_setup_tail(subkey, subL, subR, 32); |
1008 | CAMELLIA_SUBKEY_L(0) = SUBL(0) ^ SUBL(2);/* kw1 */ | ||
1009 | CAMELLIA_SUBKEY_R(0) = SUBR(0) ^ SUBR(2); | ||
1010 | CAMELLIA_SUBKEY_L(2) = SUBL(3); /* round 1 */ | ||
1011 | CAMELLIA_SUBKEY_R(2) = SUBR(3); | ||
1012 | CAMELLIA_SUBKEY_L(3) = SUBL(2) ^ SUBL(4); /* round 2 */ | ||
1013 | CAMELLIA_SUBKEY_R(3) = SUBR(2) ^ SUBR(4); | ||
1014 | CAMELLIA_SUBKEY_L(4) = SUBL(3) ^ SUBL(5); /* round 3 */ | ||
1015 | CAMELLIA_SUBKEY_R(4) = SUBR(3) ^ SUBR(5); | ||
1016 | CAMELLIA_SUBKEY_L(5) = SUBL(4) ^ SUBL(6); /* round 4 */ | ||
1017 | CAMELLIA_SUBKEY_R(5) = SUBR(4) ^ SUBR(6); | ||
1018 | CAMELLIA_SUBKEY_L(6) = SUBL(5) ^ SUBL(7); /* round 5 */ | ||
1019 | CAMELLIA_SUBKEY_R(6) = SUBR(5) ^ SUBR(7); | ||
1020 | tl = SUBL(10) ^ (SUBR(10) & ~SUBR(8)); | ||
1021 | dw = tl & SUBL(8), /* FL(kl1) */ | ||
1022 | tr = SUBR(10) ^ CAMELLIA_RL1(dw); | ||
1023 | CAMELLIA_SUBKEY_L(7) = SUBL(6) ^ tl; /* round 6 */ | ||
1024 | CAMELLIA_SUBKEY_R(7) = SUBR(6) ^ tr; | ||
1025 | CAMELLIA_SUBKEY_L(8) = SUBL(8); /* FL(kl1) */ | ||
1026 | CAMELLIA_SUBKEY_R(8) = SUBR(8); | ||
1027 | CAMELLIA_SUBKEY_L(9) = SUBL(9); /* FLinv(kl2) */ | ||
1028 | CAMELLIA_SUBKEY_R(9) = SUBR(9); | ||
1029 | tl = SUBL(7) ^ (SUBR(7) & ~SUBR(9)); | ||
1030 | dw = tl & SUBL(9), /* FLinv(kl2) */ | ||
1031 | tr = SUBR(7) ^ CAMELLIA_RL1(dw); | ||
1032 | CAMELLIA_SUBKEY_L(10) = tl ^ SUBL(11); /* round 7 */ | ||
1033 | CAMELLIA_SUBKEY_R(10) = tr ^ SUBR(11); | ||
1034 | CAMELLIA_SUBKEY_L(11) = SUBL(10) ^ SUBL(12); /* round 8 */ | ||
1035 | CAMELLIA_SUBKEY_R(11) = SUBR(10) ^ SUBR(12); | ||
1036 | CAMELLIA_SUBKEY_L(12) = SUBL(11) ^ SUBL(13); /* round 9 */ | ||
1037 | CAMELLIA_SUBKEY_R(12) = SUBR(11) ^ SUBR(13); | ||
1038 | CAMELLIA_SUBKEY_L(13) = SUBL(12) ^ SUBL(14); /* round 10 */ | ||
1039 | CAMELLIA_SUBKEY_R(13) = SUBR(12) ^ SUBR(14); | ||
1040 | CAMELLIA_SUBKEY_L(14) = SUBL(13) ^ SUBL(15); /* round 11 */ | ||
1041 | CAMELLIA_SUBKEY_R(14) = SUBR(13) ^ SUBR(15); | ||
1042 | tl = SUBL(18) ^ (SUBR(18) & ~SUBR(16)); | ||
1043 | dw = tl & SUBL(16), /* FL(kl3) */ | ||
1044 | tr = SUBR(18) ^ CAMELLIA_RL1(dw); | ||
1045 | CAMELLIA_SUBKEY_L(15) = SUBL(14) ^ tl; /* round 12 */ | ||
1046 | CAMELLIA_SUBKEY_R(15) = SUBR(14) ^ tr; | ||
1047 | CAMELLIA_SUBKEY_L(16) = SUBL(16); /* FL(kl3) */ | ||
1048 | CAMELLIA_SUBKEY_R(16) = SUBR(16); | ||
1049 | CAMELLIA_SUBKEY_L(17) = SUBL(17); /* FLinv(kl4) */ | ||
1050 | CAMELLIA_SUBKEY_R(17) = SUBR(17); | ||
1051 | tl = SUBL(15) ^ (SUBR(15) & ~SUBR(17)); | ||
1052 | dw = tl & SUBL(17), /* FLinv(kl4) */ | ||
1053 | tr = SUBR(15) ^ CAMELLIA_RL1(dw); | ||
1054 | CAMELLIA_SUBKEY_L(18) = tl ^ SUBL(19); /* round 13 */ | ||
1055 | CAMELLIA_SUBKEY_R(18) = tr ^ SUBR(19); | ||
1056 | CAMELLIA_SUBKEY_L(19) = SUBL(18) ^ SUBL(20); /* round 14 */ | ||
1057 | CAMELLIA_SUBKEY_R(19) = SUBR(18) ^ SUBR(20); | ||
1058 | CAMELLIA_SUBKEY_L(20) = SUBL(19) ^ SUBL(21); /* round 15 */ | ||
1059 | CAMELLIA_SUBKEY_R(20) = SUBR(19) ^ SUBR(21); | ||
1060 | CAMELLIA_SUBKEY_L(21) = SUBL(20) ^ SUBL(22); /* round 16 */ | ||
1061 | CAMELLIA_SUBKEY_R(21) = SUBR(20) ^ SUBR(22); | ||
1062 | CAMELLIA_SUBKEY_L(22) = SUBL(21) ^ SUBL(23); /* round 17 */ | ||
1063 | CAMELLIA_SUBKEY_R(22) = SUBR(21) ^ SUBR(23); | ||
1064 | tl = SUBL(26) ^ (SUBR(26) | ||
1065 | & ~SUBR(24)); | ||
1066 | dw = tl & SUBL(24), /* FL(kl5) */ | ||
1067 | tr = SUBR(26) ^ CAMELLIA_RL1(dw); | ||
1068 | CAMELLIA_SUBKEY_L(23) = SUBL(22) ^ tl; /* round 18 */ | ||
1069 | CAMELLIA_SUBKEY_R(23) = SUBR(22) ^ tr; | ||
1070 | CAMELLIA_SUBKEY_L(24) = SUBL(24); /* FL(kl5) */ | ||
1071 | CAMELLIA_SUBKEY_R(24) = SUBR(24); | ||
1072 | CAMELLIA_SUBKEY_L(25) = SUBL(25); /* FLinv(kl6) */ | ||
1073 | CAMELLIA_SUBKEY_R(25) = SUBR(25); | ||
1074 | tl = SUBL(23) ^ (SUBR(23) & | ||
1075 | ~SUBR(25)); | ||
1076 | dw = tl & SUBL(25), /* FLinv(kl6) */ | ||
1077 | tr = SUBR(23) ^ CAMELLIA_RL1(dw); | ||
1078 | CAMELLIA_SUBKEY_L(26) = tl ^ SUBL(27); /* round 19 */ | ||
1079 | CAMELLIA_SUBKEY_R(26) = tr ^ SUBR(27); | ||
1080 | CAMELLIA_SUBKEY_L(27) = SUBL(26) ^ SUBL(28); /* round 20 */ | ||
1081 | CAMELLIA_SUBKEY_R(27) = SUBR(26) ^ SUBR(28); | ||
1082 | CAMELLIA_SUBKEY_L(28) = SUBL(27) ^ SUBL(29); /* round 21 */ | ||
1083 | CAMELLIA_SUBKEY_R(28) = SUBR(27) ^ SUBR(29); | ||
1084 | CAMELLIA_SUBKEY_L(29) = SUBL(28) ^ SUBL(30); /* round 22 */ | ||
1085 | CAMELLIA_SUBKEY_R(29) = SUBR(28) ^ SUBR(30); | ||
1086 | CAMELLIA_SUBKEY_L(30) = SUBL(29) ^ SUBL(31); /* round 23 */ | ||
1087 | CAMELLIA_SUBKEY_R(30) = SUBR(29) ^ SUBR(31); | ||
1088 | CAMELLIA_SUBKEY_L(31) = SUBL(30); /* round 24 */ | ||
1089 | CAMELLIA_SUBKEY_R(31) = SUBR(30); | ||
1090 | CAMELLIA_SUBKEY_L(32) = SUBL(32) ^ SUBL(31); /* kw3 */ | ||
1091 | CAMELLIA_SUBKEY_R(32) = SUBR(32) ^ SUBR(31); | ||
1092 | |||
1093 | /* apply the inverse of the last half of P-function */ | ||
1094 | dw = CAMELLIA_SUBKEY_L(2) ^ CAMELLIA_SUBKEY_R(2), | ||
1095 | dw = CAMELLIA_RL8(dw);/* round 1 */ | ||
1096 | CAMELLIA_SUBKEY_R(2) = CAMELLIA_SUBKEY_L(2) ^ dw, | ||
1097 | CAMELLIA_SUBKEY_L(2) = dw; | ||
1098 | dw = CAMELLIA_SUBKEY_L(3) ^ CAMELLIA_SUBKEY_R(3), | ||
1099 | dw = CAMELLIA_RL8(dw);/* round 2 */ | ||
1100 | CAMELLIA_SUBKEY_R(3) = CAMELLIA_SUBKEY_L(3) ^ dw, | ||
1101 | CAMELLIA_SUBKEY_L(3) = dw; | ||
1102 | dw = CAMELLIA_SUBKEY_L(4) ^ CAMELLIA_SUBKEY_R(4), | ||
1103 | dw = CAMELLIA_RL8(dw);/* round 3 */ | ||
1104 | CAMELLIA_SUBKEY_R(4) = CAMELLIA_SUBKEY_L(4) ^ dw, | ||
1105 | CAMELLIA_SUBKEY_L(4) = dw; | ||
1106 | dw = CAMELLIA_SUBKEY_L(5) ^ CAMELLIA_SUBKEY_R(5), | ||
1107 | dw = CAMELLIA_RL8(dw);/* round 4 */ | ||
1108 | CAMELLIA_SUBKEY_R(5) = CAMELLIA_SUBKEY_L(5) ^ dw, | ||
1109 | CAMELLIA_SUBKEY_L(5) = dw; | ||
1110 | dw = CAMELLIA_SUBKEY_L(6) ^ CAMELLIA_SUBKEY_R(6), | ||
1111 | dw = CAMELLIA_RL8(dw);/* round 5 */ | ||
1112 | CAMELLIA_SUBKEY_R(6) = CAMELLIA_SUBKEY_L(6) ^ dw, | ||
1113 | CAMELLIA_SUBKEY_L(6) = dw; | ||
1114 | dw = CAMELLIA_SUBKEY_L(7) ^ CAMELLIA_SUBKEY_R(7), | ||
1115 | dw = CAMELLIA_RL8(dw);/* round 6 */ | ||
1116 | CAMELLIA_SUBKEY_R(7) = CAMELLIA_SUBKEY_L(7) ^ dw, | ||
1117 | CAMELLIA_SUBKEY_L(7) = dw; | ||
1118 | dw = CAMELLIA_SUBKEY_L(10) ^ CAMELLIA_SUBKEY_R(10), | ||
1119 | dw = CAMELLIA_RL8(dw);/* round 7 */ | ||
1120 | CAMELLIA_SUBKEY_R(10) = CAMELLIA_SUBKEY_L(10) ^ dw, | ||
1121 | CAMELLIA_SUBKEY_L(10) = dw; | ||
1122 | dw = CAMELLIA_SUBKEY_L(11) ^ CAMELLIA_SUBKEY_R(11), | ||
1123 | dw = CAMELLIA_RL8(dw);/* round 8 */ | ||
1124 | CAMELLIA_SUBKEY_R(11) = CAMELLIA_SUBKEY_L(11) ^ dw, | ||
1125 | CAMELLIA_SUBKEY_L(11) = dw; | ||
1126 | dw = CAMELLIA_SUBKEY_L(12) ^ CAMELLIA_SUBKEY_R(12), | ||
1127 | dw = CAMELLIA_RL8(dw);/* round 9 */ | ||
1128 | CAMELLIA_SUBKEY_R(12) = CAMELLIA_SUBKEY_L(12) ^ dw, | ||
1129 | CAMELLIA_SUBKEY_L(12) = dw; | ||
1130 | dw = CAMELLIA_SUBKEY_L(13) ^ CAMELLIA_SUBKEY_R(13), | ||
1131 | dw = CAMELLIA_RL8(dw);/* round 10 */ | ||
1132 | CAMELLIA_SUBKEY_R(13) = CAMELLIA_SUBKEY_L(13) ^ dw, | ||
1133 | CAMELLIA_SUBKEY_L(13) = dw; | ||
1134 | dw = CAMELLIA_SUBKEY_L(14) ^ CAMELLIA_SUBKEY_R(14), | ||
1135 | dw = CAMELLIA_RL8(dw);/* round 11 */ | ||
1136 | CAMELLIA_SUBKEY_R(14) = CAMELLIA_SUBKEY_L(14) ^ dw, | ||
1137 | CAMELLIA_SUBKEY_L(14) = dw; | ||
1138 | dw = CAMELLIA_SUBKEY_L(15) ^ CAMELLIA_SUBKEY_R(15), | ||
1139 | dw = CAMELLIA_RL8(dw);/* round 12 */ | ||
1140 | CAMELLIA_SUBKEY_R(15) = CAMELLIA_SUBKEY_L(15) ^ dw, | ||
1141 | CAMELLIA_SUBKEY_L(15) = dw; | ||
1142 | dw = CAMELLIA_SUBKEY_L(18) ^ CAMELLIA_SUBKEY_R(18), | ||
1143 | dw = CAMELLIA_RL8(dw);/* round 13 */ | ||
1144 | CAMELLIA_SUBKEY_R(18) = CAMELLIA_SUBKEY_L(18) ^ dw, | ||
1145 | CAMELLIA_SUBKEY_L(18) = dw; | ||
1146 | dw = CAMELLIA_SUBKEY_L(19) ^ CAMELLIA_SUBKEY_R(19), | ||
1147 | dw = CAMELLIA_RL8(dw);/* round 14 */ | ||
1148 | CAMELLIA_SUBKEY_R(19) = CAMELLIA_SUBKEY_L(19) ^ dw, | ||
1149 | CAMELLIA_SUBKEY_L(19) = dw; | ||
1150 | dw = CAMELLIA_SUBKEY_L(20) ^ CAMELLIA_SUBKEY_R(20), | ||
1151 | dw = CAMELLIA_RL8(dw);/* round 15 */ | ||
1152 | CAMELLIA_SUBKEY_R(20) = CAMELLIA_SUBKEY_L(20) ^ dw, | ||
1153 | CAMELLIA_SUBKEY_L(20) = dw; | ||
1154 | dw = CAMELLIA_SUBKEY_L(21) ^ CAMELLIA_SUBKEY_R(21), | ||
1155 | dw = CAMELLIA_RL8(dw);/* round 16 */ | ||
1156 | CAMELLIA_SUBKEY_R(21) = CAMELLIA_SUBKEY_L(21) ^ dw, | ||
1157 | CAMELLIA_SUBKEY_L(21) = dw; | ||
1158 | dw = CAMELLIA_SUBKEY_L(22) ^ CAMELLIA_SUBKEY_R(22), | ||
1159 | dw = CAMELLIA_RL8(dw);/* round 17 */ | ||
1160 | CAMELLIA_SUBKEY_R(22) = CAMELLIA_SUBKEY_L(22) ^ dw, | ||
1161 | CAMELLIA_SUBKEY_L(22) = dw; | ||
1162 | dw = CAMELLIA_SUBKEY_L(23) ^ CAMELLIA_SUBKEY_R(23), | ||
1163 | dw = CAMELLIA_RL8(dw);/* round 18 */ | ||
1164 | CAMELLIA_SUBKEY_R(23) = CAMELLIA_SUBKEY_L(23) ^ dw, | ||
1165 | CAMELLIA_SUBKEY_L(23) = dw; | ||
1166 | dw = CAMELLIA_SUBKEY_L(26) ^ CAMELLIA_SUBKEY_R(26), | ||
1167 | dw = CAMELLIA_RL8(dw);/* round 19 */ | ||
1168 | CAMELLIA_SUBKEY_R(26) = CAMELLIA_SUBKEY_L(26) ^ dw, | ||
1169 | CAMELLIA_SUBKEY_L(26) = dw; | ||
1170 | dw = CAMELLIA_SUBKEY_L(27) ^ CAMELLIA_SUBKEY_R(27), | ||
1171 | dw = CAMELLIA_RL8(dw);/* round 20 */ | ||
1172 | CAMELLIA_SUBKEY_R(27) = CAMELLIA_SUBKEY_L(27) ^ dw, | ||
1173 | CAMELLIA_SUBKEY_L(27) = dw; | ||
1174 | dw = CAMELLIA_SUBKEY_L(28) ^ CAMELLIA_SUBKEY_R(28), | ||
1175 | dw = CAMELLIA_RL8(dw);/* round 21 */ | ||
1176 | CAMELLIA_SUBKEY_R(28) = CAMELLIA_SUBKEY_L(28) ^ dw, | ||
1177 | CAMELLIA_SUBKEY_L(28) = dw; | ||
1178 | dw = CAMELLIA_SUBKEY_L(29) ^ CAMELLIA_SUBKEY_R(29), | ||
1179 | dw = CAMELLIA_RL8(dw);/* round 22 */ | ||
1180 | CAMELLIA_SUBKEY_R(29) = CAMELLIA_SUBKEY_L(29) ^ dw, | ||
1181 | CAMELLIA_SUBKEY_L(29) = dw; | ||
1182 | dw = CAMELLIA_SUBKEY_L(30) ^ CAMELLIA_SUBKEY_R(30), | ||
1183 | dw = CAMELLIA_RL8(dw);/* round 23 */ | ||
1184 | CAMELLIA_SUBKEY_R(30) = CAMELLIA_SUBKEY_L(30) ^ dw, | ||
1185 | CAMELLIA_SUBKEY_L(30) = dw; | ||
1186 | dw = CAMELLIA_SUBKEY_L(31) ^ CAMELLIA_SUBKEY_R(31), | ||
1187 | dw = CAMELLIA_RL8(dw);/* round 24 */ | ||
1188 | CAMELLIA_SUBKEY_R(31) = CAMELLIA_SUBKEY_L(31) ^ dw, | ||
1189 | CAMELLIA_SUBKEY_L(31) = dw; | ||
1190 | |||
1191 | return; | ||
1192 | } | 845 | } |
1193 | 846 | ||
1194 | static void camellia_setup192(const unsigned char *key, u32 *subkey) | 847 | static void camellia_setup192(const unsigned char *key, u32 *subkey) |
@@ -1197,482 +850,168 @@ static void camellia_setup192(const unsigned char *key, u32 *subkey) | |||
1197 | u32 krll, krlr, krrl,krrr; | 850 | u32 krll, krlr, krrl,krrr; |
1198 | 851 | ||
1199 | memcpy(kk, key, 24); | 852 | memcpy(kk, key, 24); |
1200 | memcpy((unsigned char *)&krll, key+16,4); | 853 | memcpy((unsigned char *)&krll, key+16, 4); |
1201 | memcpy((unsigned char *)&krlr, key+20,4); | 854 | memcpy((unsigned char *)&krlr, key+20, 4); |
1202 | krrl = ~krll; | 855 | krrl = ~krll; |
1203 | krrr = ~krlr; | 856 | krrr = ~krlr; |
1204 | memcpy(kk+24, (unsigned char *)&krrl, 4); | 857 | memcpy(kk+24, (unsigned char *)&krrl, 4); |
1205 | memcpy(kk+28, (unsigned char *)&krrr, 4); | 858 | memcpy(kk+28, (unsigned char *)&krrr, 4); |
1206 | camellia_setup256(kk, subkey); | 859 | camellia_setup256(kk, subkey); |
1207 | return; | ||
1208 | } | 860 | } |
1209 | 861 | ||
1210 | 862 | ||
1211 | /** | 863 | /* |
1212 | * Stuff related to camellia encryption/decryption | 864 | * Encrypt/decrypt |
1213 | */ | 865 | */ |
1214 | static void camellia_encrypt128(const u32 *subkey, __be32 *io_text) | 866 | #define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ |
1215 | { | 867 | do { \ |
1216 | u32 il,ir,t0,t1; /* temporary valiables */ | 868 | t0 = kll; \ |
1217 | 869 | t2 = krr; \ | |
1218 | u32 io[4]; | 870 | t0 &= ll; \ |
1219 | 871 | t2 |= rr; \ | |
1220 | io[0] = be32_to_cpu(io_text[0]); | 872 | rl ^= t2; \ |
1221 | io[1] = be32_to_cpu(io_text[1]); | 873 | lr ^= ROL1(t0); \ |
1222 | io[2] = be32_to_cpu(io_text[2]); | 874 | t3 = krl; \ |
1223 | io[3] = be32_to_cpu(io_text[3]); | 875 | t1 = klr; \ |
1224 | 876 | t3 &= rl; \ | |
1225 | /* pre whitening but absorb kw2*/ | 877 | t1 |= lr; \ |
1226 | io[0] ^= CAMELLIA_SUBKEY_L(0); | 878 | ll ^= t1; \ |
1227 | io[1] ^= CAMELLIA_SUBKEY_R(0); | 879 | rr ^= ROL1(t3); \ |
1228 | /* main iteration */ | 880 | } while(0) |
1229 | |||
1230 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1231 | CAMELLIA_SUBKEY_L(2),CAMELLIA_SUBKEY_R(2), | ||
1232 | io[2],io[3],il,ir,t0,t1); | ||
1233 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1234 | CAMELLIA_SUBKEY_L(3),CAMELLIA_SUBKEY_R(3), | ||
1235 | io[0],io[1],il,ir,t0,t1); | ||
1236 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1237 | CAMELLIA_SUBKEY_L(4),CAMELLIA_SUBKEY_R(4), | ||
1238 | io[2],io[3],il,ir,t0,t1); | ||
1239 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1240 | CAMELLIA_SUBKEY_L(5),CAMELLIA_SUBKEY_R(5), | ||
1241 | io[0],io[1],il,ir,t0,t1); | ||
1242 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1243 | CAMELLIA_SUBKEY_L(6),CAMELLIA_SUBKEY_R(6), | ||
1244 | io[2],io[3],il,ir,t0,t1); | ||
1245 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1246 | CAMELLIA_SUBKEY_L(7),CAMELLIA_SUBKEY_R(7), | ||
1247 | io[0],io[1],il,ir,t0,t1); | ||
1248 | |||
1249 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | ||
1250 | CAMELLIA_SUBKEY_L(8),CAMELLIA_SUBKEY_R(8), | ||
1251 | CAMELLIA_SUBKEY_L(9),CAMELLIA_SUBKEY_R(9), | ||
1252 | t0,t1,il,ir); | ||
1253 | |||
1254 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1255 | CAMELLIA_SUBKEY_L(10),CAMELLIA_SUBKEY_R(10), | ||
1256 | io[2],io[3],il,ir,t0,t1); | ||
1257 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1258 | CAMELLIA_SUBKEY_L(11),CAMELLIA_SUBKEY_R(11), | ||
1259 | io[0],io[1],il,ir,t0,t1); | ||
1260 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1261 | CAMELLIA_SUBKEY_L(12),CAMELLIA_SUBKEY_R(12), | ||
1262 | io[2],io[3],il,ir,t0,t1); | ||
1263 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1264 | CAMELLIA_SUBKEY_L(13),CAMELLIA_SUBKEY_R(13), | ||
1265 | io[0],io[1],il,ir,t0,t1); | ||
1266 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1267 | CAMELLIA_SUBKEY_L(14),CAMELLIA_SUBKEY_R(14), | ||
1268 | io[2],io[3],il,ir,t0,t1); | ||
1269 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1270 | CAMELLIA_SUBKEY_L(15),CAMELLIA_SUBKEY_R(15), | ||
1271 | io[0],io[1],il,ir,t0,t1); | ||
1272 | |||
1273 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | ||
1274 | CAMELLIA_SUBKEY_L(16),CAMELLIA_SUBKEY_R(16), | ||
1275 | CAMELLIA_SUBKEY_L(17),CAMELLIA_SUBKEY_R(17), | ||
1276 | t0,t1,il,ir); | ||
1277 | |||
1278 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1279 | CAMELLIA_SUBKEY_L(18),CAMELLIA_SUBKEY_R(18), | ||
1280 | io[2],io[3],il,ir,t0,t1); | ||
1281 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1282 | CAMELLIA_SUBKEY_L(19),CAMELLIA_SUBKEY_R(19), | ||
1283 | io[0],io[1],il,ir,t0,t1); | ||
1284 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1285 | CAMELLIA_SUBKEY_L(20),CAMELLIA_SUBKEY_R(20), | ||
1286 | io[2],io[3],il,ir,t0,t1); | ||
1287 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1288 | CAMELLIA_SUBKEY_L(21),CAMELLIA_SUBKEY_R(21), | ||
1289 | io[0],io[1],il,ir,t0,t1); | ||
1290 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1291 | CAMELLIA_SUBKEY_L(22),CAMELLIA_SUBKEY_R(22), | ||
1292 | io[2],io[3],il,ir,t0,t1); | ||
1293 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1294 | CAMELLIA_SUBKEY_L(23),CAMELLIA_SUBKEY_R(23), | ||
1295 | io[0],io[1],il,ir,t0,t1); | ||
1296 | 881 | ||
1297 | /* post whitening but kw4 */ | 882 | #define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir) \ |
1298 | io[2] ^= CAMELLIA_SUBKEY_L(24); | 883 | do { \ |
1299 | io[3] ^= CAMELLIA_SUBKEY_R(24); | 884 | ir = camellia_sp1110[(u8)xr]; \ |
1300 | 885 | il = camellia_sp1110[ (xl >> 24)]; \ | |
1301 | t0 = io[0]; | 886 | ir ^= camellia_sp0222[ (xr >> 24)]; \ |
1302 | t1 = io[1]; | 887 | il ^= camellia_sp0222[(u8)(xl >> 16)]; \ |
1303 | io[0] = io[2]; | 888 | ir ^= camellia_sp3033[(u8)(xr >> 16)]; \ |
1304 | io[1] = io[3]; | 889 | il ^= camellia_sp3033[(u8)(xl >> 8)]; \ |
1305 | io[2] = t0; | 890 | ir ^= camellia_sp4404[(u8)(xr >> 8)]; \ |
1306 | io[3] = t1; | 891 | il ^= camellia_sp4404[(u8)xl]; \ |
1307 | 892 | il ^= kl; \ | |
1308 | io_text[0] = cpu_to_be32(io[0]); | 893 | ir ^= il ^ kr; \ |
1309 | io_text[1] = cpu_to_be32(io[1]); | 894 | yl ^= ir; \ |
1310 | io_text[2] = cpu_to_be32(io[2]); | 895 | yr ^= ROR8(il) ^ ir; \ |
1311 | io_text[3] = cpu_to_be32(io[3]); | 896 | } while(0) |
1312 | |||
1313 | return; | ||
1314 | } | ||
1315 | 897 | ||
1316 | static void camellia_decrypt128(const u32 *subkey, __be32 *io_text) | 898 | /* max = 24: 128bit encrypt, max = 32: 256bit encrypt */ |
899 | static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max) | ||
1317 | { | 900 | { |
1318 | u32 il,ir,t0,t1; /* temporary valiables */ | 901 | u32 il,ir,t0,t1; /* temporary variables */ |
1319 | 902 | ||
1320 | u32 io[4]; | 903 | /* pre whitening but absorb kw2 */ |
1321 | 904 | io[0] ^= SUBKEY_L(0); | |
1322 | io[0] = be32_to_cpu(io_text[0]); | 905 | io[1] ^= SUBKEY_R(0); |
1323 | io[1] = be32_to_cpu(io_text[1]); | ||
1324 | io[2] = be32_to_cpu(io_text[2]); | ||
1325 | io[3] = be32_to_cpu(io_text[3]); | ||
1326 | |||
1327 | /* pre whitening but absorb kw2*/ | ||
1328 | io[0] ^= CAMELLIA_SUBKEY_L(24); | ||
1329 | io[1] ^= CAMELLIA_SUBKEY_R(24); | ||
1330 | 906 | ||
1331 | /* main iteration */ | 907 | /* main iteration */ |
1332 | CAMELLIA_ROUNDSM(io[0],io[1], | 908 | #define ROUNDS(i) do { \ |
1333 | CAMELLIA_SUBKEY_L(23),CAMELLIA_SUBKEY_R(23), | 909 | CAMELLIA_ROUNDSM(io[0],io[1], \ |
1334 | io[2],io[3],il,ir,t0,t1); | 910 | SUBKEY_L(i + 2),SUBKEY_R(i + 2), \ |
1335 | CAMELLIA_ROUNDSM(io[2],io[3], | 911 | io[2],io[3],il,ir); \ |
1336 | CAMELLIA_SUBKEY_L(22),CAMELLIA_SUBKEY_R(22), | 912 | CAMELLIA_ROUNDSM(io[2],io[3], \ |
1337 | io[0],io[1],il,ir,t0,t1); | 913 | SUBKEY_L(i + 3),SUBKEY_R(i + 3), \ |
1338 | CAMELLIA_ROUNDSM(io[0],io[1], | 914 | io[0],io[1],il,ir); \ |
1339 | CAMELLIA_SUBKEY_L(21),CAMELLIA_SUBKEY_R(21), | 915 | CAMELLIA_ROUNDSM(io[0],io[1], \ |
1340 | io[2],io[3],il,ir,t0,t1); | 916 | SUBKEY_L(i + 4),SUBKEY_R(i + 4), \ |
1341 | CAMELLIA_ROUNDSM(io[2],io[3], | 917 | io[2],io[3],il,ir); \ |
1342 | CAMELLIA_SUBKEY_L(20),CAMELLIA_SUBKEY_R(20), | 918 | CAMELLIA_ROUNDSM(io[2],io[3], \ |
1343 | io[0],io[1],il,ir,t0,t1); | 919 | SUBKEY_L(i + 5),SUBKEY_R(i + 5), \ |
1344 | CAMELLIA_ROUNDSM(io[0],io[1], | 920 | io[0],io[1],il,ir); \ |
1345 | CAMELLIA_SUBKEY_L(19),CAMELLIA_SUBKEY_R(19), | 921 | CAMELLIA_ROUNDSM(io[0],io[1], \ |
1346 | io[2],io[3],il,ir,t0,t1); | 922 | SUBKEY_L(i + 6),SUBKEY_R(i + 6), \ |
1347 | CAMELLIA_ROUNDSM(io[2],io[3], | 923 | io[2],io[3],il,ir); \ |
1348 | CAMELLIA_SUBKEY_L(18),CAMELLIA_SUBKEY_R(18), | 924 | CAMELLIA_ROUNDSM(io[2],io[3], \ |
1349 | io[0],io[1],il,ir,t0,t1); | 925 | SUBKEY_L(i + 7),SUBKEY_R(i + 7), \ |
1350 | 926 | io[0],io[1],il,ir); \ | |
1351 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 927 | } while (0) |
1352 | CAMELLIA_SUBKEY_L(17),CAMELLIA_SUBKEY_R(17), | 928 | #define FLS(i) do { \ |
1353 | CAMELLIA_SUBKEY_L(16),CAMELLIA_SUBKEY_R(16), | 929 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], \ |
1354 | t0,t1,il,ir); | 930 | SUBKEY_L(i + 0),SUBKEY_R(i + 0), \ |
1355 | 931 | SUBKEY_L(i + 1),SUBKEY_R(i + 1), \ | |
1356 | CAMELLIA_ROUNDSM(io[0],io[1], | 932 | t0,t1,il,ir); \ |
1357 | CAMELLIA_SUBKEY_L(15),CAMELLIA_SUBKEY_R(15), | 933 | } while (0) |
1358 | io[2],io[3],il,ir,t0,t1); | 934 | |
1359 | CAMELLIA_ROUNDSM(io[2],io[3], | 935 | ROUNDS(0); |
1360 | CAMELLIA_SUBKEY_L(14),CAMELLIA_SUBKEY_R(14), | 936 | FLS(8); |
1361 | io[0],io[1],il,ir,t0,t1); | 937 | ROUNDS(8); |
1362 | CAMELLIA_ROUNDSM(io[0],io[1], | 938 | FLS(16); |
1363 | CAMELLIA_SUBKEY_L(13),CAMELLIA_SUBKEY_R(13), | 939 | ROUNDS(16); |
1364 | io[2],io[3],il,ir,t0,t1); | 940 | if (max == 32) { |
1365 | CAMELLIA_ROUNDSM(io[2],io[3], | 941 | FLS(24); |
1366 | CAMELLIA_SUBKEY_L(12),CAMELLIA_SUBKEY_R(12), | 942 | ROUNDS(24); |
1367 | io[0],io[1],il,ir,t0,t1); | 943 | } |
1368 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1369 | CAMELLIA_SUBKEY_L(11),CAMELLIA_SUBKEY_R(11), | ||
1370 | io[2],io[3],il,ir,t0,t1); | ||
1371 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1372 | CAMELLIA_SUBKEY_L(10),CAMELLIA_SUBKEY_R(10), | ||
1373 | io[0],io[1],il,ir,t0,t1); | ||
1374 | |||
1375 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | ||
1376 | CAMELLIA_SUBKEY_L(9),CAMELLIA_SUBKEY_R(9), | ||
1377 | CAMELLIA_SUBKEY_L(8),CAMELLIA_SUBKEY_R(8), | ||
1378 | t0,t1,il,ir); | ||
1379 | |||
1380 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1381 | CAMELLIA_SUBKEY_L(7),CAMELLIA_SUBKEY_R(7), | ||
1382 | io[2],io[3],il,ir,t0,t1); | ||
1383 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1384 | CAMELLIA_SUBKEY_L(6),CAMELLIA_SUBKEY_R(6), | ||
1385 | io[0],io[1],il,ir,t0,t1); | ||
1386 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1387 | CAMELLIA_SUBKEY_L(5),CAMELLIA_SUBKEY_R(5), | ||
1388 | io[2],io[3],il,ir,t0,t1); | ||
1389 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1390 | CAMELLIA_SUBKEY_L(4),CAMELLIA_SUBKEY_R(4), | ||
1391 | io[0],io[1],il,ir,t0,t1); | ||
1392 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1393 | CAMELLIA_SUBKEY_L(3),CAMELLIA_SUBKEY_R(3), | ||
1394 | io[2],io[3],il,ir,t0,t1); | ||
1395 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1396 | CAMELLIA_SUBKEY_L(2),CAMELLIA_SUBKEY_R(2), | ||
1397 | io[0],io[1],il,ir,t0,t1); | ||
1398 | |||
1399 | /* post whitening but kw4 */ | ||
1400 | io[2] ^= CAMELLIA_SUBKEY_L(0); | ||
1401 | io[3] ^= CAMELLIA_SUBKEY_R(0); | ||
1402 | |||
1403 | t0 = io[0]; | ||
1404 | t1 = io[1]; | ||
1405 | io[0] = io[2]; | ||
1406 | io[1] = io[3]; | ||
1407 | io[2] = t0; | ||
1408 | io[3] = t1; | ||
1409 | |||
1410 | io_text[0] = cpu_to_be32(io[0]); | ||
1411 | io_text[1] = cpu_to_be32(io[1]); | ||
1412 | io_text[2] = cpu_to_be32(io[2]); | ||
1413 | io_text[3] = cpu_to_be32(io[3]); | ||
1414 | |||
1415 | return; | ||
1416 | } | ||
1417 | |||
1418 | |||
1419 | /** | ||
1420 | * stuff for 192 and 256bit encryption/decryption | ||
1421 | */ | ||
1422 | static void camellia_encrypt256(const u32 *subkey, __be32 *io_text) | ||
1423 | { | ||
1424 | u32 il,ir,t0,t1; /* temporary valiables */ | ||
1425 | |||
1426 | u32 io[4]; | ||
1427 | |||
1428 | io[0] = be32_to_cpu(io_text[0]); | ||
1429 | io[1] = be32_to_cpu(io_text[1]); | ||
1430 | io[2] = be32_to_cpu(io_text[2]); | ||
1431 | io[3] = be32_to_cpu(io_text[3]); | ||
1432 | 944 | ||
1433 | /* pre whitening but absorb kw2*/ | 945 | #undef ROUNDS |
1434 | io[0] ^= CAMELLIA_SUBKEY_L(0); | 946 | #undef FLS |
1435 | io[1] ^= CAMELLIA_SUBKEY_R(0); | ||
1436 | |||
1437 | /* main iteration */ | ||
1438 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1439 | CAMELLIA_SUBKEY_L(2),CAMELLIA_SUBKEY_R(2), | ||
1440 | io[2],io[3],il,ir,t0,t1); | ||
1441 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1442 | CAMELLIA_SUBKEY_L(3),CAMELLIA_SUBKEY_R(3), | ||
1443 | io[0],io[1],il,ir,t0,t1); | ||
1444 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1445 | CAMELLIA_SUBKEY_L(4),CAMELLIA_SUBKEY_R(4), | ||
1446 | io[2],io[3],il,ir,t0,t1); | ||
1447 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1448 | CAMELLIA_SUBKEY_L(5),CAMELLIA_SUBKEY_R(5), | ||
1449 | io[0],io[1],il,ir,t0,t1); | ||
1450 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1451 | CAMELLIA_SUBKEY_L(6),CAMELLIA_SUBKEY_R(6), | ||
1452 | io[2],io[3],il,ir,t0,t1); | ||
1453 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1454 | CAMELLIA_SUBKEY_L(7),CAMELLIA_SUBKEY_R(7), | ||
1455 | io[0],io[1],il,ir,t0,t1); | ||
1456 | |||
1457 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | ||
1458 | CAMELLIA_SUBKEY_L(8),CAMELLIA_SUBKEY_R(8), | ||
1459 | CAMELLIA_SUBKEY_L(9),CAMELLIA_SUBKEY_R(9), | ||
1460 | t0,t1,il,ir); | ||
1461 | |||
1462 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1463 | CAMELLIA_SUBKEY_L(10),CAMELLIA_SUBKEY_R(10), | ||
1464 | io[2],io[3],il,ir,t0,t1); | ||
1465 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1466 | CAMELLIA_SUBKEY_L(11),CAMELLIA_SUBKEY_R(11), | ||
1467 | io[0],io[1],il,ir,t0,t1); | ||
1468 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1469 | CAMELLIA_SUBKEY_L(12),CAMELLIA_SUBKEY_R(12), | ||
1470 | io[2],io[3],il,ir,t0,t1); | ||
1471 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1472 | CAMELLIA_SUBKEY_L(13),CAMELLIA_SUBKEY_R(13), | ||
1473 | io[0],io[1],il,ir,t0,t1); | ||
1474 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1475 | CAMELLIA_SUBKEY_L(14),CAMELLIA_SUBKEY_R(14), | ||
1476 | io[2],io[3],il,ir,t0,t1); | ||
1477 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1478 | CAMELLIA_SUBKEY_L(15),CAMELLIA_SUBKEY_R(15), | ||
1479 | io[0],io[1],il,ir,t0,t1); | ||
1480 | |||
1481 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | ||
1482 | CAMELLIA_SUBKEY_L(16),CAMELLIA_SUBKEY_R(16), | ||
1483 | CAMELLIA_SUBKEY_L(17),CAMELLIA_SUBKEY_R(17), | ||
1484 | t0,t1,il,ir); | ||
1485 | |||
1486 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1487 | CAMELLIA_SUBKEY_L(18),CAMELLIA_SUBKEY_R(18), | ||
1488 | io[2],io[3],il,ir,t0,t1); | ||
1489 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1490 | CAMELLIA_SUBKEY_L(19),CAMELLIA_SUBKEY_R(19), | ||
1491 | io[0],io[1],il,ir,t0,t1); | ||
1492 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1493 | CAMELLIA_SUBKEY_L(20),CAMELLIA_SUBKEY_R(20), | ||
1494 | io[2],io[3],il,ir,t0,t1); | ||
1495 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1496 | CAMELLIA_SUBKEY_L(21),CAMELLIA_SUBKEY_R(21), | ||
1497 | io[0],io[1],il,ir,t0,t1); | ||
1498 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1499 | CAMELLIA_SUBKEY_L(22),CAMELLIA_SUBKEY_R(22), | ||
1500 | io[2],io[3],il,ir,t0,t1); | ||
1501 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1502 | CAMELLIA_SUBKEY_L(23),CAMELLIA_SUBKEY_R(23), | ||
1503 | io[0],io[1],il,ir,t0,t1); | ||
1504 | |||
1505 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | ||
1506 | CAMELLIA_SUBKEY_L(24),CAMELLIA_SUBKEY_R(24), | ||
1507 | CAMELLIA_SUBKEY_L(25),CAMELLIA_SUBKEY_R(25), | ||
1508 | t0,t1,il,ir); | ||
1509 | |||
1510 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1511 | CAMELLIA_SUBKEY_L(26),CAMELLIA_SUBKEY_R(26), | ||
1512 | io[2],io[3],il,ir,t0,t1); | ||
1513 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1514 | CAMELLIA_SUBKEY_L(27),CAMELLIA_SUBKEY_R(27), | ||
1515 | io[0],io[1],il,ir,t0,t1); | ||
1516 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1517 | CAMELLIA_SUBKEY_L(28),CAMELLIA_SUBKEY_R(28), | ||
1518 | io[2],io[3],il,ir,t0,t1); | ||
1519 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1520 | CAMELLIA_SUBKEY_L(29),CAMELLIA_SUBKEY_R(29), | ||
1521 | io[0],io[1],il,ir,t0,t1); | ||
1522 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1523 | CAMELLIA_SUBKEY_L(30),CAMELLIA_SUBKEY_R(30), | ||
1524 | io[2],io[3],il,ir,t0,t1); | ||
1525 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1526 | CAMELLIA_SUBKEY_L(31),CAMELLIA_SUBKEY_R(31), | ||
1527 | io[0],io[1],il,ir,t0,t1); | ||
1528 | 947 | ||
1529 | /* post whitening but kw4 */ | 948 | /* post whitening but kw4 */ |
1530 | io[2] ^= CAMELLIA_SUBKEY_L(32); | 949 | io[2] ^= SUBKEY_L(max); |
1531 | io[3] ^= CAMELLIA_SUBKEY_R(32); | 950 | io[3] ^= SUBKEY_R(max); |
1532 | 951 | /* NB: io[0],[1] should be swapped with [2],[3] by caller! */ | |
1533 | t0 = io[0]; | ||
1534 | t1 = io[1]; | ||
1535 | io[0] = io[2]; | ||
1536 | io[1] = io[3]; | ||
1537 | io[2] = t0; | ||
1538 | io[3] = t1; | ||
1539 | |||
1540 | io_text[0] = cpu_to_be32(io[0]); | ||
1541 | io_text[1] = cpu_to_be32(io[1]); | ||
1542 | io_text[2] = cpu_to_be32(io[2]); | ||
1543 | io_text[3] = cpu_to_be32(io[3]); | ||
1544 | |||
1545 | return; | ||
1546 | } | 952 | } |
1547 | 953 | ||
1548 | 954 | static void camellia_do_decrypt(const u32 *subkey, u32 *io, unsigned i) | |
1549 | static void camellia_decrypt256(const u32 *subkey, __be32 *io_text) | ||
1550 | { | 955 | { |
1551 | u32 il,ir,t0,t1; /* temporary valiables */ | 956 | u32 il,ir,t0,t1; /* temporary variables */ |
1552 | 957 | ||
1553 | u32 io[4]; | 958 | /* pre whitening but absorb kw2 */ |
1554 | 959 | io[0] ^= SUBKEY_L(i); | |
1555 | io[0] = be32_to_cpu(io_text[0]); | 960 | io[1] ^= SUBKEY_R(i); |
1556 | io[1] = be32_to_cpu(io_text[1]); | ||
1557 | io[2] = be32_to_cpu(io_text[2]); | ||
1558 | io[3] = be32_to_cpu(io_text[3]); | ||
1559 | |||
1560 | /* pre whitening but absorb kw2*/ | ||
1561 | io[0] ^= CAMELLIA_SUBKEY_L(32); | ||
1562 | io[1] ^= CAMELLIA_SUBKEY_R(32); | ||
1563 | 961 | ||
1564 | /* main iteration */ | 962 | /* main iteration */ |
1565 | CAMELLIA_ROUNDSM(io[0],io[1], | 963 | #define ROUNDS(i) do { \ |
1566 | CAMELLIA_SUBKEY_L(31),CAMELLIA_SUBKEY_R(31), | 964 | CAMELLIA_ROUNDSM(io[0],io[1], \ |
1567 | io[2],io[3],il,ir,t0,t1); | 965 | SUBKEY_L(i + 7),SUBKEY_R(i + 7), \ |
1568 | CAMELLIA_ROUNDSM(io[2],io[3], | 966 | io[2],io[3],il,ir); \ |
1569 | CAMELLIA_SUBKEY_L(30),CAMELLIA_SUBKEY_R(30), | 967 | CAMELLIA_ROUNDSM(io[2],io[3], \ |
1570 | io[0],io[1],il,ir,t0,t1); | 968 | SUBKEY_L(i + 6),SUBKEY_R(i + 6), \ |
1571 | CAMELLIA_ROUNDSM(io[0],io[1], | 969 | io[0],io[1],il,ir); \ |
1572 | CAMELLIA_SUBKEY_L(29),CAMELLIA_SUBKEY_R(29), | 970 | CAMELLIA_ROUNDSM(io[0],io[1], \ |
1573 | io[2],io[3],il,ir,t0,t1); | 971 | SUBKEY_L(i + 5),SUBKEY_R(i + 5), \ |
1574 | CAMELLIA_ROUNDSM(io[2],io[3], | 972 | io[2],io[3],il,ir); \ |
1575 | CAMELLIA_SUBKEY_L(28),CAMELLIA_SUBKEY_R(28), | 973 | CAMELLIA_ROUNDSM(io[2],io[3], \ |
1576 | io[0],io[1],il,ir,t0,t1); | 974 | SUBKEY_L(i + 4),SUBKEY_R(i + 4), \ |
1577 | CAMELLIA_ROUNDSM(io[0],io[1], | 975 | io[0],io[1],il,ir); \ |
1578 | CAMELLIA_SUBKEY_L(27),CAMELLIA_SUBKEY_R(27), | 976 | CAMELLIA_ROUNDSM(io[0],io[1], \ |
1579 | io[2],io[3],il,ir,t0,t1); | 977 | SUBKEY_L(i + 3),SUBKEY_R(i + 3), \ |
1580 | CAMELLIA_ROUNDSM(io[2],io[3], | 978 | io[2],io[3],il,ir); \ |
1581 | CAMELLIA_SUBKEY_L(26),CAMELLIA_SUBKEY_R(26), | 979 | CAMELLIA_ROUNDSM(io[2],io[3], \ |
1582 | io[0],io[1],il,ir,t0,t1); | 980 | SUBKEY_L(i + 2),SUBKEY_R(i + 2), \ |
1583 | 981 | io[0],io[1],il,ir); \ | |
1584 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | 982 | } while (0) |
1585 | CAMELLIA_SUBKEY_L(25),CAMELLIA_SUBKEY_R(25), | 983 | #define FLS(i) do { \ |
1586 | CAMELLIA_SUBKEY_L(24),CAMELLIA_SUBKEY_R(24), | 984 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], \ |
1587 | t0,t1,il,ir); | 985 | SUBKEY_L(i + 1),SUBKEY_R(i + 1), \ |
1588 | 986 | SUBKEY_L(i + 0),SUBKEY_R(i + 0), \ | |
1589 | CAMELLIA_ROUNDSM(io[0],io[1], | 987 | t0,t1,il,ir); \ |
1590 | CAMELLIA_SUBKEY_L(23),CAMELLIA_SUBKEY_R(23), | 988 | } while (0) |
1591 | io[2],io[3],il,ir,t0,t1); | 989 | |
1592 | CAMELLIA_ROUNDSM(io[2],io[3], | 990 | if (i == 32) { |
1593 | CAMELLIA_SUBKEY_L(22),CAMELLIA_SUBKEY_R(22), | 991 | ROUNDS(24); |
1594 | io[0],io[1],il,ir,t0,t1); | 992 | FLS(24); |
1595 | CAMELLIA_ROUNDSM(io[0],io[1], | 993 | } |
1596 | CAMELLIA_SUBKEY_L(21),CAMELLIA_SUBKEY_R(21), | 994 | ROUNDS(16); |
1597 | io[2],io[3],il,ir,t0,t1); | 995 | FLS(16); |
1598 | CAMELLIA_ROUNDSM(io[2],io[3], | 996 | ROUNDS(8); |
1599 | CAMELLIA_SUBKEY_L(20),CAMELLIA_SUBKEY_R(20), | 997 | FLS(8); |
1600 | io[0],io[1],il,ir,t0,t1); | 998 | ROUNDS(0); |
1601 | CAMELLIA_ROUNDSM(io[0],io[1], | 999 | |
1602 | CAMELLIA_SUBKEY_L(19),CAMELLIA_SUBKEY_R(19), | 1000 | #undef ROUNDS |
1603 | io[2],io[3],il,ir,t0,t1); | 1001 | #undef FLS |
1604 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1605 | CAMELLIA_SUBKEY_L(18),CAMELLIA_SUBKEY_R(18), | ||
1606 | io[0],io[1],il,ir,t0,t1); | ||
1607 | |||
1608 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | ||
1609 | CAMELLIA_SUBKEY_L(17),CAMELLIA_SUBKEY_R(17), | ||
1610 | CAMELLIA_SUBKEY_L(16),CAMELLIA_SUBKEY_R(16), | ||
1611 | t0,t1,il,ir); | ||
1612 | |||
1613 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1614 | CAMELLIA_SUBKEY_L(15),CAMELLIA_SUBKEY_R(15), | ||
1615 | io[2],io[3],il,ir,t0,t1); | ||
1616 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1617 | CAMELLIA_SUBKEY_L(14),CAMELLIA_SUBKEY_R(14), | ||
1618 | io[0],io[1],il,ir,t0,t1); | ||
1619 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1620 | CAMELLIA_SUBKEY_L(13),CAMELLIA_SUBKEY_R(13), | ||
1621 | io[2],io[3],il,ir,t0,t1); | ||
1622 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1623 | CAMELLIA_SUBKEY_L(12),CAMELLIA_SUBKEY_R(12), | ||
1624 | io[0],io[1],il,ir,t0,t1); | ||
1625 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1626 | CAMELLIA_SUBKEY_L(11),CAMELLIA_SUBKEY_R(11), | ||
1627 | io[2],io[3],il,ir,t0,t1); | ||
1628 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1629 | CAMELLIA_SUBKEY_L(10),CAMELLIA_SUBKEY_R(10), | ||
1630 | io[0],io[1],il,ir,t0,t1); | ||
1631 | |||
1632 | CAMELLIA_FLS(io[0],io[1],io[2],io[3], | ||
1633 | CAMELLIA_SUBKEY_L(9),CAMELLIA_SUBKEY_R(9), | ||
1634 | CAMELLIA_SUBKEY_L(8),CAMELLIA_SUBKEY_R(8), | ||
1635 | t0,t1,il,ir); | ||
1636 | |||
1637 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1638 | CAMELLIA_SUBKEY_L(7),CAMELLIA_SUBKEY_R(7), | ||
1639 | io[2],io[3],il,ir,t0,t1); | ||
1640 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1641 | CAMELLIA_SUBKEY_L(6),CAMELLIA_SUBKEY_R(6), | ||
1642 | io[0],io[1],il,ir,t0,t1); | ||
1643 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1644 | CAMELLIA_SUBKEY_L(5),CAMELLIA_SUBKEY_R(5), | ||
1645 | io[2],io[3],il,ir,t0,t1); | ||
1646 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1647 | CAMELLIA_SUBKEY_L(4),CAMELLIA_SUBKEY_R(4), | ||
1648 | io[0],io[1],il,ir,t0,t1); | ||
1649 | CAMELLIA_ROUNDSM(io[0],io[1], | ||
1650 | CAMELLIA_SUBKEY_L(3),CAMELLIA_SUBKEY_R(3), | ||
1651 | io[2],io[3],il,ir,t0,t1); | ||
1652 | CAMELLIA_ROUNDSM(io[2],io[3], | ||
1653 | CAMELLIA_SUBKEY_L(2),CAMELLIA_SUBKEY_R(2), | ||
1654 | io[0],io[1],il,ir,t0,t1); | ||
1655 | 1002 | ||
1656 | /* post whitening but kw4 */ | 1003 | /* post whitening but kw4 */ |
1657 | io[2] ^= CAMELLIA_SUBKEY_L(0); | 1004 | io[2] ^= SUBKEY_L(0); |
1658 | io[3] ^= CAMELLIA_SUBKEY_R(0); | 1005 | io[3] ^= SUBKEY_R(0); |
1659 | 1006 | /* NB: 0,1 should be swapped with 2,3 by caller! */ | |
1660 | t0 = io[0]; | ||
1661 | t1 = io[1]; | ||
1662 | io[0] = io[2]; | ||
1663 | io[1] = io[3]; | ||
1664 | io[2] = t0; | ||
1665 | io[3] = t1; | ||
1666 | |||
1667 | io_text[0] = cpu_to_be32(io[0]); | ||
1668 | io_text[1] = cpu_to_be32(io[1]); | ||
1669 | io_text[2] = cpu_to_be32(io[2]); | ||
1670 | io_text[3] = cpu_to_be32(io[3]); | ||
1671 | |||
1672 | return; | ||
1673 | } | 1007 | } |
1674 | 1008 | ||
1675 | 1009 | ||
1010 | struct camellia_ctx { | ||
1011 | int key_length; | ||
1012 | u32 key_table[CAMELLIA_TABLE_BYTE_LEN / sizeof(u32)]; | ||
1013 | }; | ||
1014 | |||
1676 | static int | 1015 | static int |
1677 | camellia_set_key(struct crypto_tfm *tfm, const u8 *in_key, | 1016 | camellia_set_key(struct crypto_tfm *tfm, const u8 *in_key, |
1678 | unsigned int key_len) | 1017 | unsigned int key_len) |
@@ -1688,7 +1027,7 @@ camellia_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
1688 | 1027 | ||
1689 | cctx->key_length = key_len; | 1028 | cctx->key_length = key_len; |
1690 | 1029 | ||
1691 | switch(key_len) { | 1030 | switch (key_len) { |
1692 | case 16: | 1031 | case 16: |
1693 | camellia_setup128(key, cctx->key_table); | 1032 | camellia_setup128(key, cctx->key_table); |
1694 | break; | 1033 | break; |
@@ -1698,68 +1037,59 @@ camellia_set_key(struct crypto_tfm *tfm, const u8 *in_key, | |||
1698 | case 32: | 1037 | case 32: |
1699 | camellia_setup256(key, cctx->key_table); | 1038 | camellia_setup256(key, cctx->key_table); |
1700 | break; | 1039 | break; |
1701 | default: | ||
1702 | break; | ||
1703 | } | 1040 | } |
1704 | 1041 | ||
1705 | return 0; | 1042 | return 0; |
1706 | } | 1043 | } |
1707 | 1044 | ||
1708 | |||
1709 | static void camellia_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 1045 | static void camellia_encrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
1710 | { | 1046 | { |
1711 | const struct camellia_ctx *cctx = crypto_tfm_ctx(tfm); | 1047 | const struct camellia_ctx *cctx = crypto_tfm_ctx(tfm); |
1712 | const __be32 *src = (const __be32 *)in; | 1048 | const __be32 *src = (const __be32 *)in; |
1713 | __be32 *dst = (__be32 *)out; | 1049 | __be32 *dst = (__be32 *)out; |
1714 | 1050 | ||
1715 | __be32 tmp[4]; | 1051 | u32 tmp[4]; |
1716 | 1052 | ||
1717 | memcpy(tmp, src, CAMELLIA_BLOCK_SIZE); | 1053 | tmp[0] = be32_to_cpu(src[0]); |
1054 | tmp[1] = be32_to_cpu(src[1]); | ||
1055 | tmp[2] = be32_to_cpu(src[2]); | ||
1056 | tmp[3] = be32_to_cpu(src[3]); | ||
1718 | 1057 | ||
1719 | switch (cctx->key_length) { | 1058 | camellia_do_encrypt(cctx->key_table, tmp, |
1720 | case 16: | 1059 | cctx->key_length == 16 ? 24 : 32 /* for key lengths of 24 and 32 */ |
1721 | camellia_encrypt128(cctx->key_table, tmp); | 1060 | ); |
1722 | break; | ||
1723 | case 24: | ||
1724 | /* fall through */ | ||
1725 | case 32: | ||
1726 | camellia_encrypt256(cctx->key_table, tmp); | ||
1727 | break; | ||
1728 | default: | ||
1729 | break; | ||
1730 | } | ||
1731 | 1061 | ||
1732 | memcpy(dst, tmp, CAMELLIA_BLOCK_SIZE); | 1062 | /* do_encrypt returns 0,1 swapped with 2,3 */ |
1063 | dst[0] = cpu_to_be32(tmp[2]); | ||
1064 | dst[1] = cpu_to_be32(tmp[3]); | ||
1065 | dst[2] = cpu_to_be32(tmp[0]); | ||
1066 | dst[3] = cpu_to_be32(tmp[1]); | ||
1733 | } | 1067 | } |
1734 | 1068 | ||
1735 | |||
1736 | static void camellia_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) | 1069 | static void camellia_decrypt(struct crypto_tfm *tfm, u8 *out, const u8 *in) |
1737 | { | 1070 | { |
1738 | const struct camellia_ctx *cctx = crypto_tfm_ctx(tfm); | 1071 | const struct camellia_ctx *cctx = crypto_tfm_ctx(tfm); |
1739 | const __be32 *src = (const __be32 *)in; | 1072 | const __be32 *src = (const __be32 *)in; |
1740 | __be32 *dst = (__be32 *)out; | 1073 | __be32 *dst = (__be32 *)out; |
1741 | 1074 | ||
1742 | __be32 tmp[4]; | 1075 | u32 tmp[4]; |
1743 | 1076 | ||
1744 | memcpy(tmp, src, CAMELLIA_BLOCK_SIZE); | 1077 | tmp[0] = be32_to_cpu(src[0]); |
1078 | tmp[1] = be32_to_cpu(src[1]); | ||
1079 | tmp[2] = be32_to_cpu(src[2]); | ||
1080 | tmp[3] = be32_to_cpu(src[3]); | ||
1745 | 1081 | ||
1746 | switch (cctx->key_length) { | 1082 | camellia_do_decrypt(cctx->key_table, tmp, |
1747 | case 16: | 1083 | cctx->key_length == 16 ? 24 : 32 /* for key lengths of 24 and 32 */ |
1748 | camellia_decrypt128(cctx->key_table, tmp); | 1084 | ); |
1749 | break; | ||
1750 | case 24: | ||
1751 | /* fall through */ | ||
1752 | case 32: | ||
1753 | camellia_decrypt256(cctx->key_table, tmp); | ||
1754 | break; | ||
1755 | default: | ||
1756 | break; | ||
1757 | } | ||
1758 | 1085 | ||
1759 | memcpy(dst, tmp, CAMELLIA_BLOCK_SIZE); | 1086 | /* do_decrypt returns 0,1 swapped with 2,3 */ |
1087 | dst[0] = cpu_to_be32(tmp[2]); | ||
1088 | dst[1] = cpu_to_be32(tmp[3]); | ||
1089 | dst[2] = cpu_to_be32(tmp[0]); | ||
1090 | dst[3] = cpu_to_be32(tmp[1]); | ||
1760 | } | 1091 | } |
1761 | 1092 | ||
1762 | |||
1763 | static struct crypto_alg camellia_alg = { | 1093 | static struct crypto_alg camellia_alg = { |
1764 | .cra_name = "camellia", | 1094 | .cra_name = "camellia", |
1765 | .cra_driver_name = "camellia-generic", | 1095 | .cra_driver_name = "camellia-generic", |
@@ -1786,16 +1116,13 @@ static int __init camellia_init(void) | |||
1786 | return crypto_register_alg(&camellia_alg); | 1116 | return crypto_register_alg(&camellia_alg); |
1787 | } | 1117 | } |
1788 | 1118 | ||
1789 | |||
1790 | static void __exit camellia_fini(void) | 1119 | static void __exit camellia_fini(void) |
1791 | { | 1120 | { |
1792 | crypto_unregister_alg(&camellia_alg); | 1121 | crypto_unregister_alg(&camellia_alg); |
1793 | } | 1122 | } |
1794 | 1123 | ||
1795 | |||
1796 | module_init(camellia_init); | 1124 | module_init(camellia_init); |
1797 | module_exit(camellia_fini); | 1125 | module_exit(camellia_fini); |
1798 | 1126 | ||
1799 | |||
1800 | MODULE_DESCRIPTION("Camellia Cipher Algorithm"); | 1127 | MODULE_DESCRIPTION("Camellia Cipher Algorithm"); |
1801 | MODULE_LICENSE("GPL"); | 1128 | MODULE_LICENSE("GPL"); |
diff --git a/crypto/cast6.c b/crypto/cast6.c index 136ab6dfe8c5..5fd9420dc58e 100644 --- a/crypto/cast6.c +++ b/crypto/cast6.c | |||
@@ -369,7 +369,7 @@ static const u8 Tr[4][8] = { | |||
369 | }; | 369 | }; |
370 | 370 | ||
371 | /* forward octave */ | 371 | /* forward octave */ |
372 | static inline void W(u32 *key, unsigned int i) { | 372 | static void W(u32 *key, unsigned int i) { |
373 | u32 I; | 373 | u32 I; |
374 | key[6] ^= F1(key[7], Tr[i % 4][0], Tm[i][0]); | 374 | key[6] ^= F1(key[7], Tr[i % 4][0], Tm[i][0]); |
375 | key[5] ^= F2(key[6], Tr[i % 4][1], Tm[i][1]); | 375 | key[5] ^= F2(key[6], Tr[i % 4][1], Tm[i][1]); |
@@ -428,7 +428,7 @@ static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key, | |||
428 | } | 428 | } |
429 | 429 | ||
430 | /*forward quad round*/ | 430 | /*forward quad round*/ |
431 | static inline void Q (u32 * block, u8 * Kr, u32 * Km) { | 431 | static void Q (u32 * block, u8 * Kr, u32 * Km) { |
432 | u32 I; | 432 | u32 I; |
433 | block[2] ^= F1(block[3], Kr[0], Km[0]); | 433 | block[2] ^= F1(block[3], Kr[0], Km[0]); |
434 | block[1] ^= F2(block[2], Kr[1], Km[1]); | 434 | block[1] ^= F2(block[2], Kr[1], Km[1]); |
@@ -437,7 +437,7 @@ static inline void Q (u32 * block, u8 * Kr, u32 * Km) { | |||
437 | } | 437 | } |
438 | 438 | ||
439 | /*reverse quad round*/ | 439 | /*reverse quad round*/ |
440 | static inline void QBAR (u32 * block, u8 * Kr, u32 * Km) { | 440 | static void QBAR (u32 * block, u8 * Kr, u32 * Km) { |
441 | u32 I; | 441 | u32 I; |
442 | block[3] ^= F1(block[0], Kr[3], Km[3]); | 442 | block[3] ^= F1(block[0], Kr[3], Km[3]); |
443 | block[0] ^= F3(block[1], Kr[2], Km[2]); | 443 | block[0] ^= F3(block[1], Kr[2], Km[2]); |
diff --git a/crypto/cbc.c b/crypto/cbc.c index 1f2649e13b42..6affff882cf8 100644 --- a/crypto/cbc.c +++ b/crypto/cbc.c | |||
@@ -14,13 +14,13 @@ | |||
14 | #include <linux/err.h> | 14 | #include <linux/err.h> |
15 | #include <linux/init.h> | 15 | #include <linux/init.h> |
16 | #include <linux/kernel.h> | 16 | #include <linux/kernel.h> |
17 | #include <linux/log2.h> | ||
17 | #include <linux/module.h> | 18 | #include <linux/module.h> |
18 | #include <linux/scatterlist.h> | 19 | #include <linux/scatterlist.h> |
19 | #include <linux/slab.h> | 20 | #include <linux/slab.h> |
20 | 21 | ||
21 | struct crypto_cbc_ctx { | 22 | struct crypto_cbc_ctx { |
22 | struct crypto_cipher *child; | 23 | struct crypto_cipher *child; |
23 | void (*xor)(u8 *dst, const u8 *src, unsigned int bs); | ||
24 | }; | 24 | }; |
25 | 25 | ||
26 | static int crypto_cbc_setkey(struct crypto_tfm *parent, const u8 *key, | 26 | static int crypto_cbc_setkey(struct crypto_tfm *parent, const u8 *key, |
@@ -41,9 +41,7 @@ static int crypto_cbc_setkey(struct crypto_tfm *parent, const u8 *key, | |||
41 | 41 | ||
42 | static int crypto_cbc_encrypt_segment(struct blkcipher_desc *desc, | 42 | static int crypto_cbc_encrypt_segment(struct blkcipher_desc *desc, |
43 | struct blkcipher_walk *walk, | 43 | struct blkcipher_walk *walk, |
44 | struct crypto_cipher *tfm, | 44 | struct crypto_cipher *tfm) |
45 | void (*xor)(u8 *, const u8 *, | ||
46 | unsigned int)) | ||
47 | { | 45 | { |
48 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | 46 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
49 | crypto_cipher_alg(tfm)->cia_encrypt; | 47 | crypto_cipher_alg(tfm)->cia_encrypt; |
@@ -54,7 +52,7 @@ static int crypto_cbc_encrypt_segment(struct blkcipher_desc *desc, | |||
54 | u8 *iv = walk->iv; | 52 | u8 *iv = walk->iv; |
55 | 53 | ||
56 | do { | 54 | do { |
57 | xor(iv, src, bsize); | 55 | crypto_xor(iv, src, bsize); |
58 | fn(crypto_cipher_tfm(tfm), dst, iv); | 56 | fn(crypto_cipher_tfm(tfm), dst, iv); |
59 | memcpy(iv, dst, bsize); | 57 | memcpy(iv, dst, bsize); |
60 | 58 | ||
@@ -67,9 +65,7 @@ static int crypto_cbc_encrypt_segment(struct blkcipher_desc *desc, | |||
67 | 65 | ||
68 | static int crypto_cbc_encrypt_inplace(struct blkcipher_desc *desc, | 66 | static int crypto_cbc_encrypt_inplace(struct blkcipher_desc *desc, |
69 | struct blkcipher_walk *walk, | 67 | struct blkcipher_walk *walk, |
70 | struct crypto_cipher *tfm, | 68 | struct crypto_cipher *tfm) |
71 | void (*xor)(u8 *, const u8 *, | ||
72 | unsigned int)) | ||
73 | { | 69 | { |
74 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | 70 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
75 | crypto_cipher_alg(tfm)->cia_encrypt; | 71 | crypto_cipher_alg(tfm)->cia_encrypt; |
@@ -79,7 +75,7 @@ static int crypto_cbc_encrypt_inplace(struct blkcipher_desc *desc, | |||
79 | u8 *iv = walk->iv; | 75 | u8 *iv = walk->iv; |
80 | 76 | ||
81 | do { | 77 | do { |
82 | xor(src, iv, bsize); | 78 | crypto_xor(src, iv, bsize); |
83 | fn(crypto_cipher_tfm(tfm), src, src); | 79 | fn(crypto_cipher_tfm(tfm), src, src); |
84 | iv = src; | 80 | iv = src; |
85 | 81 | ||
@@ -99,7 +95,6 @@ static int crypto_cbc_encrypt(struct blkcipher_desc *desc, | |||
99 | struct crypto_blkcipher *tfm = desc->tfm; | 95 | struct crypto_blkcipher *tfm = desc->tfm; |
100 | struct crypto_cbc_ctx *ctx = crypto_blkcipher_ctx(tfm); | 96 | struct crypto_cbc_ctx *ctx = crypto_blkcipher_ctx(tfm); |
101 | struct crypto_cipher *child = ctx->child; | 97 | struct crypto_cipher *child = ctx->child; |
102 | void (*xor)(u8 *, const u8 *, unsigned int bs) = ctx->xor; | ||
103 | int err; | 98 | int err; |
104 | 99 | ||
105 | blkcipher_walk_init(&walk, dst, src, nbytes); | 100 | blkcipher_walk_init(&walk, dst, src, nbytes); |
@@ -107,11 +102,9 @@ static int crypto_cbc_encrypt(struct blkcipher_desc *desc, | |||
107 | 102 | ||
108 | while ((nbytes = walk.nbytes)) { | 103 | while ((nbytes = walk.nbytes)) { |
109 | if (walk.src.virt.addr == walk.dst.virt.addr) | 104 | if (walk.src.virt.addr == walk.dst.virt.addr) |
110 | nbytes = crypto_cbc_encrypt_inplace(desc, &walk, child, | 105 | nbytes = crypto_cbc_encrypt_inplace(desc, &walk, child); |
111 | xor); | ||
112 | else | 106 | else |
113 | nbytes = crypto_cbc_encrypt_segment(desc, &walk, child, | 107 | nbytes = crypto_cbc_encrypt_segment(desc, &walk, child); |
114 | xor); | ||
115 | err = blkcipher_walk_done(desc, &walk, nbytes); | 108 | err = blkcipher_walk_done(desc, &walk, nbytes); |
116 | } | 109 | } |
117 | 110 | ||
@@ -120,9 +113,7 @@ static int crypto_cbc_encrypt(struct blkcipher_desc *desc, | |||
120 | 113 | ||
121 | static int crypto_cbc_decrypt_segment(struct blkcipher_desc *desc, | 114 | static int crypto_cbc_decrypt_segment(struct blkcipher_desc *desc, |
122 | struct blkcipher_walk *walk, | 115 | struct blkcipher_walk *walk, |
123 | struct crypto_cipher *tfm, | 116 | struct crypto_cipher *tfm) |
124 | void (*xor)(u8 *, const u8 *, | ||
125 | unsigned int)) | ||
126 | { | 117 | { |
127 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | 118 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
128 | crypto_cipher_alg(tfm)->cia_decrypt; | 119 | crypto_cipher_alg(tfm)->cia_decrypt; |
@@ -134,7 +125,7 @@ static int crypto_cbc_decrypt_segment(struct blkcipher_desc *desc, | |||
134 | 125 | ||
135 | do { | 126 | do { |
136 | fn(crypto_cipher_tfm(tfm), dst, src); | 127 | fn(crypto_cipher_tfm(tfm), dst, src); |
137 | xor(dst, iv, bsize); | 128 | crypto_xor(dst, iv, bsize); |
138 | iv = src; | 129 | iv = src; |
139 | 130 | ||
140 | src += bsize; | 131 | src += bsize; |
@@ -148,34 +139,29 @@ static int crypto_cbc_decrypt_segment(struct blkcipher_desc *desc, | |||
148 | 139 | ||
149 | static int crypto_cbc_decrypt_inplace(struct blkcipher_desc *desc, | 140 | static int crypto_cbc_decrypt_inplace(struct blkcipher_desc *desc, |
150 | struct blkcipher_walk *walk, | 141 | struct blkcipher_walk *walk, |
151 | struct crypto_cipher *tfm, | 142 | struct crypto_cipher *tfm) |
152 | void (*xor)(u8 *, const u8 *, | ||
153 | unsigned int)) | ||
154 | { | 143 | { |
155 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | 144 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
156 | crypto_cipher_alg(tfm)->cia_decrypt; | 145 | crypto_cipher_alg(tfm)->cia_decrypt; |
157 | int bsize = crypto_cipher_blocksize(tfm); | 146 | int bsize = crypto_cipher_blocksize(tfm); |
158 | unsigned long alignmask = crypto_cipher_alignmask(tfm); | ||
159 | unsigned int nbytes = walk->nbytes; | 147 | unsigned int nbytes = walk->nbytes; |
160 | u8 *src = walk->src.virt.addr; | 148 | u8 *src = walk->src.virt.addr; |
161 | u8 stack[bsize + alignmask]; | 149 | u8 last_iv[bsize]; |
162 | u8 *first_iv = (u8 *)ALIGN((unsigned long)stack, alignmask + 1); | ||
163 | |||
164 | memcpy(first_iv, walk->iv, bsize); | ||
165 | 150 | ||
166 | /* Start of the last block. */ | 151 | /* Start of the last block. */ |
167 | src += nbytes - nbytes % bsize - bsize; | 152 | src += nbytes - (nbytes & (bsize - 1)) - bsize; |
168 | memcpy(walk->iv, src, bsize); | 153 | memcpy(last_iv, src, bsize); |
169 | 154 | ||
170 | for (;;) { | 155 | for (;;) { |
171 | fn(crypto_cipher_tfm(tfm), src, src); | 156 | fn(crypto_cipher_tfm(tfm), src, src); |
172 | if ((nbytes -= bsize) < bsize) | 157 | if ((nbytes -= bsize) < bsize) |
173 | break; | 158 | break; |
174 | xor(src, src - bsize, bsize); | 159 | crypto_xor(src, src - bsize, bsize); |
175 | src -= bsize; | 160 | src -= bsize; |
176 | } | 161 | } |
177 | 162 | ||
178 | xor(src, first_iv, bsize); | 163 | crypto_xor(src, walk->iv, bsize); |
164 | memcpy(walk->iv, last_iv, bsize); | ||
179 | 165 | ||
180 | return nbytes; | 166 | return nbytes; |
181 | } | 167 | } |
@@ -188,7 +174,6 @@ static int crypto_cbc_decrypt(struct blkcipher_desc *desc, | |||
188 | struct crypto_blkcipher *tfm = desc->tfm; | 174 | struct crypto_blkcipher *tfm = desc->tfm; |
189 | struct crypto_cbc_ctx *ctx = crypto_blkcipher_ctx(tfm); | 175 | struct crypto_cbc_ctx *ctx = crypto_blkcipher_ctx(tfm); |
190 | struct crypto_cipher *child = ctx->child; | 176 | struct crypto_cipher *child = ctx->child; |
191 | void (*xor)(u8 *, const u8 *, unsigned int bs) = ctx->xor; | ||
192 | int err; | 177 | int err; |
193 | 178 | ||
194 | blkcipher_walk_init(&walk, dst, src, nbytes); | 179 | blkcipher_walk_init(&walk, dst, src, nbytes); |
@@ -196,48 +181,15 @@ static int crypto_cbc_decrypt(struct blkcipher_desc *desc, | |||
196 | 181 | ||
197 | while ((nbytes = walk.nbytes)) { | 182 | while ((nbytes = walk.nbytes)) { |
198 | if (walk.src.virt.addr == walk.dst.virt.addr) | 183 | if (walk.src.virt.addr == walk.dst.virt.addr) |
199 | nbytes = crypto_cbc_decrypt_inplace(desc, &walk, child, | 184 | nbytes = crypto_cbc_decrypt_inplace(desc, &walk, child); |
200 | xor); | ||
201 | else | 185 | else |
202 | nbytes = crypto_cbc_decrypt_segment(desc, &walk, child, | 186 | nbytes = crypto_cbc_decrypt_segment(desc, &walk, child); |
203 | xor); | ||
204 | err = blkcipher_walk_done(desc, &walk, nbytes); | 187 | err = blkcipher_walk_done(desc, &walk, nbytes); |
205 | } | 188 | } |
206 | 189 | ||
207 | return err; | 190 | return err; |
208 | } | 191 | } |
209 | 192 | ||
210 | static void xor_byte(u8 *a, const u8 *b, unsigned int bs) | ||
211 | { | ||
212 | do { | ||
213 | *a++ ^= *b++; | ||
214 | } while (--bs); | ||
215 | } | ||
216 | |||
217 | static void xor_quad(u8 *dst, const u8 *src, unsigned int bs) | ||
218 | { | ||
219 | u32 *a = (u32 *)dst; | ||
220 | u32 *b = (u32 *)src; | ||
221 | |||
222 | do { | ||
223 | *a++ ^= *b++; | ||
224 | } while ((bs -= 4)); | ||
225 | } | ||
226 | |||
227 | static void xor_64(u8 *a, const u8 *b, unsigned int bs) | ||
228 | { | ||
229 | ((u32 *)a)[0] ^= ((u32 *)b)[0]; | ||
230 | ((u32 *)a)[1] ^= ((u32 *)b)[1]; | ||
231 | } | ||
232 | |||
233 | static void xor_128(u8 *a, const u8 *b, unsigned int bs) | ||
234 | { | ||
235 | ((u32 *)a)[0] ^= ((u32 *)b)[0]; | ||
236 | ((u32 *)a)[1] ^= ((u32 *)b)[1]; | ||
237 | ((u32 *)a)[2] ^= ((u32 *)b)[2]; | ||
238 | ((u32 *)a)[3] ^= ((u32 *)b)[3]; | ||
239 | } | ||
240 | |||
241 | static int crypto_cbc_init_tfm(struct crypto_tfm *tfm) | 193 | static int crypto_cbc_init_tfm(struct crypto_tfm *tfm) |
242 | { | 194 | { |
243 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | 195 | struct crypto_instance *inst = (void *)tfm->__crt_alg; |
@@ -245,22 +197,6 @@ static int crypto_cbc_init_tfm(struct crypto_tfm *tfm) | |||
245 | struct crypto_cbc_ctx *ctx = crypto_tfm_ctx(tfm); | 197 | struct crypto_cbc_ctx *ctx = crypto_tfm_ctx(tfm); |
246 | struct crypto_cipher *cipher; | 198 | struct crypto_cipher *cipher; |
247 | 199 | ||
248 | switch (crypto_tfm_alg_blocksize(tfm)) { | ||
249 | case 8: | ||
250 | ctx->xor = xor_64; | ||
251 | break; | ||
252 | |||
253 | case 16: | ||
254 | ctx->xor = xor_128; | ||
255 | break; | ||
256 | |||
257 | default: | ||
258 | if (crypto_tfm_alg_blocksize(tfm) % 4) | ||
259 | ctx->xor = xor_byte; | ||
260 | else | ||
261 | ctx->xor = xor_quad; | ||
262 | } | ||
263 | |||
264 | cipher = crypto_spawn_cipher(spawn); | 200 | cipher = crypto_spawn_cipher(spawn); |
265 | if (IS_ERR(cipher)) | 201 | if (IS_ERR(cipher)) |
266 | return PTR_ERR(cipher); | 202 | return PTR_ERR(cipher); |
@@ -290,6 +226,10 @@ static struct crypto_instance *crypto_cbc_alloc(struct rtattr **tb) | |||
290 | if (IS_ERR(alg)) | 226 | if (IS_ERR(alg)) |
291 | return ERR_PTR(PTR_ERR(alg)); | 227 | return ERR_PTR(PTR_ERR(alg)); |
292 | 228 | ||
229 | inst = ERR_PTR(-EINVAL); | ||
230 | if (!is_power_of_2(alg->cra_blocksize)) | ||
231 | goto out_put_alg; | ||
232 | |||
293 | inst = crypto_alloc_instance("cbc", alg); | 233 | inst = crypto_alloc_instance("cbc", alg); |
294 | if (IS_ERR(inst)) | 234 | if (IS_ERR(inst)) |
295 | goto out_put_alg; | 235 | goto out_put_alg; |
@@ -300,8 +240,9 @@ static struct crypto_instance *crypto_cbc_alloc(struct rtattr **tb) | |||
300 | inst->alg.cra_alignmask = alg->cra_alignmask; | 240 | inst->alg.cra_alignmask = alg->cra_alignmask; |
301 | inst->alg.cra_type = &crypto_blkcipher_type; | 241 | inst->alg.cra_type = &crypto_blkcipher_type; |
302 | 242 | ||
303 | if (!(alg->cra_blocksize % 4)) | 243 | /* We access the data as u32s when xoring. */ |
304 | inst->alg.cra_alignmask |= 3; | 244 | inst->alg.cra_alignmask |= __alignof__(u32) - 1; |
245 | |||
305 | inst->alg.cra_blkcipher.ivsize = alg->cra_blocksize; | 246 | inst->alg.cra_blkcipher.ivsize = alg->cra_blocksize; |
306 | inst->alg.cra_blkcipher.min_keysize = alg->cra_cipher.cia_min_keysize; | 247 | inst->alg.cra_blkcipher.min_keysize = alg->cra_cipher.cia_min_keysize; |
307 | inst->alg.cra_blkcipher.max_keysize = alg->cra_cipher.cia_max_keysize; | 248 | inst->alg.cra_blkcipher.max_keysize = alg->cra_cipher.cia_max_keysize; |
diff --git a/crypto/ccm.c b/crypto/ccm.c new file mode 100644 index 000000000000..7cf7e5a6b781 --- /dev/null +++ b/crypto/ccm.c | |||
@@ -0,0 +1,889 @@ | |||
1 | /* | ||
2 | * CCM: Counter with CBC-MAC | ||
3 | * | ||
4 | * (C) Copyright IBM Corp. 2007 - Joy Latten <latten@us.ibm.com> | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify it | ||
7 | * under the terms of the GNU General Public License as published by the Free | ||
8 | * Software Foundation; either version 2 of the License, or (at your option) | ||
9 | * any later version. | ||
10 | * | ||
11 | */ | ||
12 | |||
13 | #include <crypto/internal/aead.h> | ||
14 | #include <crypto/internal/skcipher.h> | ||
15 | #include <crypto/scatterwalk.h> | ||
16 | #include <linux/err.h> | ||
17 | #include <linux/init.h> | ||
18 | #include <linux/kernel.h> | ||
19 | #include <linux/module.h> | ||
20 | #include <linux/slab.h> | ||
21 | |||
22 | #include "internal.h" | ||
23 | |||
24 | struct ccm_instance_ctx { | ||
25 | struct crypto_skcipher_spawn ctr; | ||
26 | struct crypto_spawn cipher; | ||
27 | }; | ||
28 | |||
29 | struct crypto_ccm_ctx { | ||
30 | struct crypto_cipher *cipher; | ||
31 | struct crypto_ablkcipher *ctr; | ||
32 | }; | ||
33 | |||
34 | struct crypto_rfc4309_ctx { | ||
35 | struct crypto_aead *child; | ||
36 | u8 nonce[3]; | ||
37 | }; | ||
38 | |||
39 | struct crypto_ccm_req_priv_ctx { | ||
40 | u8 odata[16]; | ||
41 | u8 idata[16]; | ||
42 | u8 auth_tag[16]; | ||
43 | u32 ilen; | ||
44 | u32 flags; | ||
45 | struct scatterlist src[2]; | ||
46 | struct scatterlist dst[2]; | ||
47 | struct ablkcipher_request abreq; | ||
48 | }; | ||
49 | |||
50 | static inline struct crypto_ccm_req_priv_ctx *crypto_ccm_reqctx( | ||
51 | struct aead_request *req) | ||
52 | { | ||
53 | unsigned long align = crypto_aead_alignmask(crypto_aead_reqtfm(req)); | ||
54 | |||
55 | return (void *)PTR_ALIGN((u8 *)aead_request_ctx(req), align + 1); | ||
56 | } | ||
57 | |||
58 | static int set_msg_len(u8 *block, unsigned int msglen, int csize) | ||
59 | { | ||
60 | __be32 data; | ||
61 | |||
62 | memset(block, 0, csize); | ||
63 | block += csize; | ||
64 | |||
65 | if (csize >= 4) | ||
66 | csize = 4; | ||
67 | else if (msglen > (1 << (8 * csize))) | ||
68 | return -EOVERFLOW; | ||
69 | |||
70 | data = cpu_to_be32(msglen); | ||
71 | memcpy(block - csize, (u8 *)&data + 4 - csize, csize); | ||
72 | |||
73 | return 0; | ||
74 | } | ||
75 | |||
76 | static int crypto_ccm_setkey(struct crypto_aead *aead, const u8 *key, | ||
77 | unsigned int keylen) | ||
78 | { | ||
79 | struct crypto_ccm_ctx *ctx = crypto_aead_ctx(aead); | ||
80 | struct crypto_ablkcipher *ctr = ctx->ctr; | ||
81 | struct crypto_cipher *tfm = ctx->cipher; | ||
82 | int err = 0; | ||
83 | |||
84 | crypto_ablkcipher_clear_flags(ctr, CRYPTO_TFM_REQ_MASK); | ||
85 | crypto_ablkcipher_set_flags(ctr, crypto_aead_get_flags(aead) & | ||
86 | CRYPTO_TFM_REQ_MASK); | ||
87 | err = crypto_ablkcipher_setkey(ctr, key, keylen); | ||
88 | crypto_aead_set_flags(aead, crypto_ablkcipher_get_flags(ctr) & | ||
89 | CRYPTO_TFM_RES_MASK); | ||
90 | if (err) | ||
91 | goto out; | ||
92 | |||
93 | crypto_cipher_clear_flags(tfm, CRYPTO_TFM_REQ_MASK); | ||
94 | crypto_cipher_set_flags(tfm, crypto_aead_get_flags(aead) & | ||
95 | CRYPTO_TFM_REQ_MASK); | ||
96 | err = crypto_cipher_setkey(tfm, key, keylen); | ||
97 | crypto_aead_set_flags(aead, crypto_cipher_get_flags(tfm) & | ||
98 | CRYPTO_TFM_RES_MASK); | ||
99 | |||
100 | out: | ||
101 | return err; | ||
102 | } | ||
103 | |||
104 | static int crypto_ccm_setauthsize(struct crypto_aead *tfm, | ||
105 | unsigned int authsize) | ||
106 | { | ||
107 | switch (authsize) { | ||
108 | case 4: | ||
109 | case 6: | ||
110 | case 8: | ||
111 | case 10: | ||
112 | case 12: | ||
113 | case 14: | ||
114 | case 16: | ||
115 | break; | ||
116 | default: | ||
117 | return -EINVAL; | ||
118 | } | ||
119 | |||
120 | return 0; | ||
121 | } | ||
122 | |||
123 | static int format_input(u8 *info, struct aead_request *req, | ||
124 | unsigned int cryptlen) | ||
125 | { | ||
126 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
127 | unsigned int lp = req->iv[0]; | ||
128 | unsigned int l = lp + 1; | ||
129 | unsigned int m; | ||
130 | |||
131 | m = crypto_aead_authsize(aead); | ||
132 | |||
133 | memcpy(info, req->iv, 16); | ||
134 | |||
135 | /* format control info per RFC 3610 and | ||
136 | * NIST Special Publication 800-38C | ||
137 | */ | ||
138 | *info |= (8 * ((m - 2) / 2)); | ||
139 | if (req->assoclen) | ||
140 | *info |= 64; | ||
141 | |||
142 | return set_msg_len(info + 16 - l, cryptlen, l); | ||
143 | } | ||
144 | |||
145 | static int format_adata(u8 *adata, unsigned int a) | ||
146 | { | ||
147 | int len = 0; | ||
148 | |||
149 | /* add control info for associated data | ||
150 | * RFC 3610 and NIST Special Publication 800-38C | ||
151 | */ | ||
152 | if (a < 65280) { | ||
153 | *(__be16 *)adata = cpu_to_be16(a); | ||
154 | len = 2; | ||
155 | } else { | ||
156 | *(__be16 *)adata = cpu_to_be16(0xfffe); | ||
157 | *(__be32 *)&adata[2] = cpu_to_be32(a); | ||
158 | len = 6; | ||
159 | } | ||
160 | |||
161 | return len; | ||
162 | } | ||
163 | |||
164 | static void compute_mac(struct crypto_cipher *tfm, u8 *data, int n, | ||
165 | struct crypto_ccm_req_priv_ctx *pctx) | ||
166 | { | ||
167 | unsigned int bs = 16; | ||
168 | u8 *odata = pctx->odata; | ||
169 | u8 *idata = pctx->idata; | ||
170 | int datalen, getlen; | ||
171 | |||
172 | datalen = n; | ||
173 | |||
174 | /* first time in here, block may be partially filled. */ | ||
175 | getlen = bs - pctx->ilen; | ||
176 | if (datalen >= getlen) { | ||
177 | memcpy(idata + pctx->ilen, data, getlen); | ||
178 | crypto_xor(odata, idata, bs); | ||
179 | crypto_cipher_encrypt_one(tfm, odata, odata); | ||
180 | datalen -= getlen; | ||
181 | data += getlen; | ||
182 | pctx->ilen = 0; | ||
183 | } | ||
184 | |||
185 | /* now encrypt rest of data */ | ||
186 | while (datalen >= bs) { | ||
187 | crypto_xor(odata, data, bs); | ||
188 | crypto_cipher_encrypt_one(tfm, odata, odata); | ||
189 | |||
190 | datalen -= bs; | ||
191 | data += bs; | ||
192 | } | ||
193 | |||
194 | /* check and see if there's leftover data that wasn't | ||
195 | * enough to fill a block. | ||
196 | */ | ||
197 | if (datalen) { | ||
198 | memcpy(idata + pctx->ilen, data, datalen); | ||
199 | pctx->ilen += datalen; | ||
200 | } | ||
201 | } | ||
202 | |||
203 | static void get_data_to_compute(struct crypto_cipher *tfm, | ||
204 | struct crypto_ccm_req_priv_ctx *pctx, | ||
205 | struct scatterlist *sg, unsigned int len) | ||
206 | { | ||
207 | struct scatter_walk walk; | ||
208 | u8 *data_src; | ||
209 | int n; | ||
210 | |||
211 | scatterwalk_start(&walk, sg); | ||
212 | |||
213 | while (len) { | ||
214 | n = scatterwalk_clamp(&walk, len); | ||
215 | if (!n) { | ||
216 | scatterwalk_start(&walk, sg_next(walk.sg)); | ||
217 | n = scatterwalk_clamp(&walk, len); | ||
218 | } | ||
219 | data_src = scatterwalk_map(&walk, 0); | ||
220 | |||
221 | compute_mac(tfm, data_src, n, pctx); | ||
222 | len -= n; | ||
223 | |||
224 | scatterwalk_unmap(data_src, 0); | ||
225 | scatterwalk_advance(&walk, n); | ||
226 | scatterwalk_done(&walk, 0, len); | ||
227 | if (len) | ||
228 | crypto_yield(pctx->flags); | ||
229 | } | ||
230 | |||
231 | /* any leftover needs padding and then encrypted */ | ||
232 | if (pctx->ilen) { | ||
233 | int padlen; | ||
234 | u8 *odata = pctx->odata; | ||
235 | u8 *idata = pctx->idata; | ||
236 | |||
237 | padlen = 16 - pctx->ilen; | ||
238 | memset(idata + pctx->ilen, 0, padlen); | ||
239 | crypto_xor(odata, idata, 16); | ||
240 | crypto_cipher_encrypt_one(tfm, odata, odata); | ||
241 | pctx->ilen = 0; | ||
242 | } | ||
243 | } | ||
244 | |||
245 | static int crypto_ccm_auth(struct aead_request *req, struct scatterlist *plain, | ||
246 | unsigned int cryptlen) | ||
247 | { | ||
248 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
249 | struct crypto_ccm_ctx *ctx = crypto_aead_ctx(aead); | ||
250 | struct crypto_ccm_req_priv_ctx *pctx = crypto_ccm_reqctx(req); | ||
251 | struct crypto_cipher *cipher = ctx->cipher; | ||
252 | unsigned int assoclen = req->assoclen; | ||
253 | u8 *odata = pctx->odata; | ||
254 | u8 *idata = pctx->idata; | ||
255 | int err; | ||
256 | |||
257 | /* format control data for input */ | ||
258 | err = format_input(odata, req, cryptlen); | ||
259 | if (err) | ||
260 | goto out; | ||
261 | |||
262 | /* encrypt first block to use as start in computing mac */ | ||
263 | crypto_cipher_encrypt_one(cipher, odata, odata); | ||
264 | |||
265 | /* format associated data and compute into mac */ | ||
266 | if (assoclen) { | ||
267 | pctx->ilen = format_adata(idata, assoclen); | ||
268 | get_data_to_compute(cipher, pctx, req->assoc, req->assoclen); | ||
269 | } | ||
270 | |||
271 | /* compute plaintext into mac */ | ||
272 | get_data_to_compute(cipher, pctx, plain, cryptlen); | ||
273 | |||
274 | out: | ||
275 | return err; | ||
276 | } | ||
277 | |||
278 | static void crypto_ccm_encrypt_done(struct crypto_async_request *areq, int err) | ||
279 | { | ||
280 | struct aead_request *req = areq->data; | ||
281 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
282 | struct crypto_ccm_req_priv_ctx *pctx = crypto_ccm_reqctx(req); | ||
283 | u8 *odata = pctx->odata; | ||
284 | |||
285 | if (!err) | ||
286 | scatterwalk_map_and_copy(odata, req->dst, req->cryptlen, | ||
287 | crypto_aead_authsize(aead), 1); | ||
288 | aead_request_complete(req, err); | ||
289 | } | ||
290 | |||
291 | static inline int crypto_ccm_check_iv(const u8 *iv) | ||
292 | { | ||
293 | /* 2 <= L <= 8, so 1 <= L' <= 7. */ | ||
294 | if (1 > iv[0] || iv[0] > 7) | ||
295 | return -EINVAL; | ||
296 | |||
297 | return 0; | ||
298 | } | ||
299 | |||
300 | static int crypto_ccm_encrypt(struct aead_request *req) | ||
301 | { | ||
302 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
303 | struct crypto_ccm_ctx *ctx = crypto_aead_ctx(aead); | ||
304 | struct crypto_ccm_req_priv_ctx *pctx = crypto_ccm_reqctx(req); | ||
305 | struct ablkcipher_request *abreq = &pctx->abreq; | ||
306 | struct scatterlist *dst; | ||
307 | unsigned int cryptlen = req->cryptlen; | ||
308 | u8 *odata = pctx->odata; | ||
309 | u8 *iv = req->iv; | ||
310 | int err; | ||
311 | |||
312 | err = crypto_ccm_check_iv(iv); | ||
313 | if (err) | ||
314 | return err; | ||
315 | |||
316 | pctx->flags = aead_request_flags(req); | ||
317 | |||
318 | err = crypto_ccm_auth(req, req->src, cryptlen); | ||
319 | if (err) | ||
320 | return err; | ||
321 | |||
322 | /* Note: rfc 3610 and NIST 800-38C require counter of | ||
323 | * zero to encrypt auth tag. | ||
324 | */ | ||
325 | memset(iv + 15 - iv[0], 0, iv[0] + 1); | ||
326 | |||
327 | sg_init_table(pctx->src, 2); | ||
328 | sg_set_buf(pctx->src, odata, 16); | ||
329 | scatterwalk_sg_chain(pctx->src, 2, req->src); | ||
330 | |||
331 | dst = pctx->src; | ||
332 | if (req->src != req->dst) { | ||
333 | sg_init_table(pctx->dst, 2); | ||
334 | sg_set_buf(pctx->dst, odata, 16); | ||
335 | scatterwalk_sg_chain(pctx->dst, 2, req->dst); | ||
336 | dst = pctx->dst; | ||
337 | } | ||
338 | |||
339 | ablkcipher_request_set_tfm(abreq, ctx->ctr); | ||
340 | ablkcipher_request_set_callback(abreq, pctx->flags, | ||
341 | crypto_ccm_encrypt_done, req); | ||
342 | ablkcipher_request_set_crypt(abreq, pctx->src, dst, cryptlen + 16, iv); | ||
343 | err = crypto_ablkcipher_encrypt(abreq); | ||
344 | if (err) | ||
345 | return err; | ||
346 | |||
347 | /* copy authtag to end of dst */ | ||
348 | scatterwalk_map_and_copy(odata, req->dst, cryptlen, | ||
349 | crypto_aead_authsize(aead), 1); | ||
350 | return err; | ||
351 | } | ||
352 | |||
353 | static void crypto_ccm_decrypt_done(struct crypto_async_request *areq, | ||
354 | int err) | ||
355 | { | ||
356 | struct aead_request *req = areq->data; | ||
357 | struct crypto_ccm_req_priv_ctx *pctx = crypto_ccm_reqctx(req); | ||
358 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
359 | unsigned int authsize = crypto_aead_authsize(aead); | ||
360 | unsigned int cryptlen = req->cryptlen - authsize; | ||
361 | |||
362 | if (!err) { | ||
363 | err = crypto_ccm_auth(req, req->dst, cryptlen); | ||
364 | if (!err && memcmp(pctx->auth_tag, pctx->odata, authsize)) | ||
365 | err = -EBADMSG; | ||
366 | } | ||
367 | aead_request_complete(req, err); | ||
368 | } | ||
369 | |||
370 | static int crypto_ccm_decrypt(struct aead_request *req) | ||
371 | { | ||
372 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
373 | struct crypto_ccm_ctx *ctx = crypto_aead_ctx(aead); | ||
374 | struct crypto_ccm_req_priv_ctx *pctx = crypto_ccm_reqctx(req); | ||
375 | struct ablkcipher_request *abreq = &pctx->abreq; | ||
376 | struct scatterlist *dst; | ||
377 | unsigned int authsize = crypto_aead_authsize(aead); | ||
378 | unsigned int cryptlen = req->cryptlen; | ||
379 | u8 *authtag = pctx->auth_tag; | ||
380 | u8 *odata = pctx->odata; | ||
381 | u8 *iv = req->iv; | ||
382 | int err; | ||
383 | |||
384 | if (cryptlen < authsize) | ||
385 | return -EINVAL; | ||
386 | cryptlen -= authsize; | ||
387 | |||
388 | err = crypto_ccm_check_iv(iv); | ||
389 | if (err) | ||
390 | return err; | ||
391 | |||
392 | pctx->flags = aead_request_flags(req); | ||
393 | |||
394 | scatterwalk_map_and_copy(authtag, req->src, cryptlen, authsize, 0); | ||
395 | |||
396 | memset(iv + 15 - iv[0], 0, iv[0] + 1); | ||
397 | |||
398 | sg_init_table(pctx->src, 2); | ||
399 | sg_set_buf(pctx->src, authtag, 16); | ||
400 | scatterwalk_sg_chain(pctx->src, 2, req->src); | ||
401 | |||
402 | dst = pctx->src; | ||
403 | if (req->src != req->dst) { | ||
404 | sg_init_table(pctx->dst, 2); | ||
405 | sg_set_buf(pctx->dst, authtag, 16); | ||
406 | scatterwalk_sg_chain(pctx->dst, 2, req->dst); | ||
407 | dst = pctx->dst; | ||
408 | } | ||
409 | |||
410 | ablkcipher_request_set_tfm(abreq, ctx->ctr); | ||
411 | ablkcipher_request_set_callback(abreq, pctx->flags, | ||
412 | crypto_ccm_decrypt_done, req); | ||
413 | ablkcipher_request_set_crypt(abreq, pctx->src, dst, cryptlen + 16, iv); | ||
414 | err = crypto_ablkcipher_decrypt(abreq); | ||
415 | if (err) | ||
416 | return err; | ||
417 | |||
418 | err = crypto_ccm_auth(req, req->dst, cryptlen); | ||
419 | if (err) | ||
420 | return err; | ||
421 | |||
422 | /* verify */ | ||
423 | if (memcmp(authtag, odata, authsize)) | ||
424 | return -EBADMSG; | ||
425 | |||
426 | return err; | ||
427 | } | ||
428 | |||
429 | static int crypto_ccm_init_tfm(struct crypto_tfm *tfm) | ||
430 | { | ||
431 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | ||
432 | struct ccm_instance_ctx *ictx = crypto_instance_ctx(inst); | ||
433 | struct crypto_ccm_ctx *ctx = crypto_tfm_ctx(tfm); | ||
434 | struct crypto_cipher *cipher; | ||
435 | struct crypto_ablkcipher *ctr; | ||
436 | unsigned long align; | ||
437 | int err; | ||
438 | |||
439 | cipher = crypto_spawn_cipher(&ictx->cipher); | ||
440 | if (IS_ERR(cipher)) | ||
441 | return PTR_ERR(cipher); | ||
442 | |||
443 | ctr = crypto_spawn_skcipher(&ictx->ctr); | ||
444 | err = PTR_ERR(ctr); | ||
445 | if (IS_ERR(ctr)) | ||
446 | goto err_free_cipher; | ||
447 | |||
448 | ctx->cipher = cipher; | ||
449 | ctx->ctr = ctr; | ||
450 | |||
451 | align = crypto_tfm_alg_alignmask(tfm); | ||
452 | align &= ~(crypto_tfm_ctx_alignment() - 1); | ||
453 | tfm->crt_aead.reqsize = align + | ||
454 | sizeof(struct crypto_ccm_req_priv_ctx) + | ||
455 | crypto_ablkcipher_reqsize(ctr); | ||
456 | |||
457 | return 0; | ||
458 | |||
459 | err_free_cipher: | ||
460 | crypto_free_cipher(cipher); | ||
461 | return err; | ||
462 | } | ||
463 | |||
464 | static void crypto_ccm_exit_tfm(struct crypto_tfm *tfm) | ||
465 | { | ||
466 | struct crypto_ccm_ctx *ctx = crypto_tfm_ctx(tfm); | ||
467 | |||
468 | crypto_free_cipher(ctx->cipher); | ||
469 | crypto_free_ablkcipher(ctx->ctr); | ||
470 | } | ||
471 | |||
472 | static struct crypto_instance *crypto_ccm_alloc_common(struct rtattr **tb, | ||
473 | const char *full_name, | ||
474 | const char *ctr_name, | ||
475 | const char *cipher_name) | ||
476 | { | ||
477 | struct crypto_attr_type *algt; | ||
478 | struct crypto_instance *inst; | ||
479 | struct crypto_alg *ctr; | ||
480 | struct crypto_alg *cipher; | ||
481 | struct ccm_instance_ctx *ictx; | ||
482 | int err; | ||
483 | |||
484 | algt = crypto_get_attr_type(tb); | ||
485 | err = PTR_ERR(algt); | ||
486 | if (IS_ERR(algt)) | ||
487 | return ERR_PTR(err); | ||
488 | |||
489 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask) | ||
490 | return ERR_PTR(-EINVAL); | ||
491 | |||
492 | cipher = crypto_alg_mod_lookup(cipher_name, CRYPTO_ALG_TYPE_CIPHER, | ||
493 | CRYPTO_ALG_TYPE_MASK); | ||
494 | err = PTR_ERR(cipher); | ||
495 | if (IS_ERR(cipher)) | ||
496 | return ERR_PTR(err); | ||
497 | |||
498 | err = -EINVAL; | ||
499 | if (cipher->cra_blocksize != 16) | ||
500 | goto out_put_cipher; | ||
501 | |||
502 | inst = kzalloc(sizeof(*inst) + sizeof(*ictx), GFP_KERNEL); | ||
503 | err = -ENOMEM; | ||
504 | if (!inst) | ||
505 | goto out_put_cipher; | ||
506 | |||
507 | ictx = crypto_instance_ctx(inst); | ||
508 | |||
509 | err = crypto_init_spawn(&ictx->cipher, cipher, inst, | ||
510 | CRYPTO_ALG_TYPE_MASK); | ||
511 | if (err) | ||
512 | goto err_free_inst; | ||
513 | |||
514 | crypto_set_skcipher_spawn(&ictx->ctr, inst); | ||
515 | err = crypto_grab_skcipher(&ictx->ctr, ctr_name, 0, | ||
516 | crypto_requires_sync(algt->type, | ||
517 | algt->mask)); | ||
518 | if (err) | ||
519 | goto err_drop_cipher; | ||
520 | |||
521 | ctr = crypto_skcipher_spawn_alg(&ictx->ctr); | ||
522 | |||
523 | /* Not a stream cipher? */ | ||
524 | err = -EINVAL; | ||
525 | if (ctr->cra_blocksize != 1) | ||
526 | goto err_drop_ctr; | ||
527 | |||
528 | /* We want the real thing! */ | ||
529 | if (ctr->cra_ablkcipher.ivsize != 16) | ||
530 | goto err_drop_ctr; | ||
531 | |||
532 | err = -ENAMETOOLONG; | ||
533 | if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | ||
534 | "ccm_base(%s,%s)", ctr->cra_driver_name, | ||
535 | cipher->cra_driver_name) >= CRYPTO_MAX_ALG_NAME) | ||
536 | goto err_drop_ctr; | ||
537 | |||
538 | memcpy(inst->alg.cra_name, full_name, CRYPTO_MAX_ALG_NAME); | ||
539 | |||
540 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD; | ||
541 | inst->alg.cra_flags |= ctr->cra_flags & CRYPTO_ALG_ASYNC; | ||
542 | inst->alg.cra_priority = cipher->cra_priority + ctr->cra_priority; | ||
543 | inst->alg.cra_blocksize = 1; | ||
544 | inst->alg.cra_alignmask = cipher->cra_alignmask | ctr->cra_alignmask | | ||
545 | (__alignof__(u32) - 1); | ||
546 | inst->alg.cra_type = &crypto_aead_type; | ||
547 | inst->alg.cra_aead.ivsize = 16; | ||
548 | inst->alg.cra_aead.maxauthsize = 16; | ||
549 | inst->alg.cra_ctxsize = sizeof(struct crypto_ccm_ctx); | ||
550 | inst->alg.cra_init = crypto_ccm_init_tfm; | ||
551 | inst->alg.cra_exit = crypto_ccm_exit_tfm; | ||
552 | inst->alg.cra_aead.setkey = crypto_ccm_setkey; | ||
553 | inst->alg.cra_aead.setauthsize = crypto_ccm_setauthsize; | ||
554 | inst->alg.cra_aead.encrypt = crypto_ccm_encrypt; | ||
555 | inst->alg.cra_aead.decrypt = crypto_ccm_decrypt; | ||
556 | |||
557 | out: | ||
558 | crypto_mod_put(cipher); | ||
559 | return inst; | ||
560 | |||
561 | err_drop_ctr: | ||
562 | crypto_drop_skcipher(&ictx->ctr); | ||
563 | err_drop_cipher: | ||
564 | crypto_drop_spawn(&ictx->cipher); | ||
565 | err_free_inst: | ||
566 | kfree(inst); | ||
567 | out_put_cipher: | ||
568 | inst = ERR_PTR(err); | ||
569 | goto out; | ||
570 | } | ||
571 | |||
572 | static struct crypto_instance *crypto_ccm_alloc(struct rtattr **tb) | ||
573 | { | ||
574 | int err; | ||
575 | const char *cipher_name; | ||
576 | char ctr_name[CRYPTO_MAX_ALG_NAME]; | ||
577 | char full_name[CRYPTO_MAX_ALG_NAME]; | ||
578 | |||
579 | cipher_name = crypto_attr_alg_name(tb[1]); | ||
580 | err = PTR_ERR(cipher_name); | ||
581 | if (IS_ERR(cipher_name)) | ||
582 | return ERR_PTR(err); | ||
583 | |||
584 | if (snprintf(ctr_name, CRYPTO_MAX_ALG_NAME, "ctr(%s)", | ||
585 | cipher_name) >= CRYPTO_MAX_ALG_NAME) | ||
586 | return ERR_PTR(-ENAMETOOLONG); | ||
587 | |||
588 | if (snprintf(full_name, CRYPTO_MAX_ALG_NAME, "ccm(%s)", cipher_name) >= | ||
589 | CRYPTO_MAX_ALG_NAME) | ||
590 | return ERR_PTR(-ENAMETOOLONG); | ||
591 | |||
592 | return crypto_ccm_alloc_common(tb, full_name, ctr_name, cipher_name); | ||
593 | } | ||
594 | |||
595 | static void crypto_ccm_free(struct crypto_instance *inst) | ||
596 | { | ||
597 | struct ccm_instance_ctx *ctx = crypto_instance_ctx(inst); | ||
598 | |||
599 | crypto_drop_spawn(&ctx->cipher); | ||
600 | crypto_drop_skcipher(&ctx->ctr); | ||
601 | kfree(inst); | ||
602 | } | ||
603 | |||
604 | static struct crypto_template crypto_ccm_tmpl = { | ||
605 | .name = "ccm", | ||
606 | .alloc = crypto_ccm_alloc, | ||
607 | .free = crypto_ccm_free, | ||
608 | .module = THIS_MODULE, | ||
609 | }; | ||
610 | |||
611 | static struct crypto_instance *crypto_ccm_base_alloc(struct rtattr **tb) | ||
612 | { | ||
613 | int err; | ||
614 | const char *ctr_name; | ||
615 | const char *cipher_name; | ||
616 | char full_name[CRYPTO_MAX_ALG_NAME]; | ||
617 | |||
618 | ctr_name = crypto_attr_alg_name(tb[1]); | ||
619 | err = PTR_ERR(ctr_name); | ||
620 | if (IS_ERR(ctr_name)) | ||
621 | return ERR_PTR(err); | ||
622 | |||
623 | cipher_name = crypto_attr_alg_name(tb[2]); | ||
624 | err = PTR_ERR(cipher_name); | ||
625 | if (IS_ERR(cipher_name)) | ||
626 | return ERR_PTR(err); | ||
627 | |||
628 | if (snprintf(full_name, CRYPTO_MAX_ALG_NAME, "ccm_base(%s,%s)", | ||
629 | ctr_name, cipher_name) >= CRYPTO_MAX_ALG_NAME) | ||
630 | return ERR_PTR(-ENAMETOOLONG); | ||
631 | |||
632 | return crypto_ccm_alloc_common(tb, full_name, ctr_name, cipher_name); | ||
633 | } | ||
634 | |||
635 | static struct crypto_template crypto_ccm_base_tmpl = { | ||
636 | .name = "ccm_base", | ||
637 | .alloc = crypto_ccm_base_alloc, | ||
638 | .free = crypto_ccm_free, | ||
639 | .module = THIS_MODULE, | ||
640 | }; | ||
641 | |||
642 | static int crypto_rfc4309_setkey(struct crypto_aead *parent, const u8 *key, | ||
643 | unsigned int keylen) | ||
644 | { | ||
645 | struct crypto_rfc4309_ctx *ctx = crypto_aead_ctx(parent); | ||
646 | struct crypto_aead *child = ctx->child; | ||
647 | int err; | ||
648 | |||
649 | if (keylen < 3) | ||
650 | return -EINVAL; | ||
651 | |||
652 | keylen -= 3; | ||
653 | memcpy(ctx->nonce, key + keylen, 3); | ||
654 | |||
655 | crypto_aead_clear_flags(child, CRYPTO_TFM_REQ_MASK); | ||
656 | crypto_aead_set_flags(child, crypto_aead_get_flags(parent) & | ||
657 | CRYPTO_TFM_REQ_MASK); | ||
658 | err = crypto_aead_setkey(child, key, keylen); | ||
659 | crypto_aead_set_flags(parent, crypto_aead_get_flags(child) & | ||
660 | CRYPTO_TFM_RES_MASK); | ||
661 | |||
662 | return err; | ||
663 | } | ||
664 | |||
665 | static int crypto_rfc4309_setauthsize(struct crypto_aead *parent, | ||
666 | unsigned int authsize) | ||
667 | { | ||
668 | struct crypto_rfc4309_ctx *ctx = crypto_aead_ctx(parent); | ||
669 | |||
670 | switch (authsize) { | ||
671 | case 8: | ||
672 | case 12: | ||
673 | case 16: | ||
674 | break; | ||
675 | default: | ||
676 | return -EINVAL; | ||
677 | } | ||
678 | |||
679 | return crypto_aead_setauthsize(ctx->child, authsize); | ||
680 | } | ||
681 | |||
682 | static struct aead_request *crypto_rfc4309_crypt(struct aead_request *req) | ||
683 | { | ||
684 | struct aead_request *subreq = aead_request_ctx(req); | ||
685 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
686 | struct crypto_rfc4309_ctx *ctx = crypto_aead_ctx(aead); | ||
687 | struct crypto_aead *child = ctx->child; | ||
688 | u8 *iv = PTR_ALIGN((u8 *)(subreq + 1) + crypto_aead_reqsize(child), | ||
689 | crypto_aead_alignmask(child) + 1); | ||
690 | |||
691 | /* L' */ | ||
692 | iv[0] = 3; | ||
693 | |||
694 | memcpy(iv + 1, ctx->nonce, 3); | ||
695 | memcpy(iv + 4, req->iv, 8); | ||
696 | |||
697 | aead_request_set_tfm(subreq, child); | ||
698 | aead_request_set_callback(subreq, req->base.flags, req->base.complete, | ||
699 | req->base.data); | ||
700 | aead_request_set_crypt(subreq, req->src, req->dst, req->cryptlen, iv); | ||
701 | aead_request_set_assoc(subreq, req->assoc, req->assoclen); | ||
702 | |||
703 | return subreq; | ||
704 | } | ||
705 | |||
706 | static int crypto_rfc4309_encrypt(struct aead_request *req) | ||
707 | { | ||
708 | req = crypto_rfc4309_crypt(req); | ||
709 | |||
710 | return crypto_aead_encrypt(req); | ||
711 | } | ||
712 | |||
713 | static int crypto_rfc4309_decrypt(struct aead_request *req) | ||
714 | { | ||
715 | req = crypto_rfc4309_crypt(req); | ||
716 | |||
717 | return crypto_aead_decrypt(req); | ||
718 | } | ||
719 | |||
720 | static int crypto_rfc4309_init_tfm(struct crypto_tfm *tfm) | ||
721 | { | ||
722 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | ||
723 | struct crypto_aead_spawn *spawn = crypto_instance_ctx(inst); | ||
724 | struct crypto_rfc4309_ctx *ctx = crypto_tfm_ctx(tfm); | ||
725 | struct crypto_aead *aead; | ||
726 | unsigned long align; | ||
727 | |||
728 | aead = crypto_spawn_aead(spawn); | ||
729 | if (IS_ERR(aead)) | ||
730 | return PTR_ERR(aead); | ||
731 | |||
732 | ctx->child = aead; | ||
733 | |||
734 | align = crypto_aead_alignmask(aead); | ||
735 | align &= ~(crypto_tfm_ctx_alignment() - 1); | ||
736 | tfm->crt_aead.reqsize = sizeof(struct aead_request) + | ||
737 | ALIGN(crypto_aead_reqsize(aead), | ||
738 | crypto_tfm_ctx_alignment()) + | ||
739 | align + 16; | ||
740 | |||
741 | return 0; | ||
742 | } | ||
743 | |||
744 | static void crypto_rfc4309_exit_tfm(struct crypto_tfm *tfm) | ||
745 | { | ||
746 | struct crypto_rfc4309_ctx *ctx = crypto_tfm_ctx(tfm); | ||
747 | |||
748 | crypto_free_aead(ctx->child); | ||
749 | } | ||
750 | |||
751 | static struct crypto_instance *crypto_rfc4309_alloc(struct rtattr **tb) | ||
752 | { | ||
753 | struct crypto_attr_type *algt; | ||
754 | struct crypto_instance *inst; | ||
755 | struct crypto_aead_spawn *spawn; | ||
756 | struct crypto_alg *alg; | ||
757 | const char *ccm_name; | ||
758 | int err; | ||
759 | |||
760 | algt = crypto_get_attr_type(tb); | ||
761 | err = PTR_ERR(algt); | ||
762 | if (IS_ERR(algt)) | ||
763 | return ERR_PTR(err); | ||
764 | |||
765 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask) | ||
766 | return ERR_PTR(-EINVAL); | ||
767 | |||
768 | ccm_name = crypto_attr_alg_name(tb[1]); | ||
769 | err = PTR_ERR(ccm_name); | ||
770 | if (IS_ERR(ccm_name)) | ||
771 | return ERR_PTR(err); | ||
772 | |||
773 | inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); | ||
774 | if (!inst) | ||
775 | return ERR_PTR(-ENOMEM); | ||
776 | |||
777 | spawn = crypto_instance_ctx(inst); | ||
778 | crypto_set_aead_spawn(spawn, inst); | ||
779 | err = crypto_grab_aead(spawn, ccm_name, 0, | ||
780 | crypto_requires_sync(algt->type, algt->mask)); | ||
781 | if (err) | ||
782 | goto out_free_inst; | ||
783 | |||
784 | alg = crypto_aead_spawn_alg(spawn); | ||
785 | |||
786 | err = -EINVAL; | ||
787 | |||
788 | /* We only support 16-byte blocks. */ | ||
789 | if (alg->cra_aead.ivsize != 16) | ||
790 | goto out_drop_alg; | ||
791 | |||
792 | /* Not a stream cipher? */ | ||
793 | if (alg->cra_blocksize != 1) | ||
794 | goto out_drop_alg; | ||
795 | |||
796 | err = -ENAMETOOLONG; | ||
797 | if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, | ||
798 | "rfc4309(%s)", alg->cra_name) >= CRYPTO_MAX_ALG_NAME || | ||
799 | snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | ||
800 | "rfc4309(%s)", alg->cra_driver_name) >= | ||
801 | CRYPTO_MAX_ALG_NAME) | ||
802 | goto out_drop_alg; | ||
803 | |||
804 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD; | ||
805 | inst->alg.cra_flags |= alg->cra_flags & CRYPTO_ALG_ASYNC; | ||
806 | inst->alg.cra_priority = alg->cra_priority; | ||
807 | inst->alg.cra_blocksize = 1; | ||
808 | inst->alg.cra_alignmask = alg->cra_alignmask; | ||
809 | inst->alg.cra_type = &crypto_nivaead_type; | ||
810 | |||
811 | inst->alg.cra_aead.ivsize = 8; | ||
812 | inst->alg.cra_aead.maxauthsize = 16; | ||
813 | |||
814 | inst->alg.cra_ctxsize = sizeof(struct crypto_rfc4309_ctx); | ||
815 | |||
816 | inst->alg.cra_init = crypto_rfc4309_init_tfm; | ||
817 | inst->alg.cra_exit = crypto_rfc4309_exit_tfm; | ||
818 | |||
819 | inst->alg.cra_aead.setkey = crypto_rfc4309_setkey; | ||
820 | inst->alg.cra_aead.setauthsize = crypto_rfc4309_setauthsize; | ||
821 | inst->alg.cra_aead.encrypt = crypto_rfc4309_encrypt; | ||
822 | inst->alg.cra_aead.decrypt = crypto_rfc4309_decrypt; | ||
823 | |||
824 | inst->alg.cra_aead.geniv = "seqiv"; | ||
825 | |||
826 | out: | ||
827 | return inst; | ||
828 | |||
829 | out_drop_alg: | ||
830 | crypto_drop_aead(spawn); | ||
831 | out_free_inst: | ||
832 | kfree(inst); | ||
833 | inst = ERR_PTR(err); | ||
834 | goto out; | ||
835 | } | ||
836 | |||
837 | static void crypto_rfc4309_free(struct crypto_instance *inst) | ||
838 | { | ||
839 | crypto_drop_spawn(crypto_instance_ctx(inst)); | ||
840 | kfree(inst); | ||
841 | } | ||
842 | |||
843 | static struct crypto_template crypto_rfc4309_tmpl = { | ||
844 | .name = "rfc4309", | ||
845 | .alloc = crypto_rfc4309_alloc, | ||
846 | .free = crypto_rfc4309_free, | ||
847 | .module = THIS_MODULE, | ||
848 | }; | ||
849 | |||
850 | static int __init crypto_ccm_module_init(void) | ||
851 | { | ||
852 | int err; | ||
853 | |||
854 | err = crypto_register_template(&crypto_ccm_base_tmpl); | ||
855 | if (err) | ||
856 | goto out; | ||
857 | |||
858 | err = crypto_register_template(&crypto_ccm_tmpl); | ||
859 | if (err) | ||
860 | goto out_undo_base; | ||
861 | |||
862 | err = crypto_register_template(&crypto_rfc4309_tmpl); | ||
863 | if (err) | ||
864 | goto out_undo_ccm; | ||
865 | |||
866 | out: | ||
867 | return err; | ||
868 | |||
869 | out_undo_ccm: | ||
870 | crypto_unregister_template(&crypto_ccm_tmpl); | ||
871 | out_undo_base: | ||
872 | crypto_unregister_template(&crypto_ccm_base_tmpl); | ||
873 | goto out; | ||
874 | } | ||
875 | |||
876 | static void __exit crypto_ccm_module_exit(void) | ||
877 | { | ||
878 | crypto_unregister_template(&crypto_rfc4309_tmpl); | ||
879 | crypto_unregister_template(&crypto_ccm_tmpl); | ||
880 | crypto_unregister_template(&crypto_ccm_base_tmpl); | ||
881 | } | ||
882 | |||
883 | module_init(crypto_ccm_module_init); | ||
884 | module_exit(crypto_ccm_module_exit); | ||
885 | |||
886 | MODULE_LICENSE("GPL"); | ||
887 | MODULE_DESCRIPTION("Counter with CBC MAC"); | ||
888 | MODULE_ALIAS("ccm_base"); | ||
889 | MODULE_ALIAS("rfc4309"); | ||
diff --git a/crypto/chainiv.c b/crypto/chainiv.c new file mode 100644 index 000000000000..d17fa0454dc3 --- /dev/null +++ b/crypto/chainiv.c | |||
@@ -0,0 +1,331 @@ | |||
1 | /* | ||
2 | * chainiv: Chain IV Generator | ||
3 | * | ||
4 | * Generate IVs simply be using the last block of the previous encryption. | ||
5 | * This is mainly useful for CBC with a synchronous algorithm. | ||
6 | * | ||
7 | * Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au> | ||
8 | * | ||
9 | * This program is free software; you can redistribute it and/or modify it | ||
10 | * under the terms of the GNU General Public License as published by the Free | ||
11 | * Software Foundation; either version 2 of the License, or (at your option) | ||
12 | * any later version. | ||
13 | * | ||
14 | */ | ||
15 | |||
16 | #include <crypto/internal/skcipher.h> | ||
17 | #include <linux/err.h> | ||
18 | #include <linux/init.h> | ||
19 | #include <linux/kernel.h> | ||
20 | #include <linux/module.h> | ||
21 | #include <linux/random.h> | ||
22 | #include <linux/spinlock.h> | ||
23 | #include <linux/string.h> | ||
24 | #include <linux/workqueue.h> | ||
25 | |||
26 | enum { | ||
27 | CHAINIV_STATE_INUSE = 0, | ||
28 | }; | ||
29 | |||
30 | struct chainiv_ctx { | ||
31 | spinlock_t lock; | ||
32 | char iv[]; | ||
33 | }; | ||
34 | |||
35 | struct async_chainiv_ctx { | ||
36 | unsigned long state; | ||
37 | |||
38 | spinlock_t lock; | ||
39 | int err; | ||
40 | |||
41 | struct crypto_queue queue; | ||
42 | struct work_struct postponed; | ||
43 | |||
44 | char iv[]; | ||
45 | }; | ||
46 | |||
47 | static int chainiv_givencrypt(struct skcipher_givcrypt_request *req) | ||
48 | { | ||
49 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
50 | struct chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
51 | struct ablkcipher_request *subreq = skcipher_givcrypt_reqctx(req); | ||
52 | unsigned int ivsize; | ||
53 | int err; | ||
54 | |||
55 | ablkcipher_request_set_tfm(subreq, skcipher_geniv_cipher(geniv)); | ||
56 | ablkcipher_request_set_callback(subreq, req->creq.base.flags & | ||
57 | ~CRYPTO_TFM_REQ_MAY_SLEEP, | ||
58 | req->creq.base.complete, | ||
59 | req->creq.base.data); | ||
60 | ablkcipher_request_set_crypt(subreq, req->creq.src, req->creq.dst, | ||
61 | req->creq.nbytes, req->creq.info); | ||
62 | |||
63 | spin_lock_bh(&ctx->lock); | ||
64 | |||
65 | ivsize = crypto_ablkcipher_ivsize(geniv); | ||
66 | |||
67 | memcpy(req->giv, ctx->iv, ivsize); | ||
68 | memcpy(subreq->info, ctx->iv, ivsize); | ||
69 | |||
70 | err = crypto_ablkcipher_encrypt(subreq); | ||
71 | if (err) | ||
72 | goto unlock; | ||
73 | |||
74 | memcpy(ctx->iv, subreq->info, ivsize); | ||
75 | |||
76 | unlock: | ||
77 | spin_unlock_bh(&ctx->lock); | ||
78 | |||
79 | return err; | ||
80 | } | ||
81 | |||
82 | static int chainiv_givencrypt_first(struct skcipher_givcrypt_request *req) | ||
83 | { | ||
84 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
85 | struct chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
86 | |||
87 | spin_lock_bh(&ctx->lock); | ||
88 | if (crypto_ablkcipher_crt(geniv)->givencrypt != | ||
89 | chainiv_givencrypt_first) | ||
90 | goto unlock; | ||
91 | |||
92 | crypto_ablkcipher_crt(geniv)->givencrypt = chainiv_givencrypt; | ||
93 | get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv)); | ||
94 | |||
95 | unlock: | ||
96 | spin_unlock_bh(&ctx->lock); | ||
97 | |||
98 | return chainiv_givencrypt(req); | ||
99 | } | ||
100 | |||
101 | static int chainiv_init_common(struct crypto_tfm *tfm) | ||
102 | { | ||
103 | tfm->crt_ablkcipher.reqsize = sizeof(struct ablkcipher_request); | ||
104 | |||
105 | return skcipher_geniv_init(tfm); | ||
106 | } | ||
107 | |||
108 | static int chainiv_init(struct crypto_tfm *tfm) | ||
109 | { | ||
110 | struct chainiv_ctx *ctx = crypto_tfm_ctx(tfm); | ||
111 | |||
112 | spin_lock_init(&ctx->lock); | ||
113 | |||
114 | return chainiv_init_common(tfm); | ||
115 | } | ||
116 | |||
117 | static int async_chainiv_schedule_work(struct async_chainiv_ctx *ctx) | ||
118 | { | ||
119 | int queued; | ||
120 | |||
121 | if (!ctx->queue.qlen) { | ||
122 | smp_mb__before_clear_bit(); | ||
123 | clear_bit(CHAINIV_STATE_INUSE, &ctx->state); | ||
124 | |||
125 | if (!ctx->queue.qlen || | ||
126 | test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state)) | ||
127 | goto out; | ||
128 | } | ||
129 | |||
130 | queued = schedule_work(&ctx->postponed); | ||
131 | BUG_ON(!queued); | ||
132 | |||
133 | out: | ||
134 | return ctx->err; | ||
135 | } | ||
136 | |||
137 | static int async_chainiv_postpone_request(struct skcipher_givcrypt_request *req) | ||
138 | { | ||
139 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
140 | struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
141 | int err; | ||
142 | |||
143 | spin_lock_bh(&ctx->lock); | ||
144 | err = skcipher_enqueue_givcrypt(&ctx->queue, req); | ||
145 | spin_unlock_bh(&ctx->lock); | ||
146 | |||
147 | if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state)) | ||
148 | return err; | ||
149 | |||
150 | ctx->err = err; | ||
151 | return async_chainiv_schedule_work(ctx); | ||
152 | } | ||
153 | |||
154 | static int async_chainiv_givencrypt_tail(struct skcipher_givcrypt_request *req) | ||
155 | { | ||
156 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
157 | struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
158 | struct ablkcipher_request *subreq = skcipher_givcrypt_reqctx(req); | ||
159 | unsigned int ivsize = crypto_ablkcipher_ivsize(geniv); | ||
160 | |||
161 | memcpy(req->giv, ctx->iv, ivsize); | ||
162 | memcpy(subreq->info, ctx->iv, ivsize); | ||
163 | |||
164 | ctx->err = crypto_ablkcipher_encrypt(subreq); | ||
165 | if (ctx->err) | ||
166 | goto out; | ||
167 | |||
168 | memcpy(ctx->iv, subreq->info, ivsize); | ||
169 | |||
170 | out: | ||
171 | return async_chainiv_schedule_work(ctx); | ||
172 | } | ||
173 | |||
174 | static int async_chainiv_givencrypt(struct skcipher_givcrypt_request *req) | ||
175 | { | ||
176 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
177 | struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
178 | struct ablkcipher_request *subreq = skcipher_givcrypt_reqctx(req); | ||
179 | |||
180 | ablkcipher_request_set_tfm(subreq, skcipher_geniv_cipher(geniv)); | ||
181 | ablkcipher_request_set_callback(subreq, req->creq.base.flags, | ||
182 | req->creq.base.complete, | ||
183 | req->creq.base.data); | ||
184 | ablkcipher_request_set_crypt(subreq, req->creq.src, req->creq.dst, | ||
185 | req->creq.nbytes, req->creq.info); | ||
186 | |||
187 | if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state)) | ||
188 | goto postpone; | ||
189 | |||
190 | if (ctx->queue.qlen) { | ||
191 | clear_bit(CHAINIV_STATE_INUSE, &ctx->state); | ||
192 | goto postpone; | ||
193 | } | ||
194 | |||
195 | return async_chainiv_givencrypt_tail(req); | ||
196 | |||
197 | postpone: | ||
198 | return async_chainiv_postpone_request(req); | ||
199 | } | ||
200 | |||
201 | static int async_chainiv_givencrypt_first(struct skcipher_givcrypt_request *req) | ||
202 | { | ||
203 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
204 | struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
205 | |||
206 | if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state)) | ||
207 | goto out; | ||
208 | |||
209 | if (crypto_ablkcipher_crt(geniv)->givencrypt != | ||
210 | async_chainiv_givencrypt_first) | ||
211 | goto unlock; | ||
212 | |||
213 | crypto_ablkcipher_crt(geniv)->givencrypt = async_chainiv_givencrypt; | ||
214 | get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv)); | ||
215 | |||
216 | unlock: | ||
217 | clear_bit(CHAINIV_STATE_INUSE, &ctx->state); | ||
218 | |||
219 | out: | ||
220 | return async_chainiv_givencrypt(req); | ||
221 | } | ||
222 | |||
223 | static void async_chainiv_do_postponed(struct work_struct *work) | ||
224 | { | ||
225 | struct async_chainiv_ctx *ctx = container_of(work, | ||
226 | struct async_chainiv_ctx, | ||
227 | postponed); | ||
228 | struct skcipher_givcrypt_request *req; | ||
229 | struct ablkcipher_request *subreq; | ||
230 | |||
231 | /* Only handle one request at a time to avoid hogging keventd. */ | ||
232 | spin_lock_bh(&ctx->lock); | ||
233 | req = skcipher_dequeue_givcrypt(&ctx->queue); | ||
234 | spin_unlock_bh(&ctx->lock); | ||
235 | |||
236 | if (!req) { | ||
237 | async_chainiv_schedule_work(ctx); | ||
238 | return; | ||
239 | } | ||
240 | |||
241 | subreq = skcipher_givcrypt_reqctx(req); | ||
242 | subreq->base.flags |= CRYPTO_TFM_REQ_MAY_SLEEP; | ||
243 | |||
244 | async_chainiv_givencrypt_tail(req); | ||
245 | } | ||
246 | |||
247 | static int async_chainiv_init(struct crypto_tfm *tfm) | ||
248 | { | ||
249 | struct async_chainiv_ctx *ctx = crypto_tfm_ctx(tfm); | ||
250 | |||
251 | spin_lock_init(&ctx->lock); | ||
252 | |||
253 | crypto_init_queue(&ctx->queue, 100); | ||
254 | INIT_WORK(&ctx->postponed, async_chainiv_do_postponed); | ||
255 | |||
256 | return chainiv_init_common(tfm); | ||
257 | } | ||
258 | |||
259 | static void async_chainiv_exit(struct crypto_tfm *tfm) | ||
260 | { | ||
261 | struct async_chainiv_ctx *ctx = crypto_tfm_ctx(tfm); | ||
262 | |||
263 | BUG_ON(test_bit(CHAINIV_STATE_INUSE, &ctx->state) || ctx->queue.qlen); | ||
264 | |||
265 | skcipher_geniv_exit(tfm); | ||
266 | } | ||
267 | |||
268 | static struct crypto_template chainiv_tmpl; | ||
269 | |||
270 | static struct crypto_instance *chainiv_alloc(struct rtattr **tb) | ||
271 | { | ||
272 | struct crypto_attr_type *algt; | ||
273 | struct crypto_instance *inst; | ||
274 | int err; | ||
275 | |||
276 | algt = crypto_get_attr_type(tb); | ||
277 | err = PTR_ERR(algt); | ||
278 | if (IS_ERR(algt)) | ||
279 | return ERR_PTR(err); | ||
280 | |||
281 | inst = skcipher_geniv_alloc(&chainiv_tmpl, tb, 0, 0); | ||
282 | if (IS_ERR(inst)) | ||
283 | goto out; | ||
284 | |||
285 | inst->alg.cra_ablkcipher.givencrypt = chainiv_givencrypt_first; | ||
286 | |||
287 | inst->alg.cra_init = chainiv_init; | ||
288 | inst->alg.cra_exit = skcipher_geniv_exit; | ||
289 | |||
290 | inst->alg.cra_ctxsize = sizeof(struct chainiv_ctx); | ||
291 | |||
292 | if (!crypto_requires_sync(algt->type, algt->mask)) { | ||
293 | inst->alg.cra_flags |= CRYPTO_ALG_ASYNC; | ||
294 | |||
295 | inst->alg.cra_ablkcipher.givencrypt = | ||
296 | async_chainiv_givencrypt_first; | ||
297 | |||
298 | inst->alg.cra_init = async_chainiv_init; | ||
299 | inst->alg.cra_exit = async_chainiv_exit; | ||
300 | |||
301 | inst->alg.cra_ctxsize = sizeof(struct async_chainiv_ctx); | ||
302 | } | ||
303 | |||
304 | inst->alg.cra_ctxsize += inst->alg.cra_ablkcipher.ivsize; | ||
305 | |||
306 | out: | ||
307 | return inst; | ||
308 | } | ||
309 | |||
310 | static struct crypto_template chainiv_tmpl = { | ||
311 | .name = "chainiv", | ||
312 | .alloc = chainiv_alloc, | ||
313 | .free = skcipher_geniv_free, | ||
314 | .module = THIS_MODULE, | ||
315 | }; | ||
316 | |||
317 | static int __init chainiv_module_init(void) | ||
318 | { | ||
319 | return crypto_register_template(&chainiv_tmpl); | ||
320 | } | ||
321 | |||
322 | static void __exit chainiv_module_exit(void) | ||
323 | { | ||
324 | crypto_unregister_template(&chainiv_tmpl); | ||
325 | } | ||
326 | |||
327 | module_init(chainiv_module_init); | ||
328 | module_exit(chainiv_module_exit); | ||
329 | |||
330 | MODULE_LICENSE("GPL"); | ||
331 | MODULE_DESCRIPTION("Chain IV Generator"); | ||
diff --git a/crypto/cryptd.c b/crypto/cryptd.c index 8bf2da835f7b..074298f2f8e3 100644 --- a/crypto/cryptd.c +++ b/crypto/cryptd.c | |||
@@ -228,7 +228,7 @@ static struct crypto_instance *cryptd_alloc_blkcipher( | |||
228 | struct crypto_alg *alg; | 228 | struct crypto_alg *alg; |
229 | 229 | ||
230 | alg = crypto_get_attr_alg(tb, CRYPTO_ALG_TYPE_BLKCIPHER, | 230 | alg = crypto_get_attr_alg(tb, CRYPTO_ALG_TYPE_BLKCIPHER, |
231 | CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_ASYNC); | 231 | CRYPTO_ALG_TYPE_MASK); |
232 | if (IS_ERR(alg)) | 232 | if (IS_ERR(alg)) |
233 | return ERR_PTR(PTR_ERR(alg)); | 233 | return ERR_PTR(PTR_ERR(alg)); |
234 | 234 | ||
@@ -236,13 +236,15 @@ static struct crypto_instance *cryptd_alloc_blkcipher( | |||
236 | if (IS_ERR(inst)) | 236 | if (IS_ERR(inst)) |
237 | goto out_put_alg; | 237 | goto out_put_alg; |
238 | 238 | ||
239 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER | CRYPTO_ALG_ASYNC; | 239 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC; |
240 | inst->alg.cra_type = &crypto_ablkcipher_type; | 240 | inst->alg.cra_type = &crypto_ablkcipher_type; |
241 | 241 | ||
242 | inst->alg.cra_ablkcipher.ivsize = alg->cra_blkcipher.ivsize; | 242 | inst->alg.cra_ablkcipher.ivsize = alg->cra_blkcipher.ivsize; |
243 | inst->alg.cra_ablkcipher.min_keysize = alg->cra_blkcipher.min_keysize; | 243 | inst->alg.cra_ablkcipher.min_keysize = alg->cra_blkcipher.min_keysize; |
244 | inst->alg.cra_ablkcipher.max_keysize = alg->cra_blkcipher.max_keysize; | 244 | inst->alg.cra_ablkcipher.max_keysize = alg->cra_blkcipher.max_keysize; |
245 | 245 | ||
246 | inst->alg.cra_ablkcipher.geniv = alg->cra_blkcipher.geniv; | ||
247 | |||
246 | inst->alg.cra_ctxsize = sizeof(struct cryptd_blkcipher_ctx); | 248 | inst->alg.cra_ctxsize = sizeof(struct cryptd_blkcipher_ctx); |
247 | 249 | ||
248 | inst->alg.cra_init = cryptd_blkcipher_init_tfm; | 250 | inst->alg.cra_init = cryptd_blkcipher_init_tfm; |
diff --git a/crypto/crypto_null.c b/crypto/crypto_null.c index 29f77477d701..ff7b3de1bcfd 100644 --- a/crypto/crypto_null.c +++ b/crypto/crypto_null.c | |||
@@ -16,15 +16,17 @@ | |||
16 | * (at your option) any later version. | 16 | * (at your option) any later version. |
17 | * | 17 | * |
18 | */ | 18 | */ |
19 | |||
20 | #include <crypto/internal/skcipher.h> | ||
19 | #include <linux/init.h> | 21 | #include <linux/init.h> |
20 | #include <linux/module.h> | 22 | #include <linux/module.h> |
21 | #include <linux/mm.h> | 23 | #include <linux/mm.h> |
22 | #include <linux/crypto.h> | ||
23 | #include <linux/string.h> | 24 | #include <linux/string.h> |
24 | 25 | ||
25 | #define NULL_KEY_SIZE 0 | 26 | #define NULL_KEY_SIZE 0 |
26 | #define NULL_BLOCK_SIZE 1 | 27 | #define NULL_BLOCK_SIZE 1 |
27 | #define NULL_DIGEST_SIZE 0 | 28 | #define NULL_DIGEST_SIZE 0 |
29 | #define NULL_IV_SIZE 0 | ||
28 | 30 | ||
29 | static int null_compress(struct crypto_tfm *tfm, const u8 *src, | 31 | static int null_compress(struct crypto_tfm *tfm, const u8 *src, |
30 | unsigned int slen, u8 *dst, unsigned int *dlen) | 32 | unsigned int slen, u8 *dst, unsigned int *dlen) |
@@ -55,6 +57,26 @@ static void null_crypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) | |||
55 | memcpy(dst, src, NULL_BLOCK_SIZE); | 57 | memcpy(dst, src, NULL_BLOCK_SIZE); |
56 | } | 58 | } |
57 | 59 | ||
60 | static int skcipher_null_crypt(struct blkcipher_desc *desc, | ||
61 | struct scatterlist *dst, | ||
62 | struct scatterlist *src, unsigned int nbytes) | ||
63 | { | ||
64 | struct blkcipher_walk walk; | ||
65 | int err; | ||
66 | |||
67 | blkcipher_walk_init(&walk, dst, src, nbytes); | ||
68 | err = blkcipher_walk_virt(desc, &walk); | ||
69 | |||
70 | while (walk.nbytes) { | ||
71 | if (walk.src.virt.addr != walk.dst.virt.addr) | ||
72 | memcpy(walk.dst.virt.addr, walk.src.virt.addr, | ||
73 | walk.nbytes); | ||
74 | err = blkcipher_walk_done(desc, &walk, 0); | ||
75 | } | ||
76 | |||
77 | return err; | ||
78 | } | ||
79 | |||
58 | static struct crypto_alg compress_null = { | 80 | static struct crypto_alg compress_null = { |
59 | .cra_name = "compress_null", | 81 | .cra_name = "compress_null", |
60 | .cra_flags = CRYPTO_ALG_TYPE_COMPRESS, | 82 | .cra_flags = CRYPTO_ALG_TYPE_COMPRESS, |
@@ -76,6 +98,7 @@ static struct crypto_alg digest_null = { | |||
76 | .cra_list = LIST_HEAD_INIT(digest_null.cra_list), | 98 | .cra_list = LIST_HEAD_INIT(digest_null.cra_list), |
77 | .cra_u = { .digest = { | 99 | .cra_u = { .digest = { |
78 | .dia_digestsize = NULL_DIGEST_SIZE, | 100 | .dia_digestsize = NULL_DIGEST_SIZE, |
101 | .dia_setkey = null_setkey, | ||
79 | .dia_init = null_init, | 102 | .dia_init = null_init, |
80 | .dia_update = null_update, | 103 | .dia_update = null_update, |
81 | .dia_final = null_final } } | 104 | .dia_final = null_final } } |
@@ -96,6 +119,25 @@ static struct crypto_alg cipher_null = { | |||
96 | .cia_decrypt = null_crypt } } | 119 | .cia_decrypt = null_crypt } } |
97 | }; | 120 | }; |
98 | 121 | ||
122 | static struct crypto_alg skcipher_null = { | ||
123 | .cra_name = "ecb(cipher_null)", | ||
124 | .cra_driver_name = "ecb-cipher_null", | ||
125 | .cra_priority = 100, | ||
126 | .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, | ||
127 | .cra_blocksize = NULL_BLOCK_SIZE, | ||
128 | .cra_type = &crypto_blkcipher_type, | ||
129 | .cra_ctxsize = 0, | ||
130 | .cra_module = THIS_MODULE, | ||
131 | .cra_list = LIST_HEAD_INIT(skcipher_null.cra_list), | ||
132 | .cra_u = { .blkcipher = { | ||
133 | .min_keysize = NULL_KEY_SIZE, | ||
134 | .max_keysize = NULL_KEY_SIZE, | ||
135 | .ivsize = NULL_IV_SIZE, | ||
136 | .setkey = null_setkey, | ||
137 | .encrypt = skcipher_null_crypt, | ||
138 | .decrypt = skcipher_null_crypt } } | ||
139 | }; | ||
140 | |||
99 | MODULE_ALIAS("compress_null"); | 141 | MODULE_ALIAS("compress_null"); |
100 | MODULE_ALIAS("digest_null"); | 142 | MODULE_ALIAS("digest_null"); |
101 | MODULE_ALIAS("cipher_null"); | 143 | MODULE_ALIAS("cipher_null"); |
@@ -108,27 +150,35 @@ static int __init init(void) | |||
108 | if (ret < 0) | 150 | if (ret < 0) |
109 | goto out; | 151 | goto out; |
110 | 152 | ||
153 | ret = crypto_register_alg(&skcipher_null); | ||
154 | if (ret < 0) | ||
155 | goto out_unregister_cipher; | ||
156 | |||
111 | ret = crypto_register_alg(&digest_null); | 157 | ret = crypto_register_alg(&digest_null); |
112 | if (ret < 0) { | 158 | if (ret < 0) |
113 | crypto_unregister_alg(&cipher_null); | 159 | goto out_unregister_skcipher; |
114 | goto out; | ||
115 | } | ||
116 | 160 | ||
117 | ret = crypto_register_alg(&compress_null); | 161 | ret = crypto_register_alg(&compress_null); |
118 | if (ret < 0) { | 162 | if (ret < 0) |
119 | crypto_unregister_alg(&digest_null); | 163 | goto out_unregister_digest; |
120 | crypto_unregister_alg(&cipher_null); | ||
121 | goto out; | ||
122 | } | ||
123 | 164 | ||
124 | out: | 165 | out: |
125 | return ret; | 166 | return ret; |
167 | |||
168 | out_unregister_digest: | ||
169 | crypto_unregister_alg(&digest_null); | ||
170 | out_unregister_skcipher: | ||
171 | crypto_unregister_alg(&skcipher_null); | ||
172 | out_unregister_cipher: | ||
173 | crypto_unregister_alg(&cipher_null); | ||
174 | goto out; | ||
126 | } | 175 | } |
127 | 176 | ||
128 | static void __exit fini(void) | 177 | static void __exit fini(void) |
129 | { | 178 | { |
130 | crypto_unregister_alg(&compress_null); | 179 | crypto_unregister_alg(&compress_null); |
131 | crypto_unregister_alg(&digest_null); | 180 | crypto_unregister_alg(&digest_null); |
181 | crypto_unregister_alg(&skcipher_null); | ||
132 | crypto_unregister_alg(&cipher_null); | 182 | crypto_unregister_alg(&cipher_null); |
133 | } | 183 | } |
134 | 184 | ||
diff --git a/crypto/ctr.c b/crypto/ctr.c new file mode 100644 index 000000000000..2d7425f0e7b8 --- /dev/null +++ b/crypto/ctr.c | |||
@@ -0,0 +1,422 @@ | |||
1 | /* | ||
2 | * CTR: Counter mode | ||
3 | * | ||
4 | * (C) Copyright IBM Corp. 2007 - Joy Latten <latten@us.ibm.com> | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify it | ||
7 | * under the terms of the GNU General Public License as published by the Free | ||
8 | * Software Foundation; either version 2 of the License, or (at your option) | ||
9 | * any later version. | ||
10 | * | ||
11 | */ | ||
12 | |||
13 | #include <crypto/algapi.h> | ||
14 | #include <crypto/ctr.h> | ||
15 | #include <linux/err.h> | ||
16 | #include <linux/init.h> | ||
17 | #include <linux/kernel.h> | ||
18 | #include <linux/module.h> | ||
19 | #include <linux/random.h> | ||
20 | #include <linux/scatterlist.h> | ||
21 | #include <linux/slab.h> | ||
22 | |||
23 | struct crypto_ctr_ctx { | ||
24 | struct crypto_cipher *child; | ||
25 | }; | ||
26 | |||
27 | struct crypto_rfc3686_ctx { | ||
28 | struct crypto_blkcipher *child; | ||
29 | u8 nonce[CTR_RFC3686_NONCE_SIZE]; | ||
30 | }; | ||
31 | |||
32 | static int crypto_ctr_setkey(struct crypto_tfm *parent, const u8 *key, | ||
33 | unsigned int keylen) | ||
34 | { | ||
35 | struct crypto_ctr_ctx *ctx = crypto_tfm_ctx(parent); | ||
36 | struct crypto_cipher *child = ctx->child; | ||
37 | int err; | ||
38 | |||
39 | crypto_cipher_clear_flags(child, CRYPTO_TFM_REQ_MASK); | ||
40 | crypto_cipher_set_flags(child, crypto_tfm_get_flags(parent) & | ||
41 | CRYPTO_TFM_REQ_MASK); | ||
42 | err = crypto_cipher_setkey(child, key, keylen); | ||
43 | crypto_tfm_set_flags(parent, crypto_cipher_get_flags(child) & | ||
44 | CRYPTO_TFM_RES_MASK); | ||
45 | |||
46 | return err; | ||
47 | } | ||
48 | |||
49 | static void crypto_ctr_crypt_final(struct blkcipher_walk *walk, | ||
50 | struct crypto_cipher *tfm) | ||
51 | { | ||
52 | unsigned int bsize = crypto_cipher_blocksize(tfm); | ||
53 | unsigned long alignmask = crypto_cipher_alignmask(tfm); | ||
54 | u8 *ctrblk = walk->iv; | ||
55 | u8 tmp[bsize + alignmask]; | ||
56 | u8 *keystream = PTR_ALIGN(tmp + 0, alignmask + 1); | ||
57 | u8 *src = walk->src.virt.addr; | ||
58 | u8 *dst = walk->dst.virt.addr; | ||
59 | unsigned int nbytes = walk->nbytes; | ||
60 | |||
61 | crypto_cipher_encrypt_one(tfm, keystream, ctrblk); | ||
62 | crypto_xor(keystream, src, nbytes); | ||
63 | memcpy(dst, keystream, nbytes); | ||
64 | |||
65 | crypto_inc(ctrblk, bsize); | ||
66 | } | ||
67 | |||
68 | static int crypto_ctr_crypt_segment(struct blkcipher_walk *walk, | ||
69 | struct crypto_cipher *tfm) | ||
70 | { | ||
71 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | ||
72 | crypto_cipher_alg(tfm)->cia_encrypt; | ||
73 | unsigned int bsize = crypto_cipher_blocksize(tfm); | ||
74 | u8 *ctrblk = walk->iv; | ||
75 | u8 *src = walk->src.virt.addr; | ||
76 | u8 *dst = walk->dst.virt.addr; | ||
77 | unsigned int nbytes = walk->nbytes; | ||
78 | |||
79 | do { | ||
80 | /* create keystream */ | ||
81 | fn(crypto_cipher_tfm(tfm), dst, ctrblk); | ||
82 | crypto_xor(dst, src, bsize); | ||
83 | |||
84 | /* increment counter in counterblock */ | ||
85 | crypto_inc(ctrblk, bsize); | ||
86 | |||
87 | src += bsize; | ||
88 | dst += bsize; | ||
89 | } while ((nbytes -= bsize) >= bsize); | ||
90 | |||
91 | return nbytes; | ||
92 | } | ||
93 | |||
94 | static int crypto_ctr_crypt_inplace(struct blkcipher_walk *walk, | ||
95 | struct crypto_cipher *tfm) | ||
96 | { | ||
97 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | ||
98 | crypto_cipher_alg(tfm)->cia_encrypt; | ||
99 | unsigned int bsize = crypto_cipher_blocksize(tfm); | ||
100 | unsigned long alignmask = crypto_cipher_alignmask(tfm); | ||
101 | unsigned int nbytes = walk->nbytes; | ||
102 | u8 *ctrblk = walk->iv; | ||
103 | u8 *src = walk->src.virt.addr; | ||
104 | u8 tmp[bsize + alignmask]; | ||
105 | u8 *keystream = PTR_ALIGN(tmp + 0, alignmask + 1); | ||
106 | |||
107 | do { | ||
108 | /* create keystream */ | ||
109 | fn(crypto_cipher_tfm(tfm), keystream, ctrblk); | ||
110 | crypto_xor(src, keystream, bsize); | ||
111 | |||
112 | /* increment counter in counterblock */ | ||
113 | crypto_inc(ctrblk, bsize); | ||
114 | |||
115 | src += bsize; | ||
116 | } while ((nbytes -= bsize) >= bsize); | ||
117 | |||
118 | return nbytes; | ||
119 | } | ||
120 | |||
121 | static int crypto_ctr_crypt(struct blkcipher_desc *desc, | ||
122 | struct scatterlist *dst, struct scatterlist *src, | ||
123 | unsigned int nbytes) | ||
124 | { | ||
125 | struct blkcipher_walk walk; | ||
126 | struct crypto_blkcipher *tfm = desc->tfm; | ||
127 | struct crypto_ctr_ctx *ctx = crypto_blkcipher_ctx(tfm); | ||
128 | struct crypto_cipher *child = ctx->child; | ||
129 | unsigned int bsize = crypto_cipher_blocksize(child); | ||
130 | int err; | ||
131 | |||
132 | blkcipher_walk_init(&walk, dst, src, nbytes); | ||
133 | err = blkcipher_walk_virt_block(desc, &walk, bsize); | ||
134 | |||
135 | while (walk.nbytes >= bsize) { | ||
136 | if (walk.src.virt.addr == walk.dst.virt.addr) | ||
137 | nbytes = crypto_ctr_crypt_inplace(&walk, child); | ||
138 | else | ||
139 | nbytes = crypto_ctr_crypt_segment(&walk, child); | ||
140 | |||
141 | err = blkcipher_walk_done(desc, &walk, nbytes); | ||
142 | } | ||
143 | |||
144 | if (walk.nbytes) { | ||
145 | crypto_ctr_crypt_final(&walk, child); | ||
146 | err = blkcipher_walk_done(desc, &walk, 0); | ||
147 | } | ||
148 | |||
149 | return err; | ||
150 | } | ||
151 | |||
152 | static int crypto_ctr_init_tfm(struct crypto_tfm *tfm) | ||
153 | { | ||
154 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | ||
155 | struct crypto_spawn *spawn = crypto_instance_ctx(inst); | ||
156 | struct crypto_ctr_ctx *ctx = crypto_tfm_ctx(tfm); | ||
157 | struct crypto_cipher *cipher; | ||
158 | |||
159 | cipher = crypto_spawn_cipher(spawn); | ||
160 | if (IS_ERR(cipher)) | ||
161 | return PTR_ERR(cipher); | ||
162 | |||
163 | ctx->child = cipher; | ||
164 | |||
165 | return 0; | ||
166 | } | ||
167 | |||
168 | static void crypto_ctr_exit_tfm(struct crypto_tfm *tfm) | ||
169 | { | ||
170 | struct crypto_ctr_ctx *ctx = crypto_tfm_ctx(tfm); | ||
171 | |||
172 | crypto_free_cipher(ctx->child); | ||
173 | } | ||
174 | |||
175 | static struct crypto_instance *crypto_ctr_alloc(struct rtattr **tb) | ||
176 | { | ||
177 | struct crypto_instance *inst; | ||
178 | struct crypto_alg *alg; | ||
179 | int err; | ||
180 | |||
181 | err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_BLKCIPHER); | ||
182 | if (err) | ||
183 | return ERR_PTR(err); | ||
184 | |||
185 | alg = crypto_attr_alg(tb[1], CRYPTO_ALG_TYPE_CIPHER, | ||
186 | CRYPTO_ALG_TYPE_MASK); | ||
187 | if (IS_ERR(alg)) | ||
188 | return ERR_PTR(PTR_ERR(alg)); | ||
189 | |||
190 | /* Block size must be >= 4 bytes. */ | ||
191 | err = -EINVAL; | ||
192 | if (alg->cra_blocksize < 4) | ||
193 | goto out_put_alg; | ||
194 | |||
195 | /* If this is false we'd fail the alignment of crypto_inc. */ | ||
196 | if (alg->cra_blocksize % 4) | ||
197 | goto out_put_alg; | ||
198 | |||
199 | inst = crypto_alloc_instance("ctr", alg); | ||
200 | if (IS_ERR(inst)) | ||
201 | goto out; | ||
202 | |||
203 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER; | ||
204 | inst->alg.cra_priority = alg->cra_priority; | ||
205 | inst->alg.cra_blocksize = 1; | ||
206 | inst->alg.cra_alignmask = alg->cra_alignmask | (__alignof__(u32) - 1); | ||
207 | inst->alg.cra_type = &crypto_blkcipher_type; | ||
208 | |||
209 | inst->alg.cra_blkcipher.ivsize = alg->cra_blocksize; | ||
210 | inst->alg.cra_blkcipher.min_keysize = alg->cra_cipher.cia_min_keysize; | ||
211 | inst->alg.cra_blkcipher.max_keysize = alg->cra_cipher.cia_max_keysize; | ||
212 | |||
213 | inst->alg.cra_ctxsize = sizeof(struct crypto_ctr_ctx); | ||
214 | |||
215 | inst->alg.cra_init = crypto_ctr_init_tfm; | ||
216 | inst->alg.cra_exit = crypto_ctr_exit_tfm; | ||
217 | |||
218 | inst->alg.cra_blkcipher.setkey = crypto_ctr_setkey; | ||
219 | inst->alg.cra_blkcipher.encrypt = crypto_ctr_crypt; | ||
220 | inst->alg.cra_blkcipher.decrypt = crypto_ctr_crypt; | ||
221 | |||
222 | out: | ||
223 | crypto_mod_put(alg); | ||
224 | return inst; | ||
225 | |||
226 | out_put_alg: | ||
227 | inst = ERR_PTR(err); | ||
228 | goto out; | ||
229 | } | ||
230 | |||
231 | static void crypto_ctr_free(struct crypto_instance *inst) | ||
232 | { | ||
233 | crypto_drop_spawn(crypto_instance_ctx(inst)); | ||
234 | kfree(inst); | ||
235 | } | ||
236 | |||
237 | static struct crypto_template crypto_ctr_tmpl = { | ||
238 | .name = "ctr", | ||
239 | .alloc = crypto_ctr_alloc, | ||
240 | .free = crypto_ctr_free, | ||
241 | .module = THIS_MODULE, | ||
242 | }; | ||
243 | |||
244 | static int crypto_rfc3686_setkey(struct crypto_tfm *parent, const u8 *key, | ||
245 | unsigned int keylen) | ||
246 | { | ||
247 | struct crypto_rfc3686_ctx *ctx = crypto_tfm_ctx(parent); | ||
248 | struct crypto_blkcipher *child = ctx->child; | ||
249 | int err; | ||
250 | |||
251 | /* the nonce is stored in bytes at end of key */ | ||
252 | if (keylen < CTR_RFC3686_NONCE_SIZE) | ||
253 | return -EINVAL; | ||
254 | |||
255 | memcpy(ctx->nonce, key + (keylen - CTR_RFC3686_NONCE_SIZE), | ||
256 | CTR_RFC3686_NONCE_SIZE); | ||
257 | |||
258 | keylen -= CTR_RFC3686_NONCE_SIZE; | ||
259 | |||
260 | crypto_blkcipher_clear_flags(child, CRYPTO_TFM_REQ_MASK); | ||
261 | crypto_blkcipher_set_flags(child, crypto_tfm_get_flags(parent) & | ||
262 | CRYPTO_TFM_REQ_MASK); | ||
263 | err = crypto_blkcipher_setkey(child, key, keylen); | ||
264 | crypto_tfm_set_flags(parent, crypto_blkcipher_get_flags(child) & | ||
265 | CRYPTO_TFM_RES_MASK); | ||
266 | |||
267 | return err; | ||
268 | } | ||
269 | |||
270 | static int crypto_rfc3686_crypt(struct blkcipher_desc *desc, | ||
271 | struct scatterlist *dst, | ||
272 | struct scatterlist *src, unsigned int nbytes) | ||
273 | { | ||
274 | struct crypto_blkcipher *tfm = desc->tfm; | ||
275 | struct crypto_rfc3686_ctx *ctx = crypto_blkcipher_ctx(tfm); | ||
276 | struct crypto_blkcipher *child = ctx->child; | ||
277 | unsigned long alignmask = crypto_blkcipher_alignmask(tfm); | ||
278 | u8 ivblk[CTR_RFC3686_BLOCK_SIZE + alignmask]; | ||
279 | u8 *iv = PTR_ALIGN(ivblk + 0, alignmask + 1); | ||
280 | u8 *info = desc->info; | ||
281 | int err; | ||
282 | |||
283 | /* set up counter block */ | ||
284 | memcpy(iv, ctx->nonce, CTR_RFC3686_NONCE_SIZE); | ||
285 | memcpy(iv + CTR_RFC3686_NONCE_SIZE, info, CTR_RFC3686_IV_SIZE); | ||
286 | |||
287 | /* initialize counter portion of counter block */ | ||
288 | *(__be32 *)(iv + CTR_RFC3686_NONCE_SIZE + CTR_RFC3686_IV_SIZE) = | ||
289 | cpu_to_be32(1); | ||
290 | |||
291 | desc->tfm = child; | ||
292 | desc->info = iv; | ||
293 | err = crypto_blkcipher_encrypt_iv(desc, dst, src, nbytes); | ||
294 | desc->tfm = tfm; | ||
295 | desc->info = info; | ||
296 | |||
297 | return err; | ||
298 | } | ||
299 | |||
300 | static int crypto_rfc3686_init_tfm(struct crypto_tfm *tfm) | ||
301 | { | ||
302 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | ||
303 | struct crypto_spawn *spawn = crypto_instance_ctx(inst); | ||
304 | struct crypto_rfc3686_ctx *ctx = crypto_tfm_ctx(tfm); | ||
305 | struct crypto_blkcipher *cipher; | ||
306 | |||
307 | cipher = crypto_spawn_blkcipher(spawn); | ||
308 | if (IS_ERR(cipher)) | ||
309 | return PTR_ERR(cipher); | ||
310 | |||
311 | ctx->child = cipher; | ||
312 | |||
313 | return 0; | ||
314 | } | ||
315 | |||
316 | static void crypto_rfc3686_exit_tfm(struct crypto_tfm *tfm) | ||
317 | { | ||
318 | struct crypto_rfc3686_ctx *ctx = crypto_tfm_ctx(tfm); | ||
319 | |||
320 | crypto_free_blkcipher(ctx->child); | ||
321 | } | ||
322 | |||
323 | static struct crypto_instance *crypto_rfc3686_alloc(struct rtattr **tb) | ||
324 | { | ||
325 | struct crypto_instance *inst; | ||
326 | struct crypto_alg *alg; | ||
327 | int err; | ||
328 | |||
329 | err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_BLKCIPHER); | ||
330 | if (err) | ||
331 | return ERR_PTR(err); | ||
332 | |||
333 | alg = crypto_attr_alg(tb[1], CRYPTO_ALG_TYPE_BLKCIPHER, | ||
334 | CRYPTO_ALG_TYPE_MASK); | ||
335 | err = PTR_ERR(alg); | ||
336 | if (IS_ERR(alg)) | ||
337 | return ERR_PTR(err); | ||
338 | |||
339 | /* We only support 16-byte blocks. */ | ||
340 | err = -EINVAL; | ||
341 | if (alg->cra_blkcipher.ivsize != CTR_RFC3686_BLOCK_SIZE) | ||
342 | goto out_put_alg; | ||
343 | |||
344 | /* Not a stream cipher? */ | ||
345 | if (alg->cra_blocksize != 1) | ||
346 | goto out_put_alg; | ||
347 | |||
348 | inst = crypto_alloc_instance("rfc3686", alg); | ||
349 | if (IS_ERR(inst)) | ||
350 | goto out; | ||
351 | |||
352 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER; | ||
353 | inst->alg.cra_priority = alg->cra_priority; | ||
354 | inst->alg.cra_blocksize = 1; | ||
355 | inst->alg.cra_alignmask = alg->cra_alignmask; | ||
356 | inst->alg.cra_type = &crypto_blkcipher_type; | ||
357 | |||
358 | inst->alg.cra_blkcipher.ivsize = CTR_RFC3686_IV_SIZE; | ||
359 | inst->alg.cra_blkcipher.min_keysize = alg->cra_blkcipher.min_keysize | ||
360 | + CTR_RFC3686_NONCE_SIZE; | ||
361 | inst->alg.cra_blkcipher.max_keysize = alg->cra_blkcipher.max_keysize | ||
362 | + CTR_RFC3686_NONCE_SIZE; | ||
363 | |||
364 | inst->alg.cra_blkcipher.geniv = "seqiv"; | ||
365 | |||
366 | inst->alg.cra_ctxsize = sizeof(struct crypto_rfc3686_ctx); | ||
367 | |||
368 | inst->alg.cra_init = crypto_rfc3686_init_tfm; | ||
369 | inst->alg.cra_exit = crypto_rfc3686_exit_tfm; | ||
370 | |||
371 | inst->alg.cra_blkcipher.setkey = crypto_rfc3686_setkey; | ||
372 | inst->alg.cra_blkcipher.encrypt = crypto_rfc3686_crypt; | ||
373 | inst->alg.cra_blkcipher.decrypt = crypto_rfc3686_crypt; | ||
374 | |||
375 | out: | ||
376 | crypto_mod_put(alg); | ||
377 | return inst; | ||
378 | |||
379 | out_put_alg: | ||
380 | inst = ERR_PTR(err); | ||
381 | goto out; | ||
382 | } | ||
383 | |||
384 | static struct crypto_template crypto_rfc3686_tmpl = { | ||
385 | .name = "rfc3686", | ||
386 | .alloc = crypto_rfc3686_alloc, | ||
387 | .free = crypto_ctr_free, | ||
388 | .module = THIS_MODULE, | ||
389 | }; | ||
390 | |||
391 | static int __init crypto_ctr_module_init(void) | ||
392 | { | ||
393 | int err; | ||
394 | |||
395 | err = crypto_register_template(&crypto_ctr_tmpl); | ||
396 | if (err) | ||
397 | goto out; | ||
398 | |||
399 | err = crypto_register_template(&crypto_rfc3686_tmpl); | ||
400 | if (err) | ||
401 | goto out_drop_ctr; | ||
402 | |||
403 | out: | ||
404 | return err; | ||
405 | |||
406 | out_drop_ctr: | ||
407 | crypto_unregister_template(&crypto_ctr_tmpl); | ||
408 | goto out; | ||
409 | } | ||
410 | |||
411 | static void __exit crypto_ctr_module_exit(void) | ||
412 | { | ||
413 | crypto_unregister_template(&crypto_rfc3686_tmpl); | ||
414 | crypto_unregister_template(&crypto_ctr_tmpl); | ||
415 | } | ||
416 | |||
417 | module_init(crypto_ctr_module_init); | ||
418 | module_exit(crypto_ctr_module_exit); | ||
419 | |||
420 | MODULE_LICENSE("GPL"); | ||
421 | MODULE_DESCRIPTION("CTR Counter block mode"); | ||
422 | MODULE_ALIAS("rfc3686"); | ||
diff --git a/crypto/des_generic.c b/crypto/des_generic.c index 59966d14b8e0..355ecb71cb0d 100644 --- a/crypto/des_generic.c +++ b/crypto/des_generic.c | |||
@@ -20,13 +20,7 @@ | |||
20 | #include <linux/crypto.h> | 20 | #include <linux/crypto.h> |
21 | #include <linux/types.h> | 21 | #include <linux/types.h> |
22 | 22 | ||
23 | #define DES_KEY_SIZE 8 | 23 | #include <crypto/des.h> |
24 | #define DES_EXPKEY_WORDS 32 | ||
25 | #define DES_BLOCK_SIZE 8 | ||
26 | |||
27 | #define DES3_EDE_KEY_SIZE (3 * DES_KEY_SIZE) | ||
28 | #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS) | ||
29 | #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE | ||
30 | 24 | ||
31 | #define ROL(x, r) ((x) = rol32((x), (r))) | 25 | #define ROL(x, r) ((x) = rol32((x), (r))) |
32 | #define ROR(x, r) ((x) = ror32((x), (r))) | 26 | #define ROR(x, r) ((x) = ror32((x), (r))) |
@@ -634,7 +628,7 @@ static const u32 S8[64] = { | |||
634 | * Choice 1 has operated on the key. | 628 | * Choice 1 has operated on the key. |
635 | * | 629 | * |
636 | */ | 630 | */ |
637 | static unsigned long ekey(u32 *pe, const u8 *k) | 631 | unsigned long des_ekey(u32 *pe, const u8 *k) |
638 | { | 632 | { |
639 | /* K&R: long is at least 32 bits */ | 633 | /* K&R: long is at least 32 bits */ |
640 | unsigned long a, b, c, d, w; | 634 | unsigned long a, b, c, d, w; |
@@ -709,6 +703,7 @@ static unsigned long ekey(u32 *pe, const u8 *k) | |||
709 | /* Zero if weak key */ | 703 | /* Zero if weak key */ |
710 | return w; | 704 | return w; |
711 | } | 705 | } |
706 | EXPORT_SYMBOL_GPL(des_ekey); | ||
712 | 707 | ||
713 | /* | 708 | /* |
714 | * Decryption key expansion | 709 | * Decryption key expansion |
@@ -792,7 +787,7 @@ static int des_setkey(struct crypto_tfm *tfm, const u8 *key, | |||
792 | int ret; | 787 | int ret; |
793 | 788 | ||
794 | /* Expand to tmp */ | 789 | /* Expand to tmp */ |
795 | ret = ekey(tmp, key); | 790 | ret = des_ekey(tmp, key); |
796 | 791 | ||
797 | if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { | 792 | if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { |
798 | *flags |= CRYPTO_TFM_RES_WEAK_KEY; | 793 | *flags |= CRYPTO_TFM_RES_WEAK_KEY; |
@@ -879,9 +874,9 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key, | |||
879 | return -EINVAL; | 874 | return -EINVAL; |
880 | } | 875 | } |
881 | 876 | ||
882 | ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; | 877 | des_ekey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; |
883 | dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; | 878 | dkey(expkey, key); expkey += DES_EXPKEY_WORDS; key += DES_KEY_SIZE; |
884 | ekey(expkey, key); | 879 | des_ekey(expkey, key); |
885 | 880 | ||
886 | return 0; | 881 | return 0; |
887 | } | 882 | } |
diff --git a/crypto/digest.c b/crypto/digest.c index 8871dec8cae7..6fd43bddd545 100644 --- a/crypto/digest.c +++ b/crypto/digest.c | |||
@@ -12,6 +12,7 @@ | |||
12 | * | 12 | * |
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include <crypto/scatterwalk.h> | ||
15 | #include <linux/mm.h> | 16 | #include <linux/mm.h> |
16 | #include <linux/errno.h> | 17 | #include <linux/errno.h> |
17 | #include <linux/hardirq.h> | 18 | #include <linux/hardirq.h> |
@@ -20,9 +21,6 @@ | |||
20 | #include <linux/module.h> | 21 | #include <linux/module.h> |
21 | #include <linux/scatterlist.h> | 22 | #include <linux/scatterlist.h> |
22 | 23 | ||
23 | #include "internal.h" | ||
24 | #include "scatterwalk.h" | ||
25 | |||
26 | static int init(struct hash_desc *desc) | 24 | static int init(struct hash_desc *desc) |
27 | { | 25 | { |
28 | struct crypto_tfm *tfm = crypto_hash_tfm(desc->tfm); | 26 | struct crypto_tfm *tfm = crypto_hash_tfm(desc->tfm); |
diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c new file mode 100644 index 000000000000..eb90d27ae118 --- /dev/null +++ b/crypto/eseqiv.c | |||
@@ -0,0 +1,264 @@ | |||
1 | /* | ||
2 | * eseqiv: Encrypted Sequence Number IV Generator | ||
3 | * | ||
4 | * This generator generates an IV based on a sequence number by xoring it | ||
5 | * with a salt and then encrypting it with the same key as used to encrypt | ||
6 | * the plain text. This algorithm requires that the block size be equal | ||
7 | * to the IV size. It is mainly useful for CBC. | ||
8 | * | ||
9 | * Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au> | ||
10 | * | ||
11 | * This program is free software; you can redistribute it and/or modify it | ||
12 | * under the terms of the GNU General Public License as published by the Free | ||
13 | * Software Foundation; either version 2 of the License, or (at your option) | ||
14 | * any later version. | ||
15 | * | ||
16 | */ | ||
17 | |||
18 | #include <crypto/internal/skcipher.h> | ||
19 | #include <crypto/scatterwalk.h> | ||
20 | #include <linux/err.h> | ||
21 | #include <linux/init.h> | ||
22 | #include <linux/kernel.h> | ||
23 | #include <linux/mm.h> | ||
24 | #include <linux/module.h> | ||
25 | #include <linux/random.h> | ||
26 | #include <linux/scatterlist.h> | ||
27 | #include <linux/spinlock.h> | ||
28 | #include <linux/string.h> | ||
29 | |||
30 | struct eseqiv_request_ctx { | ||
31 | struct scatterlist src[2]; | ||
32 | struct scatterlist dst[2]; | ||
33 | char tail[]; | ||
34 | }; | ||
35 | |||
36 | struct eseqiv_ctx { | ||
37 | spinlock_t lock; | ||
38 | unsigned int reqoff; | ||
39 | char salt[]; | ||
40 | }; | ||
41 | |||
42 | static void eseqiv_complete2(struct skcipher_givcrypt_request *req) | ||
43 | { | ||
44 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
45 | struct eseqiv_request_ctx *reqctx = skcipher_givcrypt_reqctx(req); | ||
46 | |||
47 | memcpy(req->giv, PTR_ALIGN((u8 *)reqctx->tail, | ||
48 | crypto_ablkcipher_alignmask(geniv) + 1), | ||
49 | crypto_ablkcipher_ivsize(geniv)); | ||
50 | } | ||
51 | |||
52 | static void eseqiv_complete(struct crypto_async_request *base, int err) | ||
53 | { | ||
54 | struct skcipher_givcrypt_request *req = base->data; | ||
55 | |||
56 | if (err) | ||
57 | goto out; | ||
58 | |||
59 | eseqiv_complete2(req); | ||
60 | |||
61 | out: | ||
62 | skcipher_givcrypt_complete(req, err); | ||
63 | } | ||
64 | |||
65 | static void eseqiv_chain(struct scatterlist *head, struct scatterlist *sg, | ||
66 | int chain) | ||
67 | { | ||
68 | if (chain) { | ||
69 | head->length += sg->length; | ||
70 | sg = scatterwalk_sg_next(sg); | ||
71 | } | ||
72 | |||
73 | if (sg) | ||
74 | scatterwalk_sg_chain(head, 2, sg); | ||
75 | else | ||
76 | sg_mark_end(head); | ||
77 | } | ||
78 | |||
79 | static int eseqiv_givencrypt(struct skcipher_givcrypt_request *req) | ||
80 | { | ||
81 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
82 | struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
83 | struct eseqiv_request_ctx *reqctx = skcipher_givcrypt_reqctx(req); | ||
84 | struct ablkcipher_request *subreq; | ||
85 | crypto_completion_t complete; | ||
86 | void *data; | ||
87 | struct scatterlist *osrc, *odst; | ||
88 | struct scatterlist *dst; | ||
89 | struct page *srcp; | ||
90 | struct page *dstp; | ||
91 | u8 *giv; | ||
92 | u8 *vsrc; | ||
93 | u8 *vdst; | ||
94 | __be64 seq; | ||
95 | unsigned int ivsize; | ||
96 | unsigned int len; | ||
97 | int err; | ||
98 | |||
99 | subreq = (void *)(reqctx->tail + ctx->reqoff); | ||
100 | ablkcipher_request_set_tfm(subreq, skcipher_geniv_cipher(geniv)); | ||
101 | |||
102 | giv = req->giv; | ||
103 | complete = req->creq.base.complete; | ||
104 | data = req->creq.base.data; | ||
105 | |||
106 | osrc = req->creq.src; | ||
107 | odst = req->creq.dst; | ||
108 | srcp = sg_page(osrc); | ||
109 | dstp = sg_page(odst); | ||
110 | vsrc = PageHighMem(srcp) ? NULL : page_address(srcp) + osrc->offset; | ||
111 | vdst = PageHighMem(dstp) ? NULL : page_address(dstp) + odst->offset; | ||
112 | |||
113 | ivsize = crypto_ablkcipher_ivsize(geniv); | ||
114 | |||
115 | if (vsrc != giv + ivsize && vdst != giv + ivsize) { | ||
116 | giv = PTR_ALIGN((u8 *)reqctx->tail, | ||
117 | crypto_ablkcipher_alignmask(geniv) + 1); | ||
118 | complete = eseqiv_complete; | ||
119 | data = req; | ||
120 | } | ||
121 | |||
122 | ablkcipher_request_set_callback(subreq, req->creq.base.flags, complete, | ||
123 | data); | ||
124 | |||
125 | sg_init_table(reqctx->src, 2); | ||
126 | sg_set_buf(reqctx->src, giv, ivsize); | ||
127 | eseqiv_chain(reqctx->src, osrc, vsrc == giv + ivsize); | ||
128 | |||
129 | dst = reqctx->src; | ||
130 | if (osrc != odst) { | ||
131 | sg_init_table(reqctx->dst, 2); | ||
132 | sg_set_buf(reqctx->dst, giv, ivsize); | ||
133 | eseqiv_chain(reqctx->dst, odst, vdst == giv + ivsize); | ||
134 | |||
135 | dst = reqctx->dst; | ||
136 | } | ||
137 | |||
138 | ablkcipher_request_set_crypt(subreq, reqctx->src, dst, | ||
139 | req->creq.nbytes, req->creq.info); | ||
140 | |||
141 | memcpy(req->creq.info, ctx->salt, ivsize); | ||
142 | |||
143 | len = ivsize; | ||
144 | if (ivsize > sizeof(u64)) { | ||
145 | memset(req->giv, 0, ivsize - sizeof(u64)); | ||
146 | len = sizeof(u64); | ||
147 | } | ||
148 | seq = cpu_to_be64(req->seq); | ||
149 | memcpy(req->giv + ivsize - len, &seq, len); | ||
150 | |||
151 | err = crypto_ablkcipher_encrypt(subreq); | ||
152 | if (err) | ||
153 | goto out; | ||
154 | |||
155 | eseqiv_complete2(req); | ||
156 | |||
157 | out: | ||
158 | return err; | ||
159 | } | ||
160 | |||
161 | static int eseqiv_givencrypt_first(struct skcipher_givcrypt_request *req) | ||
162 | { | ||
163 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
164 | struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
165 | |||
166 | spin_lock_bh(&ctx->lock); | ||
167 | if (crypto_ablkcipher_crt(geniv)->givencrypt != eseqiv_givencrypt_first) | ||
168 | goto unlock; | ||
169 | |||
170 | crypto_ablkcipher_crt(geniv)->givencrypt = eseqiv_givencrypt; | ||
171 | get_random_bytes(ctx->salt, crypto_ablkcipher_ivsize(geniv)); | ||
172 | |||
173 | unlock: | ||
174 | spin_unlock_bh(&ctx->lock); | ||
175 | |||
176 | return eseqiv_givencrypt(req); | ||
177 | } | ||
178 | |||
179 | static int eseqiv_init(struct crypto_tfm *tfm) | ||
180 | { | ||
181 | struct crypto_ablkcipher *geniv = __crypto_ablkcipher_cast(tfm); | ||
182 | struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
183 | unsigned long alignmask; | ||
184 | unsigned int reqsize; | ||
185 | |||
186 | spin_lock_init(&ctx->lock); | ||
187 | |||
188 | alignmask = crypto_tfm_ctx_alignment() - 1; | ||
189 | reqsize = sizeof(struct eseqiv_request_ctx); | ||
190 | |||
191 | if (alignmask & reqsize) { | ||
192 | alignmask &= reqsize; | ||
193 | alignmask--; | ||
194 | } | ||
195 | |||
196 | alignmask = ~alignmask; | ||
197 | alignmask &= crypto_ablkcipher_alignmask(geniv); | ||
198 | |||
199 | reqsize += alignmask; | ||
200 | reqsize += crypto_ablkcipher_ivsize(geniv); | ||
201 | reqsize = ALIGN(reqsize, crypto_tfm_ctx_alignment()); | ||
202 | |||
203 | ctx->reqoff = reqsize - sizeof(struct eseqiv_request_ctx); | ||
204 | |||
205 | tfm->crt_ablkcipher.reqsize = reqsize + | ||
206 | sizeof(struct ablkcipher_request); | ||
207 | |||
208 | return skcipher_geniv_init(tfm); | ||
209 | } | ||
210 | |||
211 | static struct crypto_template eseqiv_tmpl; | ||
212 | |||
213 | static struct crypto_instance *eseqiv_alloc(struct rtattr **tb) | ||
214 | { | ||
215 | struct crypto_instance *inst; | ||
216 | int err; | ||
217 | |||
218 | inst = skcipher_geniv_alloc(&eseqiv_tmpl, tb, 0, 0); | ||
219 | if (IS_ERR(inst)) | ||
220 | goto out; | ||
221 | |||
222 | err = -EINVAL; | ||
223 | if (inst->alg.cra_ablkcipher.ivsize != inst->alg.cra_blocksize) | ||
224 | goto free_inst; | ||
225 | |||
226 | inst->alg.cra_ablkcipher.givencrypt = eseqiv_givencrypt_first; | ||
227 | |||
228 | inst->alg.cra_init = eseqiv_init; | ||
229 | inst->alg.cra_exit = skcipher_geniv_exit; | ||
230 | |||
231 | inst->alg.cra_ctxsize = sizeof(struct eseqiv_ctx); | ||
232 | inst->alg.cra_ctxsize += inst->alg.cra_ablkcipher.ivsize; | ||
233 | |||
234 | out: | ||
235 | return inst; | ||
236 | |||
237 | free_inst: | ||
238 | skcipher_geniv_free(inst); | ||
239 | inst = ERR_PTR(err); | ||
240 | goto out; | ||
241 | } | ||
242 | |||
243 | static struct crypto_template eseqiv_tmpl = { | ||
244 | .name = "eseqiv", | ||
245 | .alloc = eseqiv_alloc, | ||
246 | .free = skcipher_geniv_free, | ||
247 | .module = THIS_MODULE, | ||
248 | }; | ||
249 | |||
250 | static int __init eseqiv_module_init(void) | ||
251 | { | ||
252 | return crypto_register_template(&eseqiv_tmpl); | ||
253 | } | ||
254 | |||
255 | static void __exit eseqiv_module_exit(void) | ||
256 | { | ||
257 | crypto_unregister_template(&eseqiv_tmpl); | ||
258 | } | ||
259 | |||
260 | module_init(eseqiv_module_init); | ||
261 | module_exit(eseqiv_module_exit); | ||
262 | |||
263 | MODULE_LICENSE("GPL"); | ||
264 | MODULE_DESCRIPTION("Encrypted Sequence Number IV Generator"); | ||
diff --git a/crypto/gcm.c b/crypto/gcm.c new file mode 100644 index 000000000000..e70afd0c73dd --- /dev/null +++ b/crypto/gcm.c | |||
@@ -0,0 +1,823 @@ | |||
1 | /* | ||
2 | * GCM: Galois/Counter Mode. | ||
3 | * | ||
4 | * Copyright (c) 2007 Nokia Siemens Networks - Mikko Herranen <mh1@iki.fi> | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify it | ||
7 | * under the terms of the GNU General Public License version 2 as published | ||
8 | * by the Free Software Foundation. | ||
9 | */ | ||
10 | |||
11 | #include <crypto/gf128mul.h> | ||
12 | #include <crypto/internal/aead.h> | ||
13 | #include <crypto/internal/skcipher.h> | ||
14 | #include <crypto/scatterwalk.h> | ||
15 | #include <linux/completion.h> | ||
16 | #include <linux/err.h> | ||
17 | #include <linux/init.h> | ||
18 | #include <linux/kernel.h> | ||
19 | #include <linux/module.h> | ||
20 | #include <linux/slab.h> | ||
21 | |||
22 | struct gcm_instance_ctx { | ||
23 | struct crypto_skcipher_spawn ctr; | ||
24 | }; | ||
25 | |||
26 | struct crypto_gcm_ctx { | ||
27 | struct crypto_ablkcipher *ctr; | ||
28 | struct gf128mul_4k *gf128; | ||
29 | }; | ||
30 | |||
31 | struct crypto_rfc4106_ctx { | ||
32 | struct crypto_aead *child; | ||
33 | u8 nonce[4]; | ||
34 | }; | ||
35 | |||
36 | struct crypto_gcm_ghash_ctx { | ||
37 | u32 bytes; | ||
38 | u32 flags; | ||
39 | struct gf128mul_4k *gf128; | ||
40 | u8 buffer[16]; | ||
41 | }; | ||
42 | |||
43 | struct crypto_gcm_req_priv_ctx { | ||
44 | u8 auth_tag[16]; | ||
45 | u8 iauth_tag[16]; | ||
46 | struct scatterlist src[2]; | ||
47 | struct scatterlist dst[2]; | ||
48 | struct crypto_gcm_ghash_ctx ghash; | ||
49 | struct ablkcipher_request abreq; | ||
50 | }; | ||
51 | |||
52 | struct crypto_gcm_setkey_result { | ||
53 | int err; | ||
54 | struct completion completion; | ||
55 | }; | ||
56 | |||
57 | static inline struct crypto_gcm_req_priv_ctx *crypto_gcm_reqctx( | ||
58 | struct aead_request *req) | ||
59 | { | ||
60 | unsigned long align = crypto_aead_alignmask(crypto_aead_reqtfm(req)); | ||
61 | |||
62 | return (void *)PTR_ALIGN((u8 *)aead_request_ctx(req), align + 1); | ||
63 | } | ||
64 | |||
65 | static void crypto_gcm_ghash_init(struct crypto_gcm_ghash_ctx *ctx, u32 flags, | ||
66 | struct gf128mul_4k *gf128) | ||
67 | { | ||
68 | ctx->bytes = 0; | ||
69 | ctx->flags = flags; | ||
70 | ctx->gf128 = gf128; | ||
71 | memset(ctx->buffer, 0, 16); | ||
72 | } | ||
73 | |||
74 | static void crypto_gcm_ghash_update(struct crypto_gcm_ghash_ctx *ctx, | ||
75 | const u8 *src, unsigned int srclen) | ||
76 | { | ||
77 | u8 *dst = ctx->buffer; | ||
78 | |||
79 | if (ctx->bytes) { | ||
80 | int n = min(srclen, ctx->bytes); | ||
81 | u8 *pos = dst + (16 - ctx->bytes); | ||
82 | |||
83 | ctx->bytes -= n; | ||
84 | srclen -= n; | ||
85 | |||
86 | while (n--) | ||
87 | *pos++ ^= *src++; | ||
88 | |||
89 | if (!ctx->bytes) | ||
90 | gf128mul_4k_lle((be128 *)dst, ctx->gf128); | ||
91 | } | ||
92 | |||
93 | while (srclen >= 16) { | ||
94 | crypto_xor(dst, src, 16); | ||
95 | gf128mul_4k_lle((be128 *)dst, ctx->gf128); | ||
96 | src += 16; | ||
97 | srclen -= 16; | ||
98 | } | ||
99 | |||
100 | if (srclen) { | ||
101 | ctx->bytes = 16 - srclen; | ||
102 | while (srclen--) | ||
103 | *dst++ ^= *src++; | ||
104 | } | ||
105 | } | ||
106 | |||
107 | static void crypto_gcm_ghash_update_sg(struct crypto_gcm_ghash_ctx *ctx, | ||
108 | struct scatterlist *sg, int len) | ||
109 | { | ||
110 | struct scatter_walk walk; | ||
111 | u8 *src; | ||
112 | int n; | ||
113 | |||
114 | if (!len) | ||
115 | return; | ||
116 | |||
117 | scatterwalk_start(&walk, sg); | ||
118 | |||
119 | while (len) { | ||
120 | n = scatterwalk_clamp(&walk, len); | ||
121 | |||
122 | if (!n) { | ||
123 | scatterwalk_start(&walk, scatterwalk_sg_next(walk.sg)); | ||
124 | n = scatterwalk_clamp(&walk, len); | ||
125 | } | ||
126 | |||
127 | src = scatterwalk_map(&walk, 0); | ||
128 | |||
129 | crypto_gcm_ghash_update(ctx, src, n); | ||
130 | len -= n; | ||
131 | |||
132 | scatterwalk_unmap(src, 0); | ||
133 | scatterwalk_advance(&walk, n); | ||
134 | scatterwalk_done(&walk, 0, len); | ||
135 | if (len) | ||
136 | crypto_yield(ctx->flags); | ||
137 | } | ||
138 | } | ||
139 | |||
140 | static void crypto_gcm_ghash_flush(struct crypto_gcm_ghash_ctx *ctx) | ||
141 | { | ||
142 | u8 *dst = ctx->buffer; | ||
143 | |||
144 | if (ctx->bytes) { | ||
145 | u8 *tmp = dst + (16 - ctx->bytes); | ||
146 | |||
147 | while (ctx->bytes--) | ||
148 | *tmp++ ^= 0; | ||
149 | |||
150 | gf128mul_4k_lle((be128 *)dst, ctx->gf128); | ||
151 | } | ||
152 | |||
153 | ctx->bytes = 0; | ||
154 | } | ||
155 | |||
156 | static void crypto_gcm_ghash_final_xor(struct crypto_gcm_ghash_ctx *ctx, | ||
157 | unsigned int authlen, | ||
158 | unsigned int cryptlen, u8 *dst) | ||
159 | { | ||
160 | u8 *buf = ctx->buffer; | ||
161 | u128 lengths; | ||
162 | |||
163 | lengths.a = cpu_to_be64(authlen * 8); | ||
164 | lengths.b = cpu_to_be64(cryptlen * 8); | ||
165 | |||
166 | crypto_gcm_ghash_flush(ctx); | ||
167 | crypto_xor(buf, (u8 *)&lengths, 16); | ||
168 | gf128mul_4k_lle((be128 *)buf, ctx->gf128); | ||
169 | crypto_xor(dst, buf, 16); | ||
170 | } | ||
171 | |||
172 | static void crypto_gcm_setkey_done(struct crypto_async_request *req, int err) | ||
173 | { | ||
174 | struct crypto_gcm_setkey_result *result = req->data; | ||
175 | |||
176 | if (err == -EINPROGRESS) | ||
177 | return; | ||
178 | |||
179 | result->err = err; | ||
180 | complete(&result->completion); | ||
181 | } | ||
182 | |||
183 | static int crypto_gcm_setkey(struct crypto_aead *aead, const u8 *key, | ||
184 | unsigned int keylen) | ||
185 | { | ||
186 | struct crypto_gcm_ctx *ctx = crypto_aead_ctx(aead); | ||
187 | struct crypto_ablkcipher *ctr = ctx->ctr; | ||
188 | struct { | ||
189 | be128 hash; | ||
190 | u8 iv[8]; | ||
191 | |||
192 | struct crypto_gcm_setkey_result result; | ||
193 | |||
194 | struct scatterlist sg[1]; | ||
195 | struct ablkcipher_request req; | ||
196 | } *data; | ||
197 | int err; | ||
198 | |||
199 | crypto_ablkcipher_clear_flags(ctr, CRYPTO_TFM_REQ_MASK); | ||
200 | crypto_ablkcipher_set_flags(ctr, crypto_aead_get_flags(aead) & | ||
201 | CRYPTO_TFM_REQ_MASK); | ||
202 | |||
203 | err = crypto_ablkcipher_setkey(ctr, key, keylen); | ||
204 | if (err) | ||
205 | return err; | ||
206 | |||
207 | crypto_aead_set_flags(aead, crypto_ablkcipher_get_flags(ctr) & | ||
208 | CRYPTO_TFM_RES_MASK); | ||
209 | |||
210 | data = kzalloc(sizeof(*data) + crypto_ablkcipher_reqsize(ctr), | ||
211 | GFP_KERNEL); | ||
212 | if (!data) | ||
213 | return -ENOMEM; | ||
214 | |||
215 | init_completion(&data->result.completion); | ||
216 | sg_init_one(data->sg, &data->hash, sizeof(data->hash)); | ||
217 | ablkcipher_request_set_tfm(&data->req, ctr); | ||
218 | ablkcipher_request_set_callback(&data->req, CRYPTO_TFM_REQ_MAY_SLEEP | | ||
219 | CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
220 | crypto_gcm_setkey_done, | ||
221 | &data->result); | ||
222 | ablkcipher_request_set_crypt(&data->req, data->sg, data->sg, | ||
223 | sizeof(data->hash), data->iv); | ||
224 | |||
225 | err = crypto_ablkcipher_encrypt(&data->req); | ||
226 | if (err == -EINPROGRESS || err == -EBUSY) { | ||
227 | err = wait_for_completion_interruptible( | ||
228 | &data->result.completion); | ||
229 | if (!err) | ||
230 | err = data->result.err; | ||
231 | } | ||
232 | |||
233 | if (err) | ||
234 | goto out; | ||
235 | |||
236 | if (ctx->gf128 != NULL) | ||
237 | gf128mul_free_4k(ctx->gf128); | ||
238 | |||
239 | ctx->gf128 = gf128mul_init_4k_lle(&data->hash); | ||
240 | |||
241 | if (ctx->gf128 == NULL) | ||
242 | err = -ENOMEM; | ||
243 | |||
244 | out: | ||
245 | kfree(data); | ||
246 | return err; | ||
247 | } | ||
248 | |||
249 | static int crypto_gcm_setauthsize(struct crypto_aead *tfm, | ||
250 | unsigned int authsize) | ||
251 | { | ||
252 | switch (authsize) { | ||
253 | case 4: | ||
254 | case 8: | ||
255 | case 12: | ||
256 | case 13: | ||
257 | case 14: | ||
258 | case 15: | ||
259 | case 16: | ||
260 | break; | ||
261 | default: | ||
262 | return -EINVAL; | ||
263 | } | ||
264 | |||
265 | return 0; | ||
266 | } | ||
267 | |||
268 | static void crypto_gcm_init_crypt(struct ablkcipher_request *ablk_req, | ||
269 | struct aead_request *req, | ||
270 | unsigned int cryptlen) | ||
271 | { | ||
272 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
273 | struct crypto_gcm_ctx *ctx = crypto_aead_ctx(aead); | ||
274 | struct crypto_gcm_req_priv_ctx *pctx = crypto_gcm_reqctx(req); | ||
275 | u32 flags = req->base.tfm->crt_flags; | ||
276 | struct crypto_gcm_ghash_ctx *ghash = &pctx->ghash; | ||
277 | struct scatterlist *dst; | ||
278 | __be32 counter = cpu_to_be32(1); | ||
279 | |||
280 | memset(pctx->auth_tag, 0, sizeof(pctx->auth_tag)); | ||
281 | memcpy(req->iv + 12, &counter, 4); | ||
282 | |||
283 | sg_init_table(pctx->src, 2); | ||
284 | sg_set_buf(pctx->src, pctx->auth_tag, sizeof(pctx->auth_tag)); | ||
285 | scatterwalk_sg_chain(pctx->src, 2, req->src); | ||
286 | |||
287 | dst = pctx->src; | ||
288 | if (req->src != req->dst) { | ||
289 | sg_init_table(pctx->dst, 2); | ||
290 | sg_set_buf(pctx->dst, pctx->auth_tag, sizeof(pctx->auth_tag)); | ||
291 | scatterwalk_sg_chain(pctx->dst, 2, req->dst); | ||
292 | dst = pctx->dst; | ||
293 | } | ||
294 | |||
295 | ablkcipher_request_set_tfm(ablk_req, ctx->ctr); | ||
296 | ablkcipher_request_set_crypt(ablk_req, pctx->src, dst, | ||
297 | cryptlen + sizeof(pctx->auth_tag), | ||
298 | req->iv); | ||
299 | |||
300 | crypto_gcm_ghash_init(ghash, flags, ctx->gf128); | ||
301 | |||
302 | crypto_gcm_ghash_update_sg(ghash, req->assoc, req->assoclen); | ||
303 | crypto_gcm_ghash_flush(ghash); | ||
304 | } | ||
305 | |||
306 | static int crypto_gcm_hash(struct aead_request *req) | ||
307 | { | ||
308 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
309 | struct crypto_gcm_req_priv_ctx *pctx = crypto_gcm_reqctx(req); | ||
310 | u8 *auth_tag = pctx->auth_tag; | ||
311 | struct crypto_gcm_ghash_ctx *ghash = &pctx->ghash; | ||
312 | |||
313 | crypto_gcm_ghash_update_sg(ghash, req->dst, req->cryptlen); | ||
314 | crypto_gcm_ghash_final_xor(ghash, req->assoclen, req->cryptlen, | ||
315 | auth_tag); | ||
316 | |||
317 | scatterwalk_map_and_copy(auth_tag, req->dst, req->cryptlen, | ||
318 | crypto_aead_authsize(aead), 1); | ||
319 | return 0; | ||
320 | } | ||
321 | |||
322 | static void crypto_gcm_encrypt_done(struct crypto_async_request *areq, int err) | ||
323 | { | ||
324 | struct aead_request *req = areq->data; | ||
325 | |||
326 | if (!err) | ||
327 | err = crypto_gcm_hash(req); | ||
328 | |||
329 | aead_request_complete(req, err); | ||
330 | } | ||
331 | |||
332 | static int crypto_gcm_encrypt(struct aead_request *req) | ||
333 | { | ||
334 | struct crypto_gcm_req_priv_ctx *pctx = crypto_gcm_reqctx(req); | ||
335 | struct ablkcipher_request *abreq = &pctx->abreq; | ||
336 | int err; | ||
337 | |||
338 | crypto_gcm_init_crypt(abreq, req, req->cryptlen); | ||
339 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), | ||
340 | crypto_gcm_encrypt_done, req); | ||
341 | |||
342 | err = crypto_ablkcipher_encrypt(abreq); | ||
343 | if (err) | ||
344 | return err; | ||
345 | |||
346 | return crypto_gcm_hash(req); | ||
347 | } | ||
348 | |||
349 | static int crypto_gcm_verify(struct aead_request *req) | ||
350 | { | ||
351 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
352 | struct crypto_gcm_req_priv_ctx *pctx = crypto_gcm_reqctx(req); | ||
353 | struct crypto_gcm_ghash_ctx *ghash = &pctx->ghash; | ||
354 | u8 *auth_tag = pctx->auth_tag; | ||
355 | u8 *iauth_tag = pctx->iauth_tag; | ||
356 | unsigned int authsize = crypto_aead_authsize(aead); | ||
357 | unsigned int cryptlen = req->cryptlen - authsize; | ||
358 | |||
359 | crypto_gcm_ghash_final_xor(ghash, req->assoclen, cryptlen, auth_tag); | ||
360 | |||
361 | authsize = crypto_aead_authsize(aead); | ||
362 | scatterwalk_map_and_copy(iauth_tag, req->src, cryptlen, authsize, 0); | ||
363 | return memcmp(iauth_tag, auth_tag, authsize) ? -EBADMSG : 0; | ||
364 | } | ||
365 | |||
366 | static void crypto_gcm_decrypt_done(struct crypto_async_request *areq, int err) | ||
367 | { | ||
368 | struct aead_request *req = areq->data; | ||
369 | |||
370 | if (!err) | ||
371 | err = crypto_gcm_verify(req); | ||
372 | |||
373 | aead_request_complete(req, err); | ||
374 | } | ||
375 | |||
376 | static int crypto_gcm_decrypt(struct aead_request *req) | ||
377 | { | ||
378 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
379 | struct crypto_gcm_req_priv_ctx *pctx = crypto_gcm_reqctx(req); | ||
380 | struct ablkcipher_request *abreq = &pctx->abreq; | ||
381 | struct crypto_gcm_ghash_ctx *ghash = &pctx->ghash; | ||
382 | unsigned int cryptlen = req->cryptlen; | ||
383 | unsigned int authsize = crypto_aead_authsize(aead); | ||
384 | int err; | ||
385 | |||
386 | if (cryptlen < authsize) | ||
387 | return -EINVAL; | ||
388 | cryptlen -= authsize; | ||
389 | |||
390 | crypto_gcm_init_crypt(abreq, req, cryptlen); | ||
391 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), | ||
392 | crypto_gcm_decrypt_done, req); | ||
393 | |||
394 | crypto_gcm_ghash_update_sg(ghash, req->src, cryptlen); | ||
395 | |||
396 | err = crypto_ablkcipher_decrypt(abreq); | ||
397 | if (err) | ||
398 | return err; | ||
399 | |||
400 | return crypto_gcm_verify(req); | ||
401 | } | ||
402 | |||
403 | static int crypto_gcm_init_tfm(struct crypto_tfm *tfm) | ||
404 | { | ||
405 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | ||
406 | struct gcm_instance_ctx *ictx = crypto_instance_ctx(inst); | ||
407 | struct crypto_gcm_ctx *ctx = crypto_tfm_ctx(tfm); | ||
408 | struct crypto_ablkcipher *ctr; | ||
409 | unsigned long align; | ||
410 | int err; | ||
411 | |||
412 | ctr = crypto_spawn_skcipher(&ictx->ctr); | ||
413 | err = PTR_ERR(ctr); | ||
414 | if (IS_ERR(ctr)) | ||
415 | return err; | ||
416 | |||
417 | ctx->ctr = ctr; | ||
418 | ctx->gf128 = NULL; | ||
419 | |||
420 | align = crypto_tfm_alg_alignmask(tfm); | ||
421 | align &= ~(crypto_tfm_ctx_alignment() - 1); | ||
422 | tfm->crt_aead.reqsize = align + | ||
423 | sizeof(struct crypto_gcm_req_priv_ctx) + | ||
424 | crypto_ablkcipher_reqsize(ctr); | ||
425 | |||
426 | return 0; | ||
427 | } | ||
428 | |||
429 | static void crypto_gcm_exit_tfm(struct crypto_tfm *tfm) | ||
430 | { | ||
431 | struct crypto_gcm_ctx *ctx = crypto_tfm_ctx(tfm); | ||
432 | |||
433 | if (ctx->gf128 != NULL) | ||
434 | gf128mul_free_4k(ctx->gf128); | ||
435 | |||
436 | crypto_free_ablkcipher(ctx->ctr); | ||
437 | } | ||
438 | |||
439 | static struct crypto_instance *crypto_gcm_alloc_common(struct rtattr **tb, | ||
440 | const char *full_name, | ||
441 | const char *ctr_name) | ||
442 | { | ||
443 | struct crypto_attr_type *algt; | ||
444 | struct crypto_instance *inst; | ||
445 | struct crypto_alg *ctr; | ||
446 | struct gcm_instance_ctx *ctx; | ||
447 | int err; | ||
448 | |||
449 | algt = crypto_get_attr_type(tb); | ||
450 | err = PTR_ERR(algt); | ||
451 | if (IS_ERR(algt)) | ||
452 | return ERR_PTR(err); | ||
453 | |||
454 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask) | ||
455 | return ERR_PTR(-EINVAL); | ||
456 | |||
457 | inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); | ||
458 | if (!inst) | ||
459 | return ERR_PTR(-ENOMEM); | ||
460 | |||
461 | ctx = crypto_instance_ctx(inst); | ||
462 | crypto_set_skcipher_spawn(&ctx->ctr, inst); | ||
463 | err = crypto_grab_skcipher(&ctx->ctr, ctr_name, 0, | ||
464 | crypto_requires_sync(algt->type, | ||
465 | algt->mask)); | ||
466 | if (err) | ||
467 | goto err_free_inst; | ||
468 | |||
469 | ctr = crypto_skcipher_spawn_alg(&ctx->ctr); | ||
470 | |||
471 | /* We only support 16-byte blocks. */ | ||
472 | if (ctr->cra_ablkcipher.ivsize != 16) | ||
473 | goto out_put_ctr; | ||
474 | |||
475 | /* Not a stream cipher? */ | ||
476 | err = -EINVAL; | ||
477 | if (ctr->cra_blocksize != 1) | ||
478 | goto out_put_ctr; | ||
479 | |||
480 | err = -ENAMETOOLONG; | ||
481 | if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | ||
482 | "gcm_base(%s)", ctr->cra_driver_name) >= | ||
483 | CRYPTO_MAX_ALG_NAME) | ||
484 | goto out_put_ctr; | ||
485 | |||
486 | memcpy(inst->alg.cra_name, full_name, CRYPTO_MAX_ALG_NAME); | ||
487 | |||
488 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD; | ||
489 | inst->alg.cra_flags |= ctr->cra_flags & CRYPTO_ALG_ASYNC; | ||
490 | inst->alg.cra_priority = ctr->cra_priority; | ||
491 | inst->alg.cra_blocksize = 1; | ||
492 | inst->alg.cra_alignmask = ctr->cra_alignmask | (__alignof__(u64) - 1); | ||
493 | inst->alg.cra_type = &crypto_aead_type; | ||
494 | inst->alg.cra_aead.ivsize = 16; | ||
495 | inst->alg.cra_aead.maxauthsize = 16; | ||
496 | inst->alg.cra_ctxsize = sizeof(struct crypto_gcm_ctx); | ||
497 | inst->alg.cra_init = crypto_gcm_init_tfm; | ||
498 | inst->alg.cra_exit = crypto_gcm_exit_tfm; | ||
499 | inst->alg.cra_aead.setkey = crypto_gcm_setkey; | ||
500 | inst->alg.cra_aead.setauthsize = crypto_gcm_setauthsize; | ||
501 | inst->alg.cra_aead.encrypt = crypto_gcm_encrypt; | ||
502 | inst->alg.cra_aead.decrypt = crypto_gcm_decrypt; | ||
503 | |||
504 | out: | ||
505 | return inst; | ||
506 | |||
507 | out_put_ctr: | ||
508 | crypto_drop_skcipher(&ctx->ctr); | ||
509 | err_free_inst: | ||
510 | kfree(inst); | ||
511 | inst = ERR_PTR(err); | ||
512 | goto out; | ||
513 | } | ||
514 | |||
515 | static struct crypto_instance *crypto_gcm_alloc(struct rtattr **tb) | ||
516 | { | ||
517 | int err; | ||
518 | const char *cipher_name; | ||
519 | char ctr_name[CRYPTO_MAX_ALG_NAME]; | ||
520 | char full_name[CRYPTO_MAX_ALG_NAME]; | ||
521 | |||
522 | cipher_name = crypto_attr_alg_name(tb[1]); | ||
523 | err = PTR_ERR(cipher_name); | ||
524 | if (IS_ERR(cipher_name)) | ||
525 | return ERR_PTR(err); | ||
526 | |||
527 | if (snprintf(ctr_name, CRYPTO_MAX_ALG_NAME, "ctr(%s)", cipher_name) >= | ||
528 | CRYPTO_MAX_ALG_NAME) | ||
529 | return ERR_PTR(-ENAMETOOLONG); | ||
530 | |||
531 | if (snprintf(full_name, CRYPTO_MAX_ALG_NAME, "gcm(%s)", cipher_name) >= | ||
532 | CRYPTO_MAX_ALG_NAME) | ||
533 | return ERR_PTR(-ENAMETOOLONG); | ||
534 | |||
535 | return crypto_gcm_alloc_common(tb, full_name, ctr_name); | ||
536 | } | ||
537 | |||
538 | static void crypto_gcm_free(struct crypto_instance *inst) | ||
539 | { | ||
540 | struct gcm_instance_ctx *ctx = crypto_instance_ctx(inst); | ||
541 | |||
542 | crypto_drop_skcipher(&ctx->ctr); | ||
543 | kfree(inst); | ||
544 | } | ||
545 | |||
546 | static struct crypto_template crypto_gcm_tmpl = { | ||
547 | .name = "gcm", | ||
548 | .alloc = crypto_gcm_alloc, | ||
549 | .free = crypto_gcm_free, | ||
550 | .module = THIS_MODULE, | ||
551 | }; | ||
552 | |||
553 | static struct crypto_instance *crypto_gcm_base_alloc(struct rtattr **tb) | ||
554 | { | ||
555 | int err; | ||
556 | const char *ctr_name; | ||
557 | char full_name[CRYPTO_MAX_ALG_NAME]; | ||
558 | |||
559 | ctr_name = crypto_attr_alg_name(tb[1]); | ||
560 | err = PTR_ERR(ctr_name); | ||
561 | if (IS_ERR(ctr_name)) | ||
562 | return ERR_PTR(err); | ||
563 | |||
564 | if (snprintf(full_name, CRYPTO_MAX_ALG_NAME, "gcm_base(%s)", | ||
565 | ctr_name) >= CRYPTO_MAX_ALG_NAME) | ||
566 | return ERR_PTR(-ENAMETOOLONG); | ||
567 | |||
568 | return crypto_gcm_alloc_common(tb, full_name, ctr_name); | ||
569 | } | ||
570 | |||
571 | static struct crypto_template crypto_gcm_base_tmpl = { | ||
572 | .name = "gcm_base", | ||
573 | .alloc = crypto_gcm_base_alloc, | ||
574 | .free = crypto_gcm_free, | ||
575 | .module = THIS_MODULE, | ||
576 | }; | ||
577 | |||
578 | static int crypto_rfc4106_setkey(struct crypto_aead *parent, const u8 *key, | ||
579 | unsigned int keylen) | ||
580 | { | ||
581 | struct crypto_rfc4106_ctx *ctx = crypto_aead_ctx(parent); | ||
582 | struct crypto_aead *child = ctx->child; | ||
583 | int err; | ||
584 | |||
585 | if (keylen < 4) | ||
586 | return -EINVAL; | ||
587 | |||
588 | keylen -= 4; | ||
589 | memcpy(ctx->nonce, key + keylen, 4); | ||
590 | |||
591 | crypto_aead_clear_flags(child, CRYPTO_TFM_REQ_MASK); | ||
592 | crypto_aead_set_flags(child, crypto_aead_get_flags(parent) & | ||
593 | CRYPTO_TFM_REQ_MASK); | ||
594 | err = crypto_aead_setkey(child, key, keylen); | ||
595 | crypto_aead_set_flags(parent, crypto_aead_get_flags(child) & | ||
596 | CRYPTO_TFM_RES_MASK); | ||
597 | |||
598 | return err; | ||
599 | } | ||
600 | |||
601 | static int crypto_rfc4106_setauthsize(struct crypto_aead *parent, | ||
602 | unsigned int authsize) | ||
603 | { | ||
604 | struct crypto_rfc4106_ctx *ctx = crypto_aead_ctx(parent); | ||
605 | |||
606 | switch (authsize) { | ||
607 | case 8: | ||
608 | case 12: | ||
609 | case 16: | ||
610 | break; | ||
611 | default: | ||
612 | return -EINVAL; | ||
613 | } | ||
614 | |||
615 | return crypto_aead_setauthsize(ctx->child, authsize); | ||
616 | } | ||
617 | |||
618 | static struct aead_request *crypto_rfc4106_crypt(struct aead_request *req) | ||
619 | { | ||
620 | struct aead_request *subreq = aead_request_ctx(req); | ||
621 | struct crypto_aead *aead = crypto_aead_reqtfm(req); | ||
622 | struct crypto_rfc4106_ctx *ctx = crypto_aead_ctx(aead); | ||
623 | struct crypto_aead *child = ctx->child; | ||
624 | u8 *iv = PTR_ALIGN((u8 *)(subreq + 1) + crypto_aead_reqsize(child), | ||
625 | crypto_aead_alignmask(child) + 1); | ||
626 | |||
627 | memcpy(iv, ctx->nonce, 4); | ||
628 | memcpy(iv + 4, req->iv, 8); | ||
629 | |||
630 | aead_request_set_tfm(subreq, child); | ||
631 | aead_request_set_callback(subreq, req->base.flags, req->base.complete, | ||
632 | req->base.data); | ||
633 | aead_request_set_crypt(subreq, req->src, req->dst, req->cryptlen, iv); | ||
634 | aead_request_set_assoc(subreq, req->assoc, req->assoclen); | ||
635 | |||
636 | return subreq; | ||
637 | } | ||
638 | |||
639 | static int crypto_rfc4106_encrypt(struct aead_request *req) | ||
640 | { | ||
641 | req = crypto_rfc4106_crypt(req); | ||
642 | |||
643 | return crypto_aead_encrypt(req); | ||
644 | } | ||
645 | |||
646 | static int crypto_rfc4106_decrypt(struct aead_request *req) | ||
647 | { | ||
648 | req = crypto_rfc4106_crypt(req); | ||
649 | |||
650 | return crypto_aead_decrypt(req); | ||
651 | } | ||
652 | |||
653 | static int crypto_rfc4106_init_tfm(struct crypto_tfm *tfm) | ||
654 | { | ||
655 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | ||
656 | struct crypto_aead_spawn *spawn = crypto_instance_ctx(inst); | ||
657 | struct crypto_rfc4106_ctx *ctx = crypto_tfm_ctx(tfm); | ||
658 | struct crypto_aead *aead; | ||
659 | unsigned long align; | ||
660 | |||
661 | aead = crypto_spawn_aead(spawn); | ||
662 | if (IS_ERR(aead)) | ||
663 | return PTR_ERR(aead); | ||
664 | |||
665 | ctx->child = aead; | ||
666 | |||
667 | align = crypto_aead_alignmask(aead); | ||
668 | align &= ~(crypto_tfm_ctx_alignment() - 1); | ||
669 | tfm->crt_aead.reqsize = sizeof(struct aead_request) + | ||
670 | ALIGN(crypto_aead_reqsize(aead), | ||
671 | crypto_tfm_ctx_alignment()) + | ||
672 | align + 16; | ||
673 | |||
674 | return 0; | ||
675 | } | ||
676 | |||
677 | static void crypto_rfc4106_exit_tfm(struct crypto_tfm *tfm) | ||
678 | { | ||
679 | struct crypto_rfc4106_ctx *ctx = crypto_tfm_ctx(tfm); | ||
680 | |||
681 | crypto_free_aead(ctx->child); | ||
682 | } | ||
683 | |||
684 | static struct crypto_instance *crypto_rfc4106_alloc(struct rtattr **tb) | ||
685 | { | ||
686 | struct crypto_attr_type *algt; | ||
687 | struct crypto_instance *inst; | ||
688 | struct crypto_aead_spawn *spawn; | ||
689 | struct crypto_alg *alg; | ||
690 | const char *ccm_name; | ||
691 | int err; | ||
692 | |||
693 | algt = crypto_get_attr_type(tb); | ||
694 | err = PTR_ERR(algt); | ||
695 | if (IS_ERR(algt)) | ||
696 | return ERR_PTR(err); | ||
697 | |||
698 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask) | ||
699 | return ERR_PTR(-EINVAL); | ||
700 | |||
701 | ccm_name = crypto_attr_alg_name(tb[1]); | ||
702 | err = PTR_ERR(ccm_name); | ||
703 | if (IS_ERR(ccm_name)) | ||
704 | return ERR_PTR(err); | ||
705 | |||
706 | inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); | ||
707 | if (!inst) | ||
708 | return ERR_PTR(-ENOMEM); | ||
709 | |||
710 | spawn = crypto_instance_ctx(inst); | ||
711 | crypto_set_aead_spawn(spawn, inst); | ||
712 | err = crypto_grab_aead(spawn, ccm_name, 0, | ||
713 | crypto_requires_sync(algt->type, algt->mask)); | ||
714 | if (err) | ||
715 | goto out_free_inst; | ||
716 | |||
717 | alg = crypto_aead_spawn_alg(spawn); | ||
718 | |||
719 | err = -EINVAL; | ||
720 | |||
721 | /* We only support 16-byte blocks. */ | ||
722 | if (alg->cra_aead.ivsize != 16) | ||
723 | goto out_drop_alg; | ||
724 | |||
725 | /* Not a stream cipher? */ | ||
726 | if (alg->cra_blocksize != 1) | ||
727 | goto out_drop_alg; | ||
728 | |||
729 | err = -ENAMETOOLONG; | ||
730 | if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, | ||
731 | "rfc4106(%s)", alg->cra_name) >= CRYPTO_MAX_ALG_NAME || | ||
732 | snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | ||
733 | "rfc4106(%s)", alg->cra_driver_name) >= | ||
734 | CRYPTO_MAX_ALG_NAME) | ||
735 | goto out_drop_alg; | ||
736 | |||
737 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD; | ||
738 | inst->alg.cra_flags |= alg->cra_flags & CRYPTO_ALG_ASYNC; | ||
739 | inst->alg.cra_priority = alg->cra_priority; | ||
740 | inst->alg.cra_blocksize = 1; | ||
741 | inst->alg.cra_alignmask = alg->cra_alignmask; | ||
742 | inst->alg.cra_type = &crypto_nivaead_type; | ||
743 | |||
744 | inst->alg.cra_aead.ivsize = 8; | ||
745 | inst->alg.cra_aead.maxauthsize = 16; | ||
746 | |||
747 | inst->alg.cra_ctxsize = sizeof(struct crypto_rfc4106_ctx); | ||
748 | |||
749 | inst->alg.cra_init = crypto_rfc4106_init_tfm; | ||
750 | inst->alg.cra_exit = crypto_rfc4106_exit_tfm; | ||
751 | |||
752 | inst->alg.cra_aead.setkey = crypto_rfc4106_setkey; | ||
753 | inst->alg.cra_aead.setauthsize = crypto_rfc4106_setauthsize; | ||
754 | inst->alg.cra_aead.encrypt = crypto_rfc4106_encrypt; | ||
755 | inst->alg.cra_aead.decrypt = crypto_rfc4106_decrypt; | ||
756 | |||
757 | inst->alg.cra_aead.geniv = "seqiv"; | ||
758 | |||
759 | out: | ||
760 | return inst; | ||
761 | |||
762 | out_drop_alg: | ||
763 | crypto_drop_aead(spawn); | ||
764 | out_free_inst: | ||
765 | kfree(inst); | ||
766 | inst = ERR_PTR(err); | ||
767 | goto out; | ||
768 | } | ||
769 | |||
770 | static void crypto_rfc4106_free(struct crypto_instance *inst) | ||
771 | { | ||
772 | crypto_drop_spawn(crypto_instance_ctx(inst)); | ||
773 | kfree(inst); | ||
774 | } | ||
775 | |||
776 | static struct crypto_template crypto_rfc4106_tmpl = { | ||
777 | .name = "rfc4106", | ||
778 | .alloc = crypto_rfc4106_alloc, | ||
779 | .free = crypto_rfc4106_free, | ||
780 | .module = THIS_MODULE, | ||
781 | }; | ||
782 | |||
783 | static int __init crypto_gcm_module_init(void) | ||
784 | { | ||
785 | int err; | ||
786 | |||
787 | err = crypto_register_template(&crypto_gcm_base_tmpl); | ||
788 | if (err) | ||
789 | goto out; | ||
790 | |||
791 | err = crypto_register_template(&crypto_gcm_tmpl); | ||
792 | if (err) | ||
793 | goto out_undo_base; | ||
794 | |||
795 | err = crypto_register_template(&crypto_rfc4106_tmpl); | ||
796 | if (err) | ||
797 | goto out_undo_gcm; | ||
798 | |||
799 | out: | ||
800 | return err; | ||
801 | |||
802 | out_undo_gcm: | ||
803 | crypto_unregister_template(&crypto_gcm_tmpl); | ||
804 | out_undo_base: | ||
805 | crypto_unregister_template(&crypto_gcm_base_tmpl); | ||
806 | goto out; | ||
807 | } | ||
808 | |||
809 | static void __exit crypto_gcm_module_exit(void) | ||
810 | { | ||
811 | crypto_unregister_template(&crypto_rfc4106_tmpl); | ||
812 | crypto_unregister_template(&crypto_gcm_tmpl); | ||
813 | crypto_unregister_template(&crypto_gcm_base_tmpl); | ||
814 | } | ||
815 | |||
816 | module_init(crypto_gcm_module_init); | ||
817 | module_exit(crypto_gcm_module_exit); | ||
818 | |||
819 | MODULE_LICENSE("GPL"); | ||
820 | MODULE_DESCRIPTION("Galois/Counter Mode"); | ||
821 | MODULE_AUTHOR("Mikko Herranen <mh1@iki.fi>"); | ||
822 | MODULE_ALIAS("gcm_base"); | ||
823 | MODULE_ALIAS("rfc4106"); | ||
diff --git a/crypto/hmac.c b/crypto/hmac.c index 0f05be769c34..a1d016a50e7d 100644 --- a/crypto/hmac.c +++ b/crypto/hmac.c | |||
@@ -17,6 +17,7 @@ | |||
17 | */ | 17 | */ |
18 | 18 | ||
19 | #include <crypto/algapi.h> | 19 | #include <crypto/algapi.h> |
20 | #include <crypto/scatterwalk.h> | ||
20 | #include <linux/err.h> | 21 | #include <linux/err.h> |
21 | #include <linux/init.h> | 22 | #include <linux/init.h> |
22 | #include <linux/kernel.h> | 23 | #include <linux/kernel.h> |
@@ -160,7 +161,7 @@ static int hmac_digest(struct hash_desc *pdesc, struct scatterlist *sg, | |||
160 | 161 | ||
161 | sg_init_table(sg1, 2); | 162 | sg_init_table(sg1, 2); |
162 | sg_set_buf(sg1, ipad, bs); | 163 | sg_set_buf(sg1, ipad, bs); |
163 | sg_set_page(&sg1[1], (void *) sg, 0, 0); | 164 | scatterwalk_sg_chain(sg1, 2, sg); |
164 | 165 | ||
165 | sg_init_table(sg2, 1); | 166 | sg_init_table(sg2, 1); |
166 | sg_set_buf(sg2, opad, bs + ds); | 167 | sg_set_buf(sg2, opad, bs + ds); |
diff --git a/crypto/internal.h b/crypto/internal.h index abb01f71f817..32f4c2145603 100644 --- a/crypto/internal.h +++ b/crypto/internal.h | |||
@@ -25,7 +25,6 @@ | |||
25 | #include <linux/notifier.h> | 25 | #include <linux/notifier.h> |
26 | #include <linux/rwsem.h> | 26 | #include <linux/rwsem.h> |
27 | #include <linux/slab.h> | 27 | #include <linux/slab.h> |
28 | #include <asm/kmap_types.h> | ||
29 | 28 | ||
30 | /* Crypto notification events. */ | 29 | /* Crypto notification events. */ |
31 | enum { | 30 | enum { |
@@ -50,34 +49,6 @@ extern struct list_head crypto_alg_list; | |||
50 | extern struct rw_semaphore crypto_alg_sem; | 49 | extern struct rw_semaphore crypto_alg_sem; |
51 | extern struct blocking_notifier_head crypto_chain; | 50 | extern struct blocking_notifier_head crypto_chain; |
52 | 51 | ||
53 | static inline enum km_type crypto_kmap_type(int out) | ||
54 | { | ||
55 | enum km_type type; | ||
56 | |||
57 | if (in_softirq()) | ||
58 | type = out * (KM_SOFTIRQ1 - KM_SOFTIRQ0) + KM_SOFTIRQ0; | ||
59 | else | ||
60 | type = out * (KM_USER1 - KM_USER0) + KM_USER0; | ||
61 | |||
62 | return type; | ||
63 | } | ||
64 | |||
65 | static inline void *crypto_kmap(struct page *page, int out) | ||
66 | { | ||
67 | return kmap_atomic(page, crypto_kmap_type(out)); | ||
68 | } | ||
69 | |||
70 | static inline void crypto_kunmap(void *vaddr, int out) | ||
71 | { | ||
72 | kunmap_atomic(vaddr, crypto_kmap_type(out)); | ||
73 | } | ||
74 | |||
75 | static inline void crypto_yield(u32 flags) | ||
76 | { | ||
77 | if (flags & CRYPTO_TFM_REQ_MAY_SLEEP) | ||
78 | cond_resched(); | ||
79 | } | ||
80 | |||
81 | #ifdef CONFIG_PROC_FS | 52 | #ifdef CONFIG_PROC_FS |
82 | void __init crypto_init_proc(void); | 53 | void __init crypto_init_proc(void); |
83 | void __exit crypto_exit_proc(void); | 54 | void __exit crypto_exit_proc(void); |
@@ -122,6 +93,8 @@ void crypto_exit_digest_ops(struct crypto_tfm *tfm); | |||
122 | void crypto_exit_cipher_ops(struct crypto_tfm *tfm); | 93 | void crypto_exit_cipher_ops(struct crypto_tfm *tfm); |
123 | void crypto_exit_compress_ops(struct crypto_tfm *tfm); | 94 | void crypto_exit_compress_ops(struct crypto_tfm *tfm); |
124 | 95 | ||
96 | void crypto_larval_kill(struct crypto_alg *alg); | ||
97 | struct crypto_alg *crypto_larval_lookup(const char *name, u32 type, u32 mask); | ||
125 | void crypto_larval_error(const char *name, u32 type, u32 mask); | 98 | void crypto_larval_error(const char *name, u32 type, u32 mask); |
126 | 99 | ||
127 | void crypto_shoot_alg(struct crypto_alg *alg); | 100 | void crypto_shoot_alg(struct crypto_alg *alg); |
diff --git a/crypto/lzo.c b/crypto/lzo.c new file mode 100644 index 000000000000..48c32883f024 --- /dev/null +++ b/crypto/lzo.c | |||
@@ -0,0 +1,106 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * This program is free software; you can redistribute it and/or modify it | ||
5 | * under the terms of the GNU General Public License version 2 as published by | ||
6 | * the Free Software Foundation. | ||
7 | * | ||
8 | * This program is distributed in the hope that it will be useful, but WITHOUT | ||
9 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
10 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for | ||
11 | * more details. | ||
12 | * | ||
13 | * You should have received a copy of the GNU General Public License along with | ||
14 | * this program; if not, write to the Free Software Foundation, Inc., 51 | ||
15 | * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | ||
16 | * | ||
17 | */ | ||
18 | |||
19 | #include <linux/init.h> | ||
20 | #include <linux/module.h> | ||
21 | #include <linux/crypto.h> | ||
22 | #include <linux/vmalloc.h> | ||
23 | #include <linux/lzo.h> | ||
24 | |||
25 | struct lzo_ctx { | ||
26 | void *lzo_comp_mem; | ||
27 | }; | ||
28 | |||
29 | static int lzo_init(struct crypto_tfm *tfm) | ||
30 | { | ||
31 | struct lzo_ctx *ctx = crypto_tfm_ctx(tfm); | ||
32 | |||
33 | ctx->lzo_comp_mem = vmalloc(LZO1X_MEM_COMPRESS); | ||
34 | if (!ctx->lzo_comp_mem) | ||
35 | return -ENOMEM; | ||
36 | |||
37 | return 0; | ||
38 | } | ||
39 | |||
40 | static void lzo_exit(struct crypto_tfm *tfm) | ||
41 | { | ||
42 | struct lzo_ctx *ctx = crypto_tfm_ctx(tfm); | ||
43 | |||
44 | vfree(ctx->lzo_comp_mem); | ||
45 | } | ||
46 | |||
47 | static int lzo_compress(struct crypto_tfm *tfm, const u8 *src, | ||
48 | unsigned int slen, u8 *dst, unsigned int *dlen) | ||
49 | { | ||
50 | struct lzo_ctx *ctx = crypto_tfm_ctx(tfm); | ||
51 | size_t tmp_len = *dlen; /* size_t(ulong) <-> uint on 64 bit */ | ||
52 | int err; | ||
53 | |||
54 | err = lzo1x_1_compress(src, slen, dst, &tmp_len, ctx->lzo_comp_mem); | ||
55 | |||
56 | if (err != LZO_E_OK) | ||
57 | return -EINVAL; | ||
58 | |||
59 | *dlen = tmp_len; | ||
60 | return 0; | ||
61 | } | ||
62 | |||
63 | static int lzo_decompress(struct crypto_tfm *tfm, const u8 *src, | ||
64 | unsigned int slen, u8 *dst, unsigned int *dlen) | ||
65 | { | ||
66 | int err; | ||
67 | size_t tmp_len = *dlen; /* size_t(ulong) <-> uint on 64 bit */ | ||
68 | |||
69 | err = lzo1x_decompress_safe(src, slen, dst, &tmp_len); | ||
70 | |||
71 | if (err != LZO_E_OK) | ||
72 | return -EINVAL; | ||
73 | |||
74 | *dlen = tmp_len; | ||
75 | return 0; | ||
76 | |||
77 | } | ||
78 | |||
79 | static struct crypto_alg alg = { | ||
80 | .cra_name = "lzo", | ||
81 | .cra_flags = CRYPTO_ALG_TYPE_COMPRESS, | ||
82 | .cra_ctxsize = sizeof(struct lzo_ctx), | ||
83 | .cra_module = THIS_MODULE, | ||
84 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
85 | .cra_init = lzo_init, | ||
86 | .cra_exit = lzo_exit, | ||
87 | .cra_u = { .compress = { | ||
88 | .coa_compress = lzo_compress, | ||
89 | .coa_decompress = lzo_decompress } } | ||
90 | }; | ||
91 | |||
92 | static int __init init(void) | ||
93 | { | ||
94 | return crypto_register_alg(&alg); | ||
95 | } | ||
96 | |||
97 | static void __exit fini(void) | ||
98 | { | ||
99 | crypto_unregister_alg(&alg); | ||
100 | } | ||
101 | |||
102 | module_init(init); | ||
103 | module_exit(fini); | ||
104 | |||
105 | MODULE_LICENSE("GPL"); | ||
106 | MODULE_DESCRIPTION("LZO Compression Algorithm"); | ||
diff --git a/crypto/pcbc.c b/crypto/pcbc.c index c3ed8a1c9f46..fe704775f88f 100644 --- a/crypto/pcbc.c +++ b/crypto/pcbc.c | |||
@@ -24,7 +24,6 @@ | |||
24 | 24 | ||
25 | struct crypto_pcbc_ctx { | 25 | struct crypto_pcbc_ctx { |
26 | struct crypto_cipher *child; | 26 | struct crypto_cipher *child; |
27 | void (*xor)(u8 *dst, const u8 *src, unsigned int bs); | ||
28 | }; | 27 | }; |
29 | 28 | ||
30 | static int crypto_pcbc_setkey(struct crypto_tfm *parent, const u8 *key, | 29 | static int crypto_pcbc_setkey(struct crypto_tfm *parent, const u8 *key, |
@@ -45,9 +44,7 @@ static int crypto_pcbc_setkey(struct crypto_tfm *parent, const u8 *key, | |||
45 | 44 | ||
46 | static int crypto_pcbc_encrypt_segment(struct blkcipher_desc *desc, | 45 | static int crypto_pcbc_encrypt_segment(struct blkcipher_desc *desc, |
47 | struct blkcipher_walk *walk, | 46 | struct blkcipher_walk *walk, |
48 | struct crypto_cipher *tfm, | 47 | struct crypto_cipher *tfm) |
49 | void (*xor)(u8 *, const u8 *, | ||
50 | unsigned int)) | ||
51 | { | 48 | { |
52 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | 49 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
53 | crypto_cipher_alg(tfm)->cia_encrypt; | 50 | crypto_cipher_alg(tfm)->cia_encrypt; |
@@ -58,10 +55,10 @@ static int crypto_pcbc_encrypt_segment(struct blkcipher_desc *desc, | |||
58 | u8 *iv = walk->iv; | 55 | u8 *iv = walk->iv; |
59 | 56 | ||
60 | do { | 57 | do { |
61 | xor(iv, src, bsize); | 58 | crypto_xor(iv, src, bsize); |
62 | fn(crypto_cipher_tfm(tfm), dst, iv); | 59 | fn(crypto_cipher_tfm(tfm), dst, iv); |
63 | memcpy(iv, dst, bsize); | 60 | memcpy(iv, dst, bsize); |
64 | xor(iv, src, bsize); | 61 | crypto_xor(iv, src, bsize); |
65 | 62 | ||
66 | src += bsize; | 63 | src += bsize; |
67 | dst += bsize; | 64 | dst += bsize; |
@@ -72,9 +69,7 @@ static int crypto_pcbc_encrypt_segment(struct blkcipher_desc *desc, | |||
72 | 69 | ||
73 | static int crypto_pcbc_encrypt_inplace(struct blkcipher_desc *desc, | 70 | static int crypto_pcbc_encrypt_inplace(struct blkcipher_desc *desc, |
74 | struct blkcipher_walk *walk, | 71 | struct blkcipher_walk *walk, |
75 | struct crypto_cipher *tfm, | 72 | struct crypto_cipher *tfm) |
76 | void (*xor)(u8 *, const u8 *, | ||
77 | unsigned int)) | ||
78 | { | 73 | { |
79 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | 74 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
80 | crypto_cipher_alg(tfm)->cia_encrypt; | 75 | crypto_cipher_alg(tfm)->cia_encrypt; |
@@ -86,10 +81,10 @@ static int crypto_pcbc_encrypt_inplace(struct blkcipher_desc *desc, | |||
86 | 81 | ||
87 | do { | 82 | do { |
88 | memcpy(tmpbuf, src, bsize); | 83 | memcpy(tmpbuf, src, bsize); |
89 | xor(iv, tmpbuf, bsize); | 84 | crypto_xor(iv, src, bsize); |
90 | fn(crypto_cipher_tfm(tfm), src, iv); | 85 | fn(crypto_cipher_tfm(tfm), src, iv); |
91 | memcpy(iv, src, bsize); | 86 | memcpy(iv, tmpbuf, bsize); |
92 | xor(iv, tmpbuf, bsize); | 87 | crypto_xor(iv, src, bsize); |
93 | 88 | ||
94 | src += bsize; | 89 | src += bsize; |
95 | } while ((nbytes -= bsize) >= bsize); | 90 | } while ((nbytes -= bsize) >= bsize); |
@@ -107,7 +102,6 @@ static int crypto_pcbc_encrypt(struct blkcipher_desc *desc, | |||
107 | struct crypto_blkcipher *tfm = desc->tfm; | 102 | struct crypto_blkcipher *tfm = desc->tfm; |
108 | struct crypto_pcbc_ctx *ctx = crypto_blkcipher_ctx(tfm); | 103 | struct crypto_pcbc_ctx *ctx = crypto_blkcipher_ctx(tfm); |
109 | struct crypto_cipher *child = ctx->child; | 104 | struct crypto_cipher *child = ctx->child; |
110 | void (*xor)(u8 *, const u8 *, unsigned int bs) = ctx->xor; | ||
111 | int err; | 105 | int err; |
112 | 106 | ||
113 | blkcipher_walk_init(&walk, dst, src, nbytes); | 107 | blkcipher_walk_init(&walk, dst, src, nbytes); |
@@ -115,11 +109,11 @@ static int crypto_pcbc_encrypt(struct blkcipher_desc *desc, | |||
115 | 109 | ||
116 | while ((nbytes = walk.nbytes)) { | 110 | while ((nbytes = walk.nbytes)) { |
117 | if (walk.src.virt.addr == walk.dst.virt.addr) | 111 | if (walk.src.virt.addr == walk.dst.virt.addr) |
118 | nbytes = crypto_pcbc_encrypt_inplace(desc, &walk, child, | 112 | nbytes = crypto_pcbc_encrypt_inplace(desc, &walk, |
119 | xor); | 113 | child); |
120 | else | 114 | else |
121 | nbytes = crypto_pcbc_encrypt_segment(desc, &walk, child, | 115 | nbytes = crypto_pcbc_encrypt_segment(desc, &walk, |
122 | xor); | 116 | child); |
123 | err = blkcipher_walk_done(desc, &walk, nbytes); | 117 | err = blkcipher_walk_done(desc, &walk, nbytes); |
124 | } | 118 | } |
125 | 119 | ||
@@ -128,9 +122,7 @@ static int crypto_pcbc_encrypt(struct blkcipher_desc *desc, | |||
128 | 122 | ||
129 | static int crypto_pcbc_decrypt_segment(struct blkcipher_desc *desc, | 123 | static int crypto_pcbc_decrypt_segment(struct blkcipher_desc *desc, |
130 | struct blkcipher_walk *walk, | 124 | struct blkcipher_walk *walk, |
131 | struct crypto_cipher *tfm, | 125 | struct crypto_cipher *tfm) |
132 | void (*xor)(u8 *, const u8 *, | ||
133 | unsigned int)) | ||
134 | { | 126 | { |
135 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | 127 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
136 | crypto_cipher_alg(tfm)->cia_decrypt; | 128 | crypto_cipher_alg(tfm)->cia_decrypt; |
@@ -142,9 +134,9 @@ static int crypto_pcbc_decrypt_segment(struct blkcipher_desc *desc, | |||
142 | 134 | ||
143 | do { | 135 | do { |
144 | fn(crypto_cipher_tfm(tfm), dst, src); | 136 | fn(crypto_cipher_tfm(tfm), dst, src); |
145 | xor(dst, iv, bsize); | 137 | crypto_xor(dst, iv, bsize); |
146 | memcpy(iv, src, bsize); | 138 | memcpy(iv, src, bsize); |
147 | xor(iv, dst, bsize); | 139 | crypto_xor(iv, dst, bsize); |
148 | 140 | ||
149 | src += bsize; | 141 | src += bsize; |
150 | dst += bsize; | 142 | dst += bsize; |
@@ -157,9 +149,7 @@ static int crypto_pcbc_decrypt_segment(struct blkcipher_desc *desc, | |||
157 | 149 | ||
158 | static int crypto_pcbc_decrypt_inplace(struct blkcipher_desc *desc, | 150 | static int crypto_pcbc_decrypt_inplace(struct blkcipher_desc *desc, |
159 | struct blkcipher_walk *walk, | 151 | struct blkcipher_walk *walk, |
160 | struct crypto_cipher *tfm, | 152 | struct crypto_cipher *tfm) |
161 | void (*xor)(u8 *, const u8 *, | ||
162 | unsigned int)) | ||
163 | { | 153 | { |
164 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = | 154 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
165 | crypto_cipher_alg(tfm)->cia_decrypt; | 155 | crypto_cipher_alg(tfm)->cia_decrypt; |
@@ -172,9 +162,9 @@ static int crypto_pcbc_decrypt_inplace(struct blkcipher_desc *desc, | |||
172 | do { | 162 | do { |
173 | memcpy(tmpbuf, src, bsize); | 163 | memcpy(tmpbuf, src, bsize); |
174 | fn(crypto_cipher_tfm(tfm), src, src); | 164 | fn(crypto_cipher_tfm(tfm), src, src); |
175 | xor(src, iv, bsize); | 165 | crypto_xor(src, iv, bsize); |
176 | memcpy(iv, tmpbuf, bsize); | 166 | memcpy(iv, tmpbuf, bsize); |
177 | xor(iv, src, bsize); | 167 | crypto_xor(iv, src, bsize); |
178 | 168 | ||
179 | src += bsize; | 169 | src += bsize; |
180 | } while ((nbytes -= bsize) >= bsize); | 170 | } while ((nbytes -= bsize) >= bsize); |
@@ -192,7 +182,6 @@ static int crypto_pcbc_decrypt(struct blkcipher_desc *desc, | |||
192 | struct crypto_blkcipher *tfm = desc->tfm; | 182 | struct crypto_blkcipher *tfm = desc->tfm; |
193 | struct crypto_pcbc_ctx *ctx = crypto_blkcipher_ctx(tfm); | 183 | struct crypto_pcbc_ctx *ctx = crypto_blkcipher_ctx(tfm); |
194 | struct crypto_cipher *child = ctx->child; | 184 | struct crypto_cipher *child = ctx->child; |
195 | void (*xor)(u8 *, const u8 *, unsigned int bs) = ctx->xor; | ||
196 | int err; | 185 | int err; |
197 | 186 | ||
198 | blkcipher_walk_init(&walk, dst, src, nbytes); | 187 | blkcipher_walk_init(&walk, dst, src, nbytes); |
@@ -200,48 +189,17 @@ static int crypto_pcbc_decrypt(struct blkcipher_desc *desc, | |||
200 | 189 | ||
201 | while ((nbytes = walk.nbytes)) { | 190 | while ((nbytes = walk.nbytes)) { |
202 | if (walk.src.virt.addr == walk.dst.virt.addr) | 191 | if (walk.src.virt.addr == walk.dst.virt.addr) |
203 | nbytes = crypto_pcbc_decrypt_inplace(desc, &walk, child, | 192 | nbytes = crypto_pcbc_decrypt_inplace(desc, &walk, |
204 | xor); | 193 | child); |
205 | else | 194 | else |
206 | nbytes = crypto_pcbc_decrypt_segment(desc, &walk, child, | 195 | nbytes = crypto_pcbc_decrypt_segment(desc, &walk, |
207 | xor); | 196 | child); |
208 | err = blkcipher_walk_done(desc, &walk, nbytes); | 197 | err = blkcipher_walk_done(desc, &walk, nbytes); |
209 | } | 198 | } |
210 | 199 | ||
211 | return err; | 200 | return err; |
212 | } | 201 | } |
213 | 202 | ||
214 | static void xor_byte(u8 *a, const u8 *b, unsigned int bs) | ||
215 | { | ||
216 | do { | ||
217 | *a++ ^= *b++; | ||
218 | } while (--bs); | ||
219 | } | ||
220 | |||
221 | static void xor_quad(u8 *dst, const u8 *src, unsigned int bs) | ||
222 | { | ||
223 | u32 *a = (u32 *)dst; | ||
224 | u32 *b = (u32 *)src; | ||
225 | |||
226 | do { | ||
227 | *a++ ^= *b++; | ||
228 | } while ((bs -= 4)); | ||
229 | } | ||
230 | |||
231 | static void xor_64(u8 *a, const u8 *b, unsigned int bs) | ||
232 | { | ||
233 | ((u32 *)a)[0] ^= ((u32 *)b)[0]; | ||
234 | ((u32 *)a)[1] ^= ((u32 *)b)[1]; | ||
235 | } | ||
236 | |||
237 | static void xor_128(u8 *a, const u8 *b, unsigned int bs) | ||
238 | { | ||
239 | ((u32 *)a)[0] ^= ((u32 *)b)[0]; | ||
240 | ((u32 *)a)[1] ^= ((u32 *)b)[1]; | ||
241 | ((u32 *)a)[2] ^= ((u32 *)b)[2]; | ||
242 | ((u32 *)a)[3] ^= ((u32 *)b)[3]; | ||
243 | } | ||
244 | |||
245 | static int crypto_pcbc_init_tfm(struct crypto_tfm *tfm) | 203 | static int crypto_pcbc_init_tfm(struct crypto_tfm *tfm) |
246 | { | 204 | { |
247 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | 205 | struct crypto_instance *inst = (void *)tfm->__crt_alg; |
@@ -249,22 +207,6 @@ static int crypto_pcbc_init_tfm(struct crypto_tfm *tfm) | |||
249 | struct crypto_pcbc_ctx *ctx = crypto_tfm_ctx(tfm); | 207 | struct crypto_pcbc_ctx *ctx = crypto_tfm_ctx(tfm); |
250 | struct crypto_cipher *cipher; | 208 | struct crypto_cipher *cipher; |
251 | 209 | ||
252 | switch (crypto_tfm_alg_blocksize(tfm)) { | ||
253 | case 8: | ||
254 | ctx->xor = xor_64; | ||
255 | break; | ||
256 | |||
257 | case 16: | ||
258 | ctx->xor = xor_128; | ||
259 | break; | ||
260 | |||
261 | default: | ||
262 | if (crypto_tfm_alg_blocksize(tfm) % 4) | ||
263 | ctx->xor = xor_byte; | ||
264 | else | ||
265 | ctx->xor = xor_quad; | ||
266 | } | ||
267 | |||
268 | cipher = crypto_spawn_cipher(spawn); | 210 | cipher = crypto_spawn_cipher(spawn); |
269 | if (IS_ERR(cipher)) | 211 | if (IS_ERR(cipher)) |
270 | return PTR_ERR(cipher); | 212 | return PTR_ERR(cipher); |
@@ -304,8 +246,9 @@ static struct crypto_instance *crypto_pcbc_alloc(struct rtattr **tb) | |||
304 | inst->alg.cra_alignmask = alg->cra_alignmask; | 246 | inst->alg.cra_alignmask = alg->cra_alignmask; |
305 | inst->alg.cra_type = &crypto_blkcipher_type; | 247 | inst->alg.cra_type = &crypto_blkcipher_type; |
306 | 248 | ||
307 | if (!(alg->cra_blocksize % 4)) | 249 | /* We access the data as u32s when xoring. */ |
308 | inst->alg.cra_alignmask |= 3; | 250 | inst->alg.cra_alignmask |= __alignof__(u32) - 1; |
251 | |||
309 | inst->alg.cra_blkcipher.ivsize = alg->cra_blocksize; | 252 | inst->alg.cra_blkcipher.ivsize = alg->cra_blocksize; |
310 | inst->alg.cra_blkcipher.min_keysize = alg->cra_cipher.cia_min_keysize; | 253 | inst->alg.cra_blkcipher.min_keysize = alg->cra_cipher.cia_min_keysize; |
311 | inst->alg.cra_blkcipher.max_keysize = alg->cra_cipher.cia_max_keysize; | 254 | inst->alg.cra_blkcipher.max_keysize = alg->cra_cipher.cia_max_keysize; |
diff --git a/crypto/salsa20_generic.c b/crypto/salsa20_generic.c new file mode 100644 index 000000000000..1fa4e4ddcab5 --- /dev/null +++ b/crypto/salsa20_generic.c | |||
@@ -0,0 +1,255 @@ | |||
1 | /* | ||
2 | * Salsa20: Salsa20 stream cipher algorithm | ||
3 | * | ||
4 | * Copyright (c) 2007 Tan Swee Heng <thesweeheng@gmail.com> | ||
5 | * | ||
6 | * Derived from: | ||
7 | * - salsa20.c: Public domain C code by Daniel J. Bernstein <djb@cr.yp.to> | ||
8 | * | ||
9 | * Salsa20 is a stream cipher candidate in eSTREAM, the ECRYPT Stream | ||
10 | * Cipher Project. It is designed by Daniel J. Bernstein <djb@cr.yp.to>. | ||
11 | * More information about eSTREAM and Salsa20 can be found here: | ||
12 | * http://www.ecrypt.eu.org/stream/ | ||
13 | * http://cr.yp.to/snuffle.html | ||
14 | * | ||
15 | * This program is free software; you can redistribute it and/or modify it | ||
16 | * under the terms of the GNU General Public License as published by the Free | ||
17 | * Software Foundation; either version 2 of the License, or (at your option) | ||
18 | * any later version. | ||
19 | * | ||
20 | */ | ||
21 | |||
22 | #include <linux/init.h> | ||
23 | #include <linux/module.h> | ||
24 | #include <linux/errno.h> | ||
25 | #include <linux/crypto.h> | ||
26 | #include <linux/types.h> | ||
27 | #include <crypto/algapi.h> | ||
28 | #include <asm/byteorder.h> | ||
29 | |||
30 | #define SALSA20_IV_SIZE 8U | ||
31 | #define SALSA20_MIN_KEY_SIZE 16U | ||
32 | #define SALSA20_MAX_KEY_SIZE 32U | ||
33 | |||
34 | /* | ||
35 | * Start of code taken from D. J. Bernstein's reference implementation. | ||
36 | * With some modifications and optimizations made to suit our needs. | ||
37 | */ | ||
38 | |||
39 | /* | ||
40 | salsa20-ref.c version 20051118 | ||
41 | D. J. Bernstein | ||
42 | Public domain. | ||
43 | */ | ||
44 | |||
45 | #define ROTATE(v,n) (((v) << (n)) | ((v) >> (32 - (n)))) | ||
46 | #define XOR(v,w) ((v) ^ (w)) | ||
47 | #define PLUS(v,w) (((v) + (w))) | ||
48 | #define PLUSONE(v) (PLUS((v),1)) | ||
49 | #define U32TO8_LITTLE(p, v) \ | ||
50 | { (p)[0] = (v >> 0) & 0xff; (p)[1] = (v >> 8) & 0xff; \ | ||
51 | (p)[2] = (v >> 16) & 0xff; (p)[3] = (v >> 24) & 0xff; } | ||
52 | #define U8TO32_LITTLE(p) \ | ||
53 | (((u32)((p)[0]) ) | ((u32)((p)[1]) << 8) | \ | ||
54 | ((u32)((p)[2]) << 16) | ((u32)((p)[3]) << 24) ) | ||
55 | |||
56 | struct salsa20_ctx | ||
57 | { | ||
58 | u32 input[16]; | ||
59 | }; | ||
60 | |||
61 | static void salsa20_wordtobyte(u8 output[64], const u32 input[16]) | ||
62 | { | ||
63 | u32 x[16]; | ||
64 | int i; | ||
65 | |||
66 | memcpy(x, input, sizeof(x)); | ||
67 | for (i = 20; i > 0; i -= 2) { | ||
68 | x[ 4] = XOR(x[ 4],ROTATE(PLUS(x[ 0],x[12]), 7)); | ||
69 | x[ 8] = XOR(x[ 8],ROTATE(PLUS(x[ 4],x[ 0]), 9)); | ||
70 | x[12] = XOR(x[12],ROTATE(PLUS(x[ 8],x[ 4]),13)); | ||
71 | x[ 0] = XOR(x[ 0],ROTATE(PLUS(x[12],x[ 8]),18)); | ||
72 | x[ 9] = XOR(x[ 9],ROTATE(PLUS(x[ 5],x[ 1]), 7)); | ||
73 | x[13] = XOR(x[13],ROTATE(PLUS(x[ 9],x[ 5]), 9)); | ||
74 | x[ 1] = XOR(x[ 1],ROTATE(PLUS(x[13],x[ 9]),13)); | ||
75 | x[ 5] = XOR(x[ 5],ROTATE(PLUS(x[ 1],x[13]),18)); | ||
76 | x[14] = XOR(x[14],ROTATE(PLUS(x[10],x[ 6]), 7)); | ||
77 | x[ 2] = XOR(x[ 2],ROTATE(PLUS(x[14],x[10]), 9)); | ||
78 | x[ 6] = XOR(x[ 6],ROTATE(PLUS(x[ 2],x[14]),13)); | ||
79 | x[10] = XOR(x[10],ROTATE(PLUS(x[ 6],x[ 2]),18)); | ||
80 | x[ 3] = XOR(x[ 3],ROTATE(PLUS(x[15],x[11]), 7)); | ||
81 | x[ 7] = XOR(x[ 7],ROTATE(PLUS(x[ 3],x[15]), 9)); | ||
82 | x[11] = XOR(x[11],ROTATE(PLUS(x[ 7],x[ 3]),13)); | ||
83 | x[15] = XOR(x[15],ROTATE(PLUS(x[11],x[ 7]),18)); | ||
84 | x[ 1] = XOR(x[ 1],ROTATE(PLUS(x[ 0],x[ 3]), 7)); | ||
85 | x[ 2] = XOR(x[ 2],ROTATE(PLUS(x[ 1],x[ 0]), 9)); | ||
86 | x[ 3] = XOR(x[ 3],ROTATE(PLUS(x[ 2],x[ 1]),13)); | ||
87 | x[ 0] = XOR(x[ 0],ROTATE(PLUS(x[ 3],x[ 2]),18)); | ||
88 | x[ 6] = XOR(x[ 6],ROTATE(PLUS(x[ 5],x[ 4]), 7)); | ||
89 | x[ 7] = XOR(x[ 7],ROTATE(PLUS(x[ 6],x[ 5]), 9)); | ||
90 | x[ 4] = XOR(x[ 4],ROTATE(PLUS(x[ 7],x[ 6]),13)); | ||
91 | x[ 5] = XOR(x[ 5],ROTATE(PLUS(x[ 4],x[ 7]),18)); | ||
92 | x[11] = XOR(x[11],ROTATE(PLUS(x[10],x[ 9]), 7)); | ||
93 | x[ 8] = XOR(x[ 8],ROTATE(PLUS(x[11],x[10]), 9)); | ||
94 | x[ 9] = XOR(x[ 9],ROTATE(PLUS(x[ 8],x[11]),13)); | ||
95 | x[10] = XOR(x[10],ROTATE(PLUS(x[ 9],x[ 8]),18)); | ||
96 | x[12] = XOR(x[12],ROTATE(PLUS(x[15],x[14]), 7)); | ||
97 | x[13] = XOR(x[13],ROTATE(PLUS(x[12],x[15]), 9)); | ||
98 | x[14] = XOR(x[14],ROTATE(PLUS(x[13],x[12]),13)); | ||
99 | x[15] = XOR(x[15],ROTATE(PLUS(x[14],x[13]),18)); | ||
100 | } | ||
101 | for (i = 0; i < 16; ++i) | ||
102 | x[i] = PLUS(x[i],input[i]); | ||
103 | for (i = 0; i < 16; ++i) | ||
104 | U32TO8_LITTLE(output + 4 * i,x[i]); | ||
105 | } | ||
106 | |||
107 | static const char sigma[16] = "expand 32-byte k"; | ||
108 | static const char tau[16] = "expand 16-byte k"; | ||
109 | |||
110 | static void salsa20_keysetup(struct salsa20_ctx *ctx, const u8 *k, u32 kbytes) | ||
111 | { | ||
112 | const char *constants; | ||
113 | |||
114 | ctx->input[1] = U8TO32_LITTLE(k + 0); | ||
115 | ctx->input[2] = U8TO32_LITTLE(k + 4); | ||
116 | ctx->input[3] = U8TO32_LITTLE(k + 8); | ||
117 | ctx->input[4] = U8TO32_LITTLE(k + 12); | ||
118 | if (kbytes == 32) { /* recommended */ | ||
119 | k += 16; | ||
120 | constants = sigma; | ||
121 | } else { /* kbytes == 16 */ | ||
122 | constants = tau; | ||
123 | } | ||
124 | ctx->input[11] = U8TO32_LITTLE(k + 0); | ||
125 | ctx->input[12] = U8TO32_LITTLE(k + 4); | ||
126 | ctx->input[13] = U8TO32_LITTLE(k + 8); | ||
127 | ctx->input[14] = U8TO32_LITTLE(k + 12); | ||
128 | ctx->input[0] = U8TO32_LITTLE(constants + 0); | ||
129 | ctx->input[5] = U8TO32_LITTLE(constants + 4); | ||
130 | ctx->input[10] = U8TO32_LITTLE(constants + 8); | ||
131 | ctx->input[15] = U8TO32_LITTLE(constants + 12); | ||
132 | } | ||
133 | |||
134 | static void salsa20_ivsetup(struct salsa20_ctx *ctx, const u8 *iv) | ||
135 | { | ||
136 | ctx->input[6] = U8TO32_LITTLE(iv + 0); | ||
137 | ctx->input[7] = U8TO32_LITTLE(iv + 4); | ||
138 | ctx->input[8] = 0; | ||
139 | ctx->input[9] = 0; | ||
140 | } | ||
141 | |||
142 | static void salsa20_encrypt_bytes(struct salsa20_ctx *ctx, u8 *dst, | ||
143 | const u8 *src, unsigned int bytes) | ||
144 | { | ||
145 | u8 buf[64]; | ||
146 | |||
147 | if (dst != src) | ||
148 | memcpy(dst, src, bytes); | ||
149 | |||
150 | while (bytes) { | ||
151 | salsa20_wordtobyte(buf, ctx->input); | ||
152 | |||
153 | ctx->input[8] = PLUSONE(ctx->input[8]); | ||
154 | if (!ctx->input[8]) | ||
155 | ctx->input[9] = PLUSONE(ctx->input[9]); | ||
156 | |||
157 | if (bytes <= 64) { | ||
158 | crypto_xor(dst, buf, bytes); | ||
159 | return; | ||
160 | } | ||
161 | |||
162 | crypto_xor(dst, buf, 64); | ||
163 | bytes -= 64; | ||
164 | dst += 64; | ||
165 | } | ||
166 | } | ||
167 | |||
168 | /* | ||
169 | * End of code taken from D. J. Bernstein's reference implementation. | ||
170 | */ | ||
171 | |||
172 | static int setkey(struct crypto_tfm *tfm, const u8 *key, | ||
173 | unsigned int keysize) | ||
174 | { | ||
175 | struct salsa20_ctx *ctx = crypto_tfm_ctx(tfm); | ||
176 | salsa20_keysetup(ctx, key, keysize); | ||
177 | return 0; | ||
178 | } | ||
179 | |||
180 | static int encrypt(struct blkcipher_desc *desc, | ||
181 | struct scatterlist *dst, struct scatterlist *src, | ||
182 | unsigned int nbytes) | ||
183 | { | ||
184 | struct blkcipher_walk walk; | ||
185 | struct crypto_blkcipher *tfm = desc->tfm; | ||
186 | struct salsa20_ctx *ctx = crypto_blkcipher_ctx(tfm); | ||
187 | int err; | ||
188 | |||
189 | blkcipher_walk_init(&walk, dst, src, nbytes); | ||
190 | err = blkcipher_walk_virt_block(desc, &walk, 64); | ||
191 | |||
192 | salsa20_ivsetup(ctx, walk.iv); | ||
193 | |||
194 | if (likely(walk.nbytes == nbytes)) | ||
195 | { | ||
196 | salsa20_encrypt_bytes(ctx, walk.dst.virt.addr, | ||
197 | walk.src.virt.addr, nbytes); | ||
198 | return blkcipher_walk_done(desc, &walk, 0); | ||
199 | } | ||
200 | |||
201 | while (walk.nbytes >= 64) { | ||
202 | salsa20_encrypt_bytes(ctx, walk.dst.virt.addr, | ||
203 | walk.src.virt.addr, | ||
204 | walk.nbytes - (walk.nbytes % 64)); | ||
205 | err = blkcipher_walk_done(desc, &walk, walk.nbytes % 64); | ||
206 | } | ||
207 | |||
208 | if (walk.nbytes) { | ||
209 | salsa20_encrypt_bytes(ctx, walk.dst.virt.addr, | ||
210 | walk.src.virt.addr, walk.nbytes); | ||
211 | err = blkcipher_walk_done(desc, &walk, 0); | ||
212 | } | ||
213 | |||
214 | return err; | ||
215 | } | ||
216 | |||
217 | static struct crypto_alg alg = { | ||
218 | .cra_name = "salsa20", | ||
219 | .cra_driver_name = "salsa20-generic", | ||
220 | .cra_priority = 100, | ||
221 | .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER, | ||
222 | .cra_type = &crypto_blkcipher_type, | ||
223 | .cra_blocksize = 1, | ||
224 | .cra_ctxsize = sizeof(struct salsa20_ctx), | ||
225 | .cra_alignmask = 3, | ||
226 | .cra_module = THIS_MODULE, | ||
227 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | ||
228 | .cra_u = { | ||
229 | .blkcipher = { | ||
230 | .setkey = setkey, | ||
231 | .encrypt = encrypt, | ||
232 | .decrypt = encrypt, | ||
233 | .min_keysize = SALSA20_MIN_KEY_SIZE, | ||
234 | .max_keysize = SALSA20_MAX_KEY_SIZE, | ||
235 | .ivsize = SALSA20_IV_SIZE, | ||
236 | } | ||
237 | } | ||
238 | }; | ||
239 | |||
240 | static int __init init(void) | ||
241 | { | ||
242 | return crypto_register_alg(&alg); | ||
243 | } | ||
244 | |||
245 | static void __exit fini(void) | ||
246 | { | ||
247 | crypto_unregister_alg(&alg); | ||
248 | } | ||
249 | |||
250 | module_init(init); | ||
251 | module_exit(fini); | ||
252 | |||
253 | MODULE_LICENSE("GPL"); | ||
254 | MODULE_DESCRIPTION ("Salsa20 stream cipher algorithm"); | ||
255 | MODULE_ALIAS("salsa20"); | ||
diff --git a/crypto/scatterwalk.c b/crypto/scatterwalk.c index b9bbda0bb9f9..9aeeb52004a5 100644 --- a/crypto/scatterwalk.c +++ b/crypto/scatterwalk.c | |||
@@ -13,6 +13,8 @@ | |||
13 | * any later version. | 13 | * any later version. |
14 | * | 14 | * |
15 | */ | 15 | */ |
16 | |||
17 | #include <crypto/scatterwalk.h> | ||
16 | #include <linux/kernel.h> | 18 | #include <linux/kernel.h> |
17 | #include <linux/mm.h> | 19 | #include <linux/mm.h> |
18 | #include <linux/module.h> | 20 | #include <linux/module.h> |
@@ -20,9 +22,6 @@ | |||
20 | #include <linux/highmem.h> | 22 | #include <linux/highmem.h> |
21 | #include <linux/scatterlist.h> | 23 | #include <linux/scatterlist.h> |
22 | 24 | ||
23 | #include "internal.h" | ||
24 | #include "scatterwalk.h" | ||
25 | |||
26 | static inline void memcpy_dir(void *buf, void *sgdata, size_t nbytes, int out) | 25 | static inline void memcpy_dir(void *buf, void *sgdata, size_t nbytes, int out) |
27 | { | 26 | { |
28 | void *src = out ? buf : sgdata; | 27 | void *src = out ? buf : sgdata; |
@@ -106,6 +105,9 @@ void scatterwalk_map_and_copy(void *buf, struct scatterlist *sg, | |||
106 | struct scatter_walk walk; | 105 | struct scatter_walk walk; |
107 | unsigned int offset = 0; | 106 | unsigned int offset = 0; |
108 | 107 | ||
108 | if (!nbytes) | ||
109 | return; | ||
110 | |||
109 | for (;;) { | 111 | for (;;) { |
110 | scatterwalk_start(&walk, sg); | 112 | scatterwalk_start(&walk, sg); |
111 | 113 | ||
@@ -113,7 +115,7 @@ void scatterwalk_map_and_copy(void *buf, struct scatterlist *sg, | |||
113 | break; | 115 | break; |
114 | 116 | ||
115 | offset += sg->length; | 117 | offset += sg->length; |
116 | sg = sg_next(sg); | 118 | sg = scatterwalk_sg_next(sg); |
117 | } | 119 | } |
118 | 120 | ||
119 | scatterwalk_advance(&walk, start - offset); | 121 | scatterwalk_advance(&walk, start - offset); |
diff --git a/crypto/scatterwalk.h b/crypto/scatterwalk.h deleted file mode 100644 index 87ed681cceba..000000000000 --- a/crypto/scatterwalk.h +++ /dev/null | |||
@@ -1,80 +0,0 @@ | |||
1 | /* | ||
2 | * Cryptographic API. | ||
3 | * | ||
4 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | ||
5 | * Copyright (c) 2002 Adam J. Richter <adam@yggdrasil.com> | ||
6 | * Copyright (c) 2004 Jean-Luc Cooke <jlcooke@certainkey.com> | ||
7 | * | ||
8 | * This program is free software; you can redistribute it and/or modify it | ||
9 | * under the terms of the GNU General Public License as published by the Free | ||
10 | * Software Foundation; either version 2 of the License, or (at your option) | ||
11 | * any later version. | ||
12 | * | ||
13 | */ | ||
14 | |||
15 | #ifndef _CRYPTO_SCATTERWALK_H | ||
16 | #define _CRYPTO_SCATTERWALK_H | ||
17 | |||
18 | #include <linux/mm.h> | ||
19 | #include <linux/scatterlist.h> | ||
20 | |||
21 | #include "internal.h" | ||
22 | |||
23 | static inline struct scatterlist *scatterwalk_sg_next(struct scatterlist *sg) | ||
24 | { | ||
25 | return (++sg)->length ? sg : (void *) sg_page(sg); | ||
26 | } | ||
27 | |||
28 | static inline unsigned long scatterwalk_samebuf(struct scatter_walk *walk_in, | ||
29 | struct scatter_walk *walk_out) | ||
30 | { | ||
31 | return !(((sg_page(walk_in->sg) - sg_page(walk_out->sg)) << PAGE_SHIFT) + | ||
32 | (int)(walk_in->offset - walk_out->offset)); | ||
33 | } | ||
34 | |||
35 | static inline unsigned int scatterwalk_pagelen(struct scatter_walk *walk) | ||
36 | { | ||
37 | unsigned int len = walk->sg->offset + walk->sg->length - walk->offset; | ||
38 | unsigned int len_this_page = offset_in_page(~walk->offset) + 1; | ||
39 | return len_this_page > len ? len : len_this_page; | ||
40 | } | ||
41 | |||
42 | static inline unsigned int scatterwalk_clamp(struct scatter_walk *walk, | ||
43 | unsigned int nbytes) | ||
44 | { | ||
45 | unsigned int len_this_page = scatterwalk_pagelen(walk); | ||
46 | return nbytes > len_this_page ? len_this_page : nbytes; | ||
47 | } | ||
48 | |||
49 | static inline void scatterwalk_advance(struct scatter_walk *walk, | ||
50 | unsigned int nbytes) | ||
51 | { | ||
52 | walk->offset += nbytes; | ||
53 | } | ||
54 | |||
55 | static inline unsigned int scatterwalk_aligned(struct scatter_walk *walk, | ||
56 | unsigned int alignmask) | ||
57 | { | ||
58 | return !(walk->offset & alignmask); | ||
59 | } | ||
60 | |||
61 | static inline struct page *scatterwalk_page(struct scatter_walk *walk) | ||
62 | { | ||
63 | return sg_page(walk->sg) + (walk->offset >> PAGE_SHIFT); | ||
64 | } | ||
65 | |||
66 | static inline void scatterwalk_unmap(void *vaddr, int out) | ||
67 | { | ||
68 | crypto_kunmap(vaddr, out); | ||
69 | } | ||
70 | |||
71 | void scatterwalk_start(struct scatter_walk *walk, struct scatterlist *sg); | ||
72 | void scatterwalk_copychunks(void *buf, struct scatter_walk *walk, | ||
73 | size_t nbytes, int out); | ||
74 | void *scatterwalk_map(struct scatter_walk *walk, int out); | ||
75 | void scatterwalk_done(struct scatter_walk *walk, int out, int more); | ||
76 | |||
77 | void scatterwalk_map_and_copy(void *buf, struct scatterlist *sg, | ||
78 | unsigned int start, unsigned int nbytes, int out); | ||
79 | |||
80 | #endif /* _CRYPTO_SCATTERWALK_H */ | ||
diff --git a/crypto/seqiv.c b/crypto/seqiv.c new file mode 100644 index 000000000000..b903aab31577 --- /dev/null +++ b/crypto/seqiv.c | |||
@@ -0,0 +1,345 @@ | |||
1 | /* | ||
2 | * seqiv: Sequence Number IV Generator | ||
3 | * | ||
4 | * This generator generates an IV based on a sequence number by xoring it | ||
5 | * with a salt. This algorithm is mainly useful for CTR and similar modes. | ||
6 | * | ||
7 | * Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au> | ||
8 | * | ||
9 | * This program is free software; you can redistribute it and/or modify it | ||
10 | * under the terms of the GNU General Public License as published by the Free | ||
11 | * Software Foundation; either version 2 of the License, or (at your option) | ||
12 | * any later version. | ||
13 | * | ||
14 | */ | ||
15 | |||
16 | #include <crypto/internal/aead.h> | ||
17 | #include <crypto/internal/skcipher.h> | ||
18 | #include <linux/err.h> | ||
19 | #include <linux/init.h> | ||
20 | #include <linux/kernel.h> | ||
21 | #include <linux/module.h> | ||
22 | #include <linux/random.h> | ||
23 | #include <linux/spinlock.h> | ||
24 | #include <linux/string.h> | ||
25 | |||
26 | struct seqiv_ctx { | ||
27 | spinlock_t lock; | ||
28 | u8 salt[] __attribute__ ((aligned(__alignof__(u32)))); | ||
29 | }; | ||
30 | |||
31 | static void seqiv_complete2(struct skcipher_givcrypt_request *req, int err) | ||
32 | { | ||
33 | struct ablkcipher_request *subreq = skcipher_givcrypt_reqctx(req); | ||
34 | struct crypto_ablkcipher *geniv; | ||
35 | |||
36 | if (err == -EINPROGRESS) | ||
37 | return; | ||
38 | |||
39 | if (err) | ||
40 | goto out; | ||
41 | |||
42 | geniv = skcipher_givcrypt_reqtfm(req); | ||
43 | memcpy(req->creq.info, subreq->info, crypto_ablkcipher_ivsize(geniv)); | ||
44 | |||
45 | out: | ||
46 | kfree(subreq->info); | ||
47 | } | ||
48 | |||
49 | static void seqiv_complete(struct crypto_async_request *base, int err) | ||
50 | { | ||
51 | struct skcipher_givcrypt_request *req = base->data; | ||
52 | |||
53 | seqiv_complete2(req, err); | ||
54 | skcipher_givcrypt_complete(req, err); | ||
55 | } | ||
56 | |||
57 | static void seqiv_aead_complete2(struct aead_givcrypt_request *req, int err) | ||
58 | { | ||
59 | struct aead_request *subreq = aead_givcrypt_reqctx(req); | ||
60 | struct crypto_aead *geniv; | ||
61 | |||
62 | if (err == -EINPROGRESS) | ||
63 | return; | ||
64 | |||
65 | if (err) | ||
66 | goto out; | ||
67 | |||
68 | geniv = aead_givcrypt_reqtfm(req); | ||
69 | memcpy(req->areq.iv, subreq->iv, crypto_aead_ivsize(geniv)); | ||
70 | |||
71 | out: | ||
72 | kfree(subreq->iv); | ||
73 | } | ||
74 | |||
75 | static void seqiv_aead_complete(struct crypto_async_request *base, int err) | ||
76 | { | ||
77 | struct aead_givcrypt_request *req = base->data; | ||
78 | |||
79 | seqiv_aead_complete2(req, err); | ||
80 | aead_givcrypt_complete(req, err); | ||
81 | } | ||
82 | |||
83 | static void seqiv_geniv(struct seqiv_ctx *ctx, u8 *info, u64 seq, | ||
84 | unsigned int ivsize) | ||
85 | { | ||
86 | unsigned int len = ivsize; | ||
87 | |||
88 | if (ivsize > sizeof(u64)) { | ||
89 | memset(info, 0, ivsize - sizeof(u64)); | ||
90 | len = sizeof(u64); | ||
91 | } | ||
92 | seq = cpu_to_be64(seq); | ||
93 | memcpy(info + ivsize - len, &seq, len); | ||
94 | crypto_xor(info, ctx->salt, ivsize); | ||
95 | } | ||
96 | |||
97 | static int seqiv_givencrypt(struct skcipher_givcrypt_request *req) | ||
98 | { | ||
99 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
100 | struct seqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
101 | struct ablkcipher_request *subreq = skcipher_givcrypt_reqctx(req); | ||
102 | crypto_completion_t complete; | ||
103 | void *data; | ||
104 | u8 *info; | ||
105 | unsigned int ivsize; | ||
106 | int err; | ||
107 | |||
108 | ablkcipher_request_set_tfm(subreq, skcipher_geniv_cipher(geniv)); | ||
109 | |||
110 | complete = req->creq.base.complete; | ||
111 | data = req->creq.base.data; | ||
112 | info = req->creq.info; | ||
113 | |||
114 | ivsize = crypto_ablkcipher_ivsize(geniv); | ||
115 | |||
116 | if (unlikely(!IS_ALIGNED((unsigned long)info, | ||
117 | crypto_ablkcipher_alignmask(geniv) + 1))) { | ||
118 | info = kmalloc(ivsize, req->creq.base.flags & | ||
119 | CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL: | ||
120 | GFP_ATOMIC); | ||
121 | if (!info) | ||
122 | return -ENOMEM; | ||
123 | |||
124 | complete = seqiv_complete; | ||
125 | data = req; | ||
126 | } | ||
127 | |||
128 | ablkcipher_request_set_callback(subreq, req->creq.base.flags, complete, | ||
129 | data); | ||
130 | ablkcipher_request_set_crypt(subreq, req->creq.src, req->creq.dst, | ||
131 | req->creq.nbytes, info); | ||
132 | |||
133 | seqiv_geniv(ctx, info, req->seq, ivsize); | ||
134 | memcpy(req->giv, info, ivsize); | ||
135 | |||
136 | err = crypto_ablkcipher_encrypt(subreq); | ||
137 | if (unlikely(info != req->creq.info)) | ||
138 | seqiv_complete2(req, err); | ||
139 | return err; | ||
140 | } | ||
141 | |||
142 | static int seqiv_aead_givencrypt(struct aead_givcrypt_request *req) | ||
143 | { | ||
144 | struct crypto_aead *geniv = aead_givcrypt_reqtfm(req); | ||
145 | struct seqiv_ctx *ctx = crypto_aead_ctx(geniv); | ||
146 | struct aead_request *areq = &req->areq; | ||
147 | struct aead_request *subreq = aead_givcrypt_reqctx(req); | ||
148 | crypto_completion_t complete; | ||
149 | void *data; | ||
150 | u8 *info; | ||
151 | unsigned int ivsize; | ||
152 | int err; | ||
153 | |||
154 | aead_request_set_tfm(subreq, aead_geniv_base(geniv)); | ||
155 | |||
156 | complete = areq->base.complete; | ||
157 | data = areq->base.data; | ||
158 | info = areq->iv; | ||
159 | |||
160 | ivsize = crypto_aead_ivsize(geniv); | ||
161 | |||
162 | if (unlikely(!IS_ALIGNED((unsigned long)info, | ||
163 | crypto_aead_alignmask(geniv) + 1))) { | ||
164 | info = kmalloc(ivsize, areq->base.flags & | ||
165 | CRYPTO_TFM_REQ_MAY_SLEEP ? GFP_KERNEL: | ||
166 | GFP_ATOMIC); | ||
167 | if (!info) | ||
168 | return -ENOMEM; | ||
169 | |||
170 | complete = seqiv_aead_complete; | ||
171 | data = req; | ||
172 | } | ||
173 | |||
174 | aead_request_set_callback(subreq, areq->base.flags, complete, data); | ||
175 | aead_request_set_crypt(subreq, areq->src, areq->dst, areq->cryptlen, | ||
176 | info); | ||
177 | aead_request_set_assoc(subreq, areq->assoc, areq->assoclen); | ||
178 | |||
179 | seqiv_geniv(ctx, info, req->seq, ivsize); | ||
180 | memcpy(req->giv, info, ivsize); | ||
181 | |||
182 | err = crypto_aead_encrypt(subreq); | ||
183 | if (unlikely(info != areq->iv)) | ||
184 | seqiv_aead_complete2(req, err); | ||
185 | return err; | ||
186 | } | ||
187 | |||
188 | static int seqiv_givencrypt_first(struct skcipher_givcrypt_request *req) | ||
189 | { | ||
190 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
191 | struct seqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
192 | |||
193 | spin_lock_bh(&ctx->lock); | ||
194 | if (crypto_ablkcipher_crt(geniv)->givencrypt != seqiv_givencrypt_first) | ||
195 | goto unlock; | ||
196 | |||
197 | crypto_ablkcipher_crt(geniv)->givencrypt = seqiv_givencrypt; | ||
198 | get_random_bytes(ctx->salt, crypto_ablkcipher_ivsize(geniv)); | ||
199 | |||
200 | unlock: | ||
201 | spin_unlock_bh(&ctx->lock); | ||
202 | |||
203 | return seqiv_givencrypt(req); | ||
204 | } | ||
205 | |||
206 | static int seqiv_aead_givencrypt_first(struct aead_givcrypt_request *req) | ||
207 | { | ||
208 | struct crypto_aead *geniv = aead_givcrypt_reqtfm(req); | ||
209 | struct seqiv_ctx *ctx = crypto_aead_ctx(geniv); | ||
210 | |||
211 | spin_lock_bh(&ctx->lock); | ||
212 | if (crypto_aead_crt(geniv)->givencrypt != seqiv_aead_givencrypt_first) | ||
213 | goto unlock; | ||
214 | |||
215 | crypto_aead_crt(geniv)->givencrypt = seqiv_aead_givencrypt; | ||
216 | get_random_bytes(ctx->salt, crypto_aead_ivsize(geniv)); | ||
217 | |||
218 | unlock: | ||
219 | spin_unlock_bh(&ctx->lock); | ||
220 | |||
221 | return seqiv_aead_givencrypt(req); | ||
222 | } | ||
223 | |||
224 | static int seqiv_init(struct crypto_tfm *tfm) | ||
225 | { | ||
226 | struct crypto_ablkcipher *geniv = __crypto_ablkcipher_cast(tfm); | ||
227 | struct seqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
228 | |||
229 | spin_lock_init(&ctx->lock); | ||
230 | |||
231 | tfm->crt_ablkcipher.reqsize = sizeof(struct ablkcipher_request); | ||
232 | |||
233 | return skcipher_geniv_init(tfm); | ||
234 | } | ||
235 | |||
236 | static int seqiv_aead_init(struct crypto_tfm *tfm) | ||
237 | { | ||
238 | struct crypto_aead *geniv = __crypto_aead_cast(tfm); | ||
239 | struct seqiv_ctx *ctx = crypto_aead_ctx(geniv); | ||
240 | |||
241 | spin_lock_init(&ctx->lock); | ||
242 | |||
243 | tfm->crt_aead.reqsize = sizeof(struct aead_request); | ||
244 | |||
245 | return aead_geniv_init(tfm); | ||
246 | } | ||
247 | |||
248 | static struct crypto_template seqiv_tmpl; | ||
249 | |||
250 | static struct crypto_instance *seqiv_ablkcipher_alloc(struct rtattr **tb) | ||
251 | { | ||
252 | struct crypto_instance *inst; | ||
253 | |||
254 | inst = skcipher_geniv_alloc(&seqiv_tmpl, tb, 0, 0); | ||
255 | |||
256 | if (IS_ERR(inst)) | ||
257 | goto out; | ||
258 | |||
259 | inst->alg.cra_ablkcipher.givencrypt = seqiv_givencrypt_first; | ||
260 | |||
261 | inst->alg.cra_init = seqiv_init; | ||
262 | inst->alg.cra_exit = skcipher_geniv_exit; | ||
263 | |||
264 | inst->alg.cra_ctxsize += inst->alg.cra_ablkcipher.ivsize; | ||
265 | |||
266 | out: | ||
267 | return inst; | ||
268 | } | ||
269 | |||
270 | static struct crypto_instance *seqiv_aead_alloc(struct rtattr **tb) | ||
271 | { | ||
272 | struct crypto_instance *inst; | ||
273 | |||
274 | inst = aead_geniv_alloc(&seqiv_tmpl, tb, 0, 0); | ||
275 | |||
276 | if (IS_ERR(inst)) | ||
277 | goto out; | ||
278 | |||
279 | inst->alg.cra_aead.givencrypt = seqiv_aead_givencrypt_first; | ||
280 | |||
281 | inst->alg.cra_init = seqiv_aead_init; | ||
282 | inst->alg.cra_exit = aead_geniv_exit; | ||
283 | |||
284 | inst->alg.cra_ctxsize = inst->alg.cra_aead.ivsize; | ||
285 | |||
286 | out: | ||
287 | return inst; | ||
288 | } | ||
289 | |||
290 | static struct crypto_instance *seqiv_alloc(struct rtattr **tb) | ||
291 | { | ||
292 | struct crypto_attr_type *algt; | ||
293 | struct crypto_instance *inst; | ||
294 | int err; | ||
295 | |||
296 | algt = crypto_get_attr_type(tb); | ||
297 | err = PTR_ERR(algt); | ||
298 | if (IS_ERR(algt)) | ||
299 | return ERR_PTR(err); | ||
300 | |||
301 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & CRYPTO_ALG_TYPE_MASK) | ||
302 | inst = seqiv_ablkcipher_alloc(tb); | ||
303 | else | ||
304 | inst = seqiv_aead_alloc(tb); | ||
305 | |||
306 | if (IS_ERR(inst)) | ||
307 | goto out; | ||
308 | |||
309 | inst->alg.cra_alignmask |= __alignof__(u32) - 1; | ||
310 | inst->alg.cra_ctxsize += sizeof(struct seqiv_ctx); | ||
311 | |||
312 | out: | ||
313 | return inst; | ||
314 | } | ||
315 | |||
316 | static void seqiv_free(struct crypto_instance *inst) | ||
317 | { | ||
318 | if ((inst->alg.cra_flags ^ CRYPTO_ALG_TYPE_AEAD) & CRYPTO_ALG_TYPE_MASK) | ||
319 | skcipher_geniv_free(inst); | ||
320 | else | ||
321 | aead_geniv_free(inst); | ||
322 | } | ||
323 | |||
324 | static struct crypto_template seqiv_tmpl = { | ||
325 | .name = "seqiv", | ||
326 | .alloc = seqiv_alloc, | ||
327 | .free = seqiv_free, | ||
328 | .module = THIS_MODULE, | ||
329 | }; | ||
330 | |||
331 | static int __init seqiv_module_init(void) | ||
332 | { | ||
333 | return crypto_register_template(&seqiv_tmpl); | ||
334 | } | ||
335 | |||
336 | static void __exit seqiv_module_exit(void) | ||
337 | { | ||
338 | crypto_unregister_template(&seqiv_tmpl); | ||
339 | } | ||
340 | |||
341 | module_init(seqiv_module_init); | ||
342 | module_exit(seqiv_module_exit); | ||
343 | |||
344 | MODULE_LICENSE("GPL"); | ||
345 | MODULE_DESCRIPTION("Sequence Number IV Generator"); | ||
diff --git a/crypto/sha256_generic.c b/crypto/sha256_generic.c index fd3918be58b5..3cc93fd61043 100644 --- a/crypto/sha256_generic.c +++ b/crypto/sha256_generic.c | |||
@@ -9,6 +9,7 @@ | |||
9 | * Copyright (c) Jean-Luc Cooke <jlcooke@certainkey.com> | 9 | * Copyright (c) Jean-Luc Cooke <jlcooke@certainkey.com> |
10 | * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk> | 10 | * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk> |
11 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | 11 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> |
12 | * SHA224 Support Copyright 2007 Intel Corporation <jonathan.lynch@intel.com> | ||
12 | * | 13 | * |
13 | * This program is free software; you can redistribute it and/or modify it | 14 | * This program is free software; you can redistribute it and/or modify it |
14 | * under the terms of the GNU General Public License as published by the Free | 15 | * under the terms of the GNU General Public License as published by the Free |
@@ -218,6 +219,22 @@ static void sha256_transform(u32 *state, const u8 *input) | |||
218 | memset(W, 0, 64 * sizeof(u32)); | 219 | memset(W, 0, 64 * sizeof(u32)); |
219 | } | 220 | } |
220 | 221 | ||
222 | |||
223 | static void sha224_init(struct crypto_tfm *tfm) | ||
224 | { | ||
225 | struct sha256_ctx *sctx = crypto_tfm_ctx(tfm); | ||
226 | sctx->state[0] = SHA224_H0; | ||
227 | sctx->state[1] = SHA224_H1; | ||
228 | sctx->state[2] = SHA224_H2; | ||
229 | sctx->state[3] = SHA224_H3; | ||
230 | sctx->state[4] = SHA224_H4; | ||
231 | sctx->state[5] = SHA224_H5; | ||
232 | sctx->state[6] = SHA224_H6; | ||
233 | sctx->state[7] = SHA224_H7; | ||
234 | sctx->count[0] = 0; | ||
235 | sctx->count[1] = 0; | ||
236 | } | ||
237 | |||
221 | static void sha256_init(struct crypto_tfm *tfm) | 238 | static void sha256_init(struct crypto_tfm *tfm) |
222 | { | 239 | { |
223 | struct sha256_ctx *sctx = crypto_tfm_ctx(tfm); | 240 | struct sha256_ctx *sctx = crypto_tfm_ctx(tfm); |
@@ -294,8 +311,17 @@ static void sha256_final(struct crypto_tfm *tfm, u8 *out) | |||
294 | memset(sctx, 0, sizeof(*sctx)); | 311 | memset(sctx, 0, sizeof(*sctx)); |
295 | } | 312 | } |
296 | 313 | ||
314 | static void sha224_final(struct crypto_tfm *tfm, u8 *hash) | ||
315 | { | ||
316 | u8 D[SHA256_DIGEST_SIZE]; | ||
317 | |||
318 | sha256_final(tfm, D); | ||
319 | |||
320 | memcpy(hash, D, SHA224_DIGEST_SIZE); | ||
321 | memset(D, 0, SHA256_DIGEST_SIZE); | ||
322 | } | ||
297 | 323 | ||
298 | static struct crypto_alg alg = { | 324 | static struct crypto_alg sha256 = { |
299 | .cra_name = "sha256", | 325 | .cra_name = "sha256", |
300 | .cra_driver_name= "sha256-generic", | 326 | .cra_driver_name= "sha256-generic", |
301 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | 327 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, |
@@ -303,28 +329,58 @@ static struct crypto_alg alg = { | |||
303 | .cra_ctxsize = sizeof(struct sha256_ctx), | 329 | .cra_ctxsize = sizeof(struct sha256_ctx), |
304 | .cra_module = THIS_MODULE, | 330 | .cra_module = THIS_MODULE, |
305 | .cra_alignmask = 3, | 331 | .cra_alignmask = 3, |
306 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | 332 | .cra_list = LIST_HEAD_INIT(sha256.cra_list), |
307 | .cra_u = { .digest = { | 333 | .cra_u = { .digest = { |
308 | .dia_digestsize = SHA256_DIGEST_SIZE, | 334 | .dia_digestsize = SHA256_DIGEST_SIZE, |
309 | .dia_init = sha256_init, | 335 | .dia_init = sha256_init, |
310 | .dia_update = sha256_update, | 336 | .dia_update = sha256_update, |
311 | .dia_final = sha256_final } } | 337 | .dia_final = sha256_final } } |
338 | }; | ||
339 | |||
340 | static struct crypto_alg sha224 = { | ||
341 | .cra_name = "sha224", | ||
342 | .cra_driver_name = "sha224-generic", | ||
343 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | ||
344 | .cra_blocksize = SHA224_BLOCK_SIZE, | ||
345 | .cra_ctxsize = sizeof(struct sha256_ctx), | ||
346 | .cra_module = THIS_MODULE, | ||
347 | .cra_alignmask = 3, | ||
348 | .cra_list = LIST_HEAD_INIT(sha224.cra_list), | ||
349 | .cra_u = { .digest = { | ||
350 | .dia_digestsize = SHA224_DIGEST_SIZE, | ||
351 | .dia_init = sha224_init, | ||
352 | .dia_update = sha256_update, | ||
353 | .dia_final = sha224_final } } | ||
312 | }; | 354 | }; |
313 | 355 | ||
314 | static int __init init(void) | 356 | static int __init init(void) |
315 | { | 357 | { |
316 | return crypto_register_alg(&alg); | 358 | int ret = 0; |
359 | |||
360 | ret = crypto_register_alg(&sha224); | ||
361 | |||
362 | if (ret < 0) | ||
363 | return ret; | ||
364 | |||
365 | ret = crypto_register_alg(&sha256); | ||
366 | |||
367 | if (ret < 0) | ||
368 | crypto_unregister_alg(&sha224); | ||
369 | |||
370 | return ret; | ||
317 | } | 371 | } |
318 | 372 | ||
319 | static void __exit fini(void) | 373 | static void __exit fini(void) |
320 | { | 374 | { |
321 | crypto_unregister_alg(&alg); | 375 | crypto_unregister_alg(&sha224); |
376 | crypto_unregister_alg(&sha256); | ||
322 | } | 377 | } |
323 | 378 | ||
324 | module_init(init); | 379 | module_init(init); |
325 | module_exit(fini); | 380 | module_exit(fini); |
326 | 381 | ||
327 | MODULE_LICENSE("GPL"); | 382 | MODULE_LICENSE("GPL"); |
328 | MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm"); | 383 | MODULE_DESCRIPTION("SHA-224 and SHA-256 Secure Hash Algorithm"); |
329 | 384 | ||
385 | MODULE_ALIAS("sha224"); | ||
330 | MODULE_ALIAS("sha256"); | 386 | MODULE_ALIAS("sha256"); |
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index 24141fb6f5cb..1ab8c017a011 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c | |||
@@ -6,12 +6,16 @@ | |||
6 | * | 6 | * |
7 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | 7 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> |
8 | * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org> | 8 | * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org> |
9 | * Copyright (c) 2007 Nokia Siemens Networks | ||
9 | * | 10 | * |
10 | * This program is free software; you can redistribute it and/or modify it | 11 | * This program is free software; you can redistribute it and/or modify it |
11 | * under the terms of the GNU General Public License as published by the Free | 12 | * under the terms of the GNU General Public License as published by the Free |
12 | * Software Foundation; either version 2 of the License, or (at your option) | 13 | * Software Foundation; either version 2 of the License, or (at your option) |
13 | * any later version. | 14 | * any later version. |
14 | * | 15 | * |
16 | * 2007-11-13 Added GCM tests | ||
17 | * 2007-11-13 Added AEAD support | ||
18 | * 2007-11-06 Added SHA-224 and SHA-224-HMAC tests | ||
15 | * 2006-12-07 Added SHA384 HMAC and SHA512 HMAC tests | 19 | * 2006-12-07 Added SHA384 HMAC and SHA512 HMAC tests |
16 | * 2004-08-09 Added cipher speed tests (Reyk Floeter <reyk@vantronix.net>) | 20 | * 2004-08-09 Added cipher speed tests (Reyk Floeter <reyk@vantronix.net>) |
17 | * 2003-09-14 Rewritten by Kartikey Mahendra Bhatt | 21 | * 2003-09-14 Rewritten by Kartikey Mahendra Bhatt |
@@ -71,22 +75,23 @@ static unsigned int sec; | |||
71 | 75 | ||
72 | static int mode; | 76 | static int mode; |
73 | static char *xbuf; | 77 | static char *xbuf; |
78 | static char *axbuf; | ||
74 | static char *tvmem; | 79 | static char *tvmem; |
75 | 80 | ||
76 | static char *check[] = { | 81 | static char *check[] = { |
77 | "des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish", | 82 | "des", "md5", "des3_ede", "rot13", "sha1", "sha224", "sha256", |
78 | "twofish", "serpent", "sha384", "sha512", "md4", "aes", "cast6", | 83 | "blowfish", "twofish", "serpent", "sha384", "sha512", "md4", "aes", |
84 | "cast6", "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", | ||
79 | "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", | 85 | "arc4", "michael_mic", "deflate", "crc32c", "tea", "xtea", |
80 | "khazad", "wp512", "wp384", "wp256", "tnepres", "xeta", "fcrypt", | 86 | "khazad", "wp512", "wp384", "wp256", "tnepres", "xeta", "fcrypt", |
81 | "camellia", "seed", NULL | 87 | "camellia", "seed", "salsa20", "lzo", NULL |
82 | }; | 88 | }; |
83 | 89 | ||
84 | static void hexdump(unsigned char *buf, unsigned int len) | 90 | static void hexdump(unsigned char *buf, unsigned int len) |
85 | { | 91 | { |
86 | while (len--) | 92 | print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET, |
87 | printk("%02x", *buf++); | 93 | 16, 1, |
88 | 94 | buf, len, false); | |
89 | printk("\n"); | ||
90 | } | 95 | } |
91 | 96 | ||
92 | static void tcrypt_complete(struct crypto_async_request *req, int err) | 97 | static void tcrypt_complete(struct crypto_async_request *req, int err) |
@@ -215,6 +220,238 @@ out: | |||
215 | crypto_free_hash(tfm); | 220 | crypto_free_hash(tfm); |
216 | } | 221 | } |
217 | 222 | ||
223 | static void test_aead(char *algo, int enc, struct aead_testvec *template, | ||
224 | unsigned int tcount) | ||
225 | { | ||
226 | unsigned int ret, i, j, k, temp; | ||
227 | unsigned int tsize; | ||
228 | char *q; | ||
229 | struct crypto_aead *tfm; | ||
230 | char *key; | ||
231 | struct aead_testvec *aead_tv; | ||
232 | struct aead_request *req; | ||
233 | struct scatterlist sg[8]; | ||
234 | struct scatterlist asg[8]; | ||
235 | const char *e; | ||
236 | struct tcrypt_result result; | ||
237 | unsigned int authsize; | ||
238 | |||
239 | if (enc == ENCRYPT) | ||
240 | e = "encryption"; | ||
241 | else | ||
242 | e = "decryption"; | ||
243 | |||
244 | printk(KERN_INFO "\ntesting %s %s\n", algo, e); | ||
245 | |||
246 | tsize = sizeof(struct aead_testvec); | ||
247 | tsize *= tcount; | ||
248 | |||
249 | if (tsize > TVMEMSIZE) { | ||
250 | printk(KERN_INFO "template (%u) too big for tvmem (%u)\n", | ||
251 | tsize, TVMEMSIZE); | ||
252 | return; | ||
253 | } | ||
254 | |||
255 | memcpy(tvmem, template, tsize); | ||
256 | aead_tv = (void *)tvmem; | ||
257 | |||
258 | init_completion(&result.completion); | ||
259 | |||
260 | tfm = crypto_alloc_aead(algo, 0, 0); | ||
261 | |||
262 | if (IS_ERR(tfm)) { | ||
263 | printk(KERN_INFO "failed to load transform for %s: %ld\n", | ||
264 | algo, PTR_ERR(tfm)); | ||
265 | return; | ||
266 | } | ||
267 | |||
268 | req = aead_request_alloc(tfm, GFP_KERNEL); | ||
269 | if (!req) { | ||
270 | printk(KERN_INFO "failed to allocate request for %s\n", algo); | ||
271 | goto out; | ||
272 | } | ||
273 | |||
274 | aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, | ||
275 | tcrypt_complete, &result); | ||
276 | |||
277 | for (i = 0, j = 0; i < tcount; i++) { | ||
278 | if (!aead_tv[i].np) { | ||
279 | printk(KERN_INFO "test %u (%d bit key):\n", | ||
280 | ++j, aead_tv[i].klen * 8); | ||
281 | |||
282 | crypto_aead_clear_flags(tfm, ~0); | ||
283 | if (aead_tv[i].wk) | ||
284 | crypto_aead_set_flags( | ||
285 | tfm, CRYPTO_TFM_REQ_WEAK_KEY); | ||
286 | key = aead_tv[i].key; | ||
287 | |||
288 | ret = crypto_aead_setkey(tfm, key, | ||
289 | aead_tv[i].klen); | ||
290 | if (ret) { | ||
291 | printk(KERN_INFO "setkey() failed flags=%x\n", | ||
292 | crypto_aead_get_flags(tfm)); | ||
293 | |||
294 | if (!aead_tv[i].fail) | ||
295 | goto out; | ||
296 | } | ||
297 | |||
298 | authsize = abs(aead_tv[i].rlen - aead_tv[i].ilen); | ||
299 | ret = crypto_aead_setauthsize(tfm, authsize); | ||
300 | if (ret) { | ||
301 | printk(KERN_INFO | ||
302 | "failed to set authsize = %u\n", | ||
303 | authsize); | ||
304 | goto out; | ||
305 | } | ||
306 | |||
307 | sg_init_one(&sg[0], aead_tv[i].input, | ||
308 | aead_tv[i].ilen + (enc ? authsize : 0)); | ||
309 | |||
310 | sg_init_one(&asg[0], aead_tv[i].assoc, | ||
311 | aead_tv[i].alen); | ||
312 | |||
313 | aead_request_set_crypt(req, sg, sg, | ||
314 | aead_tv[i].ilen, | ||
315 | aead_tv[i].iv); | ||
316 | |||
317 | aead_request_set_assoc(req, asg, aead_tv[i].alen); | ||
318 | |||
319 | ret = enc ? | ||
320 | crypto_aead_encrypt(req) : | ||
321 | crypto_aead_decrypt(req); | ||
322 | |||
323 | switch (ret) { | ||
324 | case 0: | ||
325 | break; | ||
326 | case -EINPROGRESS: | ||
327 | case -EBUSY: | ||
328 | ret = wait_for_completion_interruptible( | ||
329 | &result.completion); | ||
330 | if (!ret && !(ret = result.err)) { | ||
331 | INIT_COMPLETION(result.completion); | ||
332 | break; | ||
333 | } | ||
334 | /* fall through */ | ||
335 | default: | ||
336 | printk(KERN_INFO "%s () failed err=%d\n", | ||
337 | e, -ret); | ||
338 | goto out; | ||
339 | } | ||
340 | |||
341 | q = kmap(sg_page(&sg[0])) + sg[0].offset; | ||
342 | hexdump(q, aead_tv[i].rlen); | ||
343 | |||
344 | printk(KERN_INFO "enc/dec: %s\n", | ||
345 | memcmp(q, aead_tv[i].result, | ||
346 | aead_tv[i].rlen) ? "fail" : "pass"); | ||
347 | } | ||
348 | } | ||
349 | |||
350 | printk(KERN_INFO "\ntesting %s %s across pages (chunking)\n", algo, e); | ||
351 | memset(xbuf, 0, XBUFSIZE); | ||
352 | memset(axbuf, 0, XBUFSIZE); | ||
353 | |||
354 | for (i = 0, j = 0; i < tcount; i++) { | ||
355 | if (aead_tv[i].np) { | ||
356 | printk(KERN_INFO "test %u (%d bit key):\n", | ||
357 | ++j, aead_tv[i].klen * 8); | ||
358 | |||
359 | crypto_aead_clear_flags(tfm, ~0); | ||
360 | if (aead_tv[i].wk) | ||
361 | crypto_aead_set_flags( | ||
362 | tfm, CRYPTO_TFM_REQ_WEAK_KEY); | ||
363 | key = aead_tv[i].key; | ||
364 | |||
365 | ret = crypto_aead_setkey(tfm, key, aead_tv[i].klen); | ||
366 | if (ret) { | ||
367 | printk(KERN_INFO "setkey() failed flags=%x\n", | ||
368 | crypto_aead_get_flags(tfm)); | ||
369 | |||
370 | if (!aead_tv[i].fail) | ||
371 | goto out; | ||
372 | } | ||
373 | |||
374 | sg_init_table(sg, aead_tv[i].np); | ||
375 | for (k = 0, temp = 0; k < aead_tv[i].np; k++) { | ||
376 | memcpy(&xbuf[IDX[k]], | ||
377 | aead_tv[i].input + temp, | ||
378 | aead_tv[i].tap[k]); | ||
379 | temp += aead_tv[i].tap[k]; | ||
380 | sg_set_buf(&sg[k], &xbuf[IDX[k]], | ||
381 | aead_tv[i].tap[k]); | ||
382 | } | ||
383 | |||
384 | authsize = abs(aead_tv[i].rlen - aead_tv[i].ilen); | ||
385 | ret = crypto_aead_setauthsize(tfm, authsize); | ||
386 | if (ret) { | ||
387 | printk(KERN_INFO | ||
388 | "failed to set authsize = %u\n", | ||
389 | authsize); | ||
390 | goto out; | ||
391 | } | ||
392 | |||
393 | if (enc) | ||
394 | sg[k - 1].length += authsize; | ||
395 | |||
396 | sg_init_table(asg, aead_tv[i].anp); | ||
397 | for (k = 0, temp = 0; k < aead_tv[i].anp; k++) { | ||
398 | memcpy(&axbuf[IDX[k]], | ||
399 | aead_tv[i].assoc + temp, | ||
400 | aead_tv[i].atap[k]); | ||
401 | temp += aead_tv[i].atap[k]; | ||
402 | sg_set_buf(&asg[k], &axbuf[IDX[k]], | ||
403 | aead_tv[i].atap[k]); | ||
404 | } | ||
405 | |||
406 | aead_request_set_crypt(req, sg, sg, | ||
407 | aead_tv[i].ilen, | ||
408 | aead_tv[i].iv); | ||
409 | |||
410 | aead_request_set_assoc(req, asg, aead_tv[i].alen); | ||
411 | |||
412 | ret = enc ? | ||
413 | crypto_aead_encrypt(req) : | ||
414 | crypto_aead_decrypt(req); | ||
415 | |||
416 | switch (ret) { | ||
417 | case 0: | ||
418 | break; | ||
419 | case -EINPROGRESS: | ||
420 | case -EBUSY: | ||
421 | ret = wait_for_completion_interruptible( | ||
422 | &result.completion); | ||
423 | if (!ret && !(ret = result.err)) { | ||
424 | INIT_COMPLETION(result.completion); | ||
425 | break; | ||
426 | } | ||
427 | /* fall through */ | ||
428 | default: | ||
429 | printk(KERN_INFO "%s () failed err=%d\n", | ||
430 | e, -ret); | ||
431 | goto out; | ||
432 | } | ||
433 | |||
434 | for (k = 0, temp = 0; k < aead_tv[i].np; k++) { | ||
435 | printk(KERN_INFO "page %u\n", k); | ||
436 | q = kmap(sg_page(&sg[k])) + sg[k].offset; | ||
437 | hexdump(q, aead_tv[i].tap[k]); | ||
438 | printk(KERN_INFO "%s\n", | ||
439 | memcmp(q, aead_tv[i].result + temp, | ||
440 | aead_tv[i].tap[k] - | ||
441 | (k < aead_tv[i].np - 1 || enc ? | ||
442 | 0 : authsize)) ? | ||
443 | "fail" : "pass"); | ||
444 | |||
445 | temp += aead_tv[i].tap[k]; | ||
446 | } | ||
447 | } | ||
448 | } | ||
449 | |||
450 | out: | ||
451 | crypto_free_aead(tfm); | ||
452 | aead_request_free(req); | ||
453 | } | ||
454 | |||
218 | static void test_cipher(char *algo, int enc, | 455 | static void test_cipher(char *algo, int enc, |
219 | struct cipher_testvec *template, unsigned int tcount) | 456 | struct cipher_testvec *template, unsigned int tcount) |
220 | { | 457 | { |
@@ -237,15 +474,11 @@ static void test_cipher(char *algo, int enc, | |||
237 | printk("\ntesting %s %s\n", algo, e); | 474 | printk("\ntesting %s %s\n", algo, e); |
238 | 475 | ||
239 | tsize = sizeof (struct cipher_testvec); | 476 | tsize = sizeof (struct cipher_testvec); |
240 | tsize *= tcount; | ||
241 | |||
242 | if (tsize > TVMEMSIZE) { | 477 | if (tsize > TVMEMSIZE) { |
243 | printk("template (%u) too big for tvmem (%u)\n", tsize, | 478 | printk("template (%u) too big for tvmem (%u)\n", tsize, |
244 | TVMEMSIZE); | 479 | TVMEMSIZE); |
245 | return; | 480 | return; |
246 | } | 481 | } |
247 | |||
248 | memcpy(tvmem, template, tsize); | ||
249 | cipher_tv = (void *)tvmem; | 482 | cipher_tv = (void *)tvmem; |
250 | 483 | ||
251 | init_completion(&result.completion); | 484 | init_completion(&result.completion); |
@@ -269,33 +502,34 @@ static void test_cipher(char *algo, int enc, | |||
269 | 502 | ||
270 | j = 0; | 503 | j = 0; |
271 | for (i = 0; i < tcount; i++) { | 504 | for (i = 0; i < tcount; i++) { |
272 | if (!(cipher_tv[i].np)) { | 505 | memcpy(cipher_tv, &template[i], tsize); |
506 | if (!(cipher_tv->np)) { | ||
273 | j++; | 507 | j++; |
274 | printk("test %u (%d bit key):\n", | 508 | printk("test %u (%d bit key):\n", |
275 | j, cipher_tv[i].klen * 8); | 509 | j, cipher_tv->klen * 8); |
276 | 510 | ||
277 | crypto_ablkcipher_clear_flags(tfm, ~0); | 511 | crypto_ablkcipher_clear_flags(tfm, ~0); |
278 | if (cipher_tv[i].wk) | 512 | if (cipher_tv->wk) |
279 | crypto_ablkcipher_set_flags( | 513 | crypto_ablkcipher_set_flags( |
280 | tfm, CRYPTO_TFM_REQ_WEAK_KEY); | 514 | tfm, CRYPTO_TFM_REQ_WEAK_KEY); |
281 | key = cipher_tv[i].key; | 515 | key = cipher_tv->key; |
282 | 516 | ||
283 | ret = crypto_ablkcipher_setkey(tfm, key, | 517 | ret = crypto_ablkcipher_setkey(tfm, key, |
284 | cipher_tv[i].klen); | 518 | cipher_tv->klen); |
285 | if (ret) { | 519 | if (ret) { |
286 | printk("setkey() failed flags=%x\n", | 520 | printk("setkey() failed flags=%x\n", |
287 | crypto_ablkcipher_get_flags(tfm)); | 521 | crypto_ablkcipher_get_flags(tfm)); |
288 | 522 | ||
289 | if (!cipher_tv[i].fail) | 523 | if (!cipher_tv->fail) |
290 | goto out; | 524 | goto out; |
291 | } | 525 | } |
292 | 526 | ||
293 | sg_init_one(&sg[0], cipher_tv[i].input, | 527 | sg_init_one(&sg[0], cipher_tv->input, |
294 | cipher_tv[i].ilen); | 528 | cipher_tv->ilen); |
295 | 529 | ||
296 | ablkcipher_request_set_crypt(req, sg, sg, | 530 | ablkcipher_request_set_crypt(req, sg, sg, |
297 | cipher_tv[i].ilen, | 531 | cipher_tv->ilen, |
298 | cipher_tv[i].iv); | 532 | cipher_tv->iv); |
299 | 533 | ||
300 | ret = enc ? | 534 | ret = enc ? |
301 | crypto_ablkcipher_encrypt(req) : | 535 | crypto_ablkcipher_encrypt(req) : |
@@ -319,11 +553,11 @@ static void test_cipher(char *algo, int enc, | |||
319 | } | 553 | } |
320 | 554 | ||
321 | q = kmap(sg_page(&sg[0])) + sg[0].offset; | 555 | q = kmap(sg_page(&sg[0])) + sg[0].offset; |
322 | hexdump(q, cipher_tv[i].rlen); | 556 | hexdump(q, cipher_tv->rlen); |
323 | 557 | ||
324 | printk("%s\n", | 558 | printk("%s\n", |
325 | memcmp(q, cipher_tv[i].result, | 559 | memcmp(q, cipher_tv->result, |
326 | cipher_tv[i].rlen) ? "fail" : "pass"); | 560 | cipher_tv->rlen) ? "fail" : "pass"); |
327 | } | 561 | } |
328 | } | 562 | } |
329 | 563 | ||
@@ -332,41 +566,42 @@ static void test_cipher(char *algo, int enc, | |||
332 | 566 | ||
333 | j = 0; | 567 | j = 0; |
334 | for (i = 0; i < tcount; i++) { | 568 | for (i = 0; i < tcount; i++) { |
335 | if (cipher_tv[i].np) { | 569 | memcpy(cipher_tv, &template[i], tsize); |
570 | if (cipher_tv->np) { | ||
336 | j++; | 571 | j++; |
337 | printk("test %u (%d bit key):\n", | 572 | printk("test %u (%d bit key):\n", |
338 | j, cipher_tv[i].klen * 8); | 573 | j, cipher_tv->klen * 8); |
339 | 574 | ||
340 | crypto_ablkcipher_clear_flags(tfm, ~0); | 575 | crypto_ablkcipher_clear_flags(tfm, ~0); |
341 | if (cipher_tv[i].wk) | 576 | if (cipher_tv->wk) |
342 | crypto_ablkcipher_set_flags( | 577 | crypto_ablkcipher_set_flags( |
343 | tfm, CRYPTO_TFM_REQ_WEAK_KEY); | 578 | tfm, CRYPTO_TFM_REQ_WEAK_KEY); |
344 | key = cipher_tv[i].key; | 579 | key = cipher_tv->key; |
345 | 580 | ||
346 | ret = crypto_ablkcipher_setkey(tfm, key, | 581 | ret = crypto_ablkcipher_setkey(tfm, key, |
347 | cipher_tv[i].klen); | 582 | cipher_tv->klen); |
348 | if (ret) { | 583 | if (ret) { |
349 | printk("setkey() failed flags=%x\n", | 584 | printk("setkey() failed flags=%x\n", |
350 | crypto_ablkcipher_get_flags(tfm)); | 585 | crypto_ablkcipher_get_flags(tfm)); |
351 | 586 | ||
352 | if (!cipher_tv[i].fail) | 587 | if (!cipher_tv->fail) |
353 | goto out; | 588 | goto out; |
354 | } | 589 | } |
355 | 590 | ||
356 | temp = 0; | 591 | temp = 0; |
357 | sg_init_table(sg, cipher_tv[i].np); | 592 | sg_init_table(sg, cipher_tv->np); |
358 | for (k = 0; k < cipher_tv[i].np; k++) { | 593 | for (k = 0; k < cipher_tv->np; k++) { |
359 | memcpy(&xbuf[IDX[k]], | 594 | memcpy(&xbuf[IDX[k]], |
360 | cipher_tv[i].input + temp, | 595 | cipher_tv->input + temp, |
361 | cipher_tv[i].tap[k]); | 596 | cipher_tv->tap[k]); |
362 | temp += cipher_tv[i].tap[k]; | 597 | temp += cipher_tv->tap[k]; |
363 | sg_set_buf(&sg[k], &xbuf[IDX[k]], | 598 | sg_set_buf(&sg[k], &xbuf[IDX[k]], |
364 | cipher_tv[i].tap[k]); | 599 | cipher_tv->tap[k]); |
365 | } | 600 | } |
366 | 601 | ||
367 | ablkcipher_request_set_crypt(req, sg, sg, | 602 | ablkcipher_request_set_crypt(req, sg, sg, |
368 | cipher_tv[i].ilen, | 603 | cipher_tv->ilen, |
369 | cipher_tv[i].iv); | 604 | cipher_tv->iv); |
370 | 605 | ||
371 | ret = enc ? | 606 | ret = enc ? |
372 | crypto_ablkcipher_encrypt(req) : | 607 | crypto_ablkcipher_encrypt(req) : |
@@ -390,15 +625,15 @@ static void test_cipher(char *algo, int enc, | |||
390 | } | 625 | } |
391 | 626 | ||
392 | temp = 0; | 627 | temp = 0; |
393 | for (k = 0; k < cipher_tv[i].np; k++) { | 628 | for (k = 0; k < cipher_tv->np; k++) { |
394 | printk("page %u\n", k); | 629 | printk("page %u\n", k); |
395 | q = kmap(sg_page(&sg[k])) + sg[k].offset; | 630 | q = kmap(sg_page(&sg[k])) + sg[k].offset; |
396 | hexdump(q, cipher_tv[i].tap[k]); | 631 | hexdump(q, cipher_tv->tap[k]); |
397 | printk("%s\n", | 632 | printk("%s\n", |
398 | memcmp(q, cipher_tv[i].result + temp, | 633 | memcmp(q, cipher_tv->result + temp, |
399 | cipher_tv[i].tap[k]) ? "fail" : | 634 | cipher_tv->tap[k]) ? "fail" : |
400 | "pass"); | 635 | "pass"); |
401 | temp += cipher_tv[i].tap[k]; | 636 | temp += cipher_tv->tap[k]; |
402 | } | 637 | } |
403 | } | 638 | } |
404 | } | 639 | } |
@@ -800,7 +1035,8 @@ out: | |||
800 | crypto_free_hash(tfm); | 1035 | crypto_free_hash(tfm); |
801 | } | 1036 | } |
802 | 1037 | ||
803 | static void test_deflate(void) | 1038 | static void test_comp(char *algo, struct comp_testvec *ctemplate, |
1039 | struct comp_testvec *dtemplate, int ctcount, int dtcount) | ||
804 | { | 1040 | { |
805 | unsigned int i; | 1041 | unsigned int i; |
806 | char result[COMP_BUF_SIZE]; | 1042 | char result[COMP_BUF_SIZE]; |
@@ -808,25 +1044,26 @@ static void test_deflate(void) | |||
808 | struct comp_testvec *tv; | 1044 | struct comp_testvec *tv; |
809 | unsigned int tsize; | 1045 | unsigned int tsize; |
810 | 1046 | ||
811 | printk("\ntesting deflate compression\n"); | 1047 | printk("\ntesting %s compression\n", algo); |
812 | 1048 | ||
813 | tsize = sizeof (deflate_comp_tv_template); | 1049 | tsize = sizeof(struct comp_testvec); |
1050 | tsize *= ctcount; | ||
814 | if (tsize > TVMEMSIZE) { | 1051 | if (tsize > TVMEMSIZE) { |
815 | printk("template (%u) too big for tvmem (%u)\n", tsize, | 1052 | printk("template (%u) too big for tvmem (%u)\n", tsize, |
816 | TVMEMSIZE); | 1053 | TVMEMSIZE); |
817 | return; | 1054 | return; |
818 | } | 1055 | } |
819 | 1056 | ||
820 | memcpy(tvmem, deflate_comp_tv_template, tsize); | 1057 | memcpy(tvmem, ctemplate, tsize); |
821 | tv = (void *)tvmem; | 1058 | tv = (void *)tvmem; |
822 | 1059 | ||
823 | tfm = crypto_alloc_comp("deflate", 0, CRYPTO_ALG_ASYNC); | 1060 | tfm = crypto_alloc_comp(algo, 0, CRYPTO_ALG_ASYNC); |
824 | if (IS_ERR(tfm)) { | 1061 | if (IS_ERR(tfm)) { |
825 | printk("failed to load transform for deflate\n"); | 1062 | printk("failed to load transform for %s\n", algo); |
826 | return; | 1063 | return; |
827 | } | 1064 | } |
828 | 1065 | ||
829 | for (i = 0; i < DEFLATE_COMP_TEST_VECTORS; i++) { | 1066 | for (i = 0; i < ctcount; i++) { |
830 | int ilen, ret, dlen = COMP_BUF_SIZE; | 1067 | int ilen, ret, dlen = COMP_BUF_SIZE; |
831 | 1068 | ||
832 | printk("test %u:\n", i + 1); | 1069 | printk("test %u:\n", i + 1); |
@@ -845,19 +1082,20 @@ static void test_deflate(void) | |||
845 | ilen, dlen); | 1082 | ilen, dlen); |
846 | } | 1083 | } |
847 | 1084 | ||
848 | printk("\ntesting deflate decompression\n"); | 1085 | printk("\ntesting %s decompression\n", algo); |
849 | 1086 | ||
850 | tsize = sizeof (deflate_decomp_tv_template); | 1087 | tsize = sizeof(struct comp_testvec); |
1088 | tsize *= dtcount; | ||
851 | if (tsize > TVMEMSIZE) { | 1089 | if (tsize > TVMEMSIZE) { |
852 | printk("template (%u) too big for tvmem (%u)\n", tsize, | 1090 | printk("template (%u) too big for tvmem (%u)\n", tsize, |
853 | TVMEMSIZE); | 1091 | TVMEMSIZE); |
854 | goto out; | 1092 | goto out; |
855 | } | 1093 | } |
856 | 1094 | ||
857 | memcpy(tvmem, deflate_decomp_tv_template, tsize); | 1095 | memcpy(tvmem, dtemplate, tsize); |
858 | tv = (void *)tvmem; | 1096 | tv = (void *)tvmem; |
859 | 1097 | ||
860 | for (i = 0; i < DEFLATE_DECOMP_TEST_VECTORS; i++) { | 1098 | for (i = 0; i < dtcount; i++) { |
861 | int ilen, ret, dlen = COMP_BUF_SIZE; | 1099 | int ilen, ret, dlen = COMP_BUF_SIZE; |
862 | 1100 | ||
863 | printk("test %u:\n", i + 1); | 1101 | printk("test %u:\n", i + 1); |
@@ -918,6 +1156,8 @@ static void do_test(void) | |||
918 | 1156 | ||
919 | test_hash("md4", md4_tv_template, MD4_TEST_VECTORS); | 1157 | test_hash("md4", md4_tv_template, MD4_TEST_VECTORS); |
920 | 1158 | ||
1159 | test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS); | ||
1160 | |||
921 | test_hash("sha256", sha256_tv_template, SHA256_TEST_VECTORS); | 1161 | test_hash("sha256", sha256_tv_template, SHA256_TEST_VECTORS); |
922 | 1162 | ||
923 | //BLOWFISH | 1163 | //BLOWFISH |
@@ -969,6 +1209,18 @@ static void do_test(void) | |||
969 | AES_XTS_ENC_TEST_VECTORS); | 1209 | AES_XTS_ENC_TEST_VECTORS); |
970 | test_cipher("xts(aes)", DECRYPT, aes_xts_dec_tv_template, | 1210 | test_cipher("xts(aes)", DECRYPT, aes_xts_dec_tv_template, |
971 | AES_XTS_DEC_TEST_VECTORS); | 1211 | AES_XTS_DEC_TEST_VECTORS); |
1212 | test_cipher("rfc3686(ctr(aes))", ENCRYPT, aes_ctr_enc_tv_template, | ||
1213 | AES_CTR_ENC_TEST_VECTORS); | ||
1214 | test_cipher("rfc3686(ctr(aes))", DECRYPT, aes_ctr_dec_tv_template, | ||
1215 | AES_CTR_DEC_TEST_VECTORS); | ||
1216 | test_aead("gcm(aes)", ENCRYPT, aes_gcm_enc_tv_template, | ||
1217 | AES_GCM_ENC_TEST_VECTORS); | ||
1218 | test_aead("gcm(aes)", DECRYPT, aes_gcm_dec_tv_template, | ||
1219 | AES_GCM_DEC_TEST_VECTORS); | ||
1220 | test_aead("ccm(aes)", ENCRYPT, aes_ccm_enc_tv_template, | ||
1221 | AES_CCM_ENC_TEST_VECTORS); | ||
1222 | test_aead("ccm(aes)", DECRYPT, aes_ccm_dec_tv_template, | ||
1223 | AES_CCM_DEC_TEST_VECTORS); | ||
972 | 1224 | ||
973 | //CAST5 | 1225 | //CAST5 |
974 | test_cipher("ecb(cast5)", ENCRYPT, cast5_enc_tv_template, | 1226 | test_cipher("ecb(cast5)", ENCRYPT, cast5_enc_tv_template, |
@@ -1057,12 +1309,18 @@ static void do_test(void) | |||
1057 | test_hash("tgr192", tgr192_tv_template, TGR192_TEST_VECTORS); | 1309 | test_hash("tgr192", tgr192_tv_template, TGR192_TEST_VECTORS); |
1058 | test_hash("tgr160", tgr160_tv_template, TGR160_TEST_VECTORS); | 1310 | test_hash("tgr160", tgr160_tv_template, TGR160_TEST_VECTORS); |
1059 | test_hash("tgr128", tgr128_tv_template, TGR128_TEST_VECTORS); | 1311 | test_hash("tgr128", tgr128_tv_template, TGR128_TEST_VECTORS); |
1060 | test_deflate(); | 1312 | test_comp("deflate", deflate_comp_tv_template, |
1313 | deflate_decomp_tv_template, DEFLATE_COMP_TEST_VECTORS, | ||
1314 | DEFLATE_DECOMP_TEST_VECTORS); | ||
1315 | test_comp("lzo", lzo_comp_tv_template, lzo_decomp_tv_template, | ||
1316 | LZO_COMP_TEST_VECTORS, LZO_DECOMP_TEST_VECTORS); | ||
1061 | test_hash("crc32c", crc32c_tv_template, CRC32C_TEST_VECTORS); | 1317 | test_hash("crc32c", crc32c_tv_template, CRC32C_TEST_VECTORS); |
1062 | test_hash("hmac(md5)", hmac_md5_tv_template, | 1318 | test_hash("hmac(md5)", hmac_md5_tv_template, |
1063 | HMAC_MD5_TEST_VECTORS); | 1319 | HMAC_MD5_TEST_VECTORS); |
1064 | test_hash("hmac(sha1)", hmac_sha1_tv_template, | 1320 | test_hash("hmac(sha1)", hmac_sha1_tv_template, |
1065 | HMAC_SHA1_TEST_VECTORS); | 1321 | HMAC_SHA1_TEST_VECTORS); |
1322 | test_hash("hmac(sha224)", hmac_sha224_tv_template, | ||
1323 | HMAC_SHA224_TEST_VECTORS); | ||
1066 | test_hash("hmac(sha256)", hmac_sha256_tv_template, | 1324 | test_hash("hmac(sha256)", hmac_sha256_tv_template, |
1067 | HMAC_SHA256_TEST_VECTORS); | 1325 | HMAC_SHA256_TEST_VECTORS); |
1068 | test_hash("hmac(sha384)", hmac_sha384_tv_template, | 1326 | test_hash("hmac(sha384)", hmac_sha384_tv_template, |
@@ -1156,6 +1414,10 @@ static void do_test(void) | |||
1156 | AES_XTS_ENC_TEST_VECTORS); | 1414 | AES_XTS_ENC_TEST_VECTORS); |
1157 | test_cipher("xts(aes)", DECRYPT, aes_xts_dec_tv_template, | 1415 | test_cipher("xts(aes)", DECRYPT, aes_xts_dec_tv_template, |
1158 | AES_XTS_DEC_TEST_VECTORS); | 1416 | AES_XTS_DEC_TEST_VECTORS); |
1417 | test_cipher("rfc3686(ctr(aes))", ENCRYPT, aes_ctr_enc_tv_template, | ||
1418 | AES_CTR_ENC_TEST_VECTORS); | ||
1419 | test_cipher("rfc3686(ctr(aes))", DECRYPT, aes_ctr_dec_tv_template, | ||
1420 | AES_CTR_DEC_TEST_VECTORS); | ||
1159 | break; | 1421 | break; |
1160 | 1422 | ||
1161 | case 11: | 1423 | case 11: |
@@ -1167,7 +1429,9 @@ static void do_test(void) | |||
1167 | break; | 1429 | break; |
1168 | 1430 | ||
1169 | case 13: | 1431 | case 13: |
1170 | test_deflate(); | 1432 | test_comp("deflate", deflate_comp_tv_template, |
1433 | deflate_decomp_tv_template, DEFLATE_COMP_TEST_VECTORS, | ||
1434 | DEFLATE_DECOMP_TEST_VECTORS); | ||
1171 | break; | 1435 | break; |
1172 | 1436 | ||
1173 | case 14: | 1437 | case 14: |
@@ -1291,6 +1555,34 @@ static void do_test(void) | |||
1291 | camellia_cbc_dec_tv_template, | 1555 | camellia_cbc_dec_tv_template, |
1292 | CAMELLIA_CBC_DEC_TEST_VECTORS); | 1556 | CAMELLIA_CBC_DEC_TEST_VECTORS); |
1293 | break; | 1557 | break; |
1558 | case 33: | ||
1559 | test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS); | ||
1560 | break; | ||
1561 | |||
1562 | case 34: | ||
1563 | test_cipher("salsa20", ENCRYPT, | ||
1564 | salsa20_stream_enc_tv_template, | ||
1565 | SALSA20_STREAM_ENC_TEST_VECTORS); | ||
1566 | break; | ||
1567 | |||
1568 | case 35: | ||
1569 | test_aead("gcm(aes)", ENCRYPT, aes_gcm_enc_tv_template, | ||
1570 | AES_GCM_ENC_TEST_VECTORS); | ||
1571 | test_aead("gcm(aes)", DECRYPT, aes_gcm_dec_tv_template, | ||
1572 | AES_GCM_DEC_TEST_VECTORS); | ||
1573 | break; | ||
1574 | |||
1575 | case 36: | ||
1576 | test_comp("lzo", lzo_comp_tv_template, lzo_decomp_tv_template, | ||
1577 | LZO_COMP_TEST_VECTORS, LZO_DECOMP_TEST_VECTORS); | ||
1578 | break; | ||
1579 | |||
1580 | case 37: | ||
1581 | test_aead("ccm(aes)", ENCRYPT, aes_ccm_enc_tv_template, | ||
1582 | AES_CCM_ENC_TEST_VECTORS); | ||
1583 | test_aead("ccm(aes)", DECRYPT, aes_ccm_dec_tv_template, | ||
1584 | AES_CCM_DEC_TEST_VECTORS); | ||
1585 | break; | ||
1294 | 1586 | ||
1295 | case 100: | 1587 | case 100: |
1296 | test_hash("hmac(md5)", hmac_md5_tv_template, | 1588 | test_hash("hmac(md5)", hmac_md5_tv_template, |
@@ -1317,6 +1609,15 @@ static void do_test(void) | |||
1317 | HMAC_SHA512_TEST_VECTORS); | 1609 | HMAC_SHA512_TEST_VECTORS); |
1318 | break; | 1610 | break; |
1319 | 1611 | ||
1612 | case 105: | ||
1613 | test_hash("hmac(sha224)", hmac_sha224_tv_template, | ||
1614 | HMAC_SHA224_TEST_VECTORS); | ||
1615 | break; | ||
1616 | |||
1617 | case 106: | ||
1618 | test_hash("xcbc(aes)", aes_xcbc128_tv_template, | ||
1619 | XCBC_AES_TEST_VECTORS); | ||
1620 | break; | ||
1320 | 1621 | ||
1321 | case 200: | 1622 | case 200: |
1322 | test_cipher_speed("ecb(aes)", ENCRYPT, sec, NULL, 0, | 1623 | test_cipher_speed("ecb(aes)", ENCRYPT, sec, NULL, 0, |
@@ -1400,6 +1701,11 @@ static void do_test(void) | |||
1400 | camellia_speed_template); | 1701 | camellia_speed_template); |
1401 | break; | 1702 | break; |
1402 | 1703 | ||
1704 | case 206: | ||
1705 | test_cipher_speed("salsa20", ENCRYPT, sec, NULL, 0, | ||
1706 | salsa20_speed_template); | ||
1707 | break; | ||
1708 | |||
1403 | case 300: | 1709 | case 300: |
1404 | /* fall through */ | 1710 | /* fall through */ |
1405 | 1711 | ||
@@ -1451,6 +1757,10 @@ static void do_test(void) | |||
1451 | test_hash_speed("tgr192", sec, generic_hash_speed_template); | 1757 | test_hash_speed("tgr192", sec, generic_hash_speed_template); |
1452 | if (mode > 300 && mode < 400) break; | 1758 | if (mode > 300 && mode < 400) break; |
1453 | 1759 | ||
1760 | case 313: | ||
1761 | test_hash_speed("sha224", sec, generic_hash_speed_template); | ||
1762 | if (mode > 300 && mode < 400) break; | ||
1763 | |||
1454 | case 399: | 1764 | case 399: |
1455 | break; | 1765 | break; |
1456 | 1766 | ||
@@ -1467,20 +1777,21 @@ static void do_test(void) | |||
1467 | 1777 | ||
1468 | static int __init init(void) | 1778 | static int __init init(void) |
1469 | { | 1779 | { |
1780 | int err = -ENOMEM; | ||
1781 | |||
1470 | tvmem = kmalloc(TVMEMSIZE, GFP_KERNEL); | 1782 | tvmem = kmalloc(TVMEMSIZE, GFP_KERNEL); |
1471 | if (tvmem == NULL) | 1783 | if (tvmem == NULL) |
1472 | return -ENOMEM; | 1784 | return err; |
1473 | 1785 | ||
1474 | xbuf = kmalloc(XBUFSIZE, GFP_KERNEL); | 1786 | xbuf = kmalloc(XBUFSIZE, GFP_KERNEL); |
1475 | if (xbuf == NULL) { | 1787 | if (xbuf == NULL) |
1476 | kfree(tvmem); | 1788 | goto err_free_tv; |
1477 | return -ENOMEM; | ||
1478 | } | ||
1479 | 1789 | ||
1480 | do_test(); | 1790 | axbuf = kmalloc(XBUFSIZE, GFP_KERNEL); |
1791 | if (axbuf == NULL) | ||
1792 | goto err_free_xbuf; | ||
1481 | 1793 | ||
1482 | kfree(xbuf); | 1794 | do_test(); |
1483 | kfree(tvmem); | ||
1484 | 1795 | ||
1485 | /* We intentionaly return -EAGAIN to prevent keeping | 1796 | /* We intentionaly return -EAGAIN to prevent keeping |
1486 | * the module. It does all its work from init() | 1797 | * the module. It does all its work from init() |
@@ -1488,7 +1799,15 @@ static int __init init(void) | |||
1488 | * => we don't need it in the memory, do we? | 1799 | * => we don't need it in the memory, do we? |
1489 | * -- mludvig | 1800 | * -- mludvig |
1490 | */ | 1801 | */ |
1491 | return -EAGAIN; | 1802 | err = -EAGAIN; |
1803 | |||
1804 | kfree(axbuf); | ||
1805 | err_free_xbuf: | ||
1806 | kfree(xbuf); | ||
1807 | err_free_tv: | ||
1808 | kfree(tvmem); | ||
1809 | |||
1810 | return err; | ||
1492 | } | 1811 | } |
1493 | 1812 | ||
1494 | /* | 1813 | /* |
diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h index ec861388d9a0..f785e5618e11 100644 --- a/crypto/tcrypt.h +++ b/crypto/tcrypt.h | |||
@@ -6,12 +6,15 @@ | |||
6 | * | 6 | * |
7 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> | 7 | * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> |
8 | * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org> | 8 | * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org> |
9 | * Copyright (c) 2007 Nokia Siemens Networks | ||
9 | * | 10 | * |
10 | * This program is free software; you can redistribute it and/or modify it | 11 | * This program is free software; you can redistribute it and/or modify it |
11 | * under the terms of the GNU General Public License as published by the Free | 12 | * under the terms of the GNU General Public License as published by the Free |
12 | * Software Foundation; either version 2 of the License, or (at your option) | 13 | * Software Foundation; either version 2 of the License, or (at your option) |
13 | * any later version. | 14 | * any later version. |
14 | * | 15 | * |
16 | * 2007-11-13 Added GCM tests | ||
17 | * 2007-11-13 Added AEAD support | ||
15 | * 2006-12-07 Added SHA384 HMAC and SHA512 HMAC tests | 18 | * 2006-12-07 Added SHA384 HMAC and SHA512 HMAC tests |
16 | * 2004-08-09 Cipher speed tests by Reyk Floeter <reyk@vantronix.net> | 19 | * 2004-08-09 Cipher speed tests by Reyk Floeter <reyk@vantronix.net> |
17 | * 2003-09-14 Changes by Kartikey Mahendra Bhatt | 20 | * 2003-09-14 Changes by Kartikey Mahendra Bhatt |
@@ -40,14 +43,32 @@ struct hash_testvec { | |||
40 | struct cipher_testvec { | 43 | struct cipher_testvec { |
41 | char key[MAX_KEYLEN] __attribute__ ((__aligned__(4))); | 44 | char key[MAX_KEYLEN] __attribute__ ((__aligned__(4))); |
42 | char iv[MAX_IVLEN]; | 45 | char iv[MAX_IVLEN]; |
46 | char input[4100]; | ||
47 | char result[4100]; | ||
48 | unsigned char tap[MAX_TAP]; | ||
49 | int np; | ||
50 | unsigned char fail; | ||
51 | unsigned char wk; /* weak key flag */ | ||
52 | unsigned char klen; | ||
53 | unsigned short ilen; | ||
54 | unsigned short rlen; | ||
55 | }; | ||
56 | |||
57 | struct aead_testvec { | ||
58 | char key[MAX_KEYLEN] __attribute__ ((__aligned__(4))); | ||
59 | char iv[MAX_IVLEN]; | ||
43 | char input[512]; | 60 | char input[512]; |
61 | char assoc[512]; | ||
44 | char result[512]; | 62 | char result[512]; |
45 | unsigned char tap[MAX_TAP]; | 63 | unsigned char tap[MAX_TAP]; |
64 | unsigned char atap[MAX_TAP]; | ||
46 | int np; | 65 | int np; |
66 | int anp; | ||
47 | unsigned char fail; | 67 | unsigned char fail; |
48 | unsigned char wk; /* weak key flag */ | 68 | unsigned char wk; /* weak key flag */ |
49 | unsigned char klen; | 69 | unsigned char klen; |
50 | unsigned short ilen; | 70 | unsigned short ilen; |
71 | unsigned short alen; | ||
51 | unsigned short rlen; | 72 | unsigned short rlen; |
52 | }; | 73 | }; |
53 | 74 | ||
@@ -173,6 +194,33 @@ static struct hash_testvec sha1_tv_template[] = { | |||
173 | } | 194 | } |
174 | }; | 195 | }; |
175 | 196 | ||
197 | |||
198 | /* | ||
199 | * SHA224 test vectors from from FIPS PUB 180-2 | ||
200 | */ | ||
201 | #define SHA224_TEST_VECTORS 2 | ||
202 | |||
203 | static struct hash_testvec sha224_tv_template[] = { | ||
204 | { | ||
205 | .plaintext = "abc", | ||
206 | .psize = 3, | ||
207 | .digest = { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22, | ||
208 | 0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3, | ||
209 | 0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7, | ||
210 | 0xE3, 0x6C, 0x9D, 0xA7}, | ||
211 | }, { | ||
212 | .plaintext = | ||
213 | "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", | ||
214 | .psize = 56, | ||
215 | .digest = { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC, | ||
216 | 0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50, | ||
217 | 0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19, | ||
218 | 0x52, 0x52, 0x25, 0x25 }, | ||
219 | .np = 2, | ||
220 | .tap = { 28, 28 } | ||
221 | } | ||
222 | }; | ||
223 | |||
176 | /* | 224 | /* |
177 | * SHA256 test vectors from from NIST | 225 | * SHA256 test vectors from from NIST |
178 | */ | 226 | */ |
@@ -817,6 +865,121 @@ static struct hash_testvec hmac_sha1_tv_template[] = { | |||
817 | }, | 865 | }, |
818 | }; | 866 | }; |
819 | 867 | ||
868 | |||
869 | /* | ||
870 | * SHA224 HMAC test vectors from RFC4231 | ||
871 | */ | ||
872 | #define HMAC_SHA224_TEST_VECTORS 4 | ||
873 | |||
874 | static struct hash_testvec hmac_sha224_tv_template[] = { | ||
875 | { | ||
876 | .key = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, | ||
877 | 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, | ||
878 | 0x0b, 0x0b, 0x0b, 0x0b }, | ||
879 | .ksize = 20, | ||
880 | /* ("Hi There") */ | ||
881 | .plaintext = { 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 }, | ||
882 | .psize = 8, | ||
883 | .digest = { 0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, | ||
884 | 0x68, 0x32, 0x10, 0x7c, 0xd4, 0x9d, 0xf3, 0x3f, | ||
885 | 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, | ||
886 | 0x53, 0x68, 0x4b, 0x22}, | ||
887 | }, { | ||
888 | .key = { 0x4a, 0x65, 0x66, 0x65 }, /* ("Jefe") */ | ||
889 | .ksize = 4, | ||
890 | /* ("what do ya want for nothing?") */ | ||
891 | .plaintext = { 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, | ||
892 | 0x79, 0x61, 0x20, 0x77, 0x61, 0x6e, 0x74, 0x20, | ||
893 | 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, | ||
894 | 0x69, 0x6e, 0x67, 0x3f }, | ||
895 | .psize = 28, | ||
896 | .digest = { 0xa3, 0x0e, 0x01, 0x09, 0x8b, 0xc6, 0xdb, 0xbf, | ||
897 | 0x45, 0x69, 0x0f, 0x3a, 0x7e, 0x9e, 0x6d, 0x0f, | ||
898 | 0x8b, 0xbe, 0xa2, 0xa3, 0x9e, 0x61, 0x48, 0x00, | ||
899 | 0x8f, 0xd0, 0x5e, 0x44 }, | ||
900 | .np = 4, | ||
901 | .tap = { 7, 7, 7, 7 } | ||
902 | }, { | ||
903 | .key = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
904 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
905 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
906 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
907 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
908 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
909 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
910 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
911 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
912 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
913 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
914 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
915 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
916 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
917 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
918 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
919 | 0xaa, 0xaa, 0xaa }, | ||
920 | .ksize = 131, | ||
921 | /* ("Test Using Larger Than Block-Size Key - Hash Key First") */ | ||
922 | .plaintext = { 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, | ||
923 | 0x6e, 0x67, 0x20, 0x4c, 0x61, 0x72, 0x67, 0x65, | ||
924 | 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, | ||
925 | 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, | ||
926 | 0x65, 0x20, 0x4b, 0x65, 0x79, 0x20, 0x2d, 0x20, | ||
927 | 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, | ||
928 | 0x20, 0x46, 0x69, 0x72, 0x73, 0x74 }, | ||
929 | .psize = 54, | ||
930 | .digest = { 0x95, 0xe9, 0xa0, 0xdb, 0x96, 0x20, 0x95, 0xad, | ||
931 | 0xae, 0xbe, 0x9b, 0x2d, 0x6f, 0x0d, 0xbc, 0xe2, | ||
932 | 0xd4, 0x99, 0xf1, 0x12, 0xf2, 0xd2, 0xb7, 0x27, | ||
933 | 0x3f, 0xa6, 0x87, 0x0e }, | ||
934 | }, { | ||
935 | .key = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
936 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
937 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
938 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
939 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
940 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
941 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
942 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
943 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
944 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
945 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
946 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
947 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
948 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
949 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
950 | 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, | ||
951 | 0xaa, 0xaa, 0xaa }, | ||
952 | .ksize = 131, | ||
953 | /* ("This is a test using a larger than block-size key and a") | ||
954 | (" larger than block-size data. The key needs to be") | ||
955 | (" hashed before being used by the HMAC algorithm.") */ | ||
956 | .plaintext = { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, | ||
957 | 0x61, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x75, | ||
958 | 0x73, 0x69, 0x6e, 0x67, 0x20, 0x61, 0x20, 0x6c, | ||
959 | 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x74, 0x68, | ||
960 | 0x61, 0x6e, 0x20, 0x62, 0x6c, 0x6f, 0x63, 0x6b, | ||
961 | 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x6b, 0x65, | ||
962 | 0x79, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x61, 0x20, | ||
963 | 0x6c, 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x74, | ||
964 | 0x68, 0x61, 0x6e, 0x20, 0x62, 0x6c, 0x6f, 0x63, | ||
965 | 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x64, | ||
966 | 0x61, 0x74, 0x61, 0x2e, 0x20, 0x54, 0x68, 0x65, | ||
967 | 0x20, 0x6b, 0x65, 0x79, 0x20, 0x6e, 0x65, 0x65, | ||
968 | 0x64, 0x73, 0x20, 0x74, 0x6f, 0x20, 0x62, 0x65, | ||
969 | 0x20, 0x68, 0x61, 0x73, 0x68, 0x65, 0x64, 0x20, | ||
970 | 0x62, 0x65, 0x66, 0x6f, 0x72, 0x65, 0x20, 0x62, | ||
971 | 0x65, 0x69, 0x6e, 0x67, 0x20, 0x75, 0x73, 0x65, | ||
972 | 0x64, 0x20, 0x62, 0x79, 0x20, 0x74, 0x68, 0x65, | ||
973 | 0x20, 0x48, 0x4d, 0x41, 0x43, 0x20, 0x61, 0x6c, | ||
974 | 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x2e }, | ||
975 | .psize = 152, | ||
976 | .digest = { 0x3a, 0x85, 0x41, 0x66, 0xac, 0x5d, 0x9f, 0x02, | ||
977 | 0x3f, 0x54, 0xd5, 0x17, 0xd0, 0xb3, 0x9d, 0xbd, | ||
978 | 0x94, 0x67, 0x70, 0xdb, 0x9c, 0x2b, 0x95, 0xc9, | ||
979 | 0xf6, 0xf5, 0x65, 0xd1 }, | ||
980 | }, | ||
981 | }; | ||
982 | |||
820 | /* | 983 | /* |
821 | * HMAC-SHA256 test vectors from | 984 | * HMAC-SHA256 test vectors from |
822 | * draft-ietf-ipsec-ciph-sha-256-01.txt | 985 | * draft-ietf-ipsec-ciph-sha-256-01.txt |
@@ -2140,12 +2303,18 @@ static struct cipher_testvec cast6_dec_tv_template[] = { | |||
2140 | */ | 2303 | */ |
2141 | #define AES_ENC_TEST_VECTORS 3 | 2304 | #define AES_ENC_TEST_VECTORS 3 |
2142 | #define AES_DEC_TEST_VECTORS 3 | 2305 | #define AES_DEC_TEST_VECTORS 3 |
2143 | #define AES_CBC_ENC_TEST_VECTORS 2 | 2306 | #define AES_CBC_ENC_TEST_VECTORS 4 |
2144 | #define AES_CBC_DEC_TEST_VECTORS 2 | 2307 | #define AES_CBC_DEC_TEST_VECTORS 4 |
2145 | #define AES_LRW_ENC_TEST_VECTORS 8 | 2308 | #define AES_LRW_ENC_TEST_VECTORS 8 |
2146 | #define AES_LRW_DEC_TEST_VECTORS 8 | 2309 | #define AES_LRW_DEC_TEST_VECTORS 8 |
2147 | #define AES_XTS_ENC_TEST_VECTORS 4 | 2310 | #define AES_XTS_ENC_TEST_VECTORS 4 |
2148 | #define AES_XTS_DEC_TEST_VECTORS 4 | 2311 | #define AES_XTS_DEC_TEST_VECTORS 4 |
2312 | #define AES_CTR_ENC_TEST_VECTORS 7 | ||
2313 | #define AES_CTR_DEC_TEST_VECTORS 6 | ||
2314 | #define AES_GCM_ENC_TEST_VECTORS 9 | ||
2315 | #define AES_GCM_DEC_TEST_VECTORS 8 | ||
2316 | #define AES_CCM_ENC_TEST_VECTORS 7 | ||
2317 | #define AES_CCM_DEC_TEST_VECTORS 7 | ||
2149 | 2318 | ||
2150 | static struct cipher_testvec aes_enc_tv_template[] = { | 2319 | static struct cipher_testvec aes_enc_tv_template[] = { |
2151 | { /* From FIPS-197 */ | 2320 | { /* From FIPS-197 */ |
@@ -2249,6 +2418,57 @@ static struct cipher_testvec aes_cbc_enc_tv_template[] = { | |||
2249 | 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, | 2418 | 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, |
2250 | 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 }, | 2419 | 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1 }, |
2251 | .rlen = 32, | 2420 | .rlen = 32, |
2421 | }, { /* From NIST SP800-38A */ | ||
2422 | .key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, | ||
2423 | 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, | ||
2424 | 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }, | ||
2425 | .klen = 24, | ||
2426 | .iv = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
2427 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
2428 | .input = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, | ||
2429 | 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, | ||
2430 | 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, | ||
2431 | 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, | ||
2432 | 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, | ||
2433 | 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, | ||
2434 | 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, | ||
2435 | 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, | ||
2436 | .ilen = 64, | ||
2437 | .result = { 0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d, | ||
2438 | 0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8, | ||
2439 | 0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4, | ||
2440 | 0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a, | ||
2441 | 0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0, | ||
2442 | 0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0, | ||
2443 | 0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81, | ||
2444 | 0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd }, | ||
2445 | .rlen = 64, | ||
2446 | }, { | ||
2447 | .key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, | ||
2448 | 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, | ||
2449 | 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, | ||
2450 | 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }, | ||
2451 | .klen = 32, | ||
2452 | .iv = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
2453 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
2454 | .input = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, | ||
2455 | 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, | ||
2456 | 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, | ||
2457 | 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, | ||
2458 | 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, | ||
2459 | 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, | ||
2460 | 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, | ||
2461 | 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, | ||
2462 | .ilen = 64, | ||
2463 | .result = { 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba, | ||
2464 | 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6, | ||
2465 | 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d, | ||
2466 | 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d, | ||
2467 | 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf, | ||
2468 | 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61, | ||
2469 | 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc, | ||
2470 | 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b }, | ||
2471 | .rlen = 64, | ||
2252 | }, | 2472 | }, |
2253 | }; | 2473 | }; |
2254 | 2474 | ||
@@ -2280,6 +2500,57 @@ static struct cipher_testvec aes_cbc_dec_tv_template[] = { | |||
2280 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | 2500 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, |
2281 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | 2501 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, |
2282 | .rlen = 32, | 2502 | .rlen = 32, |
2503 | }, { /* From NIST SP800-38A */ | ||
2504 | .key = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, | ||
2505 | 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, | ||
2506 | 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b }, | ||
2507 | .klen = 24, | ||
2508 | .iv = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
2509 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
2510 | .input = { 0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d, | ||
2511 | 0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8, | ||
2512 | 0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4, | ||
2513 | 0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a, | ||
2514 | 0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0, | ||
2515 | 0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0, | ||
2516 | 0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81, | ||
2517 | 0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd }, | ||
2518 | .ilen = 64, | ||
2519 | .result = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, | ||
2520 | 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, | ||
2521 | 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, | ||
2522 | 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, | ||
2523 | 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, | ||
2524 | 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, | ||
2525 | 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, | ||
2526 | 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, | ||
2527 | .rlen = 64, | ||
2528 | }, { | ||
2529 | .key = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, | ||
2530 | 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, | ||
2531 | 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, | ||
2532 | 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4 }, | ||
2533 | .klen = 32, | ||
2534 | .iv = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
2535 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }, | ||
2536 | .input = { 0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba, | ||
2537 | 0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6, | ||
2538 | 0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d, | ||
2539 | 0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d, | ||
2540 | 0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf, | ||
2541 | 0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61, | ||
2542 | 0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc, | ||
2543 | 0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b }, | ||
2544 | .ilen = 64, | ||
2545 | .result = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, | ||
2546 | 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, | ||
2547 | 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, | ||
2548 | 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, | ||
2549 | 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, | ||
2550 | 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, | ||
2551 | 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, | ||
2552 | 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 }, | ||
2553 | .rlen = 64, | ||
2283 | }, | 2554 | }, |
2284 | }; | 2555 | }; |
2285 | 2556 | ||
@@ -3180,6 +3451,1843 @@ static struct cipher_testvec aes_xts_dec_tv_template[] = { | |||
3180 | } | 3451 | } |
3181 | }; | 3452 | }; |
3182 | 3453 | ||
3454 | |||
3455 | static struct cipher_testvec aes_ctr_enc_tv_template[] = { | ||
3456 | { /* From RFC 3686 */ | ||
3457 | .key = { 0xae, 0x68, 0x52, 0xf8, 0x12, 0x10, 0x67, 0xcc, | ||
3458 | 0x4b, 0xf7, 0xa5, 0x76, 0x55, 0x77, 0xf3, 0x9e, | ||
3459 | 0x00, 0x00, 0x00, 0x30 }, | ||
3460 | .klen = 20, | ||
3461 | .iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
3462 | .input = { "Single block msg" }, | ||
3463 | .ilen = 16, | ||
3464 | .result = { 0xe4, 0x09, 0x5d, 0x4f, 0xb7, 0xa7, 0xb3, 0x79, | ||
3465 | 0x2d, 0x61, 0x75, 0xa3, 0x26, 0x13, 0x11, 0xb8 }, | ||
3466 | .rlen = 16, | ||
3467 | }, { | ||
3468 | .key = { 0x7e, 0x24, 0x06, 0x78, 0x17, 0xfa, 0xe0, 0xd7, | ||
3469 | 0x43, 0xd6, 0xce, 0x1f, 0x32, 0x53, 0x91, 0x63, | ||
3470 | 0x00, 0x6c, 0xb6, 0xdb }, | ||
3471 | .klen = 20, | ||
3472 | .iv = { 0xc0, 0x54, 0x3b, 0x59, 0xda, 0x48, 0xd9, 0x0b }, | ||
3473 | .input = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
3474 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
3475 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
3476 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
3477 | .ilen = 32, | ||
3478 | .result = { 0x51, 0x04, 0xa1, 0x06, 0x16, 0x8a, 0x72, 0xd9, | ||
3479 | 0x79, 0x0d, 0x41, 0xee, 0x8e, 0xda, 0xd3, 0x88, | ||
3480 | 0xeb, 0x2e, 0x1e, 0xfc, 0x46, 0xda, 0x57, 0xc8, | ||
3481 | 0xfc, 0xe6, 0x30, 0xdf, 0x91, 0x41, 0xbe, 0x28 }, | ||
3482 | .rlen = 32, | ||
3483 | }, { | ||
3484 | .key = { 0x16, 0xaf, 0x5b, 0x14, 0x5f, 0xc9, 0xf5, 0x79, | ||
3485 | 0xc1, 0x75, 0xf9, 0x3e, 0x3b, 0xfb, 0x0e, 0xed, | ||
3486 | 0x86, 0x3d, 0x06, 0xcc, 0xfd, 0xb7, 0x85, 0x15, | ||
3487 | 0x00, 0x00, 0x00, 0x48 }, | ||
3488 | .klen = 28, | ||
3489 | .iv = { 0x36, 0x73, 0x3c, 0x14, 0x7d, 0x6d, 0x93, 0xcb }, | ||
3490 | .input = { "Single block msg" }, | ||
3491 | .ilen = 16, | ||
3492 | .result = { 0x4b, 0x55, 0x38, 0x4f, 0xe2, 0x59, 0xc9, 0xc8, | ||
3493 | 0x4e, 0x79, 0x35, 0xa0, 0x03, 0xcb, 0xe9, 0x28 }, | ||
3494 | .rlen = 16, | ||
3495 | }, { | ||
3496 | .key = { 0x7c, 0x5c, 0xb2, 0x40, 0x1b, 0x3d, 0xc3, 0x3c, | ||
3497 | 0x19, 0xe7, 0x34, 0x08, 0x19, 0xe0, 0xf6, 0x9c, | ||
3498 | 0x67, 0x8c, 0x3d, 0xb8, 0xe6, 0xf6, 0xa9, 0x1a, | ||
3499 | 0x00, 0x96, 0xb0, 0x3b }, | ||
3500 | .klen = 28, | ||
3501 | .iv = { 0x02, 0x0c, 0x6e, 0xad, 0xc2, 0xcb, 0x50, 0x0d }, | ||
3502 | .input = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
3503 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
3504 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
3505 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
3506 | .ilen = 32, | ||
3507 | .result = { 0x45, 0x32, 0x43, 0xfc, 0x60, 0x9b, 0x23, 0x32, | ||
3508 | 0x7e, 0xdf, 0xaa, 0xfa, 0x71, 0x31, 0xcd, 0x9f, | ||
3509 | 0x84, 0x90, 0x70, 0x1c, 0x5a, 0xd4, 0xa7, 0x9c, | ||
3510 | 0xfc, 0x1f, 0xe0, 0xff, 0x42, 0xf4, 0xfb, 0x00 }, | ||
3511 | .rlen = 32, | ||
3512 | }, { | ||
3513 | .key = { 0x77, 0x6b, 0xef, 0xf2, 0x85, 0x1d, 0xb0, 0x6f, | ||
3514 | 0x4c, 0x8a, 0x05, 0x42, 0xc8, 0x69, 0x6f, 0x6c, | ||
3515 | 0x6a, 0x81, 0xaf, 0x1e, 0xec, 0x96, 0xb4, 0xd3, | ||
3516 | 0x7f, 0xc1, 0xd6, 0x89, 0xe6, 0xc1, 0xc1, 0x04, | ||
3517 | 0x00, 0x00, 0x00, 0x60 }, | ||
3518 | .klen = 36, | ||
3519 | .iv = { 0xdb, 0x56, 0x72, 0xc9, 0x7a, 0xa8, 0xf0, 0xb2 }, | ||
3520 | .input = { "Single block msg" }, | ||
3521 | .ilen = 16, | ||
3522 | .result = { 0x14, 0x5a, 0xd0, 0x1d, 0xbf, 0x82, 0x4e, 0xc7, | ||
3523 | 0x56, 0x08, 0x63, 0xdc, 0x71, 0xe3, 0xe0, 0xc0 }, | ||
3524 | .rlen = 16, | ||
3525 | }, { | ||
3526 | .key = { 0xf6, 0xd6, 0x6d, 0x6b, 0xd5, 0x2d, 0x59, 0xbb, | ||
3527 | 0x07, 0x96, 0x36, 0x58, 0x79, 0xef, 0xf8, 0x86, | ||
3528 | 0xc6, 0x6d, 0xd5, 0x1a, 0x5b, 0x6a, 0x99, 0x74, | ||
3529 | 0x4b, 0x50, 0x59, 0x0c, 0x87, 0xa2, 0x38, 0x84, | ||
3530 | 0x00, 0xfa, 0xac, 0x24 }, | ||
3531 | .klen = 36, | ||
3532 | .iv = { 0xc1, 0x58, 0x5e, 0xf1, 0x5a, 0x43, 0xd8, 0x75 }, | ||
3533 | .input = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
3534 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
3535 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
3536 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
3537 | .ilen = 32, | ||
3538 | .result = { 0xf0, 0x5e, 0x23, 0x1b, 0x38, 0x94, 0x61, 0x2c, | ||
3539 | 0x49, 0xee, 0x00, 0x0b, 0x80, 0x4e, 0xb2, 0xa9, | ||
3540 | 0xb8, 0x30, 0x6b, 0x50, 0x8f, 0x83, 0x9d, 0x6a, | ||
3541 | 0x55, 0x30, 0x83, 0x1d, 0x93, 0x44, 0xaf, 0x1c }, | ||
3542 | .rlen = 32, | ||
3543 | }, { | ||
3544 | // generated using Crypto++ | ||
3545 | .key = { | ||
3546 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
3547 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
3548 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
3549 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, | ||
3550 | 0x00, 0x00, 0x00, 0x00, | ||
3551 | }, | ||
3552 | .klen = 32 + 4, | ||
3553 | .iv = { | ||
3554 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
3555 | }, | ||
3556 | .input = { | ||
3557 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
3558 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
3559 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
3560 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, | ||
3561 | 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, | ||
3562 | 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, | ||
3563 | 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, | ||
3564 | 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, | ||
3565 | 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, | ||
3566 | 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, | ||
3567 | 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, | ||
3568 | 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, | ||
3569 | 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, | ||
3570 | 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, | ||
3571 | 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, | ||
3572 | 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, | ||
3573 | 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, | ||
3574 | 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, | ||
3575 | 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, | ||
3576 | 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, | ||
3577 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, | ||
3578 | 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, | ||
3579 | 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, | ||
3580 | 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, | ||
3581 | 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
3582 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, | ||
3583 | 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, | ||
3584 | 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, | ||
3585 | 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, | ||
3586 | 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, | ||
3587 | 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, | ||
3588 | 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, | ||
3589 | 0x00, 0x03, 0x06, 0x09, 0x0c, 0x0f, 0x12, 0x15, | ||
3590 | 0x18, 0x1b, 0x1e, 0x21, 0x24, 0x27, 0x2a, 0x2d, | ||
3591 | 0x30, 0x33, 0x36, 0x39, 0x3c, 0x3f, 0x42, 0x45, | ||
3592 | 0x48, 0x4b, 0x4e, 0x51, 0x54, 0x57, 0x5a, 0x5d, | ||
3593 | 0x60, 0x63, 0x66, 0x69, 0x6c, 0x6f, 0x72, 0x75, | ||
3594 | 0x78, 0x7b, 0x7e, 0x81, 0x84, 0x87, 0x8a, 0x8d, | ||
3595 | 0x90, 0x93, 0x96, 0x99, 0x9c, 0x9f, 0xa2, 0xa5, | ||
3596 | 0xa8, 0xab, 0xae, 0xb1, 0xb4, 0xb7, 0xba, 0xbd, | ||
3597 | 0xc0, 0xc3, 0xc6, 0xc9, 0xcc, 0xcf, 0xd2, 0xd5, | ||
3598 | 0xd8, 0xdb, 0xde, 0xe1, 0xe4, 0xe7, 0xea, 0xed, | ||
3599 | 0xf0, 0xf3, 0xf6, 0xf9, 0xfc, 0xff, 0x02, 0x05, | ||
3600 | 0x08, 0x0b, 0x0e, 0x11, 0x14, 0x17, 0x1a, 0x1d, | ||
3601 | 0x20, 0x23, 0x26, 0x29, 0x2c, 0x2f, 0x32, 0x35, | ||
3602 | 0x38, 0x3b, 0x3e, 0x41, 0x44, 0x47, 0x4a, 0x4d, | ||
3603 | 0x50, 0x53, 0x56, 0x59, 0x5c, 0x5f, 0x62, 0x65, | ||
3604 | 0x68, 0x6b, 0x6e, 0x71, 0x74, 0x77, 0x7a, 0x7d, | ||
3605 | 0x80, 0x83, 0x86, 0x89, 0x8c, 0x8f, 0x92, 0x95, | ||
3606 | 0x98, 0x9b, 0x9e, 0xa1, 0xa4, 0xa7, 0xaa, 0xad, | ||
3607 | 0xb0, 0xb3, 0xb6, 0xb9, 0xbc, 0xbf, 0xc2, 0xc5, | ||
3608 | 0xc8, 0xcb, 0xce, 0xd1, 0xd4, 0xd7, 0xda, 0xdd, | ||
3609 | 0xe0, 0xe3, 0xe6, 0xe9, 0xec, 0xef, 0xf2, 0xf5, | ||
3610 | 0xf8, 0xfb, 0xfe, 0x01, 0x04, 0x07, 0x0a, 0x0d, | ||
3611 | 0x10, 0x13, 0x16, 0x19, 0x1c, 0x1f, 0x22, 0x25, | ||
3612 | 0x28, 0x2b, 0x2e, 0x31, 0x34, 0x37, 0x3a, 0x3d, | ||
3613 | 0x40, 0x43, 0x46, 0x49, 0x4c, 0x4f, 0x52, 0x55, | ||
3614 | 0x58, 0x5b, 0x5e, 0x61, 0x64, 0x67, 0x6a, 0x6d, | ||
3615 | 0x70, 0x73, 0x76, 0x79, 0x7c, 0x7f, 0x82, 0x85, | ||
3616 | 0x88, 0x8b, 0x8e, 0x91, 0x94, 0x97, 0x9a, 0x9d, | ||
3617 | 0xa0, 0xa3, 0xa6, 0xa9, 0xac, 0xaf, 0xb2, 0xb5, | ||
3618 | 0xb8, 0xbb, 0xbe, 0xc1, 0xc4, 0xc7, 0xca, 0xcd, | ||
3619 | 0xd0, 0xd3, 0xd6, 0xd9, 0xdc, 0xdf, 0xe2, 0xe5, | ||
3620 | 0xe8, 0xeb, 0xee, 0xf1, 0xf4, 0xf7, 0xfa, 0xfd, | ||
3621 | 0x00, 0x05, 0x0a, 0x0f, 0x14, 0x19, 0x1e, 0x23, | ||
3622 | 0x28, 0x2d, 0x32, 0x37, 0x3c, 0x41, 0x46, 0x4b, | ||
3623 | 0x50, 0x55, 0x5a, 0x5f, 0x64, 0x69, 0x6e, 0x73, | ||
3624 | 0x78, 0x7d, 0x82, 0x87, 0x8c, 0x91, 0x96, 0x9b, | ||
3625 | 0xa0, 0xa5, 0xaa, 0xaf, 0xb4, 0xb9, 0xbe, 0xc3, | ||
3626 | 0xc8, 0xcd, 0xd2, 0xd7, 0xdc, 0xe1, 0xe6, 0xeb, | ||
3627 | 0xf0, 0xf5, 0xfa, 0xff, 0x04, 0x09, 0x0e, 0x13, | ||
3628 | 0x18, 0x1d, 0x22, 0x27, 0x2c, 0x31, 0x36, 0x3b, | ||
3629 | 0x40, 0x45, 0x4a, 0x4f, 0x54, 0x59, 0x5e, 0x63, | ||
3630 | 0x68, 0x6d, 0x72, 0x77, 0x7c, 0x81, 0x86, 0x8b, | ||
3631 | 0x90, 0x95, 0x9a, 0x9f, 0xa4, 0xa9, 0xae, 0xb3, | ||
3632 | 0xb8, 0xbd, 0xc2, 0xc7, 0xcc, 0xd1, 0xd6, 0xdb, | ||
3633 | 0xe0, 0xe5, 0xea, 0xef, 0xf4, 0xf9, 0xfe, 0x03, | ||
3634 | 0x08, 0x0d, 0x12, 0x17, 0x1c, 0x21, 0x26, 0x2b, | ||
3635 | 0x30, 0x35, 0x3a, 0x3f, 0x44, 0x49, 0x4e, 0x53, | ||
3636 | 0x58, 0x5d, 0x62, 0x67, 0x6c, 0x71, 0x76, 0x7b, | ||
3637 | 0x80, 0x85, 0x8a, 0x8f, 0x94, 0x99, 0x9e, 0xa3, | ||
3638 | 0xa8, 0xad, 0xb2, 0xb7, 0xbc, 0xc1, 0xc6, 0xcb, | ||
3639 | 0xd0, 0xd5, 0xda, 0xdf, 0xe4, 0xe9, 0xee, 0xf3, | ||
3640 | 0xf8, 0xfd, 0x02, 0x07, 0x0c, 0x11, 0x16, 0x1b, | ||
3641 | 0x20, 0x25, 0x2a, 0x2f, 0x34, 0x39, 0x3e, 0x43, | ||
3642 | 0x48, 0x4d, 0x52, 0x57, 0x5c, 0x61, 0x66, 0x6b, | ||
3643 | 0x70, 0x75, 0x7a, 0x7f, 0x84, 0x89, 0x8e, 0x93, | ||
3644 | 0x98, 0x9d, 0xa2, 0xa7, 0xac, 0xb1, 0xb6, 0xbb, | ||
3645 | 0xc0, 0xc5, 0xca, 0xcf, 0xd4, 0xd9, 0xde, 0xe3, | ||
3646 | 0xe8, 0xed, 0xf2, 0xf7, 0xfc, 0x01, 0x06, 0x0b, | ||
3647 | 0x10, 0x15, 0x1a, 0x1f, 0x24, 0x29, 0x2e, 0x33, | ||
3648 | 0x38, 0x3d, 0x42, 0x47, 0x4c, 0x51, 0x56, 0x5b, | ||
3649 | 0x60, 0x65, 0x6a, 0x6f, 0x74, 0x79, 0x7e, 0x83, | ||
3650 | 0x88, 0x8d, 0x92, 0x97, 0x9c, 0xa1, 0xa6, 0xab, | ||
3651 | 0xb0, 0xb5, 0xba, 0xbf, 0xc4, 0xc9, 0xce, 0xd3, | ||
3652 | 0xd8, 0xdd, 0xe2, 0xe7, 0xec, 0xf1, 0xf6, 0xfb, | ||
3653 | 0x00, 0x07, 0x0e, 0x15, 0x1c, 0x23, 0x2a, 0x31, | ||
3654 | 0x38, 0x3f, 0x46, 0x4d, 0x54, 0x5b, 0x62, 0x69, | ||
3655 | 0x70, 0x77, 0x7e, 0x85, 0x8c, 0x93, 0x9a, 0xa1, | ||
3656 | 0xa8, 0xaf, 0xb6, 0xbd, 0xc4, 0xcb, 0xd2, 0xd9, | ||
3657 | 0xe0, 0xe7, 0xee, 0xf5, 0xfc, 0x03, 0x0a, 0x11, | ||
3658 | 0x18, 0x1f, 0x26, 0x2d, 0x34, 0x3b, 0x42, 0x49, | ||
3659 | 0x50, 0x57, 0x5e, 0x65, 0x6c, 0x73, 0x7a, 0x81, | ||
3660 | 0x88, 0x8f, 0x96, 0x9d, 0xa4, 0xab, 0xb2, 0xb9, | ||
3661 | 0xc0, 0xc7, 0xce, 0xd5, 0xdc, 0xe3, 0xea, 0xf1, | ||
3662 | 0xf8, 0xff, 0x06, 0x0d, 0x14, 0x1b, 0x22, 0x29, | ||
3663 | 0x30, 0x37, 0x3e, 0x45, 0x4c, 0x53, 0x5a, 0x61, | ||
3664 | 0x68, 0x6f, 0x76, 0x7d, 0x84, 0x8b, 0x92, 0x99, | ||
3665 | 0xa0, 0xa7, 0xae, 0xb5, 0xbc, 0xc3, 0xca, 0xd1, | ||
3666 | 0xd8, 0xdf, 0xe6, 0xed, 0xf4, 0xfb, 0x02, 0x09, | ||
3667 | 0x10, 0x17, 0x1e, 0x25, 0x2c, 0x33, 0x3a, 0x41, | ||
3668 | 0x48, 0x4f, 0x56, 0x5d, 0x64, 0x6b, 0x72, 0x79, | ||
3669 | 0x80, 0x87, 0x8e, 0x95, 0x9c, 0xa3, 0xaa, 0xb1, | ||
3670 | 0xb8, 0xbf, 0xc6, 0xcd, 0xd4, 0xdb, 0xe2, 0xe9, | ||
3671 | 0xf0, 0xf7, 0xfe, 0x05, 0x0c, 0x13, 0x1a, 0x21, | ||
3672 | 0x28, 0x2f, 0x36, 0x3d, 0x44, 0x4b, 0x52, 0x59, | ||
3673 | 0x60, 0x67, 0x6e, 0x75, 0x7c, 0x83, 0x8a, 0x91, | ||
3674 | 0x98, 0x9f, 0xa6, 0xad, 0xb4, 0xbb, 0xc2, 0xc9, | ||
3675 | 0xd0, 0xd7, 0xde, 0xe5, 0xec, 0xf3, 0xfa, 0x01, | ||
3676 | 0x08, 0x0f, 0x16, 0x1d, 0x24, 0x2b, 0x32, 0x39, | ||
3677 | 0x40, 0x47, 0x4e, 0x55, 0x5c, 0x63, 0x6a, 0x71, | ||
3678 | 0x78, 0x7f, 0x86, 0x8d, 0x94, 0x9b, 0xa2, 0xa9, | ||
3679 | 0xb0, 0xb7, 0xbe, 0xc5, 0xcc, 0xd3, 0xda, 0xe1, | ||
3680 | 0xe8, 0xef, 0xf6, 0xfd, 0x04, 0x0b, 0x12, 0x19, | ||
3681 | 0x20, 0x27, 0x2e, 0x35, 0x3c, 0x43, 0x4a, 0x51, | ||
3682 | 0x58, 0x5f, 0x66, 0x6d, 0x74, 0x7b, 0x82, 0x89, | ||
3683 | 0x90, 0x97, 0x9e, 0xa5, 0xac, 0xb3, 0xba, 0xc1, | ||
3684 | 0xc8, 0xcf, 0xd6, 0xdd, 0xe4, 0xeb, 0xf2, 0xf9, | ||
3685 | 0x00, 0x09, 0x12, 0x1b, 0x24, 0x2d, 0x36, 0x3f, | ||
3686 | 0x48, 0x51, 0x5a, 0x63, 0x6c, 0x75, 0x7e, 0x87, | ||
3687 | 0x90, 0x99, 0xa2, 0xab, 0xb4, 0xbd, 0xc6, 0xcf, | ||
3688 | 0xd8, 0xe1, 0xea, 0xf3, 0xfc, 0x05, 0x0e, 0x17, | ||
3689 | 0x20, 0x29, 0x32, 0x3b, 0x44, 0x4d, 0x56, 0x5f, | ||
3690 | 0x68, 0x71, 0x7a, 0x83, 0x8c, 0x95, 0x9e, 0xa7, | ||
3691 | 0xb0, 0xb9, 0xc2, 0xcb, 0xd4, 0xdd, 0xe6, 0xef, | ||
3692 | 0xf8, 0x01, 0x0a, 0x13, 0x1c, 0x25, 0x2e, 0x37, | ||
3693 | 0x40, 0x49, 0x52, 0x5b, 0x64, 0x6d, 0x76, 0x7f, | ||
3694 | 0x88, 0x91, 0x9a, 0xa3, 0xac, 0xb5, 0xbe, 0xc7, | ||
3695 | 0xd0, 0xd9, 0xe2, 0xeb, 0xf4, 0xfd, 0x06, 0x0f, | ||
3696 | 0x18, 0x21, 0x2a, 0x33, 0x3c, 0x45, 0x4e, 0x57, | ||
3697 | 0x60, 0x69, 0x72, 0x7b, 0x84, 0x8d, 0x96, 0x9f, | ||
3698 | 0xa8, 0xb1, 0xba, 0xc3, 0xcc, 0xd5, 0xde, 0xe7, | ||
3699 | 0xf0, 0xf9, 0x02, 0x0b, 0x14, 0x1d, 0x26, 0x2f, | ||
3700 | 0x38, 0x41, 0x4a, 0x53, 0x5c, 0x65, 0x6e, 0x77, | ||
3701 | 0x80, 0x89, 0x92, 0x9b, 0xa4, 0xad, 0xb6, 0xbf, | ||
3702 | 0xc8, 0xd1, 0xda, 0xe3, 0xec, 0xf5, 0xfe, 0x07, | ||
3703 | 0x10, 0x19, 0x22, 0x2b, 0x34, 0x3d, 0x46, 0x4f, | ||
3704 | 0x58, 0x61, 0x6a, 0x73, 0x7c, 0x85, 0x8e, 0x97, | ||
3705 | 0xa0, 0xa9, 0xb2, 0xbb, 0xc4, 0xcd, 0xd6, 0xdf, | ||
3706 | 0xe8, 0xf1, 0xfa, 0x03, 0x0c, 0x15, 0x1e, 0x27, | ||
3707 | 0x30, 0x39, 0x42, 0x4b, 0x54, 0x5d, 0x66, 0x6f, | ||
3708 | 0x78, 0x81, 0x8a, 0x93, 0x9c, 0xa5, 0xae, 0xb7, | ||
3709 | 0xc0, 0xc9, 0xd2, 0xdb, 0xe4, 0xed, 0xf6, 0xff, | ||
3710 | 0x08, 0x11, 0x1a, 0x23, 0x2c, 0x35, 0x3e, 0x47, | ||
3711 | 0x50, 0x59, 0x62, 0x6b, 0x74, 0x7d, 0x86, 0x8f, | ||
3712 | 0x98, 0xa1, 0xaa, 0xb3, 0xbc, 0xc5, 0xce, 0xd7, | ||
3713 | 0xe0, 0xe9, 0xf2, 0xfb, 0x04, 0x0d, 0x16, 0x1f, | ||
3714 | 0x28, 0x31, 0x3a, 0x43, 0x4c, 0x55, 0x5e, 0x67, | ||
3715 | 0x70, 0x79, 0x82, 0x8b, 0x94, 0x9d, 0xa6, 0xaf, | ||
3716 | 0xb8, 0xc1, 0xca, 0xd3, 0xdc, 0xe5, 0xee, 0xf7, | ||
3717 | 0x00, 0x0b, 0x16, 0x21, 0x2c, 0x37, 0x42, 0x4d, | ||
3718 | 0x58, 0x63, 0x6e, 0x79, 0x84, 0x8f, 0x9a, 0xa5, | ||
3719 | 0xb0, 0xbb, 0xc6, 0xd1, 0xdc, 0xe7, 0xf2, 0xfd, | ||
3720 | 0x08, 0x13, 0x1e, 0x29, 0x34, 0x3f, 0x4a, 0x55, | ||
3721 | 0x60, 0x6b, 0x76, 0x81, 0x8c, 0x97, 0xa2, 0xad, | ||
3722 | 0xb8, 0xc3, 0xce, 0xd9, 0xe4, 0xef, 0xfa, 0x05, | ||
3723 | 0x10, 0x1b, 0x26, 0x31, 0x3c, 0x47, 0x52, 0x5d, | ||
3724 | 0x68, 0x73, 0x7e, 0x89, 0x94, 0x9f, 0xaa, 0xb5, | ||
3725 | 0xc0, 0xcb, 0xd6, 0xe1, 0xec, 0xf7, 0x02, 0x0d, | ||
3726 | 0x18, 0x23, 0x2e, 0x39, 0x44, 0x4f, 0x5a, 0x65, | ||
3727 | 0x70, 0x7b, 0x86, 0x91, 0x9c, 0xa7, 0xb2, 0xbd, | ||
3728 | 0xc8, 0xd3, 0xde, 0xe9, 0xf4, 0xff, 0x0a, 0x15, | ||
3729 | 0x20, 0x2b, 0x36, 0x41, 0x4c, 0x57, 0x62, 0x6d, | ||
3730 | 0x78, 0x83, 0x8e, 0x99, 0xa4, 0xaf, 0xba, 0xc5, | ||
3731 | 0xd0, 0xdb, 0xe6, 0xf1, 0xfc, 0x07, 0x12, 0x1d, | ||
3732 | 0x28, 0x33, 0x3e, 0x49, 0x54, 0x5f, 0x6a, 0x75, | ||
3733 | 0x80, 0x8b, 0x96, 0xa1, 0xac, 0xb7, 0xc2, 0xcd, | ||
3734 | 0xd8, 0xe3, 0xee, 0xf9, 0x04, 0x0f, 0x1a, 0x25, | ||
3735 | 0x30, 0x3b, 0x46, 0x51, 0x5c, 0x67, 0x72, 0x7d, | ||
3736 | 0x88, 0x93, 0x9e, 0xa9, 0xb4, 0xbf, 0xca, 0xd5, | ||
3737 | 0xe0, 0xeb, 0xf6, 0x01, 0x0c, 0x17, 0x22, 0x2d, | ||
3738 | 0x38, 0x43, 0x4e, 0x59, 0x64, 0x6f, 0x7a, 0x85, | ||
3739 | 0x90, 0x9b, 0xa6, 0xb1, 0xbc, 0xc7, 0xd2, 0xdd, | ||
3740 | 0xe8, 0xf3, 0xfe, 0x09, 0x14, 0x1f, 0x2a, 0x35, | ||
3741 | 0x40, 0x4b, 0x56, 0x61, 0x6c, 0x77, 0x82, 0x8d, | ||
3742 | 0x98, 0xa3, 0xae, 0xb9, 0xc4, 0xcf, 0xda, 0xe5, | ||
3743 | 0xf0, 0xfb, 0x06, 0x11, 0x1c, 0x27, 0x32, 0x3d, | ||
3744 | 0x48, 0x53, 0x5e, 0x69, 0x74, 0x7f, 0x8a, 0x95, | ||
3745 | 0xa0, 0xab, 0xb6, 0xc1, 0xcc, 0xd7, 0xe2, 0xed, | ||
3746 | 0xf8, 0x03, 0x0e, 0x19, 0x24, 0x2f, 0x3a, 0x45, | ||
3747 | 0x50, 0x5b, 0x66, 0x71, 0x7c, 0x87, 0x92, 0x9d, | ||
3748 | 0xa8, 0xb3, 0xbe, 0xc9, 0xd4, 0xdf, 0xea, 0xf5, | ||
3749 | 0x00, 0x0d, 0x1a, 0x27, 0x34, 0x41, 0x4e, 0x5b, | ||
3750 | 0x68, 0x75, 0x82, 0x8f, 0x9c, 0xa9, 0xb6, 0xc3, | ||
3751 | 0xd0, 0xdd, 0xea, 0xf7, 0x04, 0x11, 0x1e, 0x2b, | ||
3752 | 0x38, 0x45, 0x52, 0x5f, 0x6c, 0x79, 0x86, 0x93, | ||
3753 | 0xa0, 0xad, 0xba, 0xc7, 0xd4, 0xe1, 0xee, 0xfb, | ||
3754 | 0x08, 0x15, 0x22, 0x2f, 0x3c, 0x49, 0x56, 0x63, | ||
3755 | 0x70, 0x7d, 0x8a, 0x97, 0xa4, 0xb1, 0xbe, 0xcb, | ||
3756 | 0xd8, 0xe5, 0xf2, 0xff, 0x0c, 0x19, 0x26, 0x33, | ||
3757 | 0x40, 0x4d, 0x5a, 0x67, 0x74, 0x81, 0x8e, 0x9b, | ||
3758 | 0xa8, 0xb5, 0xc2, 0xcf, 0xdc, 0xe9, 0xf6, 0x03, | ||
3759 | 0x10, 0x1d, 0x2a, 0x37, 0x44, 0x51, 0x5e, 0x6b, | ||
3760 | 0x78, 0x85, 0x92, 0x9f, 0xac, 0xb9, 0xc6, 0xd3, | ||
3761 | 0xe0, 0xed, 0xfa, 0x07, 0x14, 0x21, 0x2e, 0x3b, | ||
3762 | 0x48, 0x55, 0x62, 0x6f, 0x7c, 0x89, 0x96, 0xa3, | ||
3763 | 0xb0, 0xbd, 0xca, 0xd7, 0xe4, 0xf1, 0xfe, 0x0b, | ||
3764 | 0x18, 0x25, 0x32, 0x3f, 0x4c, 0x59, 0x66, 0x73, | ||
3765 | 0x80, 0x8d, 0x9a, 0xa7, 0xb4, 0xc1, 0xce, 0xdb, | ||
3766 | 0xe8, 0xf5, 0x02, 0x0f, 0x1c, 0x29, 0x36, 0x43, | ||
3767 | 0x50, 0x5d, 0x6a, 0x77, 0x84, 0x91, 0x9e, 0xab, | ||
3768 | 0xb8, 0xc5, 0xd2, 0xdf, 0xec, 0xf9, 0x06, 0x13, | ||
3769 | 0x20, 0x2d, 0x3a, 0x47, 0x54, 0x61, 0x6e, 0x7b, | ||
3770 | 0x88, 0x95, 0xa2, 0xaf, 0xbc, 0xc9, 0xd6, 0xe3, | ||
3771 | 0xf0, 0xfd, 0x0a, 0x17, 0x24, 0x31, 0x3e, 0x4b, | ||
3772 | 0x58, 0x65, 0x72, 0x7f, 0x8c, 0x99, 0xa6, 0xb3, | ||
3773 | 0xc0, 0xcd, 0xda, 0xe7, 0xf4, 0x01, 0x0e, 0x1b, | ||
3774 | 0x28, 0x35, 0x42, 0x4f, 0x5c, 0x69, 0x76, 0x83, | ||
3775 | 0x90, 0x9d, 0xaa, 0xb7, 0xc4, 0xd1, 0xde, 0xeb, | ||
3776 | 0xf8, 0x05, 0x12, 0x1f, 0x2c, 0x39, 0x46, 0x53, | ||
3777 | 0x60, 0x6d, 0x7a, 0x87, 0x94, 0xa1, 0xae, 0xbb, | ||
3778 | 0xc8, 0xd5, 0xe2, 0xef, 0xfc, 0x09, 0x16, 0x23, | ||
3779 | 0x30, 0x3d, 0x4a, 0x57, 0x64, 0x71, 0x7e, 0x8b, | ||
3780 | 0x98, 0xa5, 0xb2, 0xbf, 0xcc, 0xd9, 0xe6, 0xf3, | ||
3781 | 0x00, 0x0f, 0x1e, 0x2d, 0x3c, 0x4b, 0x5a, 0x69, | ||
3782 | 0x78, 0x87, 0x96, 0xa5, 0xb4, 0xc3, 0xd2, 0xe1, | ||
3783 | 0xf0, 0xff, 0x0e, 0x1d, 0x2c, 0x3b, 0x4a, 0x59, | ||
3784 | 0x68, 0x77, 0x86, 0x95, 0xa4, 0xb3, 0xc2, 0xd1, | ||
3785 | 0xe0, 0xef, 0xfe, 0x0d, 0x1c, 0x2b, 0x3a, 0x49, | ||
3786 | 0x58, 0x67, 0x76, 0x85, 0x94, 0xa3, 0xb2, 0xc1, | ||
3787 | 0xd0, 0xdf, 0xee, 0xfd, 0x0c, 0x1b, 0x2a, 0x39, | ||
3788 | 0x48, 0x57, 0x66, 0x75, 0x84, 0x93, 0xa2, 0xb1, | ||
3789 | 0xc0, 0xcf, 0xde, 0xed, 0xfc, 0x0b, 0x1a, 0x29, | ||
3790 | 0x38, 0x47, 0x56, 0x65, 0x74, 0x83, 0x92, 0xa1, | ||
3791 | 0xb0, 0xbf, 0xce, 0xdd, 0xec, 0xfb, 0x0a, 0x19, | ||
3792 | 0x28, 0x37, 0x46, 0x55, 0x64, 0x73, 0x82, 0x91, | ||
3793 | 0xa0, 0xaf, 0xbe, 0xcd, 0xdc, 0xeb, 0xfa, 0x09, | ||
3794 | 0x18, 0x27, 0x36, 0x45, 0x54, 0x63, 0x72, 0x81, | ||
3795 | 0x90, 0x9f, 0xae, 0xbd, 0xcc, 0xdb, 0xea, 0xf9, | ||
3796 | 0x08, 0x17, 0x26, 0x35, 0x44, 0x53, 0x62, 0x71, | ||
3797 | 0x80, 0x8f, 0x9e, 0xad, 0xbc, 0xcb, 0xda, 0xe9, | ||
3798 | 0xf8, 0x07, 0x16, 0x25, 0x34, 0x43, 0x52, 0x61, | ||
3799 | 0x70, 0x7f, 0x8e, 0x9d, 0xac, 0xbb, 0xca, 0xd9, | ||
3800 | 0xe8, 0xf7, 0x06, 0x15, 0x24, 0x33, 0x42, 0x51, | ||
3801 | 0x60, 0x6f, 0x7e, 0x8d, 0x9c, 0xab, 0xba, 0xc9, | ||
3802 | 0xd8, 0xe7, 0xf6, 0x05, 0x14, 0x23, 0x32, 0x41, | ||
3803 | 0x50, 0x5f, 0x6e, 0x7d, 0x8c, 0x9b, 0xaa, 0xb9, | ||
3804 | 0xc8, 0xd7, 0xe6, 0xf5, 0x04, 0x13, 0x22, 0x31, | ||
3805 | 0x40, 0x4f, 0x5e, 0x6d, 0x7c, 0x8b, 0x9a, 0xa9, | ||
3806 | 0xb8, 0xc7, 0xd6, 0xe5, 0xf4, 0x03, 0x12, 0x21, | ||
3807 | 0x30, 0x3f, 0x4e, 0x5d, 0x6c, 0x7b, 0x8a, 0x99, | ||
3808 | 0xa8, 0xb7, 0xc6, 0xd5, 0xe4, 0xf3, 0x02, 0x11, | ||
3809 | 0x20, 0x2f, 0x3e, 0x4d, 0x5c, 0x6b, 0x7a, 0x89, | ||
3810 | 0x98, 0xa7, 0xb6, 0xc5, 0xd4, 0xe3, 0xf2, 0x01, | ||
3811 | 0x10, 0x1f, 0x2e, 0x3d, 0x4c, 0x5b, 0x6a, 0x79, | ||
3812 | 0x88, 0x97, 0xa6, 0xb5, 0xc4, 0xd3, 0xe2, 0xf1, | ||
3813 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
3814 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, | ||
3815 | 0x10, 0x21, 0x32, 0x43, 0x54, 0x65, 0x76, 0x87, | ||
3816 | 0x98, 0xa9, 0xba, 0xcb, 0xdc, 0xed, 0xfe, 0x0f, | ||
3817 | 0x20, 0x31, 0x42, 0x53, 0x64, 0x75, 0x86, 0x97, | ||
3818 | 0xa8, 0xb9, 0xca, 0xdb, 0xec, 0xfd, 0x0e, 0x1f, | ||
3819 | 0x30, 0x41, 0x52, 0x63, 0x74, 0x85, 0x96, 0xa7, | ||
3820 | 0xb8, 0xc9, 0xda, 0xeb, 0xfc, 0x0d, 0x1e, 0x2f, | ||
3821 | 0x40, 0x51, 0x62, 0x73, 0x84, 0x95, 0xa6, 0xb7, | ||
3822 | 0xc8, 0xd9, 0xea, 0xfb, 0x0c, 0x1d, 0x2e, 0x3f, | ||
3823 | 0x50, 0x61, 0x72, 0x83, 0x94, 0xa5, 0xb6, 0xc7, | ||
3824 | 0xd8, 0xe9, 0xfa, 0x0b, 0x1c, 0x2d, 0x3e, 0x4f, | ||
3825 | 0x60, 0x71, 0x82, 0x93, 0xa4, 0xb5, 0xc6, 0xd7, | ||
3826 | 0xe8, 0xf9, 0x0a, 0x1b, 0x2c, 0x3d, 0x4e, 0x5f, | ||
3827 | 0x70, 0x81, 0x92, 0xa3, 0xb4, 0xc5, 0xd6, 0xe7, | ||
3828 | 0xf8, 0x09, 0x1a, 0x2b, 0x3c, 0x4d, 0x5e, 0x6f, | ||
3829 | 0x80, 0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7, | ||
3830 | 0x08, 0x19, 0x2a, 0x3b, 0x4c, 0x5d, 0x6e, 0x7f, | ||
3831 | 0x90, 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0xf6, 0x07, | ||
3832 | 0x18, 0x29, 0x3a, 0x4b, 0x5c, 0x6d, 0x7e, 0x8f, | ||
3833 | 0xa0, 0xb1, 0xc2, 0xd3, 0xe4, 0xf5, 0x06, 0x17, | ||
3834 | 0x28, 0x39, 0x4a, 0x5b, 0x6c, 0x7d, 0x8e, 0x9f, | ||
3835 | 0xb0, 0xc1, 0xd2, 0xe3, 0xf4, 0x05, 0x16, 0x27, | ||
3836 | 0x38, 0x49, 0x5a, 0x6b, 0x7c, 0x8d, 0x9e, 0xaf, | ||
3837 | 0xc0, 0xd1, 0xe2, 0xf3, 0x04, 0x15, 0x26, 0x37, | ||
3838 | 0x48, 0x59, 0x6a, 0x7b, 0x8c, 0x9d, 0xae, 0xbf, | ||
3839 | 0xd0, 0xe1, 0xf2, 0x03, 0x14, 0x25, 0x36, 0x47, | ||
3840 | 0x58, 0x69, 0x7a, 0x8b, 0x9c, 0xad, 0xbe, 0xcf, | ||
3841 | 0xe0, 0xf1, 0x02, 0x13, 0x24, 0x35, 0x46, 0x57, | ||
3842 | 0x68, 0x79, 0x8a, 0x9b, 0xac, 0xbd, 0xce, 0xdf, | ||
3843 | 0xf0, 0x01, 0x12, 0x23, 0x34, 0x45, 0x56, 0x67, | ||
3844 | 0x78, 0x89, 0x9a, 0xab, 0xbc, 0xcd, 0xde, 0xef, | ||
3845 | 0x00, 0x13, 0x26, 0x39, 0x4c, 0x5f, 0x72, 0x85, | ||
3846 | 0x98, 0xab, 0xbe, 0xd1, 0xe4, 0xf7, 0x0a, 0x1d, | ||
3847 | 0x30, 0x43, 0x56, 0x69, 0x7c, 0x8f, 0xa2, 0xb5, | ||
3848 | 0xc8, 0xdb, 0xee, 0x01, 0x14, 0x27, 0x3a, 0x4d, | ||
3849 | 0x60, 0x73, 0x86, 0x99, 0xac, 0xbf, 0xd2, 0xe5, | ||
3850 | 0xf8, 0x0b, 0x1e, 0x31, 0x44, 0x57, 0x6a, 0x7d, | ||
3851 | 0x90, 0xa3, 0xb6, 0xc9, 0xdc, 0xef, 0x02, 0x15, | ||
3852 | 0x28, 0x3b, 0x4e, 0x61, 0x74, 0x87, 0x9a, 0xad, | ||
3853 | 0xc0, 0xd3, 0xe6, 0xf9, 0x0c, 0x1f, 0x32, 0x45, | ||
3854 | 0x58, 0x6b, 0x7e, 0x91, 0xa4, 0xb7, 0xca, 0xdd, | ||
3855 | 0xf0, 0x03, 0x16, 0x29, 0x3c, 0x4f, 0x62, 0x75, | ||
3856 | 0x88, 0x9b, 0xae, 0xc1, 0xd4, 0xe7, 0xfa, 0x0d, | ||
3857 | 0x20, 0x33, 0x46, 0x59, 0x6c, 0x7f, 0x92, 0xa5, | ||
3858 | 0xb8, 0xcb, 0xde, 0xf1, 0x04, 0x17, 0x2a, 0x3d, | ||
3859 | 0x50, 0x63, 0x76, 0x89, 0x9c, 0xaf, 0xc2, 0xd5, | ||
3860 | 0xe8, 0xfb, 0x0e, 0x21, 0x34, 0x47, 0x5a, 0x6d, | ||
3861 | 0x80, 0x93, 0xa6, 0xb9, 0xcc, 0xdf, 0xf2, 0x05, | ||
3862 | 0x18, 0x2b, 0x3e, 0x51, 0x64, 0x77, 0x8a, 0x9d, | ||
3863 | 0xb0, 0xc3, 0xd6, 0xe9, 0xfc, 0x0f, 0x22, 0x35, | ||
3864 | 0x48, 0x5b, 0x6e, 0x81, 0x94, 0xa7, 0xba, 0xcd, | ||
3865 | 0xe0, 0xf3, 0x06, 0x19, 0x2c, 0x3f, 0x52, 0x65, | ||
3866 | 0x78, 0x8b, 0x9e, 0xb1, 0xc4, 0xd7, 0xea, 0xfd, | ||
3867 | 0x10, 0x23, 0x36, 0x49, 0x5c, 0x6f, 0x82, 0x95, | ||
3868 | 0xa8, 0xbb, 0xce, 0xe1, 0xf4, 0x07, 0x1a, 0x2d, | ||
3869 | 0x40, 0x53, 0x66, 0x79, 0x8c, 0x9f, 0xb2, 0xc5, | ||
3870 | 0xd8, 0xeb, 0xfe, 0x11, 0x24, 0x37, 0x4a, 0x5d, | ||
3871 | 0x70, 0x83, 0x96, 0xa9, 0xbc, 0xcf, 0xe2, 0xf5, | ||
3872 | 0x08, 0x1b, 0x2e, 0x41, 0x54, 0x67, 0x7a, 0x8d, | ||
3873 | 0xa0, 0xb3, 0xc6, 0xd9, 0xec, 0xff, 0x12, 0x25, | ||
3874 | 0x38, 0x4b, 0x5e, 0x71, 0x84, 0x97, 0xaa, 0xbd, | ||
3875 | 0xd0, 0xe3, 0xf6, 0x09, 0x1c, 0x2f, 0x42, 0x55, | ||
3876 | 0x68, 0x7b, 0x8e, 0xa1, 0xb4, 0xc7, 0xda, 0xed, | ||
3877 | 0x00, 0x15, 0x2a, 0x3f, 0x54, 0x69, 0x7e, 0x93, | ||
3878 | 0xa8, 0xbd, 0xd2, 0xe7, 0xfc, 0x11, 0x26, 0x3b, | ||
3879 | 0x50, 0x65, 0x7a, 0x8f, 0xa4, 0xb9, 0xce, 0xe3, | ||
3880 | 0xf8, 0x0d, 0x22, 0x37, 0x4c, 0x61, 0x76, 0x8b, | ||
3881 | 0xa0, 0xb5, 0xca, 0xdf, 0xf4, 0x09, 0x1e, 0x33, | ||
3882 | 0x48, 0x5d, 0x72, 0x87, 0x9c, 0xb1, 0xc6, 0xdb, | ||
3883 | 0xf0, 0x05, 0x1a, 0x2f, 0x44, 0x59, 0x6e, 0x83, | ||
3884 | 0x98, 0xad, 0xc2, 0xd7, 0xec, 0x01, 0x16, 0x2b, | ||
3885 | 0x40, 0x55, 0x6a, 0x7f, 0x94, 0xa9, 0xbe, 0xd3, | ||
3886 | 0xe8, 0xfd, 0x12, 0x27, 0x3c, 0x51, 0x66, 0x7b, | ||
3887 | 0x90, 0xa5, 0xba, 0xcf, 0xe4, 0xf9, 0x0e, 0x23, | ||
3888 | 0x38, 0x4d, 0x62, 0x77, 0x8c, 0xa1, 0xb6, 0xcb, | ||
3889 | 0xe0, 0xf5, 0x0a, 0x1f, 0x34, 0x49, 0x5e, 0x73, | ||
3890 | 0x88, 0x9d, 0xb2, 0xc7, 0xdc, 0xf1, 0x06, 0x1b, | ||
3891 | 0x30, 0x45, 0x5a, 0x6f, 0x84, 0x99, 0xae, 0xc3, | ||
3892 | 0xd8, 0xed, 0x02, 0x17, 0x2c, 0x41, 0x56, 0x6b, | ||
3893 | 0x80, 0x95, 0xaa, 0xbf, 0xd4, 0xe9, 0xfe, 0x13, | ||
3894 | 0x28, 0x3d, 0x52, 0x67, 0x7c, 0x91, 0xa6, 0xbb, | ||
3895 | 0xd0, 0xe5, 0xfa, 0x0f, 0x24, 0x39, 0x4e, 0x63, | ||
3896 | 0x78, 0x8d, 0xa2, 0xb7, 0xcc, 0xe1, 0xf6, 0x0b, | ||
3897 | 0x20, 0x35, 0x4a, 0x5f, 0x74, 0x89, 0x9e, 0xb3, | ||
3898 | 0xc8, 0xdd, 0xf2, 0x07, 0x1c, 0x31, 0x46, 0x5b, | ||
3899 | 0x70, 0x85, 0x9a, 0xaf, 0xc4, 0xd9, 0xee, 0x03, | ||
3900 | 0x18, 0x2d, 0x42, 0x57, 0x6c, 0x81, 0x96, 0xab, | ||
3901 | 0xc0, 0xd5, 0xea, 0xff, 0x14, 0x29, 0x3e, 0x53, | ||
3902 | 0x68, 0x7d, 0x92, 0xa7, 0xbc, 0xd1, 0xe6, 0xfb, | ||
3903 | 0x10, 0x25, 0x3a, 0x4f, 0x64, 0x79, 0x8e, 0xa3, | ||
3904 | 0xb8, 0xcd, 0xe2, 0xf7, 0x0c, 0x21, 0x36, 0x4b, | ||
3905 | 0x60, 0x75, 0x8a, 0x9f, 0xb4, 0xc9, 0xde, 0xf3, | ||
3906 | 0x08, 0x1d, 0x32, 0x47, 0x5c, 0x71, 0x86, 0x9b, | ||
3907 | 0xb0, 0xc5, 0xda, 0xef, 0x04, 0x19, 0x2e, 0x43, | ||
3908 | 0x58, 0x6d, 0x82, 0x97, 0xac, 0xc1, 0xd6, 0xeb, | ||
3909 | 0x00, 0x17, 0x2e, 0x45, 0x5c, 0x73, 0x8a, 0xa1, | ||
3910 | 0xb8, 0xcf, 0xe6, 0xfd, 0x14, 0x2b, 0x42, 0x59, | ||
3911 | 0x70, 0x87, 0x9e, 0xb5, 0xcc, 0xe3, 0xfa, 0x11, | ||
3912 | 0x28, 0x3f, 0x56, 0x6d, 0x84, 0x9b, 0xb2, 0xc9, | ||
3913 | 0xe0, 0xf7, 0x0e, 0x25, 0x3c, 0x53, 0x6a, 0x81, | ||
3914 | 0x98, 0xaf, 0xc6, 0xdd, 0xf4, 0x0b, 0x22, 0x39, | ||
3915 | 0x50, 0x67, 0x7e, 0x95, 0xac, 0xc3, 0xda, 0xf1, | ||
3916 | 0x08, 0x1f, 0x36, 0x4d, 0x64, 0x7b, 0x92, 0xa9, | ||
3917 | 0xc0, 0xd7, 0xee, 0x05, 0x1c, 0x33, 0x4a, 0x61, | ||
3918 | 0x78, 0x8f, 0xa6, 0xbd, 0xd4, 0xeb, 0x02, 0x19, | ||
3919 | 0x30, 0x47, 0x5e, 0x75, 0x8c, 0xa3, 0xba, 0xd1, | ||
3920 | 0xe8, 0xff, 0x16, 0x2d, 0x44, 0x5b, 0x72, 0x89, | ||
3921 | 0xa0, 0xb7, 0xce, 0xe5, 0xfc, 0x13, 0x2a, 0x41, | ||
3922 | 0x58, 0x6f, 0x86, 0x9d, 0xb4, 0xcb, 0xe2, 0xf9, | ||
3923 | 0x10, 0x27, 0x3e, 0x55, 0x6c, 0x83, 0x9a, 0xb1, | ||
3924 | 0xc8, 0xdf, 0xf6, 0x0d, 0x24, 0x3b, 0x52, 0x69, | ||
3925 | 0x80, 0x97, 0xae, 0xc5, 0xdc, 0xf3, 0x0a, 0x21, | ||
3926 | 0x38, 0x4f, 0x66, 0x7d, 0x94, 0xab, 0xc2, 0xd9, | ||
3927 | 0xf0, 0x07, 0x1e, 0x35, 0x4c, 0x63, 0x7a, 0x91, | ||
3928 | 0xa8, 0xbf, 0xd6, 0xed, 0x04, 0x1b, 0x32, 0x49, | ||
3929 | 0x60, 0x77, 0x8e, 0xa5, 0xbc, 0xd3, 0xea, 0x01, | ||
3930 | 0x18, 0x2f, 0x46, 0x5d, 0x74, 0x8b, 0xa2, 0xb9, | ||
3931 | 0xd0, 0xe7, 0xfe, 0x15, 0x2c, 0x43, 0x5a, 0x71, | ||
3932 | 0x88, 0x9f, 0xb6, 0xcd, 0xe4, 0xfb, 0x12, 0x29, | ||
3933 | 0x40, 0x57, 0x6e, 0x85, 0x9c, 0xb3, 0xca, 0xe1, | ||
3934 | 0xf8, 0x0f, 0x26, 0x3d, 0x54, 0x6b, 0x82, 0x99, | ||
3935 | 0xb0, 0xc7, 0xde, 0xf5, 0x0c, 0x23, 0x3a, 0x51, | ||
3936 | 0x68, 0x7f, 0x96, 0xad, 0xc4, 0xdb, 0xf2, 0x09, | ||
3937 | 0x20, 0x37, 0x4e, 0x65, 0x7c, 0x93, 0xaa, 0xc1, | ||
3938 | 0xd8, 0xef, 0x06, 0x1d, 0x34, 0x4b, 0x62, 0x79, | ||
3939 | 0x90, 0xa7, 0xbe, 0xd5, 0xec, 0x03, 0x1a, 0x31, | ||
3940 | 0x48, 0x5f, 0x76, 0x8d, 0xa4, 0xbb, 0xd2, 0xe9, | ||
3941 | 0x00, 0x19, 0x32, 0x4b, 0x64, 0x7d, 0x96, 0xaf, | ||
3942 | 0xc8, 0xe1, 0xfa, 0x13, 0x2c, 0x45, 0x5e, 0x77, | ||
3943 | 0x90, 0xa9, 0xc2, 0xdb, 0xf4, 0x0d, 0x26, 0x3f, | ||
3944 | 0x58, 0x71, 0x8a, 0xa3, 0xbc, 0xd5, 0xee, 0x07, | ||
3945 | 0x20, 0x39, 0x52, 0x6b, 0x84, 0x9d, 0xb6, 0xcf, | ||
3946 | 0xe8, 0x01, 0x1a, 0x33, 0x4c, 0x65, 0x7e, 0x97, | ||
3947 | 0xb0, 0xc9, 0xe2, 0xfb, 0x14, 0x2d, 0x46, 0x5f, | ||
3948 | 0x78, 0x91, 0xaa, 0xc3, 0xdc, 0xf5, 0x0e, 0x27, | ||
3949 | 0x40, 0x59, 0x72, 0x8b, 0xa4, 0xbd, 0xd6, 0xef, | ||
3950 | 0x08, 0x21, 0x3a, 0x53, 0x6c, 0x85, 0x9e, 0xb7, | ||
3951 | 0xd0, 0xe9, 0x02, 0x1b, 0x34, 0x4d, 0x66, 0x7f, | ||
3952 | 0x98, 0xb1, 0xca, 0xe3, 0xfc, 0x15, 0x2e, 0x47, | ||
3953 | 0x60, 0x79, 0x92, 0xab, 0xc4, 0xdd, 0xf6, 0x0f, | ||
3954 | 0x28, 0x41, 0x5a, 0x73, 0x8c, 0xa5, 0xbe, 0xd7, | ||
3955 | 0xf0, 0x09, 0x22, 0x3b, 0x54, 0x6d, 0x86, 0x9f, | ||
3956 | 0xb8, 0xd1, 0xea, 0x03, 0x1c, 0x35, 0x4e, 0x67, | ||
3957 | 0x80, 0x99, 0xb2, 0xcb, 0xe4, 0xfd, 0x16, 0x2f, | ||
3958 | 0x48, 0x61, 0x7a, 0x93, 0xac, 0xc5, 0xde, 0xf7, | ||
3959 | 0x10, 0x29, 0x42, 0x5b, 0x74, 0x8d, 0xa6, 0xbf, | ||
3960 | 0xd8, 0xf1, 0x0a, 0x23, 0x3c, 0x55, 0x6e, 0x87, | ||
3961 | 0xa0, 0xb9, 0xd2, 0xeb, 0x04, 0x1d, 0x36, 0x4f, | ||
3962 | 0x68, 0x81, 0x9a, 0xb3, 0xcc, 0xe5, 0xfe, 0x17, | ||
3963 | 0x30, 0x49, 0x62, 0x7b, 0x94, 0xad, 0xc6, 0xdf, | ||
3964 | 0xf8, 0x11, 0x2a, 0x43, 0x5c, 0x75, 0x8e, 0xa7, | ||
3965 | 0xc0, 0xd9, 0xf2, 0x0b, 0x24, 0x3d, 0x56, 0x6f, | ||
3966 | 0x88, 0xa1, 0xba, 0xd3, 0xec, 0x05, 0x1e, 0x37, | ||
3967 | 0x50, 0x69, 0x82, 0x9b, 0xb4, 0xcd, 0xe6, 0xff, | ||
3968 | 0x18, 0x31, 0x4a, 0x63, 0x7c, 0x95, 0xae, 0xc7, | ||
3969 | 0xe0, 0xf9, 0x12, 0x2b, 0x44, 0x5d, 0x76, 0x8f, | ||
3970 | 0xa8, 0xc1, 0xda, 0xf3, 0x0c, 0x25, 0x3e, 0x57, | ||
3971 | 0x70, 0x89, 0xa2, 0xbb, 0xd4, 0xed, 0x06, 0x1f, | ||
3972 | 0x38, 0x51, 0x6a, 0x83, 0x9c, 0xb5, 0xce, 0xe7, | ||
3973 | 0x00, 0x1b, 0x36, 0x51, 0x6c, 0x87, 0xa2, 0xbd, | ||
3974 | 0xd8, 0xf3, 0x0e, 0x29, 0x44, 0x5f, 0x7a, 0x95, | ||
3975 | 0xb0, 0xcb, 0xe6, 0x01, 0x1c, 0x37, 0x52, 0x6d, | ||
3976 | 0x88, 0xa3, 0xbe, 0xd9, 0xf4, 0x0f, 0x2a, 0x45, | ||
3977 | 0x60, 0x7b, 0x96, 0xb1, 0xcc, 0xe7, 0x02, 0x1d, | ||
3978 | 0x38, 0x53, 0x6e, 0x89, 0xa4, 0xbf, 0xda, 0xf5, | ||
3979 | 0x10, 0x2b, 0x46, 0x61, 0x7c, 0x97, 0xb2, 0xcd, | ||
3980 | 0xe8, 0x03, 0x1e, 0x39, 0x54, 0x6f, 0x8a, 0xa5, | ||
3981 | 0xc0, 0xdb, 0xf6, 0x11, 0x2c, 0x47, 0x62, 0x7d, | ||
3982 | 0x98, 0xb3, 0xce, 0xe9, 0x04, 0x1f, 0x3a, 0x55, | ||
3983 | 0x70, 0x8b, 0xa6, 0xc1, 0xdc, 0xf7, 0x12, 0x2d, | ||
3984 | 0x48, 0x63, 0x7e, 0x99, 0xb4, 0xcf, 0xea, 0x05, | ||
3985 | 0x20, 0x3b, 0x56, 0x71, 0x8c, 0xa7, 0xc2, 0xdd, | ||
3986 | 0xf8, 0x13, 0x2e, 0x49, 0x64, 0x7f, 0x9a, 0xb5, | ||
3987 | 0xd0, 0xeb, 0x06, 0x21, 0x3c, 0x57, 0x72, 0x8d, | ||
3988 | 0xa8, 0xc3, 0xde, 0xf9, 0x14, 0x2f, 0x4a, 0x65, | ||
3989 | 0x80, 0x9b, 0xb6, 0xd1, 0xec, 0x07, 0x22, 0x3d, | ||
3990 | 0x58, 0x73, 0x8e, 0xa9, 0xc4, 0xdf, 0xfa, 0x15, | ||
3991 | 0x30, 0x4b, 0x66, 0x81, 0x9c, 0xb7, 0xd2, 0xed, | ||
3992 | 0x08, 0x23, 0x3e, 0x59, 0x74, 0x8f, 0xaa, 0xc5, | ||
3993 | 0xe0, 0xfb, 0x16, 0x31, 0x4c, 0x67, 0x82, 0x9d, | ||
3994 | 0xb8, 0xd3, 0xee, 0x09, 0x24, 0x3f, 0x5a, 0x75, | ||
3995 | 0x90, 0xab, 0xc6, 0xe1, 0xfc, 0x17, 0x32, 0x4d, | ||
3996 | 0x68, 0x83, 0x9e, 0xb9, 0xd4, 0xef, 0x0a, 0x25, | ||
3997 | 0x40, 0x5b, 0x76, 0x91, 0xac, 0xc7, 0xe2, 0xfd, | ||
3998 | 0x18, 0x33, 0x4e, 0x69, 0x84, 0x9f, 0xba, 0xd5, | ||
3999 | 0xf0, 0x0b, 0x26, 0x41, 0x5c, 0x77, 0x92, 0xad, | ||
4000 | 0xc8, 0xe3, 0xfe, 0x19, 0x34, 0x4f, 0x6a, 0x85, | ||
4001 | 0xa0, 0xbb, 0xd6, 0xf1, 0x0c, 0x27, 0x42, 0x5d, | ||
4002 | 0x78, 0x93, 0xae, 0xc9, 0xe4, 0xff, 0x1a, 0x35, | ||
4003 | 0x50, 0x6b, 0x86, 0xa1, 0xbc, 0xd7, 0xf2, 0x0d, | ||
4004 | 0x28, 0x43, 0x5e, 0x79, 0x94, 0xaf, 0xca, 0xe5, | ||
4005 | 0x00, 0x1d, 0x3a, 0x57, 0x74, 0x91, 0xae, 0xcb, | ||
4006 | 0xe8, 0x05, 0x22, 0x3f, 0x5c, 0x79, 0x96, 0xb3, | ||
4007 | 0xd0, 0xed, 0x0a, 0x27, 0x44, 0x61, 0x7e, 0x9b, | ||
4008 | 0xb8, 0xd5, 0xf2, 0x0f, 0x2c, 0x49, 0x66, 0x83, | ||
4009 | 0xa0, 0xbd, 0xda, 0xf7, 0x14, 0x31, 0x4e, 0x6b, | ||
4010 | 0x88, 0xa5, 0xc2, 0xdf, 0xfc, 0x19, 0x36, 0x53, | ||
4011 | 0x70, 0x8d, 0xaa, 0xc7, 0xe4, 0x01, 0x1e, 0x3b, | ||
4012 | 0x58, 0x75, 0x92, 0xaf, 0xcc, 0xe9, 0x06, 0x23, | ||
4013 | 0x40, 0x5d, 0x7a, 0x97, 0xb4, 0xd1, 0xee, 0x0b, | ||
4014 | 0x28, 0x45, 0x62, 0x7f, 0x9c, 0xb9, 0xd6, 0xf3, | ||
4015 | 0x10, 0x2d, 0x4a, 0x67, 0x84, 0xa1, 0xbe, 0xdb, | ||
4016 | 0xf8, 0x15, 0x32, 0x4f, 0x6c, 0x89, 0xa6, 0xc3, | ||
4017 | 0xe0, 0xfd, 0x1a, 0x37, 0x54, 0x71, 0x8e, 0xab, | ||
4018 | 0xc8, 0xe5, 0x02, 0x1f, 0x3c, 0x59, 0x76, 0x93, | ||
4019 | 0xb0, 0xcd, 0xea, 0x07, 0x24, 0x41, 0x5e, 0x7b, | ||
4020 | 0x98, 0xb5, 0xd2, 0xef, 0x0c, 0x29, 0x46, 0x63, | ||
4021 | 0x80, 0x9d, 0xba, 0xd7, 0xf4, 0x11, 0x2e, 0x4b, | ||
4022 | 0x68, 0x85, 0xa2, 0xbf, 0xdc, 0xf9, 0x16, 0x33, | ||
4023 | 0x50, 0x6d, 0x8a, 0xa7, 0xc4, 0xe1, 0xfe, 0x1b, | ||
4024 | 0x38, 0x55, 0x72, 0x8f, 0xac, 0xc9, 0xe6, 0x03, | ||
4025 | 0x20, 0x3d, 0x5a, 0x77, 0x94, 0xb1, 0xce, 0xeb, | ||
4026 | 0x08, 0x25, 0x42, 0x5f, 0x7c, 0x99, 0xb6, 0xd3, | ||
4027 | 0xf0, 0x0d, 0x2a, 0x47, 0x64, 0x81, 0x9e, 0xbb, | ||
4028 | 0xd8, 0xf5, 0x12, 0x2f, 0x4c, 0x69, 0x86, 0xa3, | ||
4029 | 0xc0, 0xdd, 0xfa, 0x17, 0x34, 0x51, 0x6e, 0x8b, | ||
4030 | 0xa8, 0xc5, 0xe2, 0xff, 0x1c, 0x39, 0x56, 0x73, | ||
4031 | 0x90, 0xad, 0xca, 0xe7, 0x04, 0x21, 0x3e, 0x5b, | ||
4032 | 0x78, 0x95, 0xb2, 0xcf, 0xec, 0x09, 0x26, 0x43, | ||
4033 | 0x60, 0x7d, 0x9a, 0xb7, 0xd4, 0xf1, 0x0e, 0x2b, | ||
4034 | 0x48, 0x65, 0x82, 0x9f, 0xbc, 0xd9, 0xf6, 0x13, | ||
4035 | 0x30, 0x4d, 0x6a, 0x87, 0xa4, 0xc1, 0xde, 0xfb, | ||
4036 | 0x18, 0x35, 0x52, 0x6f, 0x8c, 0xa9, 0xc6, 0xe3, | ||
4037 | 0x00, 0x1f, 0x3e, 0x5d, 0x7c, 0x9b, 0xba, 0xd9, | ||
4038 | 0xf8, 0x17, 0x36, 0x55, 0x74, 0x93, 0xb2, 0xd1, | ||
4039 | 0xf0, 0x0f, 0x2e, 0x4d, 0x6c, 0x8b, 0xaa, 0xc9, | ||
4040 | 0xe8, 0x07, 0x26, 0x45, 0x64, 0x83, 0xa2, 0xc1, | ||
4041 | 0xe0, 0xff, 0x1e, 0x3d, 0x5c, 0x7b, 0x9a, 0xb9, | ||
4042 | 0xd8, 0xf7, 0x16, 0x35, 0x54, 0x73, 0x92, 0xb1, | ||
4043 | 0xd0, 0xef, 0x0e, 0x2d, 0x4c, 0x6b, 0x8a, 0xa9, | ||
4044 | 0xc8, 0xe7, 0x06, 0x25, 0x44, 0x63, 0x82, 0xa1, | ||
4045 | 0xc0, 0xdf, 0xfe, 0x1d, 0x3c, 0x5b, 0x7a, 0x99, | ||
4046 | 0xb8, 0xd7, 0xf6, 0x15, 0x34, 0x53, 0x72, 0x91, | ||
4047 | 0xb0, 0xcf, 0xee, 0x0d, 0x2c, 0x4b, 0x6a, 0x89, | ||
4048 | 0xa8, 0xc7, 0xe6, 0x05, 0x24, 0x43, 0x62, 0x81, | ||
4049 | 0xa0, 0xbf, 0xde, 0xfd, 0x1c, 0x3b, 0x5a, 0x79, | ||
4050 | 0x98, 0xb7, 0xd6, 0xf5, 0x14, 0x33, 0x52, 0x71, | ||
4051 | 0x90, 0xaf, 0xce, 0xed, 0x0c, 0x2b, 0x4a, 0x69, | ||
4052 | 0x88, 0xa7, 0xc6, 0xe5, 0x04, 0x23, 0x42, 0x61, | ||
4053 | 0x80, 0x9f, 0xbe, 0xdd, 0xfc, 0x1b, 0x3a, 0x59, | ||
4054 | 0x78, 0x97, 0xb6, 0xd5, 0xf4, 0x13, 0x32, 0x51, | ||
4055 | 0x70, 0x8f, 0xae, 0xcd, 0xec, 0x0b, 0x2a, 0x49, | ||
4056 | 0x68, 0x87, 0xa6, 0xc5, 0xe4, 0x03, 0x22, 0x41, | ||
4057 | 0x60, 0x7f, 0x9e, 0xbd, 0xdc, 0xfb, 0x1a, 0x39, | ||
4058 | 0x58, 0x77, 0x96, 0xb5, 0xd4, 0xf3, 0x12, 0x31, | ||
4059 | 0x50, 0x6f, 0x8e, 0xad, 0xcc, 0xeb, 0x0a, 0x29, | ||
4060 | 0x48, 0x67, 0x86, 0xa5, 0xc4, 0xe3, 0x02, 0x21, | ||
4061 | 0x40, 0x5f, 0x7e, 0x9d, 0xbc, 0xdb, 0xfa, 0x19, | ||
4062 | 0x38, 0x57, 0x76, 0x95, 0xb4, 0xd3, 0xf2, 0x11, | ||
4063 | 0x30, 0x4f, 0x6e, 0x8d, 0xac, 0xcb, 0xea, 0x09, | ||
4064 | 0x28, 0x47, 0x66, 0x85, 0xa4, 0xc3, 0xe2, 0x01, | ||
4065 | 0x20, 0x3f, 0x5e, 0x7d, 0x9c, 0xbb, 0xda, 0xf9, | ||
4066 | 0x18, 0x37, 0x56, 0x75, 0x94, 0xb3, 0xd2, 0xf1, | ||
4067 | 0x10, 0x2f, 0x4e, 0x6d, 0x8c, 0xab, 0xca, 0xe9, | ||
4068 | 0x08, 0x27, 0x46, 0x65, 0x84, 0xa3, 0xc2, 0xe1, | ||
4069 | 0x00, 0x21, 0x42, 0x63, | ||
4070 | }, | ||
4071 | .ilen = 4100, | ||
4072 | .result = { | ||
4073 | 0xf0, 0x5c, 0x74, 0xad, 0x4e, 0xbc, 0x99, 0xe2, | ||
4074 | 0xae, 0xff, 0x91, 0x3a, 0x44, 0xcf, 0x38, 0x32, | ||
4075 | 0x1e, 0xad, 0xa7, 0xcd, 0xa1, 0x39, 0x95, 0xaa, | ||
4076 | 0x10, 0xb1, 0xb3, 0x2e, 0x04, 0x31, 0x8f, 0x86, | ||
4077 | 0xf2, 0x62, 0x74, 0x70, 0x0c, 0xa4, 0x46, 0x08, | ||
4078 | 0xa8, 0xb7, 0x99, 0xa8, 0xe9, 0xd2, 0x73, 0x79, | ||
4079 | 0x7e, 0x6e, 0xd4, 0x8f, 0x1e, 0xc7, 0x8e, 0x31, | ||
4080 | 0x0b, 0xfa, 0x4b, 0xce, 0xfd, 0xf3, 0x57, 0x71, | ||
4081 | 0xe9, 0x46, 0x03, 0xa5, 0x3d, 0x34, 0x00, 0xe2, | ||
4082 | 0x18, 0xff, 0x75, 0x6d, 0x06, 0x2d, 0x00, 0xab, | ||
4083 | 0xb9, 0x3e, 0x6c, 0x59, 0xc5, 0x84, 0x06, 0xb5, | ||
4084 | 0x8b, 0xd0, 0x89, 0x9c, 0x4a, 0x79, 0x16, 0xc6, | ||
4085 | 0x3d, 0x74, 0x54, 0xfa, 0x44, 0xcd, 0x23, 0x26, | ||
4086 | 0x5c, 0xcf, 0x7e, 0x28, 0x92, 0x32, 0xbf, 0xdf, | ||
4087 | 0xa7, 0x20, 0x3c, 0x74, 0x58, 0x2a, 0x9a, 0xde, | ||
4088 | 0x61, 0x00, 0x1c, 0x4f, 0xff, 0x59, 0xc4, 0x22, | ||
4089 | 0xac, 0x3c, 0xd0, 0xe8, 0x6c, 0xf9, 0x97, 0x1b, | ||
4090 | 0x58, 0x9b, 0xad, 0x71, 0xe8, 0xa9, 0xb5, 0x0d, | ||
4091 | 0xee, 0x2f, 0x04, 0x1f, 0x7f, 0xbc, 0x99, 0xee, | ||
4092 | 0x84, 0xff, 0x42, 0x60, 0xdc, 0x3a, 0x18, 0xa5, | ||
4093 | 0x81, 0xf9, 0xef, 0xdc, 0x7a, 0x0f, 0x65, 0x41, | ||
4094 | 0x2f, 0xa3, 0xd3, 0xf9, 0xc2, 0xcb, 0xc0, 0x4d, | ||
4095 | 0x8f, 0xd3, 0x76, 0x96, 0xad, 0x49, 0x6d, 0x38, | ||
4096 | 0x3d, 0x39, 0x0b, 0x6c, 0x80, 0xb7, 0x54, 0x69, | ||
4097 | 0xf0, 0x2c, 0x90, 0x02, 0x29, 0x0d, 0x1c, 0x12, | ||
4098 | 0xad, 0x55, 0xc3, 0x8b, 0x68, 0xd9, 0xcc, 0xb3, | ||
4099 | 0xb2, 0x64, 0x33, 0x90, 0x5e, 0xca, 0x4b, 0xe2, | ||
4100 | 0xfb, 0x75, 0xdc, 0x63, 0xf7, 0x9f, 0x82, 0x74, | ||
4101 | 0xf0, 0xc9, 0xaa, 0x7f, 0xe9, 0x2a, 0x9b, 0x33, | ||
4102 | 0xbc, 0x88, 0x00, 0x7f, 0xca, 0xb2, 0x1f, 0x14, | ||
4103 | 0xdb, 0xc5, 0x8e, 0x7b, 0x11, 0x3c, 0x3e, 0x08, | ||
4104 | 0xf3, 0x83, 0xe8, 0xe0, 0x94, 0x86, 0x2e, 0x92, | ||
4105 | 0x78, 0x6b, 0x01, 0xc9, 0xc7, 0x83, 0xba, 0x21, | ||
4106 | 0x6a, 0x25, 0x15, 0x33, 0x4e, 0x45, 0x08, 0xec, | ||
4107 | 0x35, 0xdb, 0xe0, 0x6e, 0x31, 0x51, 0x79, 0xa9, | ||
4108 | 0x42, 0x44, 0x65, 0xc1, 0xa0, 0xf1, 0xf9, 0x2a, | ||
4109 | 0x70, 0xd5, 0xb6, 0xc6, 0xc1, 0x8c, 0x39, 0xfc, | ||
4110 | 0x25, 0xa6, 0x55, 0xd9, 0xdd, 0x2d, 0x4c, 0xec, | ||
4111 | 0x49, 0xc6, 0xeb, 0x0e, 0xa8, 0x25, 0x2a, 0x16, | ||
4112 | 0x1b, 0x66, 0x84, 0xda, 0xe2, 0x92, 0xe5, 0xc0, | ||
4113 | 0xc8, 0x53, 0x07, 0xaf, 0x80, 0x84, 0xec, 0xfd, | ||
4114 | 0xcd, 0xd1, 0x6e, 0xcd, 0x6f, 0x6a, 0xf5, 0x36, | ||
4115 | 0xc5, 0x15, 0xe5, 0x25, 0x7d, 0x77, 0xd1, 0x1a, | ||
4116 | 0x93, 0x36, 0xa9, 0xcf, 0x7c, 0xa4, 0x54, 0x4a, | ||
4117 | 0x06, 0x51, 0x48, 0x4e, 0xf6, 0x59, 0x87, 0xd2, | ||
4118 | 0x04, 0x02, 0xef, 0xd3, 0x44, 0xde, 0x76, 0x31, | ||
4119 | 0xb3, 0x34, 0x17, 0x1b, 0x9d, 0x66, 0x11, 0x9f, | ||
4120 | 0x1e, 0xcc, 0x17, 0xe9, 0xc7, 0x3c, 0x1b, 0xe7, | ||
4121 | 0xcb, 0x50, 0x08, 0xfc, 0xdc, 0x2b, 0x24, 0xdb, | ||
4122 | 0x65, 0x83, 0xd0, 0x3b, 0xe3, 0x30, 0xea, 0x94, | ||
4123 | 0x6c, 0xe7, 0xe8, 0x35, 0x32, 0xc7, 0xdb, 0x64, | ||
4124 | 0xb4, 0x01, 0xab, 0x36, 0x2c, 0x77, 0x13, 0xaf, | ||
4125 | 0xf8, 0x2b, 0x88, 0x3f, 0x54, 0x39, 0xc4, 0x44, | ||
4126 | 0xfe, 0xef, 0x6f, 0x68, 0x34, 0xbe, 0x0f, 0x05, | ||
4127 | 0x16, 0x6d, 0xf6, 0x0a, 0x30, 0xe7, 0xe3, 0xed, | ||
4128 | 0xc4, 0xde, 0x3c, 0x1b, 0x13, 0xd8, 0xdb, 0xfe, | ||
4129 | 0x41, 0x62, 0xe5, 0x28, 0xd4, 0x8d, 0xa3, 0xc7, | ||
4130 | 0x93, 0x97, 0xc6, 0x48, 0x45, 0x1d, 0x9f, 0x83, | ||
4131 | 0xdf, 0x4b, 0x40, 0x3e, 0x42, 0x25, 0x87, 0x80, | ||
4132 | 0x4c, 0x7d, 0xa8, 0xd4, 0x98, 0x23, 0x95, 0x75, | ||
4133 | 0x41, 0x8c, 0xda, 0x41, 0x9b, 0xd4, 0xa7, 0x06, | ||
4134 | 0xb5, 0xf1, 0x71, 0x09, 0x53, 0xbe, 0xca, 0xbf, | ||
4135 | 0x32, 0x03, 0xed, 0xf0, 0x50, 0x1c, 0x56, 0x39, | ||
4136 | 0x5b, 0xa4, 0x75, 0x18, 0xf7, 0x9b, 0x58, 0xef, | ||
4137 | 0x53, 0xfc, 0x2a, 0x38, 0x23, 0x15, 0x75, 0xcd, | ||
4138 | 0x45, 0xe5, 0x5a, 0x82, 0x55, 0xba, 0x21, 0xfa, | ||
4139 | 0xd4, 0xbd, 0xc6, 0x94, 0x7c, 0xc5, 0x80, 0x12, | ||
4140 | 0xf7, 0x4b, 0x32, 0xc4, 0x9a, 0x82, 0xd8, 0x28, | ||
4141 | 0x8f, 0xd9, 0xc2, 0x0f, 0x60, 0x03, 0xbe, 0x5e, | ||
4142 | 0x21, 0xd6, 0x5f, 0x58, 0xbf, 0x5c, 0xb1, 0x32, | ||
4143 | 0x82, 0x8d, 0xa9, 0xe5, 0xf2, 0x66, 0x1a, 0xc0, | ||
4144 | 0xa0, 0xbc, 0x58, 0x2f, 0x71, 0xf5, 0x2f, 0xed, | ||
4145 | 0xd1, 0x26, 0xb9, 0xd8, 0x49, 0x5a, 0x07, 0x19, | ||
4146 | 0x01, 0x7c, 0x59, 0xb0, 0xf8, 0xa4, 0xb7, 0xd3, | ||
4147 | 0x7b, 0x1a, 0x8c, 0x38, 0xf4, 0x50, 0xa4, 0x59, | ||
4148 | 0xb0, 0xcc, 0x41, 0x0b, 0x88, 0x7f, 0xe5, 0x31, | ||
4149 | 0xb3, 0x42, 0xba, 0xa2, 0x7e, 0xd4, 0x32, 0x71, | ||
4150 | 0x45, 0x87, 0x48, 0xa9, 0xc2, 0xf2, 0x89, 0xb3, | ||
4151 | 0xe4, 0xa7, 0x7e, 0x52, 0x15, 0x61, 0xfa, 0xfe, | ||
4152 | 0xc9, 0xdd, 0x81, 0xeb, 0x13, 0xab, 0xab, 0xc3, | ||
4153 | 0x98, 0x59, 0xd8, 0x16, 0x3d, 0x14, 0x7a, 0x1c, | ||
4154 | 0x3c, 0x41, 0x9a, 0x16, 0x16, 0x9b, 0xd2, 0xd2, | ||
4155 | 0x69, 0x3a, 0x29, 0x23, 0xac, 0x86, 0x32, 0xa5, | ||
4156 | 0x48, 0x9c, 0x9e, 0xf3, 0x47, 0x77, 0x81, 0x70, | ||
4157 | 0x24, 0xe8, 0x85, 0xd2, 0xf5, 0xb5, 0xfa, 0xff, | ||
4158 | 0x59, 0x6a, 0xd3, 0x50, 0x59, 0x43, 0x59, 0xde, | ||
4159 | 0xd9, 0xf1, 0x55, 0xa5, 0x0c, 0xc3, 0x1a, 0x1a, | ||
4160 | 0x18, 0x34, 0x0d, 0x1a, 0x63, 0x33, 0xed, 0x10, | ||
4161 | 0xe0, 0x1d, 0x2a, 0x18, 0xd2, 0xc0, 0x54, 0xa8, | ||
4162 | 0xca, 0xb5, 0x9a, 0xd3, 0xdd, 0xca, 0x45, 0x84, | ||
4163 | 0x50, 0xe7, 0x0f, 0xfe, 0xa4, 0x99, 0x5a, 0xbe, | ||
4164 | 0x43, 0x2d, 0x9a, 0xcb, 0x92, 0x3f, 0x5a, 0x1d, | ||
4165 | 0x85, 0xd8, 0xc9, 0xdf, 0x68, 0xc9, 0x12, 0x80, | ||
4166 | 0x56, 0x0c, 0xdc, 0x00, 0xdc, 0x3a, 0x7d, 0x9d, | ||
4167 | 0xa3, 0xa2, 0xe8, 0x4d, 0xbf, 0xf9, 0x70, 0xa0, | ||
4168 | 0xa4, 0x13, 0x4f, 0x6b, 0xaf, 0x0a, 0x89, 0x7f, | ||
4169 | 0xda, 0xf0, 0xbf, 0x9b, 0xc8, 0x1d, 0xe5, 0xf8, | ||
4170 | 0x2e, 0x8b, 0x07, 0xb5, 0x73, 0x1b, 0xcc, 0xa2, | ||
4171 | 0xa6, 0xad, 0x30, 0xbc, 0x78, 0x3c, 0x5b, 0x10, | ||
4172 | 0xfa, 0x5e, 0x62, 0x2d, 0x9e, 0x64, 0xb3, 0x33, | ||
4173 | 0xce, 0xf9, 0x1f, 0x86, 0xe7, 0x8b, 0xa2, 0xb8, | ||
4174 | 0xe8, 0x99, 0x57, 0x8c, 0x11, 0xed, 0x66, 0xd9, | ||
4175 | 0x3c, 0x72, 0xb9, 0xc3, 0xe6, 0x4e, 0x17, 0x3a, | ||
4176 | 0x6a, 0xcb, 0x42, 0x24, 0x06, 0xed, 0x3e, 0x4e, | ||
4177 | 0xa3, 0xe8, 0x6a, 0x94, 0xda, 0x0d, 0x4e, 0xd5, | ||
4178 | 0x14, 0x19, 0xcf, 0xb6, 0x26, 0xd8, 0x2e, 0xcc, | ||
4179 | 0x64, 0x76, 0x38, 0x49, 0x4d, 0xfe, 0x30, 0x6d, | ||
4180 | 0xe4, 0xc8, 0x8c, 0x7b, 0xc4, 0xe0, 0x35, 0xba, | ||
4181 | 0x22, 0x6e, 0x76, 0xe1, 0x1a, 0xf2, 0x53, 0xc3, | ||
4182 | 0x28, 0xa2, 0x82, 0x1f, 0x61, 0x69, 0xad, 0xc1, | ||
4183 | 0x7b, 0x28, 0x4b, 0x1e, 0x6c, 0x85, 0x95, 0x9b, | ||
4184 | 0x51, 0xb5, 0x17, 0x7f, 0x12, 0x69, 0x8c, 0x24, | ||
4185 | 0xd5, 0xc7, 0x5a, 0x5a, 0x11, 0x54, 0xff, 0x5a, | ||
4186 | 0xf7, 0x16, 0xc3, 0x91, 0xa6, 0xf0, 0xdc, 0x0a, | ||
4187 | 0xb6, 0xa7, 0x4a, 0x0d, 0x7a, 0x58, 0xfe, 0xa5, | ||
4188 | 0xf5, 0xcb, 0x8f, 0x7b, 0x0e, 0xea, 0x57, 0xe7, | ||
4189 | 0xbd, 0x79, 0xd6, 0x1c, 0x88, 0x23, 0x6c, 0xf2, | ||
4190 | 0x4d, 0x29, 0x77, 0x53, 0x35, 0x6a, 0x00, 0x8d, | ||
4191 | 0xcd, 0xa3, 0x58, 0xbe, 0x77, 0x99, 0x18, 0xf8, | ||
4192 | 0xe6, 0xe1, 0x8f, 0xe9, 0x37, 0x8f, 0xe3, 0xe2, | ||
4193 | 0x5a, 0x8a, 0x93, 0x25, 0xaf, 0xf3, 0x78, 0x80, | ||
4194 | 0xbe, 0xa6, 0x1b, 0xc6, 0xac, 0x8b, 0x1c, 0x91, | ||
4195 | 0x58, 0xe1, 0x9f, 0x89, 0x35, 0x9d, 0x1d, 0x21, | ||
4196 | 0x29, 0x9f, 0xf4, 0x99, 0x02, 0x27, 0x0f, 0xa8, | ||
4197 | 0x4f, 0x79, 0x94, 0x2b, 0x33, 0x2c, 0xda, 0xa2, | ||
4198 | 0x26, 0x39, 0x83, 0x94, 0xef, 0x27, 0xd8, 0x53, | ||
4199 | 0x8f, 0x66, 0x0d, 0xe4, 0x41, 0x7d, 0x34, 0xcd, | ||
4200 | 0x43, 0x7c, 0x95, 0x0a, 0x53, 0xef, 0x66, 0xda, | ||
4201 | 0x7e, 0x9b, 0xf3, 0x93, 0xaf, 0xd0, 0x73, 0x71, | ||
4202 | 0xba, 0x40, 0x9b, 0x74, 0xf8, 0xd7, 0xd7, 0x41, | ||
4203 | 0x6d, 0xaf, 0x72, 0x9c, 0x8d, 0x21, 0x87, 0x3c, | ||
4204 | 0xfd, 0x0a, 0x90, 0xa9, 0x47, 0x96, 0x9e, 0xd3, | ||
4205 | 0x88, 0xee, 0x73, 0xcf, 0x66, 0x2f, 0x52, 0x56, | ||
4206 | 0x6d, 0xa9, 0x80, 0x4c, 0xe2, 0x6f, 0x62, 0x88, | ||
4207 | 0x3f, 0x0e, 0x54, 0x17, 0x48, 0x80, 0x5d, 0xd3, | ||
4208 | 0xc3, 0xda, 0x25, 0x3d, 0xa1, 0xc8, 0xcb, 0x9f, | ||
4209 | 0x9b, 0x70, 0xb3, 0xa1, 0xeb, 0x04, 0x52, 0xa1, | ||
4210 | 0xf2, 0x22, 0x0f, 0xfc, 0xc8, 0x18, 0xfa, 0xf9, | ||
4211 | 0x85, 0x9c, 0xf1, 0xac, 0xeb, 0x0c, 0x02, 0x46, | ||
4212 | 0x75, 0xd2, 0xf5, 0x2c, 0xe3, 0xd2, 0x59, 0x94, | ||
4213 | 0x12, 0xf3, 0x3c, 0xfc, 0xd7, 0x92, 0xfa, 0x36, | ||
4214 | 0xba, 0x61, 0x34, 0x38, 0x7c, 0xda, 0x48, 0x3e, | ||
4215 | 0x08, 0xc9, 0x39, 0x23, 0x5e, 0x02, 0x2c, 0x1a, | ||
4216 | 0x18, 0x7e, 0xb4, 0xd9, 0xfd, 0x9e, 0x40, 0x02, | ||
4217 | 0xb1, 0x33, 0x37, 0x32, 0xe7, 0xde, 0xd6, 0xd0, | ||
4218 | 0x7c, 0x58, 0x65, 0x4b, 0xf8, 0x34, 0x27, 0x9c, | ||
4219 | 0x44, 0xb4, 0xbd, 0xe9, 0xe9, 0x4c, 0x78, 0x7d, | ||
4220 | 0x4b, 0x9f, 0xce, 0xb1, 0xcd, 0x47, 0xa5, 0x37, | ||
4221 | 0xe5, 0x6d, 0xbd, 0xb9, 0x43, 0x94, 0x0a, 0xd4, | ||
4222 | 0xd6, 0xf9, 0x04, 0x5f, 0xb5, 0x66, 0x6c, 0x1a, | ||
4223 | 0x35, 0x12, 0xe3, 0x36, 0x28, 0x27, 0x36, 0x58, | ||
4224 | 0x01, 0x2b, 0x79, 0xe4, 0xba, 0x6d, 0x10, 0x7d, | ||
4225 | 0x65, 0xdf, 0x84, 0x95, 0xf4, 0xd5, 0xb6, 0x8f, | ||
4226 | 0x2b, 0x9f, 0x96, 0x00, 0x86, 0x60, 0xf0, 0x21, | ||
4227 | 0x76, 0xa8, 0x6a, 0x8c, 0x28, 0x1c, 0xb3, 0x6b, | ||
4228 | 0x97, 0xd7, 0xb6, 0x53, 0x2a, 0xcc, 0xab, 0x40, | ||
4229 | 0x9d, 0x62, 0x79, 0x58, 0x52, 0xe6, 0x65, 0xb7, | ||
4230 | 0xab, 0x55, 0x67, 0x9c, 0x89, 0x7c, 0x03, 0xb0, | ||
4231 | 0x73, 0x59, 0xc5, 0x81, 0xf5, 0x18, 0x17, 0x5c, | ||
4232 | 0x89, 0xf3, 0x78, 0x35, 0x44, 0x62, 0x78, 0x72, | ||
4233 | 0xd0, 0x96, 0xeb, 0x31, 0xe7, 0x87, 0x77, 0x14, | ||
4234 | 0x99, 0x51, 0xf2, 0x59, 0x26, 0x9e, 0xb5, 0xa6, | ||
4235 | 0x45, 0xfe, 0x6e, 0xbd, 0x07, 0x4c, 0x94, 0x5a, | ||
4236 | 0xa5, 0x7d, 0xfc, 0xf1, 0x2b, 0x77, 0xe2, 0xfe, | ||
4237 | 0x17, 0xd4, 0x84, 0xa0, 0xac, 0xb5, 0xc7, 0xda, | ||
4238 | 0xa9, 0x1a, 0xb6, 0xf3, 0x74, 0x11, 0xb4, 0x9d, | ||
4239 | 0xfb, 0x79, 0x2e, 0x04, 0x2d, 0x50, 0x28, 0x83, | ||
4240 | 0xbf, 0xc6, 0x52, 0xd3, 0x34, 0xd6, 0xe8, 0x7a, | ||
4241 | 0xb6, 0xea, 0xe7, 0xa8, 0x6c, 0x15, 0x1e, 0x2c, | ||
4242 | 0x57, 0xbc, 0x48, 0x4e, 0x5f, 0x5c, 0xb6, 0x92, | ||
4243 | 0xd2, 0x49, 0x77, 0x81, 0x6d, 0x90, 0x70, 0xae, | ||
4244 | 0x98, 0xa1, 0x03, 0x0d, 0x6b, 0xb9, 0x77, 0x14, | ||
4245 | 0xf1, 0x4e, 0x23, 0xd3, 0xf8, 0x68, 0xbd, 0xc2, | ||
4246 | 0xfe, 0x04, 0xb7, 0x5c, 0xc5, 0x17, 0x60, 0x8f, | ||
4247 | 0x65, 0x54, 0xa4, 0x7a, 0x42, 0xdc, 0x18, 0x0d, | ||
4248 | 0xb5, 0xcf, 0x0f, 0xd3, 0xc7, 0x91, 0x66, 0x1b, | ||
4249 | 0x45, 0x42, 0x27, 0x75, 0x50, 0xe5, 0xee, 0xb8, | ||
4250 | 0x7f, 0x33, 0x2c, 0xba, 0x4a, 0x92, 0x4d, 0x2c, | ||
4251 | 0x3c, 0xe3, 0x0d, 0x80, 0x01, 0xba, 0x0d, 0x29, | ||
4252 | 0xd8, 0x3c, 0xe9, 0x13, 0x16, 0x57, 0xe6, 0xea, | ||
4253 | 0x94, 0x52, 0xe7, 0x00, 0x4d, 0x30, 0xb0, 0x0f, | ||
4254 | 0x35, 0xb8, 0xb8, 0xa7, 0xb1, 0xb5, 0x3b, 0x44, | ||
4255 | 0xe1, 0x2f, 0xfd, 0x88, 0xed, 0x43, 0xe7, 0x52, | ||
4256 | 0x10, 0x93, 0xb3, 0x8a, 0x30, 0x6b, 0x0a, 0xf7, | ||
4257 | 0x23, 0xc6, 0x50, 0x9d, 0x4a, 0xb0, 0xde, 0xc3, | ||
4258 | 0xdc, 0x9b, 0x2f, 0x01, 0x56, 0x36, 0x09, 0xc5, | ||
4259 | 0x2f, 0x6b, 0xfe, 0xf1, 0xd8, 0x27, 0x45, 0x03, | ||
4260 | 0x30, 0x5e, 0x5c, 0x5b, 0xb4, 0x62, 0x0e, 0x1a, | ||
4261 | 0xa9, 0x21, 0x2b, 0x92, 0x94, 0x87, 0x62, 0x57, | ||
4262 | 0x4c, 0x10, 0x74, 0x1a, 0xf1, 0x0a, 0xc5, 0x84, | ||
4263 | 0x3b, 0x9e, 0x72, 0x02, 0xd7, 0xcc, 0x09, 0x56, | ||
4264 | 0xbd, 0x54, 0xc1, 0xf0, 0xc3, 0xe3, 0xb3, 0xf8, | ||
4265 | 0xd2, 0x0d, 0x61, 0xcb, 0xef, 0xce, 0x0d, 0x05, | ||
4266 | 0xb0, 0x98, 0xd9, 0x8e, 0x4f, 0xf9, 0xbc, 0x93, | ||
4267 | 0xa6, 0xea, 0xc8, 0xcf, 0x10, 0x53, 0x4b, 0xf1, | ||
4268 | 0xec, 0xfc, 0x89, 0xf9, 0x64, 0xb0, 0x22, 0xbf, | ||
4269 | 0x9e, 0x55, 0x46, 0x9f, 0x7c, 0x50, 0x8e, 0x84, | ||
4270 | 0x54, 0x20, 0x98, 0xd7, 0x6c, 0x40, 0x1e, 0xdb, | ||
4271 | 0x69, 0x34, 0x78, 0x61, 0x24, 0x21, 0x9c, 0x8a, | ||
4272 | 0xb3, 0x62, 0x31, 0x8b, 0x6e, 0xf5, 0x2a, 0x35, | ||
4273 | 0x86, 0x13, 0xb1, 0x6c, 0x64, 0x2e, 0x41, 0xa5, | ||
4274 | 0x05, 0xf2, 0x42, 0xba, 0xd2, 0x3a, 0x0d, 0x8e, | ||
4275 | 0x8a, 0x59, 0x94, 0x3c, 0xcf, 0x36, 0x27, 0x82, | ||
4276 | 0xc2, 0x45, 0xee, 0x58, 0xcd, 0x88, 0xb4, 0xec, | ||
4277 | 0xde, 0xb2, 0x96, 0x0a, 0xaf, 0x38, 0x6f, 0x88, | ||
4278 | 0xd7, 0xd8, 0xe1, 0xdf, 0xb9, 0x96, 0xa9, 0x0a, | ||
4279 | 0xb1, 0x95, 0x28, 0x86, 0x20, 0xe9, 0x17, 0x49, | ||
4280 | 0xa2, 0x29, 0x38, 0xaa, 0xa5, 0xe9, 0x6e, 0xf1, | ||
4281 | 0x19, 0x27, 0xc0, 0xd5, 0x2a, 0x22, 0xc3, 0x0b, | ||
4282 | 0xdb, 0x7c, 0x73, 0x10, 0xb9, 0xba, 0x89, 0x76, | ||
4283 | 0x54, 0xae, 0x7d, 0x71, 0xb3, 0x93, 0xf6, 0x32, | ||
4284 | 0xe6, 0x47, 0x43, 0x55, 0xac, 0xa0, 0x0d, 0xc2, | ||
4285 | 0x93, 0x27, 0x4a, 0x8e, 0x0e, 0x74, 0x15, 0xc7, | ||
4286 | 0x0b, 0x85, 0xd9, 0x0c, 0xa9, 0x30, 0x7a, 0x3e, | ||
4287 | 0xea, 0x8f, 0x85, 0x6d, 0x3a, 0x12, 0x4f, 0x72, | ||
4288 | 0x69, 0x58, 0x7a, 0x80, 0xbb, 0xb5, 0x97, 0xf3, | ||
4289 | 0xcf, 0x70, 0xd2, 0x5d, 0xdd, 0x4d, 0x21, 0x79, | ||
4290 | 0x54, 0x4d, 0xe4, 0x05, 0xe8, 0xbd, 0xc2, 0x62, | ||
4291 | 0xb1, 0x3b, 0x77, 0x1c, 0xd6, 0x5c, 0xf3, 0xa0, | ||
4292 | 0x79, 0x00, 0xa8, 0x6c, 0x29, 0xd9, 0x18, 0x24, | ||
4293 | 0x36, 0xa2, 0x46, 0xc0, 0x96, 0x65, 0x7f, 0xbd, | ||
4294 | 0x2a, 0xed, 0x36, 0x16, 0x0c, 0xaa, 0x9f, 0xf4, | ||
4295 | 0xc5, 0xb4, 0xe2, 0x12, 0xed, 0x69, 0xed, 0x4f, | ||
4296 | 0x26, 0x2c, 0x39, 0x52, 0x89, 0x98, 0xe7, 0x2c, | ||
4297 | 0x99, 0xa4, 0x9e, 0xa3, 0x9b, 0x99, 0x46, 0x7a, | ||
4298 | 0x3a, 0xdc, 0xa8, 0x59, 0xa3, 0xdb, 0xc3, 0x3b, | ||
4299 | 0x95, 0x0d, 0x3b, 0x09, 0x6e, 0xee, 0x83, 0x5d, | ||
4300 | 0x32, 0x4d, 0xed, 0xab, 0xfa, 0x98, 0x14, 0x4e, | ||
4301 | 0xc3, 0x15, 0x45, 0x53, 0x61, 0xc4, 0x93, 0xbd, | ||
4302 | 0x90, 0xf4, 0x99, 0x95, 0x4c, 0xe6, 0x76, 0x92, | ||
4303 | 0x29, 0x90, 0x46, 0x30, 0x92, 0x69, 0x7d, 0x13, | ||
4304 | 0xf2, 0xa5, 0xcd, 0x69, 0x49, 0x44, 0xb2, 0x0f, | ||
4305 | 0x63, 0x40, 0x36, 0x5f, 0x09, 0xe2, 0x78, 0xf8, | ||
4306 | 0x91, 0xe3, 0xe2, 0xfa, 0x10, 0xf7, 0xc8, 0x24, | ||
4307 | 0xa8, 0x89, 0x32, 0x5c, 0x37, 0x25, 0x1d, 0xb2, | ||
4308 | 0xea, 0x17, 0x8a, 0x0a, 0xa9, 0x64, 0xc3, 0x7c, | ||
4309 | 0x3c, 0x7c, 0xbd, 0xc6, 0x79, 0x34, 0xe7, 0xe2, | ||
4310 | 0x85, 0x8e, 0xbf, 0xf8, 0xde, 0x92, 0xa0, 0xae, | ||
4311 | 0x20, 0xc4, 0xf6, 0xbb, 0x1f, 0x38, 0x19, 0x0e, | ||
4312 | 0xe8, 0x79, 0x9c, 0xa1, 0x23, 0xe9, 0x54, 0x7e, | ||
4313 | 0x37, 0x2f, 0xe2, 0x94, 0x32, 0xaf, 0xa0, 0x23, | ||
4314 | 0x49, 0xe4, 0xc0, 0xb3, 0xac, 0x00, 0x8f, 0x36, | ||
4315 | 0x05, 0xc4, 0xa6, 0x96, 0xec, 0x05, 0x98, 0x4f, | ||
4316 | 0x96, 0x67, 0x57, 0x1f, 0x20, 0x86, 0x1b, 0x2d, | ||
4317 | 0x69, 0xe4, 0x29, 0x93, 0x66, 0x5f, 0xaf, 0x6b, | ||
4318 | 0x88, 0x26, 0x2c, 0x67, 0x02, 0x4b, 0x52, 0xd0, | ||
4319 | 0x83, 0x7a, 0x43, 0x1f, 0xc0, 0x71, 0x15, 0x25, | ||
4320 | 0x77, 0x65, 0x08, 0x60, 0x11, 0x76, 0x4c, 0x8d, | ||
4321 | 0xed, 0xa9, 0x27, 0xc6, 0xb1, 0x2a, 0x2c, 0x6a, | ||
4322 | 0x4a, 0x97, 0xf5, 0xc6, 0xb7, 0x70, 0x42, 0xd3, | ||
4323 | 0x03, 0xd1, 0x24, 0x95, 0xec, 0x6d, 0xab, 0x38, | ||
4324 | 0x72, 0xce, 0xe2, 0x8b, 0x33, 0xd7, 0x51, 0x09, | ||
4325 | 0xdc, 0x45, 0xe0, 0x09, 0x96, 0x32, 0xf3, 0xc4, | ||
4326 | 0x84, 0xdc, 0x73, 0x73, 0x2d, 0x1b, 0x11, 0x98, | ||
4327 | 0xc5, 0x0e, 0x69, 0x28, 0x94, 0xc7, 0xb5, 0x4d, | ||
4328 | 0xc8, 0x8a, 0xd0, 0xaa, 0x13, 0x2e, 0x18, 0x74, | ||
4329 | 0xdd, 0xd1, 0x1e, 0xf3, 0x90, 0xe8, 0xfc, 0x9a, | ||
4330 | 0x72, 0x4a, 0x0e, 0xd1, 0xe4, 0xfb, 0x0d, 0x96, | ||
4331 | 0xd1, 0x0c, 0x79, 0x85, 0x1b, 0x1c, 0xfe, 0xe1, | ||
4332 | 0x62, 0x8f, 0x7a, 0x73, 0x32, 0xab, 0xc8, 0x18, | ||
4333 | 0x69, 0xe3, 0x34, 0x30, 0xdf, 0x13, 0xa6, 0xe5, | ||
4334 | 0xe8, 0x0e, 0x67, 0x7f, 0x81, 0x11, 0xb4, 0x60, | ||
4335 | 0xc7, 0xbd, 0x79, 0x65, 0x50, 0xdc, 0xc4, 0x5b, | ||
4336 | 0xde, 0x39, 0xa4, 0x01, 0x72, 0x63, 0xf3, 0xd1, | ||
4337 | 0x64, 0x4e, 0xdf, 0xfc, 0x27, 0x92, 0x37, 0x0d, | ||
4338 | 0x57, 0xcd, 0x11, 0x4f, 0x11, 0x04, 0x8e, 0x1d, | ||
4339 | 0x16, 0xf7, 0xcd, 0x92, 0x9a, 0x99, 0x30, 0x14, | ||
4340 | 0xf1, 0x7c, 0x67, 0x1b, 0x1f, 0x41, 0x0b, 0xe8, | ||
4341 | 0x32, 0xe8, 0xb8, 0xc1, 0x4f, 0x54, 0x86, 0x4f, | ||
4342 | 0xe5, 0x79, 0x81, 0x73, 0xcd, 0x43, 0x59, 0x68, | ||
4343 | 0x73, 0x02, 0x3b, 0x78, 0x21, 0x72, 0x43, 0x00, | ||
4344 | 0x49, 0x17, 0xf7, 0x00, 0xaf, 0x68, 0x24, 0x53, | ||
4345 | 0x05, 0x0a, 0xc3, 0x33, 0xe0, 0x33, 0x3f, 0x69, | ||
4346 | 0xd2, 0x84, 0x2f, 0x0b, 0xed, 0xde, 0x04, 0xf4, | ||
4347 | 0x11, 0x94, 0x13, 0x69, 0x51, 0x09, 0x28, 0xde, | ||
4348 | 0x57, 0x5c, 0xef, 0xdc, 0x9a, 0x49, 0x1c, 0x17, | ||
4349 | 0x97, 0xf3, 0x96, 0xc1, 0x7f, 0x5d, 0x2e, 0x7d, | ||
4350 | 0x55, 0xb8, 0xb3, 0x02, 0x09, 0xb3, 0x1f, 0xe7, | ||
4351 | 0xc9, 0x8d, 0xa3, 0x36, 0x34, 0x8a, 0x77, 0x13, | ||
4352 | 0x30, 0x63, 0x4c, 0xa5, 0xcd, 0xc3, 0xe0, 0x7e, | ||
4353 | 0x05, 0xa1, 0x7b, 0x0c, 0xcb, 0x74, 0x47, 0x31, | ||
4354 | 0x62, 0x03, 0x43, 0xf1, 0x87, 0xb4, 0xb0, 0x85, | ||
4355 | 0x87, 0x8e, 0x4b, 0x25, 0xc7, 0xcf, 0xae, 0x4b, | ||
4356 | 0x36, 0x46, 0x3e, 0x62, 0xbc, 0x6f, 0xeb, 0x5f, | ||
4357 | 0x73, 0xac, 0xe6, 0x07, 0xee, 0xc1, 0xa1, 0xd6, | ||
4358 | 0xc4, 0xab, 0xc9, 0xd6, 0x89, 0x45, 0xe1, 0xf1, | ||
4359 | 0x04, 0x4e, 0x1a, 0x6f, 0xbb, 0x4f, 0x3a, 0xa3, | ||
4360 | 0xa0, 0xcb, 0xa3, 0x0a, 0xd8, 0x71, 0x35, 0x55, | ||
4361 | 0xe4, 0xbc, 0x2e, 0x04, 0x06, 0xe6, 0xff, 0x5b, | ||
4362 | 0x1c, 0xc0, 0x11, 0x7c, 0xc5, 0x17, 0xf3, 0x38, | ||
4363 | 0xcf, 0xe9, 0xba, 0x0f, 0x0e, 0xef, 0x02, 0xc2, | ||
4364 | 0x8d, 0xc6, 0xbc, 0x4b, 0x67, 0x20, 0x95, 0xd7, | ||
4365 | 0x2c, 0x45, 0x5b, 0x86, 0x44, 0x8c, 0x6f, 0x2e, | ||
4366 | 0x7e, 0x9f, 0x1c, 0x77, 0xba, 0x6b, 0x0e, 0xa3, | ||
4367 | 0x69, 0xdc, 0xab, 0x24, 0x57, 0x60, 0x47, 0xc1, | ||
4368 | 0xd1, 0xa5, 0x9d, 0x23, 0xe6, 0xb1, 0x37, 0xfe, | ||
4369 | 0x93, 0xd2, 0x4c, 0x46, 0xf9, 0x0c, 0xc6, 0xfb, | ||
4370 | 0xd6, 0x9d, 0x99, 0x69, 0xab, 0x7a, 0x07, 0x0c, | ||
4371 | 0x65, 0xe7, 0xc4, 0x08, 0x96, 0xe2, 0xa5, 0x01, | ||
4372 | 0x3f, 0x46, 0x07, 0x05, 0x7e, 0xe8, 0x9a, 0x90, | ||
4373 | 0x50, 0xdc, 0xe9, 0x7a, 0xea, 0xa1, 0x39, 0x6e, | ||
4374 | 0x66, 0xe4, 0x6f, 0xa5, 0x5f, 0xb2, 0xd9, 0x5b, | ||
4375 | 0xf5, 0xdb, 0x2a, 0x32, 0xf0, 0x11, 0x6f, 0x7c, | ||
4376 | 0x26, 0x10, 0x8f, 0x3d, 0x80, 0xe9, 0x58, 0xf7, | ||
4377 | 0xe0, 0xa8, 0x57, 0xf8, 0xdb, 0x0e, 0xce, 0x99, | ||
4378 | 0x63, 0x19, 0x3d, 0xd5, 0xec, 0x1b, 0x77, 0x69, | ||
4379 | 0x98, 0xf6, 0xe4, 0x5f, 0x67, 0x17, 0x4b, 0x09, | ||
4380 | 0x85, 0x62, 0x82, 0x70, 0x18, 0xe2, 0x9a, 0x78, | ||
4381 | 0xe2, 0x62, 0xbd, 0xb4, 0xf1, 0x42, 0xc6, 0xfb, | ||
4382 | 0x08, 0xd0, 0xbd, 0xeb, 0x4e, 0x09, 0xf2, 0xc8, | ||
4383 | 0x1e, 0xdc, 0x3d, 0x32, 0x21, 0x56, 0x9c, 0x4f, | ||
4384 | 0x35, 0xf3, 0x61, 0x06, 0x72, 0x84, 0xc4, 0x32, | ||
4385 | 0xf2, 0xf1, 0xfa, 0x0b, 0x2f, 0xc3, 0xdb, 0x02, | ||
4386 | 0x04, 0xc2, 0xde, 0x57, 0x64, 0x60, 0x8d, 0xcf, | ||
4387 | 0xcb, 0x86, 0x5d, 0x97, 0x3e, 0xb1, 0x9c, 0x01, | ||
4388 | 0xd6, 0x28, 0x8f, 0x99, 0xbc, 0x46, 0xeb, 0x05, | ||
4389 | 0xaf, 0x7e, 0xb8, 0x21, 0x2a, 0x56, 0x85, 0x1c, | ||
4390 | 0xb3, 0x71, 0xa0, 0xde, 0xca, 0x96, 0xf1, 0x78, | ||
4391 | 0x49, 0xa2, 0x99, 0x81, 0x80, 0x5c, 0x01, 0xf5, | ||
4392 | 0xa0, 0xa2, 0x56, 0x63, 0xe2, 0x70, 0x07, 0xa5, | ||
4393 | 0x95, 0xd6, 0x85, 0xeb, 0x36, 0x9e, 0xa9, 0x51, | ||
4394 | 0x66, 0x56, 0x5f, 0x1d, 0x02, 0x19, 0xe2, 0xf6, | ||
4395 | 0x4f, 0x73, 0x38, 0x09, 0x75, 0x64, 0x48, 0xe0, | ||
4396 | 0xf1, 0x7e, 0x0e, 0xe8, 0x9d, 0xf9, 0xed, 0x94, | ||
4397 | 0xfe, 0x16, 0x26, 0x62, 0x49, 0x74, 0xf4, 0xb0, | ||
4398 | 0xd4, 0xa9, 0x6c, 0xb0, 0xfd, 0x53, 0xe9, 0x81, | ||
4399 | 0xe0, 0x7a, 0xbf, 0xcf, 0xb5, 0xc4, 0x01, 0x81, | ||
4400 | 0x79, 0x99, 0x77, 0x01, 0x3b, 0xe9, 0xa2, 0xb6, | ||
4401 | 0xe6, 0x6a, 0x8a, 0x9e, 0x56, 0x1c, 0x8d, 0x1e, | ||
4402 | 0x8f, 0x06, 0x55, 0x2c, 0x6c, 0xdc, 0x92, 0x87, | ||
4403 | 0x64, 0x3b, 0x4b, 0x19, 0xa1, 0x13, 0x64, 0x1d, | ||
4404 | 0x4a, 0xe9, 0xc0, 0x00, 0xb8, 0x95, 0xef, 0x6b, | ||
4405 | 0x1a, 0x86, 0x6d, 0x37, 0x52, 0x02, 0xc2, 0xe0, | ||
4406 | 0xc8, 0xbb, 0x42, 0x0c, 0x02, 0x21, 0x4a, 0xc9, | ||
4407 | 0xef, 0xa0, 0x54, 0xe4, 0x5e, 0x16, 0x53, 0x81, | ||
4408 | 0x70, 0x62, 0x10, 0xaf, 0xde, 0xb8, 0xb5, 0xd3, | ||
4409 | 0xe8, 0x5e, 0x6c, 0xc3, 0x8a, 0x3e, 0x18, 0x07, | ||
4410 | 0xf2, 0x2f, 0x7d, 0xa7, 0xe1, 0x3d, 0x4e, 0xb4, | ||
4411 | 0x26, 0xa7, 0xa3, 0x93, 0x86, 0xb2, 0x04, 0x1e, | ||
4412 | 0x53, 0x5d, 0x86, 0xd6, 0xde, 0x65, 0xca, 0xe3, | ||
4413 | 0x4e, 0xc1, 0xcf, 0xef, 0xc8, 0x70, 0x1b, 0x83, | ||
4414 | 0x13, 0xdd, 0x18, 0x8b, 0x0d, 0x76, 0xd2, 0xf6, | ||
4415 | 0x37, 0x7a, 0x93, 0x7a, 0x50, 0x11, 0x9f, 0x96, | ||
4416 | 0x86, 0x25, 0xfd, 0xac, 0xdc, 0xbe, 0x18, 0x93, | ||
4417 | 0x19, 0x6b, 0xec, 0x58, 0x4f, 0xb9, 0x75, 0xa7, | ||
4418 | 0xdd, 0x3f, 0x2f, 0xec, 0xc8, 0x5a, 0x84, 0xab, | ||
4419 | 0xd5, 0xe4, 0x8a, 0x07, 0xf6, 0x4d, 0x23, 0xd6, | ||
4420 | 0x03, 0xfb, 0x03, 0x6a, 0xea, 0x66, 0xbf, 0xd4, | ||
4421 | 0xb1, 0x34, 0xfb, 0x78, 0xe9, 0x55, 0xdc, 0x7c, | ||
4422 | 0x3d, 0x9c, 0xe5, 0x9a, 0xac, 0xc3, 0x7a, 0x80, | ||
4423 | 0x24, 0x6d, 0xa0, 0xef, 0x25, 0x7c, 0xb7, 0xea, | ||
4424 | 0xce, 0x4d, 0x5f, 0x18, 0x60, 0xce, 0x87, 0x22, | ||
4425 | 0x66, 0x2f, 0xd5, 0xdd, 0xdd, 0x02, 0x21, 0x75, | ||
4426 | 0x82, 0xa0, 0x1f, 0x58, 0xc6, 0xd3, 0x62, 0xf7, | ||
4427 | 0x32, 0xd8, 0xaf, 0x1e, 0x07, 0x77, 0x51, 0x96, | ||
4428 | 0xd5, 0x6b, 0x1e, 0x7e, 0x80, 0x02, 0xe8, 0x67, | ||
4429 | 0xea, 0x17, 0x0b, 0x10, 0xd2, 0x3f, 0x28, 0x25, | ||
4430 | 0x4f, 0x05, 0x77, 0x02, 0x14, 0x69, 0xf0, 0x2c, | ||
4431 | 0xbe, 0x0c, 0xf1, 0x74, 0x30, 0xd1, 0xb9, 0x9b, | ||
4432 | 0xfc, 0x8c, 0xbb, 0x04, 0x16, 0xd9, 0xba, 0xc3, | ||
4433 | 0xbc, 0x91, 0x8a, 0xc4, 0x30, 0xa4, 0xb0, 0x12, | ||
4434 | 0x4c, 0x21, 0x87, 0xcb, 0xc9, 0x1d, 0x16, 0x96, | ||
4435 | 0x07, 0x6f, 0x23, 0x54, 0xb9, 0x6f, 0x79, 0xe5, | ||
4436 | 0x64, 0xc0, 0x64, 0xda, 0xb1, 0xae, 0xdd, 0x60, | ||
4437 | 0x6c, 0x1a, 0x9d, 0xd3, 0x04, 0x8e, 0x45, 0xb0, | ||
4438 | 0x92, 0x61, 0xd0, 0x48, 0x81, 0xed, 0x5e, 0x1d, | ||
4439 | 0xa0, 0xc9, 0xa4, 0x33, 0xc7, 0x13, 0x51, 0x5d, | ||
4440 | 0x7f, 0x83, 0x73, 0xb6, 0x70, 0x18, 0x65, 0x3e, | ||
4441 | 0x2f, 0x0e, 0x7a, 0x12, 0x39, 0x98, 0xab, 0xd8, | ||
4442 | 0x7e, 0x6f, 0xa3, 0xd1, 0xba, 0x56, 0xad, 0xbd, | ||
4443 | 0xf0, 0x03, 0x01, 0x1c, 0x85, 0x35, 0x9f, 0xeb, | ||
4444 | 0x19, 0x63, 0xa1, 0xaf, 0xfe, 0x2d, 0x35, 0x50, | ||
4445 | 0x39, 0xa0, 0x65, 0x7c, 0x95, 0x7e, 0x6b, 0xfe, | ||
4446 | 0xc1, 0xac, 0x07, 0x7c, 0x98, 0x4f, 0xbe, 0x57, | ||
4447 | 0xa7, 0x22, 0xec, 0xe2, 0x7e, 0x29, 0x09, 0x53, | ||
4448 | 0xe8, 0xbf, 0xb4, 0x7e, 0x3f, 0x8f, 0xfc, 0x14, | ||
4449 | 0xce, 0x54, 0xf9, 0x18, 0x58, 0xb5, 0xff, 0x44, | ||
4450 | 0x05, 0x9d, 0xce, 0x1b, 0xb6, 0x82, 0x23, 0xc8, | ||
4451 | 0x2e, 0xbc, 0x69, 0xbb, 0x4a, 0x29, 0x0f, 0x65, | ||
4452 | 0x94, 0xf0, 0x63, 0x06, 0x0e, 0xef, 0x8c, 0xbd, | ||
4453 | 0xff, 0xfd, 0xb0, 0x21, 0x6e, 0x57, 0x05, 0x75, | ||
4454 | 0xda, 0xd5, 0xc4, 0xeb, 0x8d, 0x32, 0xf7, 0x50, | ||
4455 | 0xd3, 0x6f, 0x22, 0xed, 0x5f, 0x8e, 0xa2, 0x5b, | ||
4456 | 0x80, 0x8c, 0xc8, 0x78, 0x40, 0x24, 0x4b, 0x89, | ||
4457 | 0x30, 0xce, 0x7a, 0x97, 0x0e, 0xc4, 0xaf, 0xef, | ||
4458 | 0x9b, 0xb4, 0xcd, 0x66, 0x74, 0x14, 0x04, 0x2b, | ||
4459 | 0xf7, 0xce, 0x0b, 0x1c, 0x6e, 0xc2, 0x78, 0x8c, | ||
4460 | 0xca, 0xc5, 0xd0, 0x1c, 0x95, 0x4a, 0x91, 0x2d, | ||
4461 | 0xa7, 0x20, 0xeb, 0x86, 0x52, 0xb7, 0x67, 0xd8, | ||
4462 | 0x0c, 0xd6, 0x04, 0x14, 0xde, 0x51, 0x74, 0x75, | ||
4463 | 0xe7, 0x11, 0xb4, 0x87, 0xa3, 0x3d, 0x2d, 0xad, | ||
4464 | 0x4f, 0xef, 0xa0, 0x0f, 0x70, 0x00, 0x6d, 0x13, | ||
4465 | 0x19, 0x1d, 0x41, 0x50, 0xe9, 0xd8, 0xf0, 0x32, | ||
4466 | 0x71, 0xbc, 0xd3, 0x11, 0xf2, 0xac, 0xbe, 0xaf, | ||
4467 | 0x75, 0x46, 0x65, 0x4e, 0x07, 0x34, 0x37, 0xa3, | ||
4468 | 0x89, 0xfe, 0x75, 0xd4, 0x70, 0x4c, 0xc6, 0x3f, | ||
4469 | 0x69, 0x24, 0x0e, 0x38, 0x67, 0x43, 0x8c, 0xde, | ||
4470 | 0x06, 0xb5, 0xb8, 0xe7, 0xc4, 0xf0, 0x41, 0x8f, | ||
4471 | 0xf0, 0xbd, 0x2f, 0x0b, 0xb9, 0x18, 0xf8, 0xde, | ||
4472 | 0x64, 0xb1, 0xdb, 0xee, 0x00, 0x50, 0x77, 0xe1, | ||
4473 | 0xc7, 0xff, 0xa6, 0xfa, 0xdd, 0x70, 0xf4, 0xe3, | ||
4474 | 0x93, 0xe9, 0x77, 0x35, 0x3d, 0x4b, 0x2f, 0x2b, | ||
4475 | 0x6d, 0x55, 0xf0, 0xfc, 0x88, 0x54, 0x4e, 0x89, | ||
4476 | 0xc1, 0x8a, 0x23, 0x31, 0x2d, 0x14, 0x2a, 0xb8, | ||
4477 | 0x1b, 0x15, 0xdd, 0x9e, 0x6e, 0x7b, 0xda, 0x05, | ||
4478 | 0x91, 0x7d, 0x62, 0x64, 0x96, 0x72, 0xde, 0xfc, | ||
4479 | 0xc1, 0xec, 0xf0, 0x23, 0x51, 0x6f, 0xdb, 0x5b, | ||
4480 | 0x1d, 0x08, 0x57, 0xce, 0x09, 0xb8, 0xf6, 0xcd, | ||
4481 | 0x8d, 0x95, 0xf2, 0x20, 0xbf, 0x0f, 0x20, 0x57, | ||
4482 | 0x98, 0x81, 0x84, 0x4f, 0x15, 0x5c, 0x76, 0xe7, | ||
4483 | 0x3e, 0x0a, 0x3a, 0x6c, 0xc4, 0x8a, 0xbe, 0x78, | ||
4484 | 0x74, 0x77, 0xc3, 0x09, 0x4b, 0x5d, 0x48, 0xe4, | ||
4485 | 0xc8, 0xcb, 0x0b, 0xea, 0x17, 0x28, 0xcf, 0xcf, | ||
4486 | 0x31, 0x32, 0x44, 0xa4, 0xe5, 0x0e, 0x1a, 0x98, | ||
4487 | 0x94, 0xc4, 0xf0, 0xff, 0xae, 0x3e, 0x44, 0xe8, | ||
4488 | 0xa5, 0xb3, 0xb5, 0x37, 0x2f, 0xe8, 0xaf, 0x6f, | ||
4489 | 0x28, 0xc1, 0x37, 0x5f, 0x31, 0xd2, 0xb9, 0x33, | ||
4490 | 0xb1, 0xb2, 0x52, 0x94, 0x75, 0x2c, 0x29, 0x59, | ||
4491 | 0x06, 0xc2, 0x25, 0xe8, 0x71, 0x65, 0x4e, 0xed, | ||
4492 | 0xc0, 0x9c, 0xb1, 0xbb, 0x25, 0xdc, 0x6c, 0xe7, | ||
4493 | 0x4b, 0xa5, 0x7a, 0x54, 0x7a, 0x60, 0xff, 0x7a, | ||
4494 | 0xe0, 0x50, 0x40, 0x96, 0x35, 0x63, 0xe4, 0x0b, | ||
4495 | 0x76, 0xbd, 0xa4, 0x65, 0x00, 0x1b, 0x57, 0x88, | ||
4496 | 0xae, 0xed, 0x39, 0x88, 0x42, 0x11, 0x3c, 0xed, | ||
4497 | 0x85, 0x67, 0x7d, 0xb9, 0x68, 0x82, 0xe9, 0x43, | ||
4498 | 0x3c, 0x47, 0x53, 0xfa, 0xe8, 0xf8, 0x9f, 0x1f, | ||
4499 | 0x9f, 0xef, 0x0f, 0xf7, 0x30, 0xd9, 0x30, 0x0e, | ||
4500 | 0xb9, 0x9f, 0x69, 0x18, 0x2f, 0x7e, 0xf8, 0xf8, | ||
4501 | 0xf8, 0x8c, 0x0f, 0xd4, 0x02, 0x4d, 0xea, 0xcd, | ||
4502 | 0x0a, 0x9c, 0x6f, 0x71, 0x6d, 0x5a, 0x4c, 0x60, | ||
4503 | 0xce, 0x20, 0x56, 0x32, 0xc6, 0xc5, 0x99, 0x1f, | ||
4504 | 0x09, 0xe6, 0x4e, 0x18, 0x1a, 0x15, 0x13, 0xa8, | ||
4505 | 0x7d, 0xb1, 0x6b, 0xc0, 0xb2, 0x6d, 0xf8, 0x26, | ||
4506 | 0x66, 0xf8, 0x3d, 0x18, 0x74, 0x70, 0x66, 0x7a, | ||
4507 | 0x34, 0x17, 0xde, 0xba, 0x47, 0xf1, 0x06, 0x18, | ||
4508 | 0xcb, 0xaf, 0xeb, 0x4a, 0x1e, 0x8f, 0xa7, 0x77, | ||
4509 | 0xe0, 0x3b, 0x78, 0x62, 0x66, 0xc9, 0x10, 0xea, | ||
4510 | 0x1f, 0xb7, 0x29, 0x0a, 0x45, 0xa1, 0x1d, 0x1e, | ||
4511 | 0x1d, 0xe2, 0x65, 0x61, 0x50, 0x9c, 0xd7, 0x05, | ||
4512 | 0xf2, 0x0b, 0x5b, 0x12, 0x61, 0x02, 0xc8, 0xe5, | ||
4513 | 0x63, 0x4f, 0x20, 0x0c, 0x07, 0x17, 0x33, 0x5e, | ||
4514 | 0x03, 0x9a, 0x53, 0x0f, 0x2e, 0x55, 0xfe, 0x50, | ||
4515 | 0x43, 0x7d, 0xd0, 0xb6, 0x7e, 0x5a, 0xda, 0xae, | ||
4516 | 0x58, 0xef, 0x15, 0xa9, 0x83, 0xd9, 0x46, 0xb1, | ||
4517 | 0x42, 0xaa, 0xf5, 0x02, 0x6c, 0xce, 0x92, 0x06, | ||
4518 | 0x1b, 0xdb, 0x66, 0x45, 0x91, 0x79, 0xc2, 0x2d, | ||
4519 | 0xe6, 0x53, 0xd3, 0x14, 0xfd, 0xbb, 0x44, 0x63, | ||
4520 | 0xc6, 0xd7, 0x3d, 0x7a, 0x0c, 0x75, 0x78, 0x9d, | ||
4521 | 0x5c, 0xa6, 0x39, 0xb3, 0xe5, 0x63, 0xca, 0x8b, | ||
4522 | 0xfe, 0xd3, 0xef, 0x60, 0x83, 0xf6, 0x8e, 0x70, | ||
4523 | 0xb6, 0x67, 0xc7, 0x77, 0xed, 0x23, 0xef, 0x4c, | ||
4524 | 0xf0, 0xed, 0x2d, 0x07, 0x59, 0x6f, 0xc1, 0x01, | ||
4525 | 0x34, 0x37, 0x08, 0xab, 0xd9, 0x1f, 0x09, 0xb1, | ||
4526 | 0xce, 0x5b, 0x17, 0xff, 0x74, 0xf8, 0x9c, 0xd5, | ||
4527 | 0x2c, 0x56, 0x39, 0x79, 0x0f, 0x69, 0x44, 0x75, | ||
4528 | 0x58, 0x27, 0x01, 0xc4, 0xbf, 0xa7, 0xa1, 0x1d, | ||
4529 | 0x90, 0x17, 0x77, 0x86, 0x5a, 0x3f, 0xd9, 0xd1, | ||
4530 | 0x0e, 0xa0, 0x10, 0xf8, 0xec, 0x1e, 0xa5, 0x7f, | ||
4531 | 0x5e, 0x36, 0xd1, 0xe3, 0x04, 0x2c, 0x70, 0xf7, | ||
4532 | 0x8e, 0xc0, 0x98, 0x2f, 0x6c, 0x94, 0x2b, 0x41, | ||
4533 | 0xb7, 0x60, 0x00, 0xb7, 0x2e, 0xb8, 0x02, 0x8d, | ||
4534 | 0xb8, 0xb0, 0xd3, 0x86, 0xba, 0x1d, 0xd7, 0x90, | ||
4535 | 0xd6, 0xb6, 0xe1, 0xfc, 0xd7, 0xd8, 0x28, 0x06, | ||
4536 | 0x63, 0x9b, 0xce, 0x61, 0x24, 0x79, 0xc0, 0x70, | ||
4537 | 0x52, 0xd0, 0xb6, 0xd4, 0x28, 0x95, 0x24, 0x87, | ||
4538 | 0x03, 0x1f, 0xb7, 0x9a, 0xda, 0xa3, 0xfb, 0x52, | ||
4539 | 0x5b, 0x68, 0xe7, 0x4c, 0x8c, 0x24, 0xe1, 0x42, | ||
4540 | 0xf7, 0xd5, 0xfd, 0xad, 0x06, 0x32, 0x9f, 0xba, | ||
4541 | 0xc1, 0xfc, 0xdd, 0xc6, 0xfc, 0xfc, 0xb3, 0x38, | ||
4542 | 0x74, 0x56, 0x58, 0x40, 0x02, 0x37, 0x52, 0x2c, | ||
4543 | 0x55, 0xcc, 0xb3, 0x9e, 0x7a, 0xe9, 0xd4, 0x38, | ||
4544 | 0x41, 0x5e, 0x0c, 0x35, 0xe2, 0x11, 0xd1, 0x13, | ||
4545 | 0xf8, 0xb7, 0x8d, 0x72, 0x6b, 0x22, 0x2a, 0xb0, | ||
4546 | 0xdb, 0x08, 0xba, 0x35, 0xb9, 0x3f, 0xc8, 0xd3, | ||
4547 | 0x24, 0x90, 0xec, 0x58, 0xd2, 0x09, 0xc7, 0x2d, | ||
4548 | 0xed, 0x38, 0x80, 0x36, 0x72, 0x43, 0x27, 0x49, | ||
4549 | 0x4a, 0x80, 0x8a, 0xa2, 0xe8, 0xd3, 0xda, 0x30, | ||
4550 | 0x7d, 0xb6, 0x82, 0x37, 0x86, 0x92, 0x86, 0x3e, | ||
4551 | 0x08, 0xb2, 0x28, 0x5a, 0x55, 0x44, 0x24, 0x7d, | ||
4552 | 0x40, 0x48, 0x8a, 0xb6, 0x89, 0x58, 0x08, 0xa0, | ||
4553 | 0xd6, 0x6d, 0x3a, 0x17, 0xbf, 0xf6, 0x54, 0xa2, | ||
4554 | 0xf5, 0xd3, 0x8c, 0x0f, 0x78, 0x12, 0x57, 0x8b, | ||
4555 | 0xd5, 0xc2, 0xfd, 0x58, 0x5b, 0x7f, 0x38, 0xe3, | ||
4556 | 0xcc, 0xb7, 0x7c, 0x48, 0xb3, 0x20, 0xe8, 0x81, | ||
4557 | 0x14, 0x32, 0x45, 0x05, 0xe0, 0xdb, 0x9f, 0x75, | ||
4558 | 0x85, 0xb4, 0x6a, 0xfc, 0x95, 0xe3, 0x54, 0x22, | ||
4559 | 0x12, 0xee, 0x30, 0xfe, 0xd8, 0x30, 0xef, 0x34, | ||
4560 | 0x50, 0xab, 0x46, 0x30, 0x98, 0x2f, 0xb7, 0xc0, | ||
4561 | 0x15, 0xa2, 0x83, 0xb6, 0xf2, 0x06, 0x21, 0xa2, | ||
4562 | 0xc3, 0x26, 0x37, 0x14, 0xd1, 0x4d, 0xb5, 0x10, | ||
4563 | 0x52, 0x76, 0x4d, 0x6a, 0xee, 0xb5, 0x2b, 0x15, | ||
4564 | 0xb7, 0xf9, 0x51, 0xe8, 0x2a, 0xaf, 0xc7, 0xfa, | ||
4565 | 0x77, 0xaf, 0xb0, 0x05, 0x4d, 0xd1, 0x68, 0x8e, | ||
4566 | 0x74, 0x05, 0x9f, 0x9d, 0x93, 0xa5, 0x3e, 0x7f, | ||
4567 | 0x4e, 0x5f, 0x9d, 0xcb, 0x09, 0xc7, 0x83, 0xe3, | ||
4568 | 0x02, 0x9d, 0x27, 0x1f, 0xef, 0x85, 0x05, 0x8d, | ||
4569 | 0xec, 0x55, 0x88, 0x0f, 0x0d, 0x7c, 0x4c, 0xe8, | ||
4570 | 0xa1, 0x75, 0xa0, 0xd8, 0x06, 0x47, 0x14, 0xef, | ||
4571 | 0xaa, 0x61, 0xcf, 0x26, 0x15, 0xad, 0xd8, 0xa3, | ||
4572 | 0xaa, 0x75, 0xf2, 0x78, 0x4a, 0x5a, 0x61, 0xdf, | ||
4573 | 0x8b, 0xc7, 0x04, 0xbc, 0xb2, 0x32, 0xd2, 0x7e, | ||
4574 | 0x42, 0xee, 0xb4, 0x2f, 0x51, 0xff, 0x7b, 0x2e, | ||
4575 | 0xd3, 0x02, 0xe8, 0xdc, 0x5d, 0x0d, 0x50, 0xdc, | ||
4576 | 0xae, 0xb7, 0x46, 0xf9, 0xa8, 0xe6, 0xd0, 0x16, | ||
4577 | 0xcc, 0xe6, 0x2c, 0x81, 0xc7, 0xad, 0xe9, 0xf0, | ||
4578 | 0x05, 0x72, 0x6d, 0x3d, 0x0a, 0x7a, 0xa9, 0x02, | ||
4579 | 0xac, 0x82, 0x93, 0x6e, 0xb6, 0x1c, 0x28, 0xfc, | ||
4580 | 0x44, 0x12, 0xfb, 0x73, 0x77, 0xd4, 0x13, 0x39, | ||
4581 | 0x29, 0x88, 0x8a, 0xf3, 0x5c, 0xa6, 0x36, 0xa0, | ||
4582 | 0x2a, 0xed, 0x7e, 0xb1, 0x1d, 0xd6, 0x4c, 0x6b, | ||
4583 | 0x41, 0x01, 0x18, 0x5d, 0x5d, 0x07, 0x97, 0xa6, | ||
4584 | 0x4b, 0xef, 0x31, 0x18, 0xea, 0xac, 0xb1, 0x84, | ||
4585 | 0x21, 0xed, 0xda, 0x86, | ||
4586 | }, | ||
4587 | .rlen = 4100, | ||
4588 | }, | ||
4589 | }; | ||
4590 | |||
4591 | static struct cipher_testvec aes_ctr_dec_tv_template[] = { | ||
4592 | { /* From RFC 3686 */ | ||
4593 | .key = { 0xae, 0x68, 0x52, 0xf8, 0x12, 0x10, 0x67, 0xcc, | ||
4594 | 0x4b, 0xf7, 0xa5, 0x76, 0x55, 0x77, 0xf3, 0x9e, | ||
4595 | 0x00, 0x00, 0x00, 0x30 }, | ||
4596 | .klen = 20, | ||
4597 | .iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
4598 | .input = { 0xe4, 0x09, 0x5d, 0x4f, 0xb7, 0xa7, 0xb3, 0x79, | ||
4599 | 0x2d, 0x61, 0x75, 0xa3, 0x26, 0x13, 0x11, 0xb8 }, | ||
4600 | .ilen = 16, | ||
4601 | .result = { "Single block msg" }, | ||
4602 | .rlen = 16, | ||
4603 | }, { | ||
4604 | .key = { 0x7e, 0x24, 0x06, 0x78, 0x17, 0xfa, 0xe0, 0xd7, | ||
4605 | 0x43, 0xd6, 0xce, 0x1f, 0x32, 0x53, 0x91, 0x63, | ||
4606 | 0x00, 0x6c, 0xb6, 0xdb }, | ||
4607 | .klen = 20, | ||
4608 | .iv = { 0xc0, 0x54, 0x3b, 0x59, 0xda, 0x48, 0xd9, 0x0b }, | ||
4609 | .input = { 0x51, 0x04, 0xa1, 0x06, 0x16, 0x8a, 0x72, 0xd9, | ||
4610 | 0x79, 0x0d, 0x41, 0xee, 0x8e, 0xda, 0xd3, 0x88, | ||
4611 | 0xeb, 0x2e, 0x1e, 0xfc, 0x46, 0xda, 0x57, 0xc8, | ||
4612 | 0xfc, 0xe6, 0x30, 0xdf, 0x91, 0x41, 0xbe, 0x28 }, | ||
4613 | .ilen = 32, | ||
4614 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
4615 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
4616 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
4617 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
4618 | .rlen = 32, | ||
4619 | }, { | ||
4620 | .key = { 0x16, 0xaf, 0x5b, 0x14, 0x5f, 0xc9, 0xf5, 0x79, | ||
4621 | 0xc1, 0x75, 0xf9, 0x3e, 0x3b, 0xfb, 0x0e, 0xed, | ||
4622 | 0x86, 0x3d, 0x06, 0xcc, 0xfd, 0xb7, 0x85, 0x15, | ||
4623 | 0x00, 0x00, 0x00, 0x48 }, | ||
4624 | .klen = 28, | ||
4625 | .iv = { 0x36, 0x73, 0x3c, 0x14, 0x7d, 0x6d, 0x93, 0xcb }, | ||
4626 | .input = { 0x4b, 0x55, 0x38, 0x4f, 0xe2, 0x59, 0xc9, 0xc8, | ||
4627 | 0x4e, 0x79, 0x35, 0xa0, 0x03, 0xcb, 0xe9, 0x28 }, | ||
4628 | .ilen = 16, | ||
4629 | .result = { "Single block msg" }, | ||
4630 | .rlen = 16, | ||
4631 | }, { | ||
4632 | .key = { 0x7c, 0x5c, 0xb2, 0x40, 0x1b, 0x3d, 0xc3, 0x3c, | ||
4633 | 0x19, 0xe7, 0x34, 0x08, 0x19, 0xe0, 0xf6, 0x9c, | ||
4634 | 0x67, 0x8c, 0x3d, 0xb8, 0xe6, 0xf6, 0xa9, 0x1a, | ||
4635 | 0x00, 0x96, 0xb0, 0x3b }, | ||
4636 | .klen = 28, | ||
4637 | .iv = { 0x02, 0x0c, 0x6e, 0xad, 0xc2, 0xcb, 0x50, 0x0d }, | ||
4638 | .input = { 0x45, 0x32, 0x43, 0xfc, 0x60, 0x9b, 0x23, 0x32, | ||
4639 | 0x7e, 0xdf, 0xaa, 0xfa, 0x71, 0x31, 0xcd, 0x9f, | ||
4640 | 0x84, 0x90, 0x70, 0x1c, 0x5a, 0xd4, 0xa7, 0x9c, | ||
4641 | 0xfc, 0x1f, 0xe0, 0xff, 0x42, 0xf4, 0xfb, 0x00 }, | ||
4642 | .ilen = 32, | ||
4643 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
4644 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
4645 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
4646 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
4647 | .rlen = 32, | ||
4648 | }, { | ||
4649 | .key = { 0x77, 0x6b, 0xef, 0xf2, 0x85, 0x1d, 0xb0, 0x6f, | ||
4650 | 0x4c, 0x8a, 0x05, 0x42, 0xc8, 0x69, 0x6f, 0x6c, | ||
4651 | 0x6a, 0x81, 0xaf, 0x1e, 0xec, 0x96, 0xb4, 0xd3, | ||
4652 | 0x7f, 0xc1, 0xd6, 0x89, 0xe6, 0xc1, 0xc1, 0x04, | ||
4653 | 0x00, 0x00, 0x00, 0x60 }, | ||
4654 | .klen = 36, | ||
4655 | .iv = { 0xdb, 0x56, 0x72, 0xc9, 0x7a, 0xa8, 0xf0, 0xb2 }, | ||
4656 | .input = { 0x14, 0x5a, 0xd0, 0x1d, 0xbf, 0x82, 0x4e, 0xc7, | ||
4657 | 0x56, 0x08, 0x63, 0xdc, 0x71, 0xe3, 0xe0, 0xc0 }, | ||
4658 | .ilen = 16, | ||
4659 | .result = { "Single block msg" }, | ||
4660 | .rlen = 16, | ||
4661 | }, { | ||
4662 | .key = { 0xf6, 0xd6, 0x6d, 0x6b, 0xd5, 0x2d, 0x59, 0xbb, | ||
4663 | 0x07, 0x96, 0x36, 0x58, 0x79, 0xef, 0xf8, 0x86, | ||
4664 | 0xc6, 0x6d, 0xd5, 0x1a, 0x5b, 0x6a, 0x99, 0x74, | ||
4665 | 0x4b, 0x50, 0x59, 0x0c, 0x87, 0xa2, 0x38, 0x84, | ||
4666 | 0x00, 0xfa, 0xac, 0x24 }, | ||
4667 | .klen = 36, | ||
4668 | .iv = { 0xc1, 0x58, 0x5e, 0xf1, 0x5a, 0x43, 0xd8, 0x75 }, | ||
4669 | .input = { 0xf0, 0x5e, 0x23, 0x1b, 0x38, 0x94, 0x61, 0x2c, | ||
4670 | 0x49, 0xee, 0x00, 0x0b, 0x80, 0x4e, 0xb2, 0xa9, | ||
4671 | 0xb8, 0x30, 0x6b, 0x50, 0x8f, 0x83, 0x9d, 0x6a, | ||
4672 | 0x55, 0x30, 0x83, 0x1d, 0x93, 0x44, 0xaf, 0x1c }, | ||
4673 | .ilen = 32, | ||
4674 | .result = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
4675 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
4676 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
4677 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f }, | ||
4678 | .rlen = 32, | ||
4679 | }, | ||
4680 | }; | ||
4681 | |||
4682 | static struct aead_testvec aes_gcm_enc_tv_template[] = { | ||
4683 | { /* From McGrew & Viega - http://citeseer.ist.psu.edu/656989.html */ | ||
4684 | .klen = 16, | ||
4685 | .result = { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, | ||
4686 | 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a }, | ||
4687 | .rlen = 16, | ||
4688 | }, { | ||
4689 | .klen = 16, | ||
4690 | .ilen = 16, | ||
4691 | .result = { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, | ||
4692 | 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78, | ||
4693 | 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd, | ||
4694 | 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf }, | ||
4695 | .rlen = 32, | ||
4696 | }, { | ||
4697 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4698 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, | ||
4699 | .klen = 16, | ||
4700 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4701 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4702 | .input = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4703 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4704 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4705 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4706 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4707 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4708 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4709 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, | ||
4710 | .ilen = 64, | ||
4711 | .result = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, | ||
4712 | 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, | ||
4713 | 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, | ||
4714 | 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, | ||
4715 | 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, | ||
4716 | 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, | ||
4717 | 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, | ||
4718 | 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85, | ||
4719 | 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, | ||
4720 | 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 }, | ||
4721 | .rlen = 80, | ||
4722 | }, { | ||
4723 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4724 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, | ||
4725 | .klen = 16, | ||
4726 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4727 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4728 | .input = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4729 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4730 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4731 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4732 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4733 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4734 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4735 | 0xba, 0x63, 0x7b, 0x39 }, | ||
4736 | .ilen = 60, | ||
4737 | .assoc = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
4738 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
4739 | 0xab, 0xad, 0xda, 0xd2 }, | ||
4740 | .alen = 20, | ||
4741 | .result = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, | ||
4742 | 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, | ||
4743 | 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, | ||
4744 | 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, | ||
4745 | 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, | ||
4746 | 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, | ||
4747 | 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, | ||
4748 | 0x3d, 0x58, 0xe0, 0x91, | ||
4749 | 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb, | ||
4750 | 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 }, | ||
4751 | .rlen = 76, | ||
4752 | }, { | ||
4753 | .klen = 24, | ||
4754 | .result = { 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b, | ||
4755 | 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 }, | ||
4756 | .rlen = 16, | ||
4757 | }, { | ||
4758 | .klen = 24, | ||
4759 | .ilen = 16, | ||
4760 | .result = { 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41, | ||
4761 | 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00, | ||
4762 | 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab, | ||
4763 | 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb }, | ||
4764 | .rlen = 32, | ||
4765 | }, { | ||
4766 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4767 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, | ||
4768 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c }, | ||
4769 | .klen = 24, | ||
4770 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4771 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4772 | .input = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4773 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4774 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4775 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4776 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4777 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4778 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4779 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, | ||
4780 | .ilen = 64, | ||
4781 | .result = { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, | ||
4782 | 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, | ||
4783 | 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, | ||
4784 | 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, | ||
4785 | 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, | ||
4786 | 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, | ||
4787 | 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, | ||
4788 | 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56, | ||
4789 | 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf, | ||
4790 | 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 }, | ||
4791 | .rlen = 80, | ||
4792 | }, { | ||
4793 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4794 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, | ||
4795 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c }, | ||
4796 | .klen = 24, | ||
4797 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4798 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4799 | .input = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4800 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4801 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4802 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4803 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4804 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4805 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4806 | 0xba, 0x63, 0x7b, 0x39 }, | ||
4807 | .ilen = 60, | ||
4808 | .assoc = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
4809 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
4810 | 0xab, 0xad, 0xda, 0xd2 }, | ||
4811 | .alen = 20, | ||
4812 | .result = { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, | ||
4813 | 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, | ||
4814 | 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, | ||
4815 | 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, | ||
4816 | 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, | ||
4817 | 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, | ||
4818 | 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, | ||
4819 | 0xcc, 0xda, 0x27, 0x10, | ||
4820 | 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f, | ||
4821 | 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c }, | ||
4822 | .rlen = 76, | ||
4823 | .np = 2, | ||
4824 | .tap = { 32, 28 }, | ||
4825 | .anp = 2, | ||
4826 | .atap = { 8, 12 } | ||
4827 | }, { | ||
4828 | .klen = 32, | ||
4829 | .result = { 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9, | ||
4830 | 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b }, | ||
4831 | .rlen = 16, | ||
4832 | } | ||
4833 | }; | ||
4834 | |||
4835 | static struct aead_testvec aes_gcm_dec_tv_template[] = { | ||
4836 | { /* From McGrew & Viega - http://citeseer.ist.psu.edu/656989.html */ | ||
4837 | .klen = 32, | ||
4838 | .input = { 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e, | ||
4839 | 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18, | ||
4840 | 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0, | ||
4841 | 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 }, | ||
4842 | .ilen = 32, | ||
4843 | .rlen = 16, | ||
4844 | }, { | ||
4845 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4846 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, | ||
4847 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4848 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, | ||
4849 | .klen = 32, | ||
4850 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4851 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4852 | .input = { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, | ||
4853 | 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, | ||
4854 | 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, | ||
4855 | 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, | ||
4856 | 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, | ||
4857 | 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, | ||
4858 | 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, | ||
4859 | 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad, | ||
4860 | 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd, | ||
4861 | 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c }, | ||
4862 | .ilen = 80, | ||
4863 | .result = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4864 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4865 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4866 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4867 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4868 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4869 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4870 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, | ||
4871 | .rlen = 64, | ||
4872 | }, { | ||
4873 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4874 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, | ||
4875 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4876 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, | ||
4877 | .klen = 32, | ||
4878 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4879 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4880 | .input = { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, | ||
4881 | 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, | ||
4882 | 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, | ||
4883 | 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, | ||
4884 | 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, | ||
4885 | 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, | ||
4886 | 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, | ||
4887 | 0xbc, 0xc9, 0xf6, 0x62, | ||
4888 | 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, | ||
4889 | 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b }, | ||
4890 | .ilen = 76, | ||
4891 | .assoc = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
4892 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
4893 | 0xab, 0xad, 0xda, 0xd2 }, | ||
4894 | .alen = 20, | ||
4895 | .result = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4896 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4897 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4898 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4899 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4900 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4901 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4902 | 0xba, 0x63, 0x7b, 0x39 }, | ||
4903 | .rlen = 60, | ||
4904 | .np = 2, | ||
4905 | .tap = { 48, 28 }, | ||
4906 | .anp = 3, | ||
4907 | .atap = { 8, 8, 4 } | ||
4908 | }, { | ||
4909 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4910 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, | ||
4911 | .klen = 16, | ||
4912 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4913 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4914 | .input = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, | ||
4915 | 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, | ||
4916 | 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, | ||
4917 | 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, | ||
4918 | 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, | ||
4919 | 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, | ||
4920 | 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, | ||
4921 | 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85, | ||
4922 | 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, | ||
4923 | 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 }, | ||
4924 | .ilen = 80, | ||
4925 | .result = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4926 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4927 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4928 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4929 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4930 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4931 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4932 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, | ||
4933 | .rlen = 64, | ||
4934 | }, { | ||
4935 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4936 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, | ||
4937 | .klen = 16, | ||
4938 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4939 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4940 | .input = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, | ||
4941 | 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, | ||
4942 | 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, | ||
4943 | 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, | ||
4944 | 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, | ||
4945 | 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, | ||
4946 | 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, | ||
4947 | 0x3d, 0x58, 0xe0, 0x91, | ||
4948 | 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb, | ||
4949 | 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 }, | ||
4950 | .ilen = 76, | ||
4951 | .assoc = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
4952 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
4953 | 0xab, 0xad, 0xda, 0xd2 }, | ||
4954 | .alen = 20, | ||
4955 | .result = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4956 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4957 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4958 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4959 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4960 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4961 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4962 | 0xba, 0x63, 0x7b, 0x39 }, | ||
4963 | .rlen = 60, | ||
4964 | }, { | ||
4965 | .klen = 24, | ||
4966 | .input = { 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41, | ||
4967 | 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00, | ||
4968 | 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab, | ||
4969 | 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb }, | ||
4970 | .ilen = 32, | ||
4971 | .rlen = 16, | ||
4972 | }, { | ||
4973 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
4974 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, | ||
4975 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c }, | ||
4976 | .klen = 24, | ||
4977 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
4978 | 0xde, 0xca, 0xf8, 0x88 }, | ||
4979 | .input = { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, | ||
4980 | 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, | ||
4981 | 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, | ||
4982 | 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, | ||
4983 | 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, | ||
4984 | 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, | ||
4985 | 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, | ||
4986 | 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56, | ||
4987 | 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf, | ||
4988 | 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 }, | ||
4989 | .ilen = 80, | ||
4990 | .result = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
4991 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
4992 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
4993 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
4994 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
4995 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
4996 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
4997 | 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, | ||
4998 | .rlen = 64, | ||
4999 | }, { | ||
5000 | .key = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, | ||
5001 | 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, | ||
5002 | 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c }, | ||
5003 | .klen = 24, | ||
5004 | .iv = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, | ||
5005 | 0xde, 0xca, 0xf8, 0x88 }, | ||
5006 | .input = { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, | ||
5007 | 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, | ||
5008 | 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, | ||
5009 | 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, | ||
5010 | 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, | ||
5011 | 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, | ||
5012 | 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, | ||
5013 | 0xcc, 0xda, 0x27, 0x10, | ||
5014 | 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f, | ||
5015 | 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c }, | ||
5016 | .ilen = 76, | ||
5017 | .assoc = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
5018 | 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, | ||
5019 | 0xab, 0xad, 0xda, 0xd2 }, | ||
5020 | .alen = 20, | ||
5021 | .result = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, | ||
5022 | 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, | ||
5023 | 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, | ||
5024 | 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, | ||
5025 | 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, | ||
5026 | 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, | ||
5027 | 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, | ||
5028 | 0xba, 0x63, 0x7b, 0x39 }, | ||
5029 | .rlen = 60, | ||
5030 | } | ||
5031 | }; | ||
5032 | |||
5033 | static struct aead_testvec aes_ccm_enc_tv_template[] = { | ||
5034 | { /* From RFC 3610 */ | ||
5035 | .key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
5036 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }, | ||
5037 | .klen = 16, | ||
5038 | .iv = { 0x01, 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, | ||
5039 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x00 }, | ||
5040 | .assoc = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, | ||
5041 | .alen = 8, | ||
5042 | .input = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
5043 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
5044 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, | ||
5045 | .ilen = 23, | ||
5046 | .result = { 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, | ||
5047 | 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, | ||
5048 | 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84, 0x17, | ||
5049 | 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 }, | ||
5050 | .rlen = 31, | ||
5051 | }, { | ||
5052 | .key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
5053 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }, | ||
5054 | .klen = 16, | ||
5055 | .iv = { 0x01, 0x00, 0x00, 0x00, 0x07, 0x06, 0x05, 0x04, | ||
5056 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x00 }, | ||
5057 | .assoc = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
5058 | 0x08, 0x09, 0x0a, 0x0b }, | ||
5059 | .alen = 12, | ||
5060 | .input = { 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, | ||
5061 | 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, | ||
5062 | 0x1c, 0x1d, 0x1e, 0x1f }, | ||
5063 | .ilen = 20, | ||
5064 | .result = { 0xdc, 0xf1, 0xfb, 0x7b, 0x5d, 0x9e, 0x23, 0xfb, | ||
5065 | 0x9d, 0x4e, 0x13, 0x12, 0x53, 0x65, 0x8a, 0xd8, | ||
5066 | 0x6e, 0xbd, 0xca, 0x3e, 0x51, 0xe8, 0x3f, 0x07, | ||
5067 | 0x7d, 0x9c, 0x2d, 0x93 }, | ||
5068 | .rlen = 28, | ||
5069 | }, { | ||
5070 | .key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
5071 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }, | ||
5072 | .klen = 16, | ||
5073 | .iv = { 0x01, 0x00, 0x00, 0x00, 0x0b, 0x0a, 0x09, 0x08, | ||
5074 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x00 }, | ||
5075 | .assoc = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, | ||
5076 | .alen = 8, | ||
5077 | .input = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
5078 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
5079 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, | ||
5080 | 0x20 }, | ||
5081 | .ilen = 25, | ||
5082 | .result = { 0x82, 0x53, 0x1a, 0x60, 0xcc, 0x24, 0x94, 0x5a, | ||
5083 | 0x4b, 0x82, 0x79, 0x18, 0x1a, 0xb5, 0xc8, 0x4d, | ||
5084 | 0xf2, 0x1c, 0xe7, 0xf9, 0xb7, 0x3f, 0x42, 0xe1, | ||
5085 | 0x97, 0xea, 0x9c, 0x07, 0xe5, 0x6b, 0x5e, 0xb1, | ||
5086 | 0x7e, 0x5f, 0x4e }, | ||
5087 | .rlen = 35, | ||
5088 | }, { | ||
5089 | .key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
5090 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }, | ||
5091 | .klen = 16, | ||
5092 | .iv = { 0x01, 0x00, 0x00, 0x00, 0x0c, 0x0b, 0x0a, 0x09, | ||
5093 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x00 }, | ||
5094 | .assoc = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
5095 | 0x08, 0x09, 0x0a, 0x0b }, | ||
5096 | .alen = 12, | ||
5097 | .input = { 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, | ||
5098 | 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, | ||
5099 | 0x1c, 0x1d, 0x1e }, | ||
5100 | .ilen = 19, | ||
5101 | .result = { 0x07, 0x34, 0x25, 0x94, 0x15, 0x77, 0x85, 0x15, | ||
5102 | 0x2b, 0x07, 0x40, 0x98, 0x33, 0x0a, 0xbb, 0x14, | ||
5103 | 0x1b, 0x94, 0x7b, 0x56, 0x6a, 0xa9, 0x40, 0x6b, | ||
5104 | 0x4d, 0x99, 0x99, 0x88, 0xdd }, | ||
5105 | .rlen = 29, | ||
5106 | }, { | ||
5107 | .key = { 0xd7, 0x82, 0x8d, 0x13, 0xb2, 0xb0, 0xbd, 0xc3, | ||
5108 | 0x25, 0xa7, 0x62, 0x36, 0xdf, 0x93, 0xcc, 0x6b }, | ||
5109 | .klen = 16, | ||
5110 | .iv = { 0x01, 0x00, 0x33, 0x56, 0x8e, 0xf7, 0xb2, 0x63, | ||
5111 | 0x3c, 0x96, 0x96, 0x76, 0x6c, 0xfa, 0x00, 0x00 }, | ||
5112 | .assoc = { 0x63, 0x01, 0x8f, 0x76, 0xdc, 0x8a, 0x1b, 0xcb }, | ||
5113 | .alen = 8, | ||
5114 | .input = { 0x90, 0x20, 0xea, 0x6f, 0x91, 0xbd, 0xd8, 0x5a, | ||
5115 | 0xfa, 0x00, 0x39, 0xba, 0x4b, 0xaf, 0xf9, 0xbf, | ||
5116 | 0xb7, 0x9c, 0x70, 0x28, 0x94, 0x9c, 0xd0, 0xec }, | ||
5117 | .ilen = 24, | ||
5118 | .result = { 0x4c, 0xcb, 0x1e, 0x7c, 0xa9, 0x81, 0xbe, 0xfa, | ||
5119 | 0xa0, 0x72, 0x6c, 0x55, 0xd3, 0x78, 0x06, 0x12, | ||
5120 | 0x98, 0xc8, 0x5c, 0x92, 0x81, 0x4a, 0xbc, 0x33, | ||
5121 | 0xc5, 0x2e, 0xe8, 0x1d, 0x7d, 0x77, 0xc0, 0x8a }, | ||
5122 | .rlen = 32, | ||
5123 | }, { | ||
5124 | .key = { 0xd7, 0x82, 0x8d, 0x13, 0xb2, 0xb0, 0xbd, 0xc3, | ||
5125 | 0x25, 0xa7, 0x62, 0x36, 0xdf, 0x93, 0xcc, 0x6b }, | ||
5126 | .klen = 16, | ||
5127 | .iv = { 0x01, 0x00, 0xd5, 0x60, 0x91, 0x2d, 0x3f, 0x70, | ||
5128 | 0x3c, 0x96, 0x96, 0x76, 0x6c, 0xfa, 0x00, 0x00 }, | ||
5129 | .assoc = { 0xcd, 0x90, 0x44, 0xd2, 0xb7, 0x1f, 0xdb, 0x81, | ||
5130 | 0x20, 0xea, 0x60, 0xc0 }, | ||
5131 | .alen = 12, | ||
5132 | .input = { 0x64, 0x35, 0xac, 0xba, 0xfb, 0x11, 0xa8, 0x2e, | ||
5133 | 0x2f, 0x07, 0x1d, 0x7c, 0xa4, 0xa5, 0xeb, 0xd9, | ||
5134 | 0x3a, 0x80, 0x3b, 0xa8, 0x7f }, | ||
5135 | .ilen = 21, | ||
5136 | .result = { 0x00, 0x97, 0x69, 0xec, 0xab, 0xdf, 0x48, 0x62, | ||
5137 | 0x55, 0x94, 0xc5, 0x92, 0x51, 0xe6, 0x03, 0x57, | ||
5138 | 0x22, 0x67, 0x5e, 0x04, 0xc8, 0x47, 0x09, 0x9e, | ||
5139 | 0x5a, 0xe0, 0x70, 0x45, 0x51 }, | ||
5140 | .rlen = 29, | ||
5141 | }, { | ||
5142 | .key = { 0xd7, 0x82, 0x8d, 0x13, 0xb2, 0xb0, 0xbd, 0xc3, | ||
5143 | 0x25, 0xa7, 0x62, 0x36, 0xdf, 0x93, 0xcc, 0x6b }, | ||
5144 | .klen = 16, | ||
5145 | .iv = { 0x01, 0x00, 0x42, 0xff, 0xf8, 0xf1, 0x95, 0x1c, | ||
5146 | 0x3c, 0x96, 0x96, 0x76, 0x6c, 0xfa, 0x00, 0x00 }, | ||
5147 | .assoc = { 0xd8, 0x5b, 0xc7, 0xe6, 0x9f, 0x94, 0x4f, 0xb8 }, | ||
5148 | .alen = 8, | ||
5149 | .input = { 0x8a, 0x19, 0xb9, 0x50, 0xbc, 0xf7, 0x1a, 0x01, | ||
5150 | 0x8e, 0x5e, 0x67, 0x01, 0xc9, 0x17, 0x87, 0x65, | ||
5151 | 0x98, 0x09, 0xd6, 0x7d, 0xbe, 0xdd, 0x18 }, | ||
5152 | .ilen = 23, | ||
5153 | .result = { 0xbc, 0x21, 0x8d, 0xaa, 0x94, 0x74, 0x27, 0xb6, | ||
5154 | 0xdb, 0x38, 0x6a, 0x99, 0xac, 0x1a, 0xef, 0x23, | ||
5155 | 0xad, 0xe0, 0xb5, 0x29, 0x39, 0xcb, 0x6a, 0x63, | ||
5156 | 0x7c, 0xf9, 0xbe, 0xc2, 0x40, 0x88, 0x97, 0xc6, | ||
5157 | 0xba }, | ||
5158 | .rlen = 33, | ||
5159 | }, | ||
5160 | }; | ||
5161 | |||
5162 | static struct aead_testvec aes_ccm_dec_tv_template[] = { | ||
5163 | { /* From RFC 3610 */ | ||
5164 | .key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
5165 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }, | ||
5166 | .klen = 16, | ||
5167 | .iv = { 0x01, 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, | ||
5168 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x00 }, | ||
5169 | .assoc = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, | ||
5170 | .alen = 8, | ||
5171 | .input = { 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, | ||
5172 | 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, | ||
5173 | 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84, 0x17, | ||
5174 | 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 }, | ||
5175 | .ilen = 31, | ||
5176 | .result = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
5177 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
5178 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e }, | ||
5179 | .rlen = 23, | ||
5180 | }, { | ||
5181 | .key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
5182 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }, | ||
5183 | .klen = 16, | ||
5184 | .iv = { 0x01, 0x00, 0x00, 0x00, 0x07, 0x06, 0x05, 0x04, | ||
5185 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x00 }, | ||
5186 | .assoc = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
5187 | 0x08, 0x09, 0x0a, 0x0b }, | ||
5188 | .alen = 12, | ||
5189 | .input = { 0xdc, 0xf1, 0xfb, 0x7b, 0x5d, 0x9e, 0x23, 0xfb, | ||
5190 | 0x9d, 0x4e, 0x13, 0x12, 0x53, 0x65, 0x8a, 0xd8, | ||
5191 | 0x6e, 0xbd, 0xca, 0x3e, 0x51, 0xe8, 0x3f, 0x07, | ||
5192 | 0x7d, 0x9c, 0x2d, 0x93 }, | ||
5193 | .ilen = 28, | ||
5194 | .result = { 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, | ||
5195 | 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, | ||
5196 | 0x1c, 0x1d, 0x1e, 0x1f }, | ||
5197 | .rlen = 20, | ||
5198 | }, { | ||
5199 | .key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
5200 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }, | ||
5201 | .klen = 16, | ||
5202 | .iv = { 0x01, 0x00, 0x00, 0x00, 0x0b, 0x0a, 0x09, 0x08, | ||
5203 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x00 }, | ||
5204 | .assoc = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, | ||
5205 | .alen = 8, | ||
5206 | .input = { 0x82, 0x53, 0x1a, 0x60, 0xcc, 0x24, 0x94, 0x5a, | ||
5207 | 0x4b, 0x82, 0x79, 0x18, 0x1a, 0xb5, 0xc8, 0x4d, | ||
5208 | 0xf2, 0x1c, 0xe7, 0xf9, 0xb7, 0x3f, 0x42, 0xe1, | ||
5209 | 0x97, 0xea, 0x9c, 0x07, 0xe5, 0x6b, 0x5e, 0xb1, | ||
5210 | 0x7e, 0x5f, 0x4e }, | ||
5211 | .ilen = 35, | ||
5212 | .result = { 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
5213 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
5214 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, | ||
5215 | 0x20 }, | ||
5216 | .rlen = 25, | ||
5217 | }, { | ||
5218 | .key = { 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
5219 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf }, | ||
5220 | .klen = 16, | ||
5221 | .iv = { 0x01, 0x00, 0x00, 0x00, 0x0c, 0x0b, 0x0a, 0x09, | ||
5222 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x00 }, | ||
5223 | .assoc = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
5224 | 0x08, 0x09, 0x0a, 0x0b }, | ||
5225 | .alen = 12, | ||
5226 | .input = { 0x07, 0x34, 0x25, 0x94, 0x15, 0x77, 0x85, 0x15, | ||
5227 | 0x2b, 0x07, 0x40, 0x98, 0x33, 0x0a, 0xbb, 0x14, | ||
5228 | 0x1b, 0x94, 0x7b, 0x56, 0x6a, 0xa9, 0x40, 0x6b, | ||
5229 | 0x4d, 0x99, 0x99, 0x88, 0xdd }, | ||
5230 | .ilen = 29, | ||
5231 | .result = { 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, | ||
5232 | 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, | ||
5233 | 0x1c, 0x1d, 0x1e }, | ||
5234 | .rlen = 19, | ||
5235 | }, { | ||
5236 | .key = { 0xd7, 0x82, 0x8d, 0x13, 0xb2, 0xb0, 0xbd, 0xc3, | ||
5237 | 0x25, 0xa7, 0x62, 0x36, 0xdf, 0x93, 0xcc, 0x6b }, | ||
5238 | .klen = 16, | ||
5239 | .iv = { 0x01, 0x00, 0x33, 0x56, 0x8e, 0xf7, 0xb2, 0x63, | ||
5240 | 0x3c, 0x96, 0x96, 0x76, 0x6c, 0xfa, 0x00, 0x00 }, | ||
5241 | .assoc = { 0x63, 0x01, 0x8f, 0x76, 0xdc, 0x8a, 0x1b, 0xcb }, | ||
5242 | .alen = 8, | ||
5243 | .input = { 0x4c, 0xcb, 0x1e, 0x7c, 0xa9, 0x81, 0xbe, 0xfa, | ||
5244 | 0xa0, 0x72, 0x6c, 0x55, 0xd3, 0x78, 0x06, 0x12, | ||
5245 | 0x98, 0xc8, 0x5c, 0x92, 0x81, 0x4a, 0xbc, 0x33, | ||
5246 | 0xc5, 0x2e, 0xe8, 0x1d, 0x7d, 0x77, 0xc0, 0x8a }, | ||
5247 | .ilen = 32, | ||
5248 | .result = { 0x90, 0x20, 0xea, 0x6f, 0x91, 0xbd, 0xd8, 0x5a, | ||
5249 | 0xfa, 0x00, 0x39, 0xba, 0x4b, 0xaf, 0xf9, 0xbf, | ||
5250 | 0xb7, 0x9c, 0x70, 0x28, 0x94, 0x9c, 0xd0, 0xec }, | ||
5251 | .rlen = 24, | ||
5252 | }, { | ||
5253 | .key = { 0xd7, 0x82, 0x8d, 0x13, 0xb2, 0xb0, 0xbd, 0xc3, | ||
5254 | 0x25, 0xa7, 0x62, 0x36, 0xdf, 0x93, 0xcc, 0x6b }, | ||
5255 | .klen = 16, | ||
5256 | .iv = { 0x01, 0x00, 0xd5, 0x60, 0x91, 0x2d, 0x3f, 0x70, | ||
5257 | 0x3c, 0x96, 0x96, 0x76, 0x6c, 0xfa, 0x00, 0x00 }, | ||
5258 | .assoc = { 0xcd, 0x90, 0x44, 0xd2, 0xb7, 0x1f, 0xdb, 0x81, | ||
5259 | 0x20, 0xea, 0x60, 0xc0 }, | ||
5260 | .alen = 12, | ||
5261 | .input = { 0x00, 0x97, 0x69, 0xec, 0xab, 0xdf, 0x48, 0x62, | ||
5262 | 0x55, 0x94, 0xc5, 0x92, 0x51, 0xe6, 0x03, 0x57, | ||
5263 | 0x22, 0x67, 0x5e, 0x04, 0xc8, 0x47, 0x09, 0x9e, | ||
5264 | 0x5a, 0xe0, 0x70, 0x45, 0x51 }, | ||
5265 | .ilen = 29, | ||
5266 | .result = { 0x64, 0x35, 0xac, 0xba, 0xfb, 0x11, 0xa8, 0x2e, | ||
5267 | 0x2f, 0x07, 0x1d, 0x7c, 0xa4, 0xa5, 0xeb, 0xd9, | ||
5268 | 0x3a, 0x80, 0x3b, 0xa8, 0x7f }, | ||
5269 | .rlen = 21, | ||
5270 | }, { | ||
5271 | .key = { 0xd7, 0x82, 0x8d, 0x13, 0xb2, 0xb0, 0xbd, 0xc3, | ||
5272 | 0x25, 0xa7, 0x62, 0x36, 0xdf, 0x93, 0xcc, 0x6b }, | ||
5273 | .klen = 16, | ||
5274 | .iv = { 0x01, 0x00, 0x42, 0xff, 0xf8, 0xf1, 0x95, 0x1c, | ||
5275 | 0x3c, 0x96, 0x96, 0x76, 0x6c, 0xfa, 0x00, 0x00 }, | ||
5276 | .assoc = { 0xd8, 0x5b, 0xc7, 0xe6, 0x9f, 0x94, 0x4f, 0xb8 }, | ||
5277 | .alen = 8, | ||
5278 | .input = { 0xbc, 0x21, 0x8d, 0xaa, 0x94, 0x74, 0x27, 0xb6, | ||
5279 | 0xdb, 0x38, 0x6a, 0x99, 0xac, 0x1a, 0xef, 0x23, | ||
5280 | 0xad, 0xe0, 0xb5, 0x29, 0x39, 0xcb, 0x6a, 0x63, | ||
5281 | 0x7c, 0xf9, 0xbe, 0xc2, 0x40, 0x88, 0x97, 0xc6, | ||
5282 | 0xba }, | ||
5283 | .ilen = 33, | ||
5284 | .result = { 0x8a, 0x19, 0xb9, 0x50, 0xbc, 0xf7, 0x1a, 0x01, | ||
5285 | 0x8e, 0x5e, 0x67, 0x01, 0xc9, 0x17, 0x87, 0x65, | ||
5286 | 0x98, 0x09, 0xd6, 0x7d, 0xbe, 0xdd, 0x18 }, | ||
5287 | .rlen = 23, | ||
5288 | }, | ||
5289 | }; | ||
5290 | |||
3183 | /* Cast5 test vectors from RFC 2144 */ | 5291 | /* Cast5 test vectors from RFC 2144 */ |
3184 | #define CAST5_ENC_TEST_VECTORS 3 | 5292 | #define CAST5_ENC_TEST_VECTORS 3 |
3185 | #define CAST5_DEC_TEST_VECTORS 3 | 5293 | #define CAST5_DEC_TEST_VECTORS 3 |
@@ -4317,6 +6425,1211 @@ static struct cipher_testvec seed_dec_tv_template[] = { | |||
4317 | } | 6425 | } |
4318 | }; | 6426 | }; |
4319 | 6427 | ||
6428 | #define SALSA20_STREAM_ENC_TEST_VECTORS 5 | ||
6429 | static struct cipher_testvec salsa20_stream_enc_tv_template[] = { | ||
6430 | /* | ||
6431 | * Testvectors from verified.test-vectors submitted to ECRYPT. | ||
6432 | * They are truncated to size 39, 64, 111, 129 to test a variety | ||
6433 | * of input length. | ||
6434 | */ | ||
6435 | { /* Set 3, vector 0 */ | ||
6436 | .key = { | ||
6437 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
6438 | 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F | ||
6439 | }, | ||
6440 | .klen = 16, | ||
6441 | .iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
6442 | .input = { | ||
6443 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6444 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6445 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6446 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6447 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6448 | }, | ||
6449 | .ilen = 39, | ||
6450 | .result = { | ||
6451 | 0x2D, 0xD5, 0xC3, 0xF7, 0xBA, 0x2B, 0x20, 0xF7, | ||
6452 | 0x68, 0x02, 0x41, 0x0C, 0x68, 0x86, 0x88, 0x89, | ||
6453 | 0x5A, 0xD8, 0xC1, 0xBD, 0x4E, 0xA6, 0xC9, 0xB1, | ||
6454 | 0x40, 0xFB, 0x9B, 0x90, 0xE2, 0x10, 0x49, 0xBF, | ||
6455 | 0x58, 0x3F, 0x52, 0x79, 0x70, 0xEB, 0xC1, | ||
6456 | }, | ||
6457 | .rlen = 39, | ||
6458 | }, { /* Set 5, vector 0 */ | ||
6459 | .key = { | ||
6460 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6461 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | ||
6462 | }, | ||
6463 | .klen = 16, | ||
6464 | .iv = { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
6465 | .input = { | ||
6466 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6467 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6468 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6469 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6470 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6471 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6472 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6473 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6474 | }, | ||
6475 | .ilen = 64, | ||
6476 | .result = { | ||
6477 | 0xB6, 0x6C, 0x1E, 0x44, 0x46, 0xDD, 0x95, 0x57, | ||
6478 | 0xE5, 0x78, 0xE2, 0x23, 0xB0, 0xB7, 0x68, 0x01, | ||
6479 | 0x7B, 0x23, 0xB2, 0x67, 0xBB, 0x02, 0x34, 0xAE, | ||
6480 | 0x46, 0x26, 0xBF, 0x44, 0x3F, 0x21, 0x97, 0x76, | ||
6481 | 0x43, 0x6F, 0xB1, 0x9F, 0xD0, 0xE8, 0x86, 0x6F, | ||
6482 | 0xCD, 0x0D, 0xE9, 0xA9, 0x53, 0x8F, 0x4A, 0x09, | ||
6483 | 0xCA, 0x9A, 0xC0, 0x73, 0x2E, 0x30, 0xBC, 0xF9, | ||
6484 | 0x8E, 0x4F, 0x13, 0xE4, 0xB9, 0xE2, 0x01, 0xD9, | ||
6485 | }, | ||
6486 | .rlen = 64, | ||
6487 | }, { /* Set 3, vector 27 */ | ||
6488 | .key = { | ||
6489 | 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, | ||
6490 | 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, | ||
6491 | 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, | ||
6492 | 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A | ||
6493 | }, | ||
6494 | .klen = 32, | ||
6495 | .iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, | ||
6496 | .input = { | ||
6497 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6498 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6499 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6500 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6501 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6502 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6503 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6504 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6505 | |||
6506 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6507 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6508 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6509 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6510 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6511 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6512 | }, | ||
6513 | .ilen = 111, | ||
6514 | .result = { | ||
6515 | 0xAE, 0x39, 0x50, 0x8E, 0xAC, 0x9A, 0xEC, 0xE7, | ||
6516 | 0xBF, 0x97, 0xBB, 0x20, 0xB9, 0xDE, 0xE4, 0x1F, | ||
6517 | 0x87, 0xD9, 0x47, 0xF8, 0x28, 0x91, 0x35, 0x98, | ||
6518 | 0xDB, 0x72, 0xCC, 0x23, 0x29, 0x48, 0x56, 0x5E, | ||
6519 | 0x83, 0x7E, 0x0B, 0xF3, 0x7D, 0x5D, 0x38, 0x7B, | ||
6520 | 0x2D, 0x71, 0x02, 0xB4, 0x3B, 0xB5, 0xD8, 0x23, | ||
6521 | 0xB0, 0x4A, 0xDF, 0x3C, 0xEC, 0xB6, 0xD9, 0x3B, | ||
6522 | 0x9B, 0xA7, 0x52, 0xBE, 0xC5, 0xD4, 0x50, 0x59, | ||
6523 | |||
6524 | 0x15, 0x14, 0xB4, 0x0E, 0x40, 0xE6, 0x53, 0xD1, | ||
6525 | 0x83, 0x9C, 0x5B, 0xA0, 0x92, 0x29, 0x6B, 0x5E, | ||
6526 | 0x96, 0x5B, 0x1E, 0x2F, 0xD3, 0xAC, 0xC1, 0x92, | ||
6527 | 0xB1, 0x41, 0x3F, 0x19, 0x2F, 0xC4, 0x3B, 0xC6, | ||
6528 | 0x95, 0x46, 0x45, 0x54, 0xE9, 0x75, 0x03, 0x08, | ||
6529 | 0x44, 0xAF, 0xE5, 0x8A, 0x81, 0x12, 0x09, | ||
6530 | }, | ||
6531 | .rlen = 111, | ||
6532 | |||
6533 | }, { /* Set 5, vector 27 */ | ||
6534 | .key = { | ||
6535 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6536 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6537 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6538 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 | ||
6539 | }, | ||
6540 | .klen = 32, | ||
6541 | .iv = { 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00 }, | ||
6542 | .input = { | ||
6543 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6544 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6545 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6546 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6547 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6548 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6549 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6550 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6551 | |||
6552 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6553 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6554 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6555 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6556 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6557 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6558 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6559 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6560 | |||
6561 | 0x00, | ||
6562 | }, | ||
6563 | .ilen = 129, | ||
6564 | .result = { | ||
6565 | 0xD2, 0xDB, 0x1A, 0x5C, 0xF1, 0xC1, 0xAC, 0xDB, | ||
6566 | 0xE8, 0x1A, 0x7A, 0x43, 0x40, 0xEF, 0x53, 0x43, | ||
6567 | 0x5E, 0x7F, 0x4B, 0x1A, 0x50, 0x52, 0x3F, 0x8D, | ||
6568 | 0x28, 0x3D, 0xCF, 0x85, 0x1D, 0x69, 0x6E, 0x60, | ||
6569 | 0xF2, 0xDE, 0x74, 0x56, 0x18, 0x1B, 0x84, 0x10, | ||
6570 | 0xD4, 0x62, 0xBA, 0x60, 0x50, 0xF0, 0x61, 0xF2, | ||
6571 | 0x1C, 0x78, 0x7F, 0xC1, 0x24, 0x34, 0xAF, 0x58, | ||
6572 | 0xBF, 0x2C, 0x59, 0xCA, 0x90, 0x77, 0xF3, 0xB0, | ||
6573 | |||
6574 | 0x5B, 0x4A, 0xDF, 0x89, 0xCE, 0x2C, 0x2F, 0xFC, | ||
6575 | 0x67, 0xF0, 0xE3, 0x45, 0xE8, 0xB3, 0xB3, 0x75, | ||
6576 | 0xA0, 0x95, 0x71, 0xA1, 0x29, 0x39, 0x94, 0xCA, | ||
6577 | 0x45, 0x2F, 0xBD, 0xCB, 0x10, 0xB6, 0xBE, 0x9F, | ||
6578 | 0x8E, 0xF9, 0xB2, 0x01, 0x0A, 0x5A, 0x0A, 0xB7, | ||
6579 | 0x6B, 0x9D, 0x70, 0x8E, 0x4B, 0xD6, 0x2F, 0xCD, | ||
6580 | 0x2E, 0x40, 0x48, 0x75, 0xE9, 0xE2, 0x21, 0x45, | ||
6581 | 0x0B, 0xC9, 0xB6, 0xB5, 0x66, 0xBC, 0x9A, 0x59, | ||
6582 | |||
6583 | 0x5A, | ||
6584 | }, | ||
6585 | .rlen = 129, | ||
6586 | }, { /* large test vector generated using Crypto++ */ | ||
6587 | .key = { | ||
6588 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
6589 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
6590 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
6591 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, | ||
6592 | }, | ||
6593 | .klen = 32, | ||
6594 | .iv = { | ||
6595 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6596 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | ||
6597 | }, | ||
6598 | .input = { | ||
6599 | 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | ||
6600 | 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | ||
6601 | 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | ||
6602 | 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, | ||
6603 | 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, | ||
6604 | 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, | ||
6605 | 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, | ||
6606 | 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, | ||
6607 | 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, | ||
6608 | 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, | ||
6609 | 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, | ||
6610 | 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, | ||
6611 | 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, | ||
6612 | 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, | ||
6613 | 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, | ||
6614 | 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, | ||
6615 | 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, | ||
6616 | 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, | ||
6617 | 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, | ||
6618 | 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, | ||
6619 | 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, | ||
6620 | 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, | ||
6621 | 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, | ||
6622 | 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, | ||
6623 | 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, | ||
6624 | 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, | ||
6625 | 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, | ||
6626 | 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, | ||
6627 | 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, | ||
6628 | 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, | ||
6629 | 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, | ||
6630 | 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff, | ||
6631 | 0x00, 0x03, 0x06, 0x09, 0x0c, 0x0f, 0x12, 0x15, | ||
6632 | 0x18, 0x1b, 0x1e, 0x21, 0x24, 0x27, 0x2a, 0x2d, | ||
6633 | 0x30, 0x33, 0x36, 0x39, 0x3c, 0x3f, 0x42, 0x45, | ||
6634 | 0x48, 0x4b, 0x4e, 0x51, 0x54, 0x57, 0x5a, 0x5d, | ||
6635 | 0x60, 0x63, 0x66, 0x69, 0x6c, 0x6f, 0x72, 0x75, | ||
6636 | 0x78, 0x7b, 0x7e, 0x81, 0x84, 0x87, 0x8a, 0x8d, | ||
6637 | 0x90, 0x93, 0x96, 0x99, 0x9c, 0x9f, 0xa2, 0xa5, | ||
6638 | 0xa8, 0xab, 0xae, 0xb1, 0xb4, 0xb7, 0xba, 0xbd, | ||
6639 | 0xc0, 0xc3, 0xc6, 0xc9, 0xcc, 0xcf, 0xd2, 0xd5, | ||
6640 | 0xd8, 0xdb, 0xde, 0xe1, 0xe4, 0xe7, 0xea, 0xed, | ||
6641 | 0xf0, 0xf3, 0xf6, 0xf9, 0xfc, 0xff, 0x02, 0x05, | ||
6642 | 0x08, 0x0b, 0x0e, 0x11, 0x14, 0x17, 0x1a, 0x1d, | ||
6643 | 0x20, 0x23, 0x26, 0x29, 0x2c, 0x2f, 0x32, 0x35, | ||
6644 | 0x38, 0x3b, 0x3e, 0x41, 0x44, 0x47, 0x4a, 0x4d, | ||
6645 | 0x50, 0x53, 0x56, 0x59, 0x5c, 0x5f, 0x62, 0x65, | ||
6646 | 0x68, 0x6b, 0x6e, 0x71, 0x74, 0x77, 0x7a, 0x7d, | ||
6647 | 0x80, 0x83, 0x86, 0x89, 0x8c, 0x8f, 0x92, 0x95, | ||
6648 | 0x98, 0x9b, 0x9e, 0xa1, 0xa4, 0xa7, 0xaa, 0xad, | ||
6649 | 0xb0, 0xb3, 0xb6, 0xb9, 0xbc, 0xbf, 0xc2, 0xc5, | ||
6650 | 0xc8, 0xcb, 0xce, 0xd1, 0xd4, 0xd7, 0xda, 0xdd, | ||
6651 | 0xe0, 0xe3, 0xe6, 0xe9, 0xec, 0xef, 0xf2, 0xf5, | ||
6652 | 0xf8, 0xfb, 0xfe, 0x01, 0x04, 0x07, 0x0a, 0x0d, | ||
6653 | 0x10, 0x13, 0x16, 0x19, 0x1c, 0x1f, 0x22, 0x25, | ||
6654 | 0x28, 0x2b, 0x2e, 0x31, 0x34, 0x37, 0x3a, 0x3d, | ||
6655 | 0x40, 0x43, 0x46, 0x49, 0x4c, 0x4f, 0x52, 0x55, | ||
6656 | 0x58, 0x5b, 0x5e, 0x61, 0x64, 0x67, 0x6a, 0x6d, | ||
6657 | 0x70, 0x73, 0x76, 0x79, 0x7c, 0x7f, 0x82, 0x85, | ||
6658 | 0x88, 0x8b, 0x8e, 0x91, 0x94, 0x97, 0x9a, 0x9d, | ||
6659 | 0xa0, 0xa3, 0xa6, 0xa9, 0xac, 0xaf, 0xb2, 0xb5, | ||
6660 | 0xb8, 0xbb, 0xbe, 0xc1, 0xc4, 0xc7, 0xca, 0xcd, | ||
6661 | 0xd0, 0xd3, 0xd6, 0xd9, 0xdc, 0xdf, 0xe2, 0xe5, | ||
6662 | 0xe8, 0xeb, 0xee, 0xf1, 0xf4, 0xf7, 0xfa, 0xfd, | ||
6663 | 0x00, 0x05, 0x0a, 0x0f, 0x14, 0x19, 0x1e, 0x23, | ||
6664 | 0x28, 0x2d, 0x32, 0x37, 0x3c, 0x41, 0x46, 0x4b, | ||
6665 | 0x50, 0x55, 0x5a, 0x5f, 0x64, 0x69, 0x6e, 0x73, | ||
6666 | 0x78, 0x7d, 0x82, 0x87, 0x8c, 0x91, 0x96, 0x9b, | ||
6667 | 0xa0, 0xa5, 0xaa, 0xaf, 0xb4, 0xb9, 0xbe, 0xc3, | ||
6668 | 0xc8, 0xcd, 0xd2, 0xd7, 0xdc, 0xe1, 0xe6, 0xeb, | ||
6669 | 0xf0, 0xf5, 0xfa, 0xff, 0x04, 0x09, 0x0e, 0x13, | ||
6670 | 0x18, 0x1d, 0x22, 0x27, 0x2c, 0x31, 0x36, 0x3b, | ||
6671 | 0x40, 0x45, 0x4a, 0x4f, 0x54, 0x59, 0x5e, 0x63, | ||
6672 | 0x68, 0x6d, 0x72, 0x77, 0x7c, 0x81, 0x86, 0x8b, | ||
6673 | 0x90, 0x95, 0x9a, 0x9f, 0xa4, 0xa9, 0xae, 0xb3, | ||
6674 | 0xb8, 0xbd, 0xc2, 0xc7, 0xcc, 0xd1, 0xd6, 0xdb, | ||
6675 | 0xe0, 0xe5, 0xea, 0xef, 0xf4, 0xf9, 0xfe, 0x03, | ||
6676 | 0x08, 0x0d, 0x12, 0x17, 0x1c, 0x21, 0x26, 0x2b, | ||
6677 | 0x30, 0x35, 0x3a, 0x3f, 0x44, 0x49, 0x4e, 0x53, | ||
6678 | 0x58, 0x5d, 0x62, 0x67, 0x6c, 0x71, 0x76, 0x7b, | ||
6679 | 0x80, 0x85, 0x8a, 0x8f, 0x94, 0x99, 0x9e, 0xa3, | ||
6680 | 0xa8, 0xad, 0xb2, 0xb7, 0xbc, 0xc1, 0xc6, 0xcb, | ||
6681 | 0xd0, 0xd5, 0xda, 0xdf, 0xe4, 0xe9, 0xee, 0xf3, | ||
6682 | 0xf8, 0xfd, 0x02, 0x07, 0x0c, 0x11, 0x16, 0x1b, | ||
6683 | 0x20, 0x25, 0x2a, 0x2f, 0x34, 0x39, 0x3e, 0x43, | ||
6684 | 0x48, 0x4d, 0x52, 0x57, 0x5c, 0x61, 0x66, 0x6b, | ||
6685 | 0x70, 0x75, 0x7a, 0x7f, 0x84, 0x89, 0x8e, 0x93, | ||
6686 | 0x98, 0x9d, 0xa2, 0xa7, 0xac, 0xb1, 0xb6, 0xbb, | ||
6687 | 0xc0, 0xc5, 0xca, 0xcf, 0xd4, 0xd9, 0xde, 0xe3, | ||
6688 | 0xe8, 0xed, 0xf2, 0xf7, 0xfc, 0x01, 0x06, 0x0b, | ||
6689 | 0x10, 0x15, 0x1a, 0x1f, 0x24, 0x29, 0x2e, 0x33, | ||
6690 | 0x38, 0x3d, 0x42, 0x47, 0x4c, 0x51, 0x56, 0x5b, | ||
6691 | 0x60, 0x65, 0x6a, 0x6f, 0x74, 0x79, 0x7e, 0x83, | ||
6692 | 0x88, 0x8d, 0x92, 0x97, 0x9c, 0xa1, 0xa6, 0xab, | ||
6693 | 0xb0, 0xb5, 0xba, 0xbf, 0xc4, 0xc9, 0xce, 0xd3, | ||
6694 | 0xd8, 0xdd, 0xe2, 0xe7, 0xec, 0xf1, 0xf6, 0xfb, | ||
6695 | 0x00, 0x07, 0x0e, 0x15, 0x1c, 0x23, 0x2a, 0x31, | ||
6696 | 0x38, 0x3f, 0x46, 0x4d, 0x54, 0x5b, 0x62, 0x69, | ||
6697 | 0x70, 0x77, 0x7e, 0x85, 0x8c, 0x93, 0x9a, 0xa1, | ||
6698 | 0xa8, 0xaf, 0xb6, 0xbd, 0xc4, 0xcb, 0xd2, 0xd9, | ||
6699 | 0xe0, 0xe7, 0xee, 0xf5, 0xfc, 0x03, 0x0a, 0x11, | ||
6700 | 0x18, 0x1f, 0x26, 0x2d, 0x34, 0x3b, 0x42, 0x49, | ||
6701 | 0x50, 0x57, 0x5e, 0x65, 0x6c, 0x73, 0x7a, 0x81, | ||
6702 | 0x88, 0x8f, 0x96, 0x9d, 0xa4, 0xab, 0xb2, 0xb9, | ||
6703 | 0xc0, 0xc7, 0xce, 0xd5, 0xdc, 0xe3, 0xea, 0xf1, | ||
6704 | 0xf8, 0xff, 0x06, 0x0d, 0x14, 0x1b, 0x22, 0x29, | ||
6705 | 0x30, 0x37, 0x3e, 0x45, 0x4c, 0x53, 0x5a, 0x61, | ||
6706 | 0x68, 0x6f, 0x76, 0x7d, 0x84, 0x8b, 0x92, 0x99, | ||
6707 | 0xa0, 0xa7, 0xae, 0xb5, 0xbc, 0xc3, 0xca, 0xd1, | ||
6708 | 0xd8, 0xdf, 0xe6, 0xed, 0xf4, 0xfb, 0x02, 0x09, | ||
6709 | 0x10, 0x17, 0x1e, 0x25, 0x2c, 0x33, 0x3a, 0x41, | ||
6710 | 0x48, 0x4f, 0x56, 0x5d, 0x64, 0x6b, 0x72, 0x79, | ||
6711 | 0x80, 0x87, 0x8e, 0x95, 0x9c, 0xa3, 0xaa, 0xb1, | ||
6712 | 0xb8, 0xbf, 0xc6, 0xcd, 0xd4, 0xdb, 0xe2, 0xe9, | ||
6713 | 0xf0, 0xf7, 0xfe, 0x05, 0x0c, 0x13, 0x1a, 0x21, | ||
6714 | 0x28, 0x2f, 0x36, 0x3d, 0x44, 0x4b, 0x52, 0x59, | ||
6715 | 0x60, 0x67, 0x6e, 0x75, 0x7c, 0x83, 0x8a, 0x91, | ||
6716 | 0x98, 0x9f, 0xa6, 0xad, 0xb4, 0xbb, 0xc2, 0xc9, | ||
6717 | 0xd0, 0xd7, 0xde, 0xe5, 0xec, 0xf3, 0xfa, 0x01, | ||
6718 | 0x08, 0x0f, 0x16, 0x1d, 0x24, 0x2b, 0x32, 0x39, | ||
6719 | 0x40, 0x47, 0x4e, 0x55, 0x5c, 0x63, 0x6a, 0x71, | ||
6720 | 0x78, 0x7f, 0x86, 0x8d, 0x94, 0x9b, 0xa2, 0xa9, | ||
6721 | 0xb0, 0xb7, 0xbe, 0xc5, 0xcc, 0xd3, 0xda, 0xe1, | ||
6722 | 0xe8, 0xef, 0xf6, 0xfd, 0x04, 0x0b, 0x12, 0x19, | ||
6723 | 0x20, 0x27, 0x2e, 0x35, 0x3c, 0x43, 0x4a, 0x51, | ||
6724 | 0x58, 0x5f, 0x66, 0x6d, 0x74, 0x7b, 0x82, 0x89, | ||
6725 | 0x90, 0x97, 0x9e, 0xa5, 0xac, 0xb3, 0xba, 0xc1, | ||
6726 | 0xc8, 0xcf, 0xd6, 0xdd, 0xe4, 0xeb, 0xf2, 0xf9, | ||
6727 | 0x00, 0x09, 0x12, 0x1b, 0x24, 0x2d, 0x36, 0x3f, | ||
6728 | 0x48, 0x51, 0x5a, 0x63, 0x6c, 0x75, 0x7e, 0x87, | ||
6729 | 0x90, 0x99, 0xa2, 0xab, 0xb4, 0xbd, 0xc6, 0xcf, | ||
6730 | 0xd8, 0xe1, 0xea, 0xf3, 0xfc, 0x05, 0x0e, 0x17, | ||
6731 | 0x20, 0x29, 0x32, 0x3b, 0x44, 0x4d, 0x56, 0x5f, | ||
6732 | 0x68, 0x71, 0x7a, 0x83, 0x8c, 0x95, 0x9e, 0xa7, | ||
6733 | 0xb0, 0xb9, 0xc2, 0xcb, 0xd4, 0xdd, 0xe6, 0xef, | ||
6734 | 0xf8, 0x01, 0x0a, 0x13, 0x1c, 0x25, 0x2e, 0x37, | ||
6735 | 0x40, 0x49, 0x52, 0x5b, 0x64, 0x6d, 0x76, 0x7f, | ||
6736 | 0x88, 0x91, 0x9a, 0xa3, 0xac, 0xb5, 0xbe, 0xc7, | ||
6737 | 0xd0, 0xd9, 0xe2, 0xeb, 0xf4, 0xfd, 0x06, 0x0f, | ||
6738 | 0x18, 0x21, 0x2a, 0x33, 0x3c, 0x45, 0x4e, 0x57, | ||
6739 | 0x60, 0x69, 0x72, 0x7b, 0x84, 0x8d, 0x96, 0x9f, | ||
6740 | 0xa8, 0xb1, 0xba, 0xc3, 0xcc, 0xd5, 0xde, 0xe7, | ||
6741 | 0xf0, 0xf9, 0x02, 0x0b, 0x14, 0x1d, 0x26, 0x2f, | ||
6742 | 0x38, 0x41, 0x4a, 0x53, 0x5c, 0x65, 0x6e, 0x77, | ||
6743 | 0x80, 0x89, 0x92, 0x9b, 0xa4, 0xad, 0xb6, 0xbf, | ||
6744 | 0xc8, 0xd1, 0xda, 0xe3, 0xec, 0xf5, 0xfe, 0x07, | ||
6745 | 0x10, 0x19, 0x22, 0x2b, 0x34, 0x3d, 0x46, 0x4f, | ||
6746 | 0x58, 0x61, 0x6a, 0x73, 0x7c, 0x85, 0x8e, 0x97, | ||
6747 | 0xa0, 0xa9, 0xb2, 0xbb, 0xc4, 0xcd, 0xd6, 0xdf, | ||
6748 | 0xe8, 0xf1, 0xfa, 0x03, 0x0c, 0x15, 0x1e, 0x27, | ||
6749 | 0x30, 0x39, 0x42, 0x4b, 0x54, 0x5d, 0x66, 0x6f, | ||
6750 | 0x78, 0x81, 0x8a, 0x93, 0x9c, 0xa5, 0xae, 0xb7, | ||
6751 | 0xc0, 0xc9, 0xd2, 0xdb, 0xe4, 0xed, 0xf6, 0xff, | ||
6752 | 0x08, 0x11, 0x1a, 0x23, 0x2c, 0x35, 0x3e, 0x47, | ||
6753 | 0x50, 0x59, 0x62, 0x6b, 0x74, 0x7d, 0x86, 0x8f, | ||
6754 | 0x98, 0xa1, 0xaa, 0xb3, 0xbc, 0xc5, 0xce, 0xd7, | ||
6755 | 0xe0, 0xe9, 0xf2, 0xfb, 0x04, 0x0d, 0x16, 0x1f, | ||
6756 | 0x28, 0x31, 0x3a, 0x43, 0x4c, 0x55, 0x5e, 0x67, | ||
6757 | 0x70, 0x79, 0x82, 0x8b, 0x94, 0x9d, 0xa6, 0xaf, | ||
6758 | 0xb8, 0xc1, 0xca, 0xd3, 0xdc, 0xe5, 0xee, 0xf7, | ||
6759 | 0x00, 0x0b, 0x16, 0x21, 0x2c, 0x37, 0x42, 0x4d, | ||
6760 | 0x58, 0x63, 0x6e, 0x79, 0x84, 0x8f, 0x9a, 0xa5, | ||
6761 | 0xb0, 0xbb, 0xc6, 0xd1, 0xdc, 0xe7, 0xf2, 0xfd, | ||
6762 | 0x08, 0x13, 0x1e, 0x29, 0x34, 0x3f, 0x4a, 0x55, | ||
6763 | 0x60, 0x6b, 0x76, 0x81, 0x8c, 0x97, 0xa2, 0xad, | ||
6764 | 0xb8, 0xc3, 0xce, 0xd9, 0xe4, 0xef, 0xfa, 0x05, | ||
6765 | 0x10, 0x1b, 0x26, 0x31, 0x3c, 0x47, 0x52, 0x5d, | ||
6766 | 0x68, 0x73, 0x7e, 0x89, 0x94, 0x9f, 0xaa, 0xb5, | ||
6767 | 0xc0, 0xcb, 0xd6, 0xe1, 0xec, 0xf7, 0x02, 0x0d, | ||
6768 | 0x18, 0x23, 0x2e, 0x39, 0x44, 0x4f, 0x5a, 0x65, | ||
6769 | 0x70, 0x7b, 0x86, 0x91, 0x9c, 0xa7, 0xb2, 0xbd, | ||
6770 | 0xc8, 0xd3, 0xde, 0xe9, 0xf4, 0xff, 0x0a, 0x15, | ||
6771 | 0x20, 0x2b, 0x36, 0x41, 0x4c, 0x57, 0x62, 0x6d, | ||
6772 | 0x78, 0x83, 0x8e, 0x99, 0xa4, 0xaf, 0xba, 0xc5, | ||
6773 | 0xd0, 0xdb, 0xe6, 0xf1, 0xfc, 0x07, 0x12, 0x1d, | ||
6774 | 0x28, 0x33, 0x3e, 0x49, 0x54, 0x5f, 0x6a, 0x75, | ||
6775 | 0x80, 0x8b, 0x96, 0xa1, 0xac, 0xb7, 0xc2, 0xcd, | ||
6776 | 0xd8, 0xe3, 0xee, 0xf9, 0x04, 0x0f, 0x1a, 0x25, | ||
6777 | 0x30, 0x3b, 0x46, 0x51, 0x5c, 0x67, 0x72, 0x7d, | ||
6778 | 0x88, 0x93, 0x9e, 0xa9, 0xb4, 0xbf, 0xca, 0xd5, | ||
6779 | 0xe0, 0xeb, 0xf6, 0x01, 0x0c, 0x17, 0x22, 0x2d, | ||
6780 | 0x38, 0x43, 0x4e, 0x59, 0x64, 0x6f, 0x7a, 0x85, | ||
6781 | 0x90, 0x9b, 0xa6, 0xb1, 0xbc, 0xc7, 0xd2, 0xdd, | ||
6782 | 0xe8, 0xf3, 0xfe, 0x09, 0x14, 0x1f, 0x2a, 0x35, | ||
6783 | 0x40, 0x4b, 0x56, 0x61, 0x6c, 0x77, 0x82, 0x8d, | ||
6784 | 0x98, 0xa3, 0xae, 0xb9, 0xc4, 0xcf, 0xda, 0xe5, | ||
6785 | 0xf0, 0xfb, 0x06, 0x11, 0x1c, 0x27, 0x32, 0x3d, | ||
6786 | 0x48, 0x53, 0x5e, 0x69, 0x74, 0x7f, 0x8a, 0x95, | ||
6787 | 0xa0, 0xab, 0xb6, 0xc1, 0xcc, 0xd7, 0xe2, 0xed, | ||
6788 | 0xf8, 0x03, 0x0e, 0x19, 0x24, 0x2f, 0x3a, 0x45, | ||
6789 | 0x50, 0x5b, 0x66, 0x71, 0x7c, 0x87, 0x92, 0x9d, | ||
6790 | 0xa8, 0xb3, 0xbe, 0xc9, 0xd4, 0xdf, 0xea, 0xf5, | ||
6791 | 0x00, 0x0d, 0x1a, 0x27, 0x34, 0x41, 0x4e, 0x5b, | ||
6792 | 0x68, 0x75, 0x82, 0x8f, 0x9c, 0xa9, 0xb6, 0xc3, | ||
6793 | 0xd0, 0xdd, 0xea, 0xf7, 0x04, 0x11, 0x1e, 0x2b, | ||
6794 | 0x38, 0x45, 0x52, 0x5f, 0x6c, 0x79, 0x86, 0x93, | ||
6795 | 0xa0, 0xad, 0xba, 0xc7, 0xd4, 0xe1, 0xee, 0xfb, | ||
6796 | 0x08, 0x15, 0x22, 0x2f, 0x3c, 0x49, 0x56, 0x63, | ||
6797 | 0x70, 0x7d, 0x8a, 0x97, 0xa4, 0xb1, 0xbe, 0xcb, | ||
6798 | 0xd8, 0xe5, 0xf2, 0xff, 0x0c, 0x19, 0x26, 0x33, | ||
6799 | 0x40, 0x4d, 0x5a, 0x67, 0x74, 0x81, 0x8e, 0x9b, | ||
6800 | 0xa8, 0xb5, 0xc2, 0xcf, 0xdc, 0xe9, 0xf6, 0x03, | ||
6801 | 0x10, 0x1d, 0x2a, 0x37, 0x44, 0x51, 0x5e, 0x6b, | ||
6802 | 0x78, 0x85, 0x92, 0x9f, 0xac, 0xb9, 0xc6, 0xd3, | ||
6803 | 0xe0, 0xed, 0xfa, 0x07, 0x14, 0x21, 0x2e, 0x3b, | ||
6804 | 0x48, 0x55, 0x62, 0x6f, 0x7c, 0x89, 0x96, 0xa3, | ||
6805 | 0xb0, 0xbd, 0xca, 0xd7, 0xe4, 0xf1, 0xfe, 0x0b, | ||
6806 | 0x18, 0x25, 0x32, 0x3f, 0x4c, 0x59, 0x66, 0x73, | ||
6807 | 0x80, 0x8d, 0x9a, 0xa7, 0xb4, 0xc1, 0xce, 0xdb, | ||
6808 | 0xe8, 0xf5, 0x02, 0x0f, 0x1c, 0x29, 0x36, 0x43, | ||
6809 | 0x50, 0x5d, 0x6a, 0x77, 0x84, 0x91, 0x9e, 0xab, | ||
6810 | 0xb8, 0xc5, 0xd2, 0xdf, 0xec, 0xf9, 0x06, 0x13, | ||
6811 | 0x20, 0x2d, 0x3a, 0x47, 0x54, 0x61, 0x6e, 0x7b, | ||
6812 | 0x88, 0x95, 0xa2, 0xaf, 0xbc, 0xc9, 0xd6, 0xe3, | ||
6813 | 0xf0, 0xfd, 0x0a, 0x17, 0x24, 0x31, 0x3e, 0x4b, | ||
6814 | 0x58, 0x65, 0x72, 0x7f, 0x8c, 0x99, 0xa6, 0xb3, | ||
6815 | 0xc0, 0xcd, 0xda, 0xe7, 0xf4, 0x01, 0x0e, 0x1b, | ||
6816 | 0x28, 0x35, 0x42, 0x4f, 0x5c, 0x69, 0x76, 0x83, | ||
6817 | 0x90, 0x9d, 0xaa, 0xb7, 0xc4, 0xd1, 0xde, 0xeb, | ||
6818 | 0xf8, 0x05, 0x12, 0x1f, 0x2c, 0x39, 0x46, 0x53, | ||
6819 | 0x60, 0x6d, 0x7a, 0x87, 0x94, 0xa1, 0xae, 0xbb, | ||
6820 | 0xc8, 0xd5, 0xe2, 0xef, 0xfc, 0x09, 0x16, 0x23, | ||
6821 | 0x30, 0x3d, 0x4a, 0x57, 0x64, 0x71, 0x7e, 0x8b, | ||
6822 | 0x98, 0xa5, 0xb2, 0xbf, 0xcc, 0xd9, 0xe6, 0xf3, | ||
6823 | 0x00, 0x0f, 0x1e, 0x2d, 0x3c, 0x4b, 0x5a, 0x69, | ||
6824 | 0x78, 0x87, 0x96, 0xa5, 0xb4, 0xc3, 0xd2, 0xe1, | ||
6825 | 0xf0, 0xff, 0x0e, 0x1d, 0x2c, 0x3b, 0x4a, 0x59, | ||
6826 | 0x68, 0x77, 0x86, 0x95, 0xa4, 0xb3, 0xc2, 0xd1, | ||
6827 | 0xe0, 0xef, 0xfe, 0x0d, 0x1c, 0x2b, 0x3a, 0x49, | ||
6828 | 0x58, 0x67, 0x76, 0x85, 0x94, 0xa3, 0xb2, 0xc1, | ||
6829 | 0xd0, 0xdf, 0xee, 0xfd, 0x0c, 0x1b, 0x2a, 0x39, | ||
6830 | 0x48, 0x57, 0x66, 0x75, 0x84, 0x93, 0xa2, 0xb1, | ||
6831 | 0xc0, 0xcf, 0xde, 0xed, 0xfc, 0x0b, 0x1a, 0x29, | ||
6832 | 0x38, 0x47, 0x56, 0x65, 0x74, 0x83, 0x92, 0xa1, | ||
6833 | 0xb0, 0xbf, 0xce, 0xdd, 0xec, 0xfb, 0x0a, 0x19, | ||
6834 | 0x28, 0x37, 0x46, 0x55, 0x64, 0x73, 0x82, 0x91, | ||
6835 | 0xa0, 0xaf, 0xbe, 0xcd, 0xdc, 0xeb, 0xfa, 0x09, | ||
6836 | 0x18, 0x27, 0x36, 0x45, 0x54, 0x63, 0x72, 0x81, | ||
6837 | 0x90, 0x9f, 0xae, 0xbd, 0xcc, 0xdb, 0xea, 0xf9, | ||
6838 | 0x08, 0x17, 0x26, 0x35, 0x44, 0x53, 0x62, 0x71, | ||
6839 | 0x80, 0x8f, 0x9e, 0xad, 0xbc, 0xcb, 0xda, 0xe9, | ||
6840 | 0xf8, 0x07, 0x16, 0x25, 0x34, 0x43, 0x52, 0x61, | ||
6841 | 0x70, 0x7f, 0x8e, 0x9d, 0xac, 0xbb, 0xca, 0xd9, | ||
6842 | 0xe8, 0xf7, 0x06, 0x15, 0x24, 0x33, 0x42, 0x51, | ||
6843 | 0x60, 0x6f, 0x7e, 0x8d, 0x9c, 0xab, 0xba, 0xc9, | ||
6844 | 0xd8, 0xe7, 0xf6, 0x05, 0x14, 0x23, 0x32, 0x41, | ||
6845 | 0x50, 0x5f, 0x6e, 0x7d, 0x8c, 0x9b, 0xaa, 0xb9, | ||
6846 | 0xc8, 0xd7, 0xe6, 0xf5, 0x04, 0x13, 0x22, 0x31, | ||
6847 | 0x40, 0x4f, 0x5e, 0x6d, 0x7c, 0x8b, 0x9a, 0xa9, | ||
6848 | 0xb8, 0xc7, 0xd6, 0xe5, 0xf4, 0x03, 0x12, 0x21, | ||
6849 | 0x30, 0x3f, 0x4e, 0x5d, 0x6c, 0x7b, 0x8a, 0x99, | ||
6850 | 0xa8, 0xb7, 0xc6, 0xd5, 0xe4, 0xf3, 0x02, 0x11, | ||
6851 | 0x20, 0x2f, 0x3e, 0x4d, 0x5c, 0x6b, 0x7a, 0x89, | ||
6852 | 0x98, 0xa7, 0xb6, 0xc5, 0xd4, 0xe3, 0xf2, 0x01, | ||
6853 | 0x10, 0x1f, 0x2e, 0x3d, 0x4c, 0x5b, 0x6a, 0x79, | ||
6854 | 0x88, 0x97, 0xa6, 0xb5, 0xc4, 0xd3, 0xe2, 0xf1, | ||
6855 | 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, | ||
6856 | 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, | ||
6857 | 0x10, 0x21, 0x32, 0x43, 0x54, 0x65, 0x76, 0x87, | ||
6858 | 0x98, 0xa9, 0xba, 0xcb, 0xdc, 0xed, 0xfe, 0x0f, | ||
6859 | 0x20, 0x31, 0x42, 0x53, 0x64, 0x75, 0x86, 0x97, | ||
6860 | 0xa8, 0xb9, 0xca, 0xdb, 0xec, 0xfd, 0x0e, 0x1f, | ||
6861 | 0x30, 0x41, 0x52, 0x63, 0x74, 0x85, 0x96, 0xa7, | ||
6862 | 0xb8, 0xc9, 0xda, 0xeb, 0xfc, 0x0d, 0x1e, 0x2f, | ||
6863 | 0x40, 0x51, 0x62, 0x73, 0x84, 0x95, 0xa6, 0xb7, | ||
6864 | 0xc8, 0xd9, 0xea, 0xfb, 0x0c, 0x1d, 0x2e, 0x3f, | ||
6865 | 0x50, 0x61, 0x72, 0x83, 0x94, 0xa5, 0xb6, 0xc7, | ||
6866 | 0xd8, 0xe9, 0xfa, 0x0b, 0x1c, 0x2d, 0x3e, 0x4f, | ||
6867 | 0x60, 0x71, 0x82, 0x93, 0xa4, 0xb5, 0xc6, 0xd7, | ||
6868 | 0xe8, 0xf9, 0x0a, 0x1b, 0x2c, 0x3d, 0x4e, 0x5f, | ||
6869 | 0x70, 0x81, 0x92, 0xa3, 0xb4, 0xc5, 0xd6, 0xe7, | ||
6870 | 0xf8, 0x09, 0x1a, 0x2b, 0x3c, 0x4d, 0x5e, 0x6f, | ||
6871 | 0x80, 0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7, | ||
6872 | 0x08, 0x19, 0x2a, 0x3b, 0x4c, 0x5d, 0x6e, 0x7f, | ||
6873 | 0x90, 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0xf6, 0x07, | ||
6874 | 0x18, 0x29, 0x3a, 0x4b, 0x5c, 0x6d, 0x7e, 0x8f, | ||
6875 | 0xa0, 0xb1, 0xc2, 0xd3, 0xe4, 0xf5, 0x06, 0x17, | ||
6876 | 0x28, 0x39, 0x4a, 0x5b, 0x6c, 0x7d, 0x8e, 0x9f, | ||
6877 | 0xb0, 0xc1, 0xd2, 0xe3, 0xf4, 0x05, 0x16, 0x27, | ||
6878 | 0x38, 0x49, 0x5a, 0x6b, 0x7c, 0x8d, 0x9e, 0xaf, | ||
6879 | 0xc0, 0xd1, 0xe2, 0xf3, 0x04, 0x15, 0x26, 0x37, | ||
6880 | 0x48, 0x59, 0x6a, 0x7b, 0x8c, 0x9d, 0xae, 0xbf, | ||
6881 | 0xd0, 0xe1, 0xf2, 0x03, 0x14, 0x25, 0x36, 0x47, | ||
6882 | 0x58, 0x69, 0x7a, 0x8b, 0x9c, 0xad, 0xbe, 0xcf, | ||
6883 | 0xe0, 0xf1, 0x02, 0x13, 0x24, 0x35, 0x46, 0x57, | ||
6884 | 0x68, 0x79, 0x8a, 0x9b, 0xac, 0xbd, 0xce, 0xdf, | ||
6885 | 0xf0, 0x01, 0x12, 0x23, 0x34, 0x45, 0x56, 0x67, | ||
6886 | 0x78, 0x89, 0x9a, 0xab, 0xbc, 0xcd, 0xde, 0xef, | ||
6887 | 0x00, 0x13, 0x26, 0x39, 0x4c, 0x5f, 0x72, 0x85, | ||
6888 | 0x98, 0xab, 0xbe, 0xd1, 0xe4, 0xf7, 0x0a, 0x1d, | ||
6889 | 0x30, 0x43, 0x56, 0x69, 0x7c, 0x8f, 0xa2, 0xb5, | ||
6890 | 0xc8, 0xdb, 0xee, 0x01, 0x14, 0x27, 0x3a, 0x4d, | ||
6891 | 0x60, 0x73, 0x86, 0x99, 0xac, 0xbf, 0xd2, 0xe5, | ||
6892 | 0xf8, 0x0b, 0x1e, 0x31, 0x44, 0x57, 0x6a, 0x7d, | ||
6893 | 0x90, 0xa3, 0xb6, 0xc9, 0xdc, 0xef, 0x02, 0x15, | ||
6894 | 0x28, 0x3b, 0x4e, 0x61, 0x74, 0x87, 0x9a, 0xad, | ||
6895 | 0xc0, 0xd3, 0xe6, 0xf9, 0x0c, 0x1f, 0x32, 0x45, | ||
6896 | 0x58, 0x6b, 0x7e, 0x91, 0xa4, 0xb7, 0xca, 0xdd, | ||
6897 | 0xf0, 0x03, 0x16, 0x29, 0x3c, 0x4f, 0x62, 0x75, | ||
6898 | 0x88, 0x9b, 0xae, 0xc1, 0xd4, 0xe7, 0xfa, 0x0d, | ||
6899 | 0x20, 0x33, 0x46, 0x59, 0x6c, 0x7f, 0x92, 0xa5, | ||
6900 | 0xb8, 0xcb, 0xde, 0xf1, 0x04, 0x17, 0x2a, 0x3d, | ||
6901 | 0x50, 0x63, 0x76, 0x89, 0x9c, 0xaf, 0xc2, 0xd5, | ||
6902 | 0xe8, 0xfb, 0x0e, 0x21, 0x34, 0x47, 0x5a, 0x6d, | ||
6903 | 0x80, 0x93, 0xa6, 0xb9, 0xcc, 0xdf, 0xf2, 0x05, | ||
6904 | 0x18, 0x2b, 0x3e, 0x51, 0x64, 0x77, 0x8a, 0x9d, | ||
6905 | 0xb0, 0xc3, 0xd6, 0xe9, 0xfc, 0x0f, 0x22, 0x35, | ||
6906 | 0x48, 0x5b, 0x6e, 0x81, 0x94, 0xa7, 0xba, 0xcd, | ||
6907 | 0xe0, 0xf3, 0x06, 0x19, 0x2c, 0x3f, 0x52, 0x65, | ||
6908 | 0x78, 0x8b, 0x9e, 0xb1, 0xc4, 0xd7, 0xea, 0xfd, | ||
6909 | 0x10, 0x23, 0x36, 0x49, 0x5c, 0x6f, 0x82, 0x95, | ||
6910 | 0xa8, 0xbb, 0xce, 0xe1, 0xf4, 0x07, 0x1a, 0x2d, | ||
6911 | 0x40, 0x53, 0x66, 0x79, 0x8c, 0x9f, 0xb2, 0xc5, | ||
6912 | 0xd8, 0xeb, 0xfe, 0x11, 0x24, 0x37, 0x4a, 0x5d, | ||
6913 | 0x70, 0x83, 0x96, 0xa9, 0xbc, 0xcf, 0xe2, 0xf5, | ||
6914 | 0x08, 0x1b, 0x2e, 0x41, 0x54, 0x67, 0x7a, 0x8d, | ||
6915 | 0xa0, 0xb3, 0xc6, 0xd9, 0xec, 0xff, 0x12, 0x25, | ||
6916 | 0x38, 0x4b, 0x5e, 0x71, 0x84, 0x97, 0xaa, 0xbd, | ||
6917 | 0xd0, 0xe3, 0xf6, 0x09, 0x1c, 0x2f, 0x42, 0x55, | ||
6918 | 0x68, 0x7b, 0x8e, 0xa1, 0xb4, 0xc7, 0xda, 0xed, | ||
6919 | 0x00, 0x15, 0x2a, 0x3f, 0x54, 0x69, 0x7e, 0x93, | ||
6920 | 0xa8, 0xbd, 0xd2, 0xe7, 0xfc, 0x11, 0x26, 0x3b, | ||
6921 | 0x50, 0x65, 0x7a, 0x8f, 0xa4, 0xb9, 0xce, 0xe3, | ||
6922 | 0xf8, 0x0d, 0x22, 0x37, 0x4c, 0x61, 0x76, 0x8b, | ||
6923 | 0xa0, 0xb5, 0xca, 0xdf, 0xf4, 0x09, 0x1e, 0x33, | ||
6924 | 0x48, 0x5d, 0x72, 0x87, 0x9c, 0xb1, 0xc6, 0xdb, | ||
6925 | 0xf0, 0x05, 0x1a, 0x2f, 0x44, 0x59, 0x6e, 0x83, | ||
6926 | 0x98, 0xad, 0xc2, 0xd7, 0xec, 0x01, 0x16, 0x2b, | ||
6927 | 0x40, 0x55, 0x6a, 0x7f, 0x94, 0xa9, 0xbe, 0xd3, | ||
6928 | 0xe8, 0xfd, 0x12, 0x27, 0x3c, 0x51, 0x66, 0x7b, | ||
6929 | 0x90, 0xa5, 0xba, 0xcf, 0xe4, 0xf9, 0x0e, 0x23, | ||
6930 | 0x38, 0x4d, 0x62, 0x77, 0x8c, 0xa1, 0xb6, 0xcb, | ||
6931 | 0xe0, 0xf5, 0x0a, 0x1f, 0x34, 0x49, 0x5e, 0x73, | ||
6932 | 0x88, 0x9d, 0xb2, 0xc7, 0xdc, 0xf1, 0x06, 0x1b, | ||
6933 | 0x30, 0x45, 0x5a, 0x6f, 0x84, 0x99, 0xae, 0xc3, | ||
6934 | 0xd8, 0xed, 0x02, 0x17, 0x2c, 0x41, 0x56, 0x6b, | ||
6935 | 0x80, 0x95, 0xaa, 0xbf, 0xd4, 0xe9, 0xfe, 0x13, | ||
6936 | 0x28, 0x3d, 0x52, 0x67, 0x7c, 0x91, 0xa6, 0xbb, | ||
6937 | 0xd0, 0xe5, 0xfa, 0x0f, 0x24, 0x39, 0x4e, 0x63, | ||
6938 | 0x78, 0x8d, 0xa2, 0xb7, 0xcc, 0xe1, 0xf6, 0x0b, | ||
6939 | 0x20, 0x35, 0x4a, 0x5f, 0x74, 0x89, 0x9e, 0xb3, | ||
6940 | 0xc8, 0xdd, 0xf2, 0x07, 0x1c, 0x31, 0x46, 0x5b, | ||
6941 | 0x70, 0x85, 0x9a, 0xaf, 0xc4, 0xd9, 0xee, 0x03, | ||
6942 | 0x18, 0x2d, 0x42, 0x57, 0x6c, 0x81, 0x96, 0xab, | ||
6943 | 0xc0, 0xd5, 0xea, 0xff, 0x14, 0x29, 0x3e, 0x53, | ||
6944 | 0x68, 0x7d, 0x92, 0xa7, 0xbc, 0xd1, 0xe6, 0xfb, | ||
6945 | 0x10, 0x25, 0x3a, 0x4f, 0x64, 0x79, 0x8e, 0xa3, | ||
6946 | 0xb8, 0xcd, 0xe2, 0xf7, 0x0c, 0x21, 0x36, 0x4b, | ||
6947 | 0x60, 0x75, 0x8a, 0x9f, 0xb4, 0xc9, 0xde, 0xf3, | ||
6948 | 0x08, 0x1d, 0x32, 0x47, 0x5c, 0x71, 0x86, 0x9b, | ||
6949 | 0xb0, 0xc5, 0xda, 0xef, 0x04, 0x19, 0x2e, 0x43, | ||
6950 | 0x58, 0x6d, 0x82, 0x97, 0xac, 0xc1, 0xd6, 0xeb, | ||
6951 | 0x00, 0x17, 0x2e, 0x45, 0x5c, 0x73, 0x8a, 0xa1, | ||
6952 | 0xb8, 0xcf, 0xe6, 0xfd, 0x14, 0x2b, 0x42, 0x59, | ||
6953 | 0x70, 0x87, 0x9e, 0xb5, 0xcc, 0xe3, 0xfa, 0x11, | ||
6954 | 0x28, 0x3f, 0x56, 0x6d, 0x84, 0x9b, 0xb2, 0xc9, | ||
6955 | 0xe0, 0xf7, 0x0e, 0x25, 0x3c, 0x53, 0x6a, 0x81, | ||
6956 | 0x98, 0xaf, 0xc6, 0xdd, 0xf4, 0x0b, 0x22, 0x39, | ||
6957 | 0x50, 0x67, 0x7e, 0x95, 0xac, 0xc3, 0xda, 0xf1, | ||
6958 | 0x08, 0x1f, 0x36, 0x4d, 0x64, 0x7b, 0x92, 0xa9, | ||
6959 | 0xc0, 0xd7, 0xee, 0x05, 0x1c, 0x33, 0x4a, 0x61, | ||
6960 | 0x78, 0x8f, 0xa6, 0xbd, 0xd4, 0xeb, 0x02, 0x19, | ||
6961 | 0x30, 0x47, 0x5e, 0x75, 0x8c, 0xa3, 0xba, 0xd1, | ||
6962 | 0xe8, 0xff, 0x16, 0x2d, 0x44, 0x5b, 0x72, 0x89, | ||
6963 | 0xa0, 0xb7, 0xce, 0xe5, 0xfc, 0x13, 0x2a, 0x41, | ||
6964 | 0x58, 0x6f, 0x86, 0x9d, 0xb4, 0xcb, 0xe2, 0xf9, | ||
6965 | 0x10, 0x27, 0x3e, 0x55, 0x6c, 0x83, 0x9a, 0xb1, | ||
6966 | 0xc8, 0xdf, 0xf6, 0x0d, 0x24, 0x3b, 0x52, 0x69, | ||
6967 | 0x80, 0x97, 0xae, 0xc5, 0xdc, 0xf3, 0x0a, 0x21, | ||
6968 | 0x38, 0x4f, 0x66, 0x7d, 0x94, 0xab, 0xc2, 0xd9, | ||
6969 | 0xf0, 0x07, 0x1e, 0x35, 0x4c, 0x63, 0x7a, 0x91, | ||
6970 | 0xa8, 0xbf, 0xd6, 0xed, 0x04, 0x1b, 0x32, 0x49, | ||
6971 | 0x60, 0x77, 0x8e, 0xa5, 0xbc, 0xd3, 0xea, 0x01, | ||
6972 | 0x18, 0x2f, 0x46, 0x5d, 0x74, 0x8b, 0xa2, 0xb9, | ||
6973 | 0xd0, 0xe7, 0xfe, 0x15, 0x2c, 0x43, 0x5a, 0x71, | ||
6974 | 0x88, 0x9f, 0xb6, 0xcd, 0xe4, 0xfb, 0x12, 0x29, | ||
6975 | 0x40, 0x57, 0x6e, 0x85, 0x9c, 0xb3, 0xca, 0xe1, | ||
6976 | 0xf8, 0x0f, 0x26, 0x3d, 0x54, 0x6b, 0x82, 0x99, | ||
6977 | 0xb0, 0xc7, 0xde, 0xf5, 0x0c, 0x23, 0x3a, 0x51, | ||
6978 | 0x68, 0x7f, 0x96, 0xad, 0xc4, 0xdb, 0xf2, 0x09, | ||
6979 | 0x20, 0x37, 0x4e, 0x65, 0x7c, 0x93, 0xaa, 0xc1, | ||
6980 | 0xd8, 0xef, 0x06, 0x1d, 0x34, 0x4b, 0x62, 0x79, | ||
6981 | 0x90, 0xa7, 0xbe, 0xd5, 0xec, 0x03, 0x1a, 0x31, | ||
6982 | 0x48, 0x5f, 0x76, 0x8d, 0xa4, 0xbb, 0xd2, 0xe9, | ||
6983 | 0x00, 0x19, 0x32, 0x4b, 0x64, 0x7d, 0x96, 0xaf, | ||
6984 | 0xc8, 0xe1, 0xfa, 0x13, 0x2c, 0x45, 0x5e, 0x77, | ||
6985 | 0x90, 0xa9, 0xc2, 0xdb, 0xf4, 0x0d, 0x26, 0x3f, | ||
6986 | 0x58, 0x71, 0x8a, 0xa3, 0xbc, 0xd5, 0xee, 0x07, | ||
6987 | 0x20, 0x39, 0x52, 0x6b, 0x84, 0x9d, 0xb6, 0xcf, | ||
6988 | 0xe8, 0x01, 0x1a, 0x33, 0x4c, 0x65, 0x7e, 0x97, | ||
6989 | 0xb0, 0xc9, 0xe2, 0xfb, 0x14, 0x2d, 0x46, 0x5f, | ||
6990 | 0x78, 0x91, 0xaa, 0xc3, 0xdc, 0xf5, 0x0e, 0x27, | ||
6991 | 0x40, 0x59, 0x72, 0x8b, 0xa4, 0xbd, 0xd6, 0xef, | ||
6992 | 0x08, 0x21, 0x3a, 0x53, 0x6c, 0x85, 0x9e, 0xb7, | ||
6993 | 0xd0, 0xe9, 0x02, 0x1b, 0x34, 0x4d, 0x66, 0x7f, | ||
6994 | 0x98, 0xb1, 0xca, 0xe3, 0xfc, 0x15, 0x2e, 0x47, | ||
6995 | 0x60, 0x79, 0x92, 0xab, 0xc4, 0xdd, 0xf6, 0x0f, | ||
6996 | 0x28, 0x41, 0x5a, 0x73, 0x8c, 0xa5, 0xbe, 0xd7, | ||
6997 | 0xf0, 0x09, 0x22, 0x3b, 0x54, 0x6d, 0x86, 0x9f, | ||
6998 | 0xb8, 0xd1, 0xea, 0x03, 0x1c, 0x35, 0x4e, 0x67, | ||
6999 | 0x80, 0x99, 0xb2, 0xcb, 0xe4, 0xfd, 0x16, 0x2f, | ||
7000 | 0x48, 0x61, 0x7a, 0x93, 0xac, 0xc5, 0xde, 0xf7, | ||
7001 | 0x10, 0x29, 0x42, 0x5b, 0x74, 0x8d, 0xa6, 0xbf, | ||
7002 | 0xd8, 0xf1, 0x0a, 0x23, 0x3c, 0x55, 0x6e, 0x87, | ||
7003 | 0xa0, 0xb9, 0xd2, 0xeb, 0x04, 0x1d, 0x36, 0x4f, | ||
7004 | 0x68, 0x81, 0x9a, 0xb3, 0xcc, 0xe5, 0xfe, 0x17, | ||
7005 | 0x30, 0x49, 0x62, 0x7b, 0x94, 0xad, 0xc6, 0xdf, | ||
7006 | 0xf8, 0x11, 0x2a, 0x43, 0x5c, 0x75, 0x8e, 0xa7, | ||
7007 | 0xc0, 0xd9, 0xf2, 0x0b, 0x24, 0x3d, 0x56, 0x6f, | ||
7008 | 0x88, 0xa1, 0xba, 0xd3, 0xec, 0x05, 0x1e, 0x37, | ||
7009 | 0x50, 0x69, 0x82, 0x9b, 0xb4, 0xcd, 0xe6, 0xff, | ||
7010 | 0x18, 0x31, 0x4a, 0x63, 0x7c, 0x95, 0xae, 0xc7, | ||
7011 | 0xe0, 0xf9, 0x12, 0x2b, 0x44, 0x5d, 0x76, 0x8f, | ||
7012 | 0xa8, 0xc1, 0xda, 0xf3, 0x0c, 0x25, 0x3e, 0x57, | ||
7013 | 0x70, 0x89, 0xa2, 0xbb, 0xd4, 0xed, 0x06, 0x1f, | ||
7014 | 0x38, 0x51, 0x6a, 0x83, 0x9c, 0xb5, 0xce, 0xe7, | ||
7015 | 0x00, 0x1b, 0x36, 0x51, 0x6c, 0x87, 0xa2, 0xbd, | ||
7016 | 0xd8, 0xf3, 0x0e, 0x29, 0x44, 0x5f, 0x7a, 0x95, | ||
7017 | 0xb0, 0xcb, 0xe6, 0x01, 0x1c, 0x37, 0x52, 0x6d, | ||
7018 | 0x88, 0xa3, 0xbe, 0xd9, 0xf4, 0x0f, 0x2a, 0x45, | ||
7019 | 0x60, 0x7b, 0x96, 0xb1, 0xcc, 0xe7, 0x02, 0x1d, | ||
7020 | 0x38, 0x53, 0x6e, 0x89, 0xa4, 0xbf, 0xda, 0xf5, | ||
7021 | 0x10, 0x2b, 0x46, 0x61, 0x7c, 0x97, 0xb2, 0xcd, | ||
7022 | 0xe8, 0x03, 0x1e, 0x39, 0x54, 0x6f, 0x8a, 0xa5, | ||
7023 | 0xc0, 0xdb, 0xf6, 0x11, 0x2c, 0x47, 0x62, 0x7d, | ||
7024 | 0x98, 0xb3, 0xce, 0xe9, 0x04, 0x1f, 0x3a, 0x55, | ||
7025 | 0x70, 0x8b, 0xa6, 0xc1, 0xdc, 0xf7, 0x12, 0x2d, | ||
7026 | 0x48, 0x63, 0x7e, 0x99, 0xb4, 0xcf, 0xea, 0x05, | ||
7027 | 0x20, 0x3b, 0x56, 0x71, 0x8c, 0xa7, 0xc2, 0xdd, | ||
7028 | 0xf8, 0x13, 0x2e, 0x49, 0x64, 0x7f, 0x9a, 0xb5, | ||
7029 | 0xd0, 0xeb, 0x06, 0x21, 0x3c, 0x57, 0x72, 0x8d, | ||
7030 | 0xa8, 0xc3, 0xde, 0xf9, 0x14, 0x2f, 0x4a, 0x65, | ||
7031 | 0x80, 0x9b, 0xb6, 0xd1, 0xec, 0x07, 0x22, 0x3d, | ||
7032 | 0x58, 0x73, 0x8e, 0xa9, 0xc4, 0xdf, 0xfa, 0x15, | ||
7033 | 0x30, 0x4b, 0x66, 0x81, 0x9c, 0xb7, 0xd2, 0xed, | ||
7034 | 0x08, 0x23, 0x3e, 0x59, 0x74, 0x8f, 0xaa, 0xc5, | ||
7035 | 0xe0, 0xfb, 0x16, 0x31, 0x4c, 0x67, 0x82, 0x9d, | ||
7036 | 0xb8, 0xd3, 0xee, 0x09, 0x24, 0x3f, 0x5a, 0x75, | ||
7037 | 0x90, 0xab, 0xc6, 0xe1, 0xfc, 0x17, 0x32, 0x4d, | ||
7038 | 0x68, 0x83, 0x9e, 0xb9, 0xd4, 0xef, 0x0a, 0x25, | ||
7039 | 0x40, 0x5b, 0x76, 0x91, 0xac, 0xc7, 0xe2, 0xfd, | ||
7040 | 0x18, 0x33, 0x4e, 0x69, 0x84, 0x9f, 0xba, 0xd5, | ||
7041 | 0xf0, 0x0b, 0x26, 0x41, 0x5c, 0x77, 0x92, 0xad, | ||
7042 | 0xc8, 0xe3, 0xfe, 0x19, 0x34, 0x4f, 0x6a, 0x85, | ||
7043 | 0xa0, 0xbb, 0xd6, 0xf1, 0x0c, 0x27, 0x42, 0x5d, | ||
7044 | 0x78, 0x93, 0xae, 0xc9, 0xe4, 0xff, 0x1a, 0x35, | ||
7045 | 0x50, 0x6b, 0x86, 0xa1, 0xbc, 0xd7, 0xf2, 0x0d, | ||
7046 | 0x28, 0x43, 0x5e, 0x79, 0x94, 0xaf, 0xca, 0xe5, | ||
7047 | 0x00, 0x1d, 0x3a, 0x57, 0x74, 0x91, 0xae, 0xcb, | ||
7048 | 0xe8, 0x05, 0x22, 0x3f, 0x5c, 0x79, 0x96, 0xb3, | ||
7049 | 0xd0, 0xed, 0x0a, 0x27, 0x44, 0x61, 0x7e, 0x9b, | ||
7050 | 0xb8, 0xd5, 0xf2, 0x0f, 0x2c, 0x49, 0x66, 0x83, | ||
7051 | 0xa0, 0xbd, 0xda, 0xf7, 0x14, 0x31, 0x4e, 0x6b, | ||
7052 | 0x88, 0xa5, 0xc2, 0xdf, 0xfc, 0x19, 0x36, 0x53, | ||
7053 | 0x70, 0x8d, 0xaa, 0xc7, 0xe4, 0x01, 0x1e, 0x3b, | ||
7054 | 0x58, 0x75, 0x92, 0xaf, 0xcc, 0xe9, 0x06, 0x23, | ||
7055 | 0x40, 0x5d, 0x7a, 0x97, 0xb4, 0xd1, 0xee, 0x0b, | ||
7056 | 0x28, 0x45, 0x62, 0x7f, 0x9c, 0xb9, 0xd6, 0xf3, | ||
7057 | 0x10, 0x2d, 0x4a, 0x67, 0x84, 0xa1, 0xbe, 0xdb, | ||
7058 | 0xf8, 0x15, 0x32, 0x4f, 0x6c, 0x89, 0xa6, 0xc3, | ||
7059 | 0xe0, 0xfd, 0x1a, 0x37, 0x54, 0x71, 0x8e, 0xab, | ||
7060 | 0xc8, 0xe5, 0x02, 0x1f, 0x3c, 0x59, 0x76, 0x93, | ||
7061 | 0xb0, 0xcd, 0xea, 0x07, 0x24, 0x41, 0x5e, 0x7b, | ||
7062 | 0x98, 0xb5, 0xd2, 0xef, 0x0c, 0x29, 0x46, 0x63, | ||
7063 | 0x80, 0x9d, 0xba, 0xd7, 0xf4, 0x11, 0x2e, 0x4b, | ||
7064 | 0x68, 0x85, 0xa2, 0xbf, 0xdc, 0xf9, 0x16, 0x33, | ||
7065 | 0x50, 0x6d, 0x8a, 0xa7, 0xc4, 0xe1, 0xfe, 0x1b, | ||
7066 | 0x38, 0x55, 0x72, 0x8f, 0xac, 0xc9, 0xe6, 0x03, | ||
7067 | 0x20, 0x3d, 0x5a, 0x77, 0x94, 0xb1, 0xce, 0xeb, | ||
7068 | 0x08, 0x25, 0x42, 0x5f, 0x7c, 0x99, 0xb6, 0xd3, | ||
7069 | 0xf0, 0x0d, 0x2a, 0x47, 0x64, 0x81, 0x9e, 0xbb, | ||
7070 | 0xd8, 0xf5, 0x12, 0x2f, 0x4c, 0x69, 0x86, 0xa3, | ||
7071 | 0xc0, 0xdd, 0xfa, 0x17, 0x34, 0x51, 0x6e, 0x8b, | ||
7072 | 0xa8, 0xc5, 0xe2, 0xff, 0x1c, 0x39, 0x56, 0x73, | ||
7073 | 0x90, 0xad, 0xca, 0xe7, 0x04, 0x21, 0x3e, 0x5b, | ||
7074 | 0x78, 0x95, 0xb2, 0xcf, 0xec, 0x09, 0x26, 0x43, | ||
7075 | 0x60, 0x7d, 0x9a, 0xb7, 0xd4, 0xf1, 0x0e, 0x2b, | ||
7076 | 0x48, 0x65, 0x82, 0x9f, 0xbc, 0xd9, 0xf6, 0x13, | ||
7077 | 0x30, 0x4d, 0x6a, 0x87, 0xa4, 0xc1, 0xde, 0xfb, | ||
7078 | 0x18, 0x35, 0x52, 0x6f, 0x8c, 0xa9, 0xc6, 0xe3, | ||
7079 | 0x00, 0x1f, 0x3e, 0x5d, 0x7c, 0x9b, 0xba, 0xd9, | ||
7080 | 0xf8, 0x17, 0x36, 0x55, 0x74, 0x93, 0xb2, 0xd1, | ||
7081 | 0xf0, 0x0f, 0x2e, 0x4d, 0x6c, 0x8b, 0xaa, 0xc9, | ||
7082 | 0xe8, 0x07, 0x26, 0x45, 0x64, 0x83, 0xa2, 0xc1, | ||
7083 | 0xe0, 0xff, 0x1e, 0x3d, 0x5c, 0x7b, 0x9a, 0xb9, | ||
7084 | 0xd8, 0xf7, 0x16, 0x35, 0x54, 0x73, 0x92, 0xb1, | ||
7085 | 0xd0, 0xef, 0x0e, 0x2d, 0x4c, 0x6b, 0x8a, 0xa9, | ||
7086 | 0xc8, 0xe7, 0x06, 0x25, 0x44, 0x63, 0x82, 0xa1, | ||
7087 | 0xc0, 0xdf, 0xfe, 0x1d, 0x3c, 0x5b, 0x7a, 0x99, | ||
7088 | 0xb8, 0xd7, 0xf6, 0x15, 0x34, 0x53, 0x72, 0x91, | ||
7089 | 0xb0, 0xcf, 0xee, 0x0d, 0x2c, 0x4b, 0x6a, 0x89, | ||
7090 | 0xa8, 0xc7, 0xe6, 0x05, 0x24, 0x43, 0x62, 0x81, | ||
7091 | 0xa0, 0xbf, 0xde, 0xfd, 0x1c, 0x3b, 0x5a, 0x79, | ||
7092 | 0x98, 0xb7, 0xd6, 0xf5, 0x14, 0x33, 0x52, 0x71, | ||
7093 | 0x90, 0xaf, 0xce, 0xed, 0x0c, 0x2b, 0x4a, 0x69, | ||
7094 | 0x88, 0xa7, 0xc6, 0xe5, 0x04, 0x23, 0x42, 0x61, | ||
7095 | 0x80, 0x9f, 0xbe, 0xdd, 0xfc, 0x1b, 0x3a, 0x59, | ||
7096 | 0x78, 0x97, 0xb6, 0xd5, 0xf4, 0x13, 0x32, 0x51, | ||
7097 | 0x70, 0x8f, 0xae, 0xcd, 0xec, 0x0b, 0x2a, 0x49, | ||
7098 | 0x68, 0x87, 0xa6, 0xc5, 0xe4, 0x03, 0x22, 0x41, | ||
7099 | 0x60, 0x7f, 0x9e, 0xbd, 0xdc, 0xfb, 0x1a, 0x39, | ||
7100 | 0x58, 0x77, 0x96, 0xb5, 0xd4, 0xf3, 0x12, 0x31, | ||
7101 | 0x50, 0x6f, 0x8e, 0xad, 0xcc, 0xeb, 0x0a, 0x29, | ||
7102 | 0x48, 0x67, 0x86, 0xa5, 0xc4, 0xe3, 0x02, 0x21, | ||
7103 | 0x40, 0x5f, 0x7e, 0x9d, 0xbc, 0xdb, 0xfa, 0x19, | ||
7104 | 0x38, 0x57, 0x76, 0x95, 0xb4, 0xd3, 0xf2, 0x11, | ||
7105 | 0x30, 0x4f, 0x6e, 0x8d, 0xac, 0xcb, 0xea, 0x09, | ||
7106 | 0x28, 0x47, 0x66, 0x85, 0xa4, 0xc3, 0xe2, 0x01, | ||
7107 | 0x20, 0x3f, 0x5e, 0x7d, 0x9c, 0xbb, 0xda, 0xf9, | ||
7108 | 0x18, 0x37, 0x56, 0x75, 0x94, 0xb3, 0xd2, 0xf1, | ||
7109 | 0x10, 0x2f, 0x4e, 0x6d, 0x8c, 0xab, 0xca, 0xe9, | ||
7110 | 0x08, 0x27, 0x46, 0x65, 0x84, 0xa3, 0xc2, 0xe1, | ||
7111 | 0x00, 0x21, 0x42, 0x63, | ||
7112 | }, | ||
7113 | .ilen = 4100, | ||
7114 | .result = { | ||
7115 | 0xb5, 0x81, 0xf5, 0x64, 0x18, 0x73, 0xe3, 0xf0, | ||
7116 | 0x4c, 0x13, 0xf2, 0x77, 0x18, 0x60, 0x65, 0x5e, | ||
7117 | 0x29, 0x01, 0xce, 0x98, 0x55, 0x53, 0xf9, 0x0c, | ||
7118 | 0x2a, 0x08, 0xd5, 0x09, 0xb3, 0x57, 0x55, 0x56, | ||
7119 | 0xc5, 0xe9, 0x56, 0x90, 0xcb, 0x6a, 0xa3, 0xc0, | ||
7120 | 0xff, 0xc4, 0x79, 0xb4, 0xd2, 0x97, 0x5d, 0xc4, | ||
7121 | 0x43, 0xd1, 0xfe, 0x94, 0x7b, 0x88, 0x06, 0x5a, | ||
7122 | 0xb2, 0x9e, 0x2c, 0xfc, 0x44, 0x03, 0xb7, 0x90, | ||
7123 | 0xa0, 0xc1, 0xba, 0x6a, 0x33, 0xb8, 0xc7, 0xb2, | ||
7124 | 0x9d, 0xe1, 0x12, 0x4f, 0xc0, 0x64, 0xd4, 0x01, | ||
7125 | 0xfe, 0x8c, 0x7a, 0x66, 0xf7, 0xe6, 0x5a, 0x91, | ||
7126 | 0xbb, 0xde, 0x56, 0x86, 0xab, 0x65, 0x21, 0x30, | ||
7127 | 0x00, 0x84, 0x65, 0x24, 0xa5, 0x7d, 0x85, 0xb4, | ||
7128 | 0xe3, 0x17, 0xed, 0x3a, 0xb7, 0x6f, 0xb4, 0x0b, | ||
7129 | 0x0b, 0xaf, 0x15, 0xae, 0x5a, 0x8f, 0xf2, 0x0c, | ||
7130 | 0x2f, 0x27, 0xf4, 0x09, 0xd8, 0xd2, 0x96, 0xb7, | ||
7131 | 0x71, 0xf2, 0xc5, 0x99, 0x4d, 0x7e, 0x7f, 0x75, | ||
7132 | 0x77, 0x89, 0x30, 0x8b, 0x59, 0xdb, 0xa2, 0xb2, | ||
7133 | 0xa0, 0xf3, 0x19, 0x39, 0x2b, 0xc5, 0x7e, 0x3f, | ||
7134 | 0x4f, 0xd9, 0xd3, 0x56, 0x28, 0x97, 0x44, 0xdc, | ||
7135 | 0xc0, 0x8b, 0x77, 0x24, 0xd9, 0x52, 0xe7, 0xc5, | ||
7136 | 0xaf, 0xf6, 0x7d, 0x59, 0xb2, 0x44, 0x05, 0x1d, | ||
7137 | 0xb1, 0xb0, 0x11, 0xa5, 0x0f, 0xec, 0x33, 0xe1, | ||
7138 | 0x6d, 0x1b, 0x4e, 0x1f, 0xff, 0x57, 0x91, 0xb4, | ||
7139 | 0x5b, 0x9a, 0x96, 0xc5, 0x53, 0xbc, 0xae, 0x20, | ||
7140 | 0x3c, 0xbb, 0x14, 0xe2, 0xe8, 0x22, 0x33, 0xc1, | ||
7141 | 0x5e, 0x76, 0x9e, 0x46, 0x99, 0xf6, 0x2a, 0x15, | ||
7142 | 0xc6, 0x97, 0x02, 0xa0, 0x66, 0x43, 0xd1, 0xa6, | ||
7143 | 0x31, 0xa6, 0x9f, 0xfb, 0xf4, 0xd3, 0x69, 0xe5, | ||
7144 | 0xcd, 0x76, 0x95, 0xb8, 0x7a, 0x82, 0x7f, 0x21, | ||
7145 | 0x45, 0xff, 0x3f, 0xce, 0x55, 0xf6, 0x95, 0x10, | ||
7146 | 0x08, 0x77, 0x10, 0x43, 0xc6, 0xf3, 0x09, 0xe5, | ||
7147 | 0x68, 0xe7, 0x3c, 0xad, 0x00, 0x52, 0x45, 0x0d, | ||
7148 | 0xfe, 0x2d, 0xc6, 0xc2, 0x94, 0x8c, 0x12, 0x1d, | ||
7149 | 0xe6, 0x25, 0xae, 0x98, 0x12, 0x8e, 0x19, 0x9c, | ||
7150 | 0x81, 0x68, 0xb1, 0x11, 0xf6, 0x69, 0xda, 0xe3, | ||
7151 | 0x62, 0x08, 0x18, 0x7a, 0x25, 0x49, 0x28, 0xac, | ||
7152 | 0xba, 0x71, 0x12, 0x0b, 0xe4, 0xa2, 0xe5, 0xc7, | ||
7153 | 0x5d, 0x8e, 0xec, 0x49, 0x40, 0x21, 0xbf, 0x5a, | ||
7154 | 0x98, 0xf3, 0x02, 0x68, 0x55, 0x03, 0x7f, 0x8a, | ||
7155 | 0xe5, 0x94, 0x0c, 0x32, 0x5c, 0x07, 0x82, 0x63, | ||
7156 | 0xaf, 0x6f, 0x91, 0x40, 0x84, 0x8e, 0x52, 0x25, | ||
7157 | 0xd0, 0xb0, 0x29, 0x53, 0x05, 0xe2, 0x50, 0x7a, | ||
7158 | 0x34, 0xeb, 0xc9, 0x46, 0x20, 0xa8, 0x3d, 0xde, | ||
7159 | 0x7f, 0x16, 0x5f, 0x36, 0xc5, 0x2e, 0xdc, 0xd1, | ||
7160 | 0x15, 0x47, 0xc7, 0x50, 0x40, 0x6d, 0x91, 0xc5, | ||
7161 | 0xe7, 0x93, 0x95, 0x1a, 0xd3, 0x57, 0xbc, 0x52, | ||
7162 | 0x33, 0xee, 0x14, 0x19, 0x22, 0x52, 0x89, 0xa7, | ||
7163 | 0x4a, 0x25, 0x56, 0x77, 0x4b, 0xca, 0xcf, 0x0a, | ||
7164 | 0xe1, 0xf5, 0x35, 0x85, 0x30, 0x7e, 0x59, 0x4a, | ||
7165 | 0xbd, 0x14, 0x5b, 0xdf, 0xe3, 0x46, 0xcb, 0xac, | ||
7166 | 0x1f, 0x6c, 0x96, 0x0e, 0xf4, 0x81, 0xd1, 0x99, | ||
7167 | 0xca, 0x88, 0x63, 0x3d, 0x02, 0x58, 0x6b, 0xa9, | ||
7168 | 0xe5, 0x9f, 0xb3, 0x00, 0xb2, 0x54, 0xc6, 0x74, | ||
7169 | 0x1c, 0xbf, 0x46, 0xab, 0x97, 0xcc, 0xf8, 0x54, | ||
7170 | 0x04, 0x07, 0x08, 0x52, 0xe6, 0xc0, 0xda, 0x93, | ||
7171 | 0x74, 0x7d, 0x93, 0x99, 0x5d, 0x78, 0x68, 0xa6, | ||
7172 | 0x2e, 0x6b, 0xd3, 0x6a, 0x69, 0xcc, 0x12, 0x6b, | ||
7173 | 0xd4, 0xc7, 0xa5, 0xc6, 0xe7, 0xf6, 0x03, 0x04, | ||
7174 | 0x5d, 0xcd, 0x61, 0x5e, 0x17, 0x40, 0xdc, 0xd1, | ||
7175 | 0x5c, 0xf5, 0x08, 0xdf, 0x5c, 0x90, 0x85, 0xa4, | ||
7176 | 0xaf, 0xf6, 0x78, 0xbb, 0x0d, 0xf1, 0xf4, 0xa4, | ||
7177 | 0x54, 0x26, 0x72, 0x9e, 0x61, 0xfa, 0x86, 0xcf, | ||
7178 | 0xe8, 0x9e, 0xa1, 0xe0, 0xc7, 0x48, 0x23, 0xae, | ||
7179 | 0x5a, 0x90, 0xae, 0x75, 0x0a, 0x74, 0x18, 0x89, | ||
7180 | 0x05, 0xb1, 0x92, 0xb2, 0x7f, 0xd0, 0x1b, 0xa6, | ||
7181 | 0x62, 0x07, 0x25, 0x01, 0xc7, 0xc2, 0x4f, 0xf9, | ||
7182 | 0xe8, 0xfe, 0x63, 0x95, 0x80, 0x07, 0xb4, 0x26, | ||
7183 | 0xcc, 0xd1, 0x26, 0xb6, 0xc4, 0x3f, 0x9e, 0xcb, | ||
7184 | 0x8e, 0x3b, 0x2e, 0x44, 0x16, 0xd3, 0x10, 0x9a, | ||
7185 | 0x95, 0x08, 0xeb, 0xc8, 0xcb, 0xeb, 0xbf, 0x6f, | ||
7186 | 0x0b, 0xcd, 0x1f, 0xc8, 0xca, 0x86, 0xaa, 0xec, | ||
7187 | 0x33, 0xe6, 0x69, 0xf4, 0x45, 0x25, 0x86, 0x3a, | ||
7188 | 0x22, 0x94, 0x4f, 0x00, 0x23, 0x6a, 0x44, 0xc2, | ||
7189 | 0x49, 0x97, 0x33, 0xab, 0x36, 0x14, 0x0a, 0x70, | ||
7190 | 0x24, 0xc3, 0xbe, 0x04, 0x3b, 0x79, 0xa0, 0xf9, | ||
7191 | 0xb8, 0xe7, 0x76, 0x29, 0x22, 0x83, 0xd7, 0xf2, | ||
7192 | 0x94, 0xf4, 0x41, 0x49, 0xba, 0x5f, 0x7b, 0x07, | ||
7193 | 0xb5, 0xfb, 0xdb, 0x03, 0x1a, 0x9f, 0xb6, 0x4c, | ||
7194 | 0xc2, 0x2e, 0x37, 0x40, 0x49, 0xc3, 0x38, 0x16, | ||
7195 | 0xe2, 0x4f, 0x77, 0x82, 0xb0, 0x68, 0x4c, 0x71, | ||
7196 | 0x1d, 0x57, 0x61, 0x9c, 0xd9, 0x4e, 0x54, 0x99, | ||
7197 | 0x47, 0x13, 0x28, 0x73, 0x3c, 0xbb, 0x00, 0x90, | ||
7198 | 0xf3, 0x4d, 0xc9, 0x0e, 0xfd, 0xe7, 0xb1, 0x71, | ||
7199 | 0xd3, 0x15, 0x79, 0xbf, 0xcc, 0x26, 0x2f, 0xbd, | ||
7200 | 0xad, 0x6c, 0x50, 0x69, 0x6c, 0x3e, 0x6d, 0x80, | ||
7201 | 0x9a, 0xea, 0x78, 0xaf, 0x19, 0xb2, 0x0d, 0x4d, | ||
7202 | 0xad, 0x04, 0x07, 0xae, 0x22, 0x90, 0x4a, 0x93, | ||
7203 | 0x32, 0x0e, 0x36, 0x9b, 0x1b, 0x46, 0xba, 0x3b, | ||
7204 | 0xb4, 0xac, 0xc6, 0xd1, 0xa2, 0x31, 0x53, 0x3b, | ||
7205 | 0x2a, 0x3d, 0x45, 0xfe, 0x03, 0x61, 0x10, 0x85, | ||
7206 | 0x17, 0x69, 0xa6, 0x78, 0xcc, 0x6c, 0x87, 0x49, | ||
7207 | 0x53, 0xf9, 0x80, 0x10, 0xde, 0x80, 0xa2, 0x41, | ||
7208 | 0x6a, 0xc3, 0x32, 0x02, 0xad, 0x6d, 0x3c, 0x56, | ||
7209 | 0x00, 0x71, 0x51, 0x06, 0xa7, 0xbd, 0xfb, 0xef, | ||
7210 | 0x3c, 0xb5, 0x9f, 0xfc, 0x48, 0x7d, 0x53, 0x7c, | ||
7211 | 0x66, 0xb0, 0x49, 0x23, 0xc4, 0x47, 0x10, 0x0e, | ||
7212 | 0xe5, 0x6c, 0x74, 0x13, 0xe6, 0xc5, 0x3f, 0xaa, | ||
7213 | 0xde, 0xff, 0x07, 0x44, 0xdd, 0x56, 0x1b, 0xad, | ||
7214 | 0x09, 0x77, 0xfb, 0x5b, 0x12, 0xb8, 0x0d, 0x38, | ||
7215 | 0x17, 0x37, 0x35, 0x7b, 0x9b, 0xbc, 0xfe, 0xd4, | ||
7216 | 0x7e, 0x8b, 0xda, 0x7e, 0x5b, 0x04, 0xa7, 0x22, | ||
7217 | 0xa7, 0x31, 0xa1, 0x20, 0x86, 0xc7, 0x1b, 0x99, | ||
7218 | 0xdb, 0xd1, 0x89, 0xf4, 0x94, 0xa3, 0x53, 0x69, | ||
7219 | 0x8d, 0xe7, 0xe8, 0x74, 0x11, 0x8d, 0x74, 0xd6, | ||
7220 | 0x07, 0x37, 0x91, 0x9f, 0xfd, 0x67, 0x50, 0x3a, | ||
7221 | 0xc9, 0xe1, 0xf4, 0x36, 0xd5, 0xa0, 0x47, 0xd1, | ||
7222 | 0xf9, 0xe5, 0x39, 0xa3, 0x31, 0xac, 0x07, 0x36, | ||
7223 | 0x23, 0xf8, 0x66, 0x18, 0x14, 0x28, 0x34, 0x0f, | ||
7224 | 0xb8, 0xd0, 0xe7, 0x29, 0xb3, 0x04, 0x4b, 0x55, | ||
7225 | 0x01, 0x41, 0xb2, 0x75, 0x8d, 0xcb, 0x96, 0x85, | ||
7226 | 0x3a, 0xfb, 0xab, 0x2b, 0x9e, 0xfa, 0x58, 0x20, | ||
7227 | 0x44, 0x1f, 0xc0, 0x14, 0x22, 0x75, 0x61, 0xe8, | ||
7228 | 0xaa, 0x19, 0xcf, 0xf1, 0x82, 0x56, 0xf4, 0xd7, | ||
7229 | 0x78, 0x7b, 0x3d, 0x5f, 0xb3, 0x9e, 0x0b, 0x8a, | ||
7230 | 0x57, 0x50, 0xdb, 0x17, 0x41, 0x65, 0x4d, 0xa3, | ||
7231 | 0x02, 0xc9, 0x9c, 0x9c, 0x53, 0xfb, 0x39, 0x39, | ||
7232 | 0x9b, 0x1d, 0x72, 0x24, 0xda, 0xb7, 0x39, 0xbe, | ||
7233 | 0x13, 0x3b, 0xfa, 0x29, 0xda, 0x9e, 0x54, 0x64, | ||
7234 | 0x6e, 0xba, 0xd8, 0xa1, 0xcb, 0xb3, 0x36, 0xfa, | ||
7235 | 0xcb, 0x47, 0x85, 0xe9, 0x61, 0x38, 0xbc, 0xbe, | ||
7236 | 0xc5, 0x00, 0x38, 0x2a, 0x54, 0xf7, 0xc4, 0xb9, | ||
7237 | 0xb3, 0xd3, 0x7b, 0xa0, 0xa0, 0xf8, 0x72, 0x7f, | ||
7238 | 0x8c, 0x8e, 0x82, 0x0e, 0xc6, 0x1c, 0x75, 0x9d, | ||
7239 | 0xca, 0x8e, 0x61, 0x87, 0xde, 0xad, 0x80, 0xd2, | ||
7240 | 0xf5, 0xf9, 0x80, 0xef, 0x15, 0x75, 0xaf, 0xf5, | ||
7241 | 0x80, 0xfb, 0xff, 0x6d, 0x1e, 0x25, 0xb7, 0x40, | ||
7242 | 0x61, 0x6a, 0x39, 0x5a, 0x6a, 0xb5, 0x31, 0xab, | ||
7243 | 0x97, 0x8a, 0x19, 0x89, 0x44, 0x40, 0xc0, 0xa6, | ||
7244 | 0xb4, 0x4e, 0x30, 0x32, 0x7b, 0x13, 0xe7, 0x67, | ||
7245 | 0xa9, 0x8b, 0x57, 0x04, 0xc2, 0x01, 0xa6, 0xf4, | ||
7246 | 0x28, 0x99, 0xad, 0x2c, 0x76, 0xa3, 0x78, 0xc2, | ||
7247 | 0x4a, 0xe6, 0xca, 0x5c, 0x50, 0x6a, 0xc1, 0xb0, | ||
7248 | 0x62, 0x4b, 0x10, 0x8e, 0x7c, 0x17, 0x43, 0xb3, | ||
7249 | 0x17, 0x66, 0x1c, 0x3e, 0x8d, 0x69, 0xf0, 0x5a, | ||
7250 | 0x71, 0xf5, 0x97, 0xdc, 0xd1, 0x45, 0xdd, 0x28, | ||
7251 | 0xf3, 0x5d, 0xdf, 0x53, 0x7b, 0x11, 0xe5, 0xbc, | ||
7252 | 0x4c, 0xdb, 0x1b, 0x51, 0x6b, 0xe9, 0xfb, 0x3d, | ||
7253 | 0xc1, 0xc3, 0x2c, 0xb9, 0x71, 0xf5, 0xb6, 0xb2, | ||
7254 | 0x13, 0x36, 0x79, 0x80, 0x53, 0xe8, 0xd3, 0xa6, | ||
7255 | 0x0a, 0xaf, 0xfd, 0x56, 0x97, 0xf7, 0x40, 0x8e, | ||
7256 | 0x45, 0xce, 0xf8, 0xb0, 0x9e, 0x5c, 0x33, 0x82, | ||
7257 | 0xb0, 0x44, 0x56, 0xfc, 0x05, 0x09, 0xe9, 0x2a, | ||
7258 | 0xac, 0x26, 0x80, 0x14, 0x1d, 0xc8, 0x3a, 0x35, | ||
7259 | 0x4c, 0x82, 0x97, 0xfd, 0x76, 0xb7, 0xa9, 0x0a, | ||
7260 | 0x35, 0x58, 0x79, 0x8e, 0x0f, 0x66, 0xea, 0xaf, | ||
7261 | 0x51, 0x6c, 0x09, 0xa9, 0x6e, 0x9b, 0xcb, 0x9a, | ||
7262 | 0x31, 0x47, 0xa0, 0x2f, 0x7c, 0x71, 0xb4, 0x4a, | ||
7263 | 0x11, 0xaa, 0x8c, 0x66, 0xc5, 0x64, 0xe6, 0x3a, | ||
7264 | 0x54, 0xda, 0x24, 0x6a, 0xc4, 0x41, 0x65, 0x46, | ||
7265 | 0x82, 0xa0, 0x0a, 0x0f, 0x5f, 0xfb, 0x25, 0xd0, | ||
7266 | 0x2c, 0x91, 0xa7, 0xee, 0xc4, 0x81, 0x07, 0x86, | ||
7267 | 0x75, 0x5e, 0x33, 0x69, 0x97, 0xe4, 0x2c, 0xa8, | ||
7268 | 0x9d, 0x9f, 0x0b, 0x6a, 0xbe, 0xad, 0x98, 0xda, | ||
7269 | 0x6d, 0x94, 0x41, 0xda, 0x2c, 0x1e, 0x89, 0xc4, | ||
7270 | 0xc2, 0xaf, 0x1e, 0x00, 0x05, 0x0b, 0x83, 0x60, | ||
7271 | 0xbd, 0x43, 0xea, 0x15, 0x23, 0x7f, 0xb9, 0xac, | ||
7272 | 0xee, 0x4f, 0x2c, 0xaf, 0x2a, 0xf3, 0xdf, 0xd0, | ||
7273 | 0xf3, 0x19, 0x31, 0xbb, 0x4a, 0x74, 0x84, 0x17, | ||
7274 | 0x52, 0x32, 0x2c, 0x7d, 0x61, 0xe4, 0xcb, 0xeb, | ||
7275 | 0x80, 0x38, 0x15, 0x52, 0xcb, 0x6f, 0xea, 0xe5, | ||
7276 | 0x73, 0x9c, 0xd9, 0x24, 0x69, 0xc6, 0x95, 0x32, | ||
7277 | 0x21, 0xc8, 0x11, 0xe4, 0xdc, 0x36, 0xd7, 0x93, | ||
7278 | 0x38, 0x66, 0xfb, 0xb2, 0x7f, 0x3a, 0xb9, 0xaf, | ||
7279 | 0x31, 0xdd, 0x93, 0x75, 0x78, 0x8a, 0x2c, 0x94, | ||
7280 | 0x87, 0x1a, 0x58, 0xec, 0x9e, 0x7d, 0x4d, 0xba, | ||
7281 | 0xe1, 0xe5, 0x4d, 0xfc, 0xbc, 0xa4, 0x2a, 0x14, | ||
7282 | 0xef, 0xcc, 0xa7, 0xec, 0xab, 0x43, 0x09, 0x18, | ||
7283 | 0xd3, 0xab, 0x68, 0xd1, 0x07, 0x99, 0x44, 0x47, | ||
7284 | 0xd6, 0x83, 0x85, 0x3b, 0x30, 0xea, 0xa9, 0x6b, | ||
7285 | 0x63, 0xea, 0xc4, 0x07, 0xfb, 0x43, 0x2f, 0xa4, | ||
7286 | 0xaa, 0xb0, 0xab, 0x03, 0x89, 0xce, 0x3f, 0x8c, | ||
7287 | 0x02, 0x7c, 0x86, 0x54, 0xbc, 0x88, 0xaf, 0x75, | ||
7288 | 0xd2, 0xdc, 0x63, 0x17, 0xd3, 0x26, 0xf6, 0x96, | ||
7289 | 0xa9, 0x3c, 0xf1, 0x61, 0x8c, 0x11, 0x18, 0xcc, | ||
7290 | 0xd6, 0xea, 0x5b, 0xe2, 0xcd, 0xf0, 0xf1, 0xb2, | ||
7291 | 0xe5, 0x35, 0x90, 0x1f, 0x85, 0x4c, 0x76, 0x5b, | ||
7292 | 0x66, 0xce, 0x44, 0xa4, 0x32, 0x9f, 0xe6, 0x7b, | ||
7293 | 0x71, 0x6e, 0x9f, 0x58, 0x15, 0x67, 0x72, 0x87, | ||
7294 | 0x64, 0x8e, 0x3a, 0x44, 0x45, 0xd4, 0x76, 0xfa, | ||
7295 | 0xc2, 0xf6, 0xef, 0x85, 0x05, 0x18, 0x7a, 0x9b, | ||
7296 | 0xba, 0x41, 0x54, 0xac, 0xf0, 0xfc, 0x59, 0x12, | ||
7297 | 0x3f, 0xdf, 0xa0, 0xe5, 0x8a, 0x65, 0xfd, 0x3a, | ||
7298 | 0x62, 0x8d, 0x83, 0x2c, 0x03, 0xbe, 0x05, 0x76, | ||
7299 | 0x2e, 0x53, 0x49, 0x97, 0x94, 0x33, 0xae, 0x40, | ||
7300 | 0x81, 0x15, 0xdb, 0x6e, 0xad, 0xaa, 0xf5, 0x4b, | ||
7301 | 0xe3, 0x98, 0x70, 0xdf, 0xe0, 0x7c, 0xcd, 0xdb, | ||
7302 | 0x02, 0xd4, 0x7d, 0x2f, 0xc1, 0xe6, 0xb4, 0xf3, | ||
7303 | 0xd7, 0x0d, 0x7a, 0xd9, 0x23, 0x9e, 0x87, 0x2d, | ||
7304 | 0xce, 0x87, 0xad, 0xcc, 0x72, 0x05, 0x00, 0x29, | ||
7305 | 0xdc, 0x73, 0x7f, 0x64, 0xc1, 0x15, 0x0e, 0xc2, | ||
7306 | 0xdf, 0xa7, 0x5f, 0xeb, 0x41, 0xa1, 0xcd, 0xef, | ||
7307 | 0x5c, 0x50, 0x79, 0x2a, 0x56, 0x56, 0x71, 0x8c, | ||
7308 | 0xac, 0xc0, 0x79, 0x50, 0x69, 0xca, 0x59, 0x32, | ||
7309 | 0x65, 0xf2, 0x54, 0xe4, 0x52, 0x38, 0x76, 0xd1, | ||
7310 | 0x5e, 0xde, 0x26, 0x9e, 0xfb, 0x75, 0x2e, 0x11, | ||
7311 | 0xb5, 0x10, 0xf4, 0x17, 0x73, 0xf5, 0x89, 0xc7, | ||
7312 | 0x4f, 0x43, 0x5c, 0x8e, 0x7c, 0xb9, 0x05, 0x52, | ||
7313 | 0x24, 0x40, 0x99, 0xfe, 0x9b, 0x85, 0x0b, 0x6c, | ||
7314 | 0x22, 0x3e, 0x8b, 0xae, 0x86, 0xa1, 0xd2, 0x79, | ||
7315 | 0x05, 0x68, 0x6b, 0xab, 0xe3, 0x41, 0x49, 0xed, | ||
7316 | 0x15, 0xa1, 0x8d, 0x40, 0x2d, 0x61, 0xdf, 0x1a, | ||
7317 | 0x59, 0xc9, 0x26, 0x8b, 0xef, 0x30, 0x4c, 0x88, | ||
7318 | 0x4b, 0x10, 0xf8, 0x8d, 0xa6, 0x92, 0x9f, 0x4b, | ||
7319 | 0xf3, 0xc4, 0x53, 0x0b, 0x89, 0x5d, 0x28, 0x92, | ||
7320 | 0xcf, 0x78, 0xb2, 0xc0, 0x5d, 0xed, 0x7e, 0xfc, | ||
7321 | 0xc0, 0x12, 0x23, 0x5f, 0x5a, 0x78, 0x86, 0x43, | ||
7322 | 0x6e, 0x27, 0xf7, 0x5a, 0xa7, 0x6a, 0xed, 0x19, | ||
7323 | 0x04, 0xf0, 0xb3, 0x12, 0xd1, 0xbd, 0x0e, 0x89, | ||
7324 | 0x6e, 0xbc, 0x96, 0xa8, 0xd8, 0x49, 0x39, 0x9f, | ||
7325 | 0x7e, 0x67, 0xf0, 0x2e, 0x3e, 0x01, 0xa9, 0xba, | ||
7326 | 0xec, 0x8b, 0x62, 0x8e, 0xcb, 0x4a, 0x70, 0x43, | ||
7327 | 0xc7, 0xc2, 0xc4, 0xca, 0x82, 0x03, 0x73, 0xe9, | ||
7328 | 0x11, 0xdf, 0xcf, 0x54, 0xea, 0xc9, 0xb0, 0x95, | ||
7329 | 0x51, 0xc0, 0x13, 0x3d, 0x92, 0x05, 0xfa, 0xf4, | ||
7330 | 0xa9, 0x34, 0xc8, 0xce, 0x6c, 0x3d, 0x54, 0xcc, | ||
7331 | 0xc4, 0xaf, 0xf1, 0xdc, 0x11, 0x44, 0x26, 0xa2, | ||
7332 | 0xaf, 0xf1, 0x85, 0x75, 0x7d, 0x03, 0x61, 0x68, | ||
7333 | 0x4e, 0x78, 0xc6, 0x92, 0x7d, 0x86, 0x7d, 0x77, | ||
7334 | 0xdc, 0x71, 0x72, 0xdb, 0xc6, 0xae, 0xa1, 0xcb, | ||
7335 | 0x70, 0x9a, 0x0b, 0x19, 0xbe, 0x4a, 0x6c, 0x2a, | ||
7336 | 0xe2, 0xba, 0x6c, 0x64, 0x9a, 0x13, 0x28, 0xdf, | ||
7337 | 0x85, 0x75, 0xe6, 0x43, 0xf6, 0x87, 0x08, 0x68, | ||
7338 | 0x6e, 0xba, 0x6e, 0x79, 0x9f, 0x04, 0xbc, 0x23, | ||
7339 | 0x50, 0xf6, 0x33, 0x5c, 0x1f, 0x24, 0x25, 0xbe, | ||
7340 | 0x33, 0x47, 0x80, 0x45, 0x56, 0xa3, 0xa7, 0xd7, | ||
7341 | 0x7a, 0xb1, 0x34, 0x0b, 0x90, 0x3c, 0x9c, 0xad, | ||
7342 | 0x44, 0x5f, 0x9e, 0x0e, 0x9d, 0xd4, 0xbd, 0x93, | ||
7343 | 0x5e, 0xfa, 0x3c, 0xe0, 0xb0, 0xd9, 0xed, 0xf3, | ||
7344 | 0xd6, 0x2e, 0xff, 0x24, 0xd8, 0x71, 0x6c, 0xed, | ||
7345 | 0xaf, 0x55, 0xeb, 0x22, 0xac, 0x93, 0x68, 0x32, | ||
7346 | 0x05, 0x5b, 0x47, 0xdd, 0xc6, 0x4a, 0xcb, 0xc7, | ||
7347 | 0x10, 0xe1, 0x3c, 0x92, 0x1a, 0xf3, 0x23, 0x78, | ||
7348 | 0x2b, 0xa1, 0xd2, 0x80, 0xf4, 0x12, 0xb1, 0x20, | ||
7349 | 0x8f, 0xff, 0x26, 0x35, 0xdd, 0xfb, 0xc7, 0x4e, | ||
7350 | 0x78, 0xf1, 0x2d, 0x50, 0x12, 0x77, 0xa8, 0x60, | ||
7351 | 0x7c, 0x0f, 0xf5, 0x16, 0x2f, 0x63, 0x70, 0x2a, | ||
7352 | 0xc0, 0x96, 0x80, 0x4e, 0x0a, 0xb4, 0x93, 0x35, | ||
7353 | 0x5d, 0x1d, 0x3f, 0x56, 0xf7, 0x2f, 0xbb, 0x90, | ||
7354 | 0x11, 0x16, 0x8f, 0xa2, 0xec, 0x47, 0xbe, 0xac, | ||
7355 | 0x56, 0x01, 0x26, 0x56, 0xb1, 0x8c, 0xb2, 0x10, | ||
7356 | 0xf9, 0x1a, 0xca, 0xf5, 0xd1, 0xb7, 0x39, 0x20, | ||
7357 | 0x63, 0xf1, 0x69, 0x20, 0x4f, 0x13, 0x12, 0x1f, | ||
7358 | 0x5b, 0x65, 0xfc, 0x98, 0xf7, 0xc4, 0x7a, 0xbe, | ||
7359 | 0xf7, 0x26, 0x4d, 0x2b, 0x84, 0x7b, 0x42, 0xad, | ||
7360 | 0xd8, 0x7a, 0x0a, 0xb4, 0xd8, 0x74, 0xbf, 0xc1, | ||
7361 | 0xf0, 0x6e, 0xb4, 0x29, 0xa3, 0xbb, 0xca, 0x46, | ||
7362 | 0x67, 0x70, 0x6a, 0x2d, 0xce, 0x0e, 0xa2, 0x8a, | ||
7363 | 0xa9, 0x87, 0xbf, 0x05, 0xc4, 0xc1, 0x04, 0xa3, | ||
7364 | 0xab, 0xd4, 0x45, 0x43, 0x8c, 0xb6, 0x02, 0xb0, | ||
7365 | 0x41, 0xc8, 0xfc, 0x44, 0x3d, 0x59, 0xaa, 0x2e, | ||
7366 | 0x44, 0x21, 0x2a, 0x8d, 0x88, 0x9d, 0x57, 0xf4, | ||
7367 | 0xa0, 0x02, 0x77, 0xb8, 0xa6, 0xa0, 0xe6, 0x75, | ||
7368 | 0x5c, 0x82, 0x65, 0x3e, 0x03, 0x5c, 0x29, 0x8f, | ||
7369 | 0x38, 0x55, 0xab, 0x33, 0x26, 0xef, 0x9f, 0x43, | ||
7370 | 0x52, 0xfd, 0x68, 0xaf, 0x36, 0xb4, 0xbb, 0x9a, | ||
7371 | 0x58, 0x09, 0x09, 0x1b, 0xc3, 0x65, 0x46, 0x46, | ||
7372 | 0x1d, 0xa7, 0x94, 0x18, 0x23, 0x50, 0x2c, 0xca, | ||
7373 | 0x2c, 0x55, 0x19, 0x97, 0x01, 0x9d, 0x93, 0x3b, | ||
7374 | 0x63, 0x86, 0xf2, 0x03, 0x67, 0x45, 0xd2, 0x72, | ||
7375 | 0x28, 0x52, 0x6c, 0xf4, 0xe3, 0x1c, 0xb5, 0x11, | ||
7376 | 0x13, 0xf1, 0xeb, 0x21, 0xc7, 0xd9, 0x56, 0x82, | ||
7377 | 0x2b, 0x82, 0x39, 0xbd, 0x69, 0x54, 0xed, 0x62, | ||
7378 | 0xc3, 0xe2, 0xde, 0x73, 0xd4, 0x6a, 0x12, 0xae, | ||
7379 | 0x13, 0x21, 0x7f, 0x4b, 0x5b, 0xfc, 0xbf, 0xe8, | ||
7380 | 0x2b, 0xbe, 0x56, 0xba, 0x68, 0x8b, 0x9a, 0xb1, | ||
7381 | 0x6e, 0xfa, 0xbf, 0x7e, 0x5a, 0x4b, 0xf1, 0xac, | ||
7382 | 0x98, 0x65, 0x85, 0xd1, 0x93, 0x53, 0xd3, 0x7b, | ||
7383 | 0x09, 0xdd, 0x4b, 0x10, 0x6d, 0x84, 0xb0, 0x13, | ||
7384 | 0x65, 0xbd, 0xcf, 0x52, 0x09, 0xc4, 0x85, 0xe2, | ||
7385 | 0x84, 0x74, 0x15, 0x65, 0xb7, 0xf7, 0x51, 0xaf, | ||
7386 | 0x55, 0xad, 0xa4, 0xd1, 0x22, 0x54, 0x70, 0x94, | ||
7387 | 0xa0, 0x1c, 0x90, 0x41, 0xfd, 0x99, 0xd7, 0x5a, | ||
7388 | 0x31, 0xef, 0xaa, 0x25, 0xd0, 0x7f, 0x4f, 0xea, | ||
7389 | 0x1d, 0x55, 0x42, 0xe5, 0x49, 0xb0, 0xd0, 0x46, | ||
7390 | 0x62, 0x36, 0x43, 0xb2, 0x82, 0x15, 0x75, 0x50, | ||
7391 | 0xa4, 0x72, 0xeb, 0x54, 0x27, 0x1f, 0x8a, 0xe4, | ||
7392 | 0x7d, 0xe9, 0x66, 0xc5, 0xf1, 0x53, 0xa4, 0xd1, | ||
7393 | 0x0c, 0xeb, 0xb8, 0xf8, 0xbc, 0xd4, 0xe2, 0xe7, | ||
7394 | 0xe1, 0xf8, 0x4b, 0xcb, 0xa9, 0xa1, 0xaf, 0x15, | ||
7395 | 0x83, 0xcb, 0x72, 0xd0, 0x33, 0x79, 0x00, 0x2d, | ||
7396 | 0x9f, 0xd7, 0xf1, 0x2e, 0x1e, 0x10, 0xe4, 0x45, | ||
7397 | 0xc0, 0x75, 0x3a, 0x39, 0xea, 0x68, 0xf7, 0x5d, | ||
7398 | 0x1b, 0x73, 0x8f, 0xe9, 0x8e, 0x0f, 0x72, 0x47, | ||
7399 | 0xae, 0x35, 0x0a, 0x31, 0x7a, 0x14, 0x4d, 0x4a, | ||
7400 | 0x6f, 0x47, 0xf7, 0x7e, 0x91, 0x6e, 0x74, 0x8b, | ||
7401 | 0x26, 0x47, 0xf9, 0xc3, 0xf9, 0xde, 0x70, 0xf5, | ||
7402 | 0x61, 0xab, 0xa9, 0x27, 0x9f, 0x82, 0xe4, 0x9c, | ||
7403 | 0x89, 0x91, 0x3f, 0x2e, 0x6a, 0xfd, 0xb5, 0x49, | ||
7404 | 0xe9, 0xfd, 0x59, 0x14, 0x36, 0x49, 0x40, 0x6d, | ||
7405 | 0x32, 0xd8, 0x85, 0x42, 0xf3, 0xa5, 0xdf, 0x0c, | ||
7406 | 0xa8, 0x27, 0xd7, 0x54, 0xe2, 0x63, 0x2f, 0xf2, | ||
7407 | 0x7e, 0x8b, 0x8b, 0xe7, 0xf1, 0x9a, 0x95, 0x35, | ||
7408 | 0x43, 0xdc, 0x3a, 0xe4, 0xb6, 0xf4, 0xd0, 0xdf, | ||
7409 | 0x9c, 0xcb, 0x94, 0xf3, 0x21, 0xa0, 0x77, 0x50, | ||
7410 | 0xe2, 0xc6, 0xc4, 0xc6, 0x5f, 0x09, 0x64, 0x5b, | ||
7411 | 0x92, 0x90, 0xd8, 0xe1, 0xd1, 0xed, 0x4b, 0x42, | ||
7412 | 0xd7, 0x37, 0xaf, 0x65, 0x3d, 0x11, 0x39, 0xb6, | ||
7413 | 0x24, 0x8a, 0x60, 0xae, 0xd6, 0x1e, 0xbf, 0x0e, | ||
7414 | 0x0d, 0xd7, 0xdc, 0x96, 0x0e, 0x65, 0x75, 0x4e, | ||
7415 | 0x29, 0x06, 0x9d, 0xa4, 0x51, 0x3a, 0x10, 0x63, | ||
7416 | 0x8f, 0x17, 0x07, 0xd5, 0x8e, 0x3c, 0xf4, 0x28, | ||
7417 | 0x00, 0x5a, 0x5b, 0x05, 0x19, 0xd8, 0xc0, 0x6c, | ||
7418 | 0xe5, 0x15, 0xe4, 0x9c, 0x9d, 0x71, 0x9d, 0x5e, | ||
7419 | 0x94, 0x29, 0x1a, 0xa7, 0x80, 0xfa, 0x0e, 0x33, | ||
7420 | 0x03, 0xdd, 0xb7, 0x3e, 0x9a, 0xa9, 0x26, 0x18, | ||
7421 | 0x37, 0xa9, 0x64, 0x08, 0x4d, 0x94, 0x5a, 0x88, | ||
7422 | 0xca, 0x35, 0xce, 0x81, 0x02, 0xe3, 0x1f, 0x1b, | ||
7423 | 0x89, 0x1a, 0x77, 0x85, 0xe3, 0x41, 0x6d, 0x32, | ||
7424 | 0x42, 0x19, 0x23, 0x7d, 0xc8, 0x73, 0xee, 0x25, | ||
7425 | 0x85, 0x0d, 0xf8, 0x31, 0x25, 0x79, 0x1b, 0x6f, | ||
7426 | 0x79, 0x25, 0xd2, 0xd8, 0xd4, 0x23, 0xfd, 0xf7, | ||
7427 | 0x82, 0x36, 0x6a, 0x0c, 0x46, 0x22, 0x15, 0xe9, | ||
7428 | 0xff, 0x72, 0x41, 0x91, 0x91, 0x7d, 0x3a, 0xb7, | ||
7429 | 0xdd, 0x65, 0x99, 0x70, 0xf6, 0x8d, 0x84, 0xf8, | ||
7430 | 0x67, 0x15, 0x20, 0x11, 0xd6, 0xb2, 0x55, 0x7b, | ||
7431 | 0xdb, 0x87, 0xee, 0xef, 0x55, 0x89, 0x2a, 0x59, | ||
7432 | 0x2b, 0x07, 0x8f, 0x43, 0x8a, 0x59, 0x3c, 0x01, | ||
7433 | 0x8b, 0x65, 0x54, 0xa1, 0x66, 0xd5, 0x38, 0xbd, | ||
7434 | 0xc6, 0x30, 0xa9, 0xcc, 0x49, 0xb6, 0xa8, 0x1b, | ||
7435 | 0xb8, 0xc0, 0x0e, 0xe3, 0x45, 0x28, 0xe2, 0xff, | ||
7436 | 0x41, 0x9f, 0x7e, 0x7c, 0xd1, 0xae, 0x9e, 0x25, | ||
7437 | 0x3f, 0x4c, 0x7c, 0x7c, 0xf4, 0xa8, 0x26, 0x4d, | ||
7438 | 0x5c, 0xfd, 0x4b, 0x27, 0x18, 0xf9, 0x61, 0x76, | ||
7439 | 0x48, 0xba, 0x0c, 0x6b, 0xa9, 0x4d, 0xfc, 0xf5, | ||
7440 | 0x3b, 0x35, 0x7e, 0x2f, 0x4a, 0xa9, 0xc2, 0x9a, | ||
7441 | 0xae, 0xab, 0x86, 0x09, 0x89, 0xc9, 0xc2, 0x40, | ||
7442 | 0x39, 0x2c, 0x81, 0xb3, 0xb8, 0x17, 0x67, 0xc2, | ||
7443 | 0x0d, 0x32, 0x4a, 0x3a, 0x67, 0x81, 0xd7, 0x1a, | ||
7444 | 0x34, 0x52, 0xc5, 0xdb, 0x0a, 0xf5, 0x63, 0x39, | ||
7445 | 0xea, 0x1f, 0xe1, 0x7c, 0xa1, 0x9e, 0xc1, 0x35, | ||
7446 | 0xe3, 0xb1, 0x18, 0x45, 0x67, 0xf9, 0x22, 0x38, | ||
7447 | 0x95, 0xd9, 0x34, 0x34, 0x86, 0xc6, 0x41, 0x94, | ||
7448 | 0x15, 0xf9, 0x5b, 0x41, 0xa6, 0x87, 0x8b, 0xf8, | ||
7449 | 0xd5, 0xe1, 0x1b, 0xe2, 0x5b, 0xf3, 0x86, 0x10, | ||
7450 | 0xff, 0xe6, 0xae, 0x69, 0x76, 0xbc, 0x0d, 0xb4, | ||
7451 | 0x09, 0x90, 0x0c, 0xa2, 0x65, 0x0c, 0xad, 0x74, | ||
7452 | 0xf5, 0xd7, 0xff, 0xda, 0xc1, 0xce, 0x85, 0xbe, | ||
7453 | 0x00, 0xa7, 0xff, 0x4d, 0x2f, 0x65, 0xd3, 0x8c, | ||
7454 | 0x86, 0x2d, 0x05, 0xe8, 0xed, 0x3e, 0x6b, 0x8b, | ||
7455 | 0x0f, 0x3d, 0x83, 0x8c, 0xf1, 0x1d, 0x5b, 0x96, | ||
7456 | 0x2e, 0xb1, 0x9c, 0xc2, 0x98, 0xe1, 0x70, 0xb9, | ||
7457 | 0xba, 0x5c, 0x8a, 0x43, 0xd6, 0x34, 0xa7, 0x2d, | ||
7458 | 0xc9, 0x92, 0xae, 0xf2, 0xa5, 0x7b, 0x05, 0x49, | ||
7459 | 0xa7, 0x33, 0x34, 0x86, 0xca, 0xe4, 0x96, 0x23, | ||
7460 | 0x76, 0x5b, 0xf2, 0xc6, 0xf1, 0x51, 0x28, 0x42, | ||
7461 | 0x7b, 0xcc, 0x76, 0x8f, 0xfa, 0xa2, 0xad, 0x31, | ||
7462 | 0xd4, 0xd6, 0x7a, 0x6d, 0x25, 0x25, 0x54, 0xe4, | ||
7463 | 0x3f, 0x50, 0x59, 0xe1, 0x5c, 0x05, 0xb7, 0x27, | ||
7464 | 0x48, 0xbf, 0x07, 0xec, 0x1b, 0x13, 0xbe, 0x2b, | ||
7465 | 0xa1, 0x57, 0x2b, 0xd5, 0xab, 0xd7, 0xd0, 0x4c, | ||
7466 | 0x1e, 0xcb, 0x71, 0x9b, 0xc5, 0x90, 0x85, 0xd3, | ||
7467 | 0xde, 0x59, 0xec, 0x71, 0xeb, 0x89, 0xbb, 0xd0, | ||
7468 | 0x09, 0x50, 0xe1, 0x16, 0x3f, 0xfd, 0x1c, 0x34, | ||
7469 | 0xc3, 0x1c, 0xa1, 0x10, 0x77, 0x53, 0x98, 0xef, | ||
7470 | 0xf2, 0xfd, 0xa5, 0x01, 0x59, 0xc2, 0x9b, 0x26, | ||
7471 | 0xc7, 0x42, 0xd9, 0x49, 0xda, 0x58, 0x2b, 0x6e, | ||
7472 | 0x9f, 0x53, 0x19, 0x76, 0x7e, 0xd9, 0xc9, 0x0e, | ||
7473 | 0x68, 0xc8, 0x7f, 0x51, 0x22, 0x42, 0xef, 0x49, | ||
7474 | 0xa4, 0x55, 0xb6, 0x36, 0xac, 0x09, 0xc7, 0x31, | ||
7475 | 0x88, 0x15, 0x4b, 0x2e, 0x8f, 0x3a, 0x08, 0xf7, | ||
7476 | 0xd8, 0xf7, 0xa8, 0xc5, 0xa9, 0x33, 0xa6, 0x45, | ||
7477 | 0xe4, 0xc4, 0x94, 0x76, 0xf3, 0x0d, 0x8f, 0x7e, | ||
7478 | 0xc8, 0xf6, 0xbc, 0x23, 0x0a, 0xb6, 0x4c, 0xd3, | ||
7479 | 0x6a, 0xcd, 0x36, 0xc2, 0x90, 0x5c, 0x5c, 0x3c, | ||
7480 | 0x65, 0x7b, 0xc2, 0xd6, 0xcc, 0xe6, 0x0d, 0x87, | ||
7481 | 0x73, 0x2e, 0x71, 0x79, 0x16, 0x06, 0x63, 0x28, | ||
7482 | 0x09, 0x15, 0xd8, 0x89, 0x38, 0x38, 0x3d, 0xb5, | ||
7483 | 0x42, 0x1c, 0x08, 0x24, 0xf7, 0x2a, 0xd2, 0x9d, | ||
7484 | 0xc8, 0xca, 0xef, 0xf9, 0x27, 0xd8, 0x07, 0x86, | ||
7485 | 0xf7, 0x43, 0x0b, 0x55, 0x15, 0x3f, 0x9f, 0x83, | ||
7486 | 0xef, 0xdc, 0x49, 0x9d, 0x2a, 0xc1, 0x54, 0x62, | ||
7487 | 0xbd, 0x9b, 0x66, 0x55, 0x9f, 0xb7, 0x12, 0xf3, | ||
7488 | 0x1b, 0x4d, 0x9d, 0x2a, 0x5c, 0xed, 0x87, 0x75, | ||
7489 | 0x87, 0x26, 0xec, 0x61, 0x2c, 0xb4, 0x0f, 0x89, | ||
7490 | 0xb0, 0xfb, 0x2e, 0x68, 0x5d, 0x15, 0xc7, 0x8d, | ||
7491 | 0x2e, 0xc0, 0xd9, 0xec, 0xaf, 0x4f, 0xd2, 0x25, | ||
7492 | 0x29, 0xe8, 0xd2, 0x26, 0x2b, 0x67, 0xe9, 0xfc, | ||
7493 | 0x2b, 0xa8, 0x67, 0x96, 0x12, 0x1f, 0x5b, 0x96, | ||
7494 | 0xc6, 0x14, 0x53, 0xaf, 0x44, 0xea, 0xd6, 0xe2, | ||
7495 | 0x94, 0x98, 0xe4, 0x12, 0x93, 0x4c, 0x92, 0xe0, | ||
7496 | 0x18, 0xa5, 0x8d, 0x2d, 0xe4, 0x71, 0x3c, 0x47, | ||
7497 | 0x4c, 0xf7, 0xe6, 0x47, 0x9e, 0xc0, 0x68, 0xdf, | ||
7498 | 0xd4, 0xf5, 0x5a, 0x74, 0xb1, 0x2b, 0x29, 0x03, | ||
7499 | 0x19, 0x07, 0xaf, 0x90, 0x62, 0x5c, 0x68, 0x98, | ||
7500 | 0x48, 0x16, 0x11, 0x02, 0x9d, 0xee, 0xb4, 0x9b, | ||
7501 | 0xe5, 0x42, 0x7f, 0x08, 0xfd, 0x16, 0x32, 0x0b, | ||
7502 | 0xd0, 0xb3, 0xfa, 0x2b, 0xb7, 0x99, 0xf9, 0x29, | ||
7503 | 0xcd, 0x20, 0x45, 0x9f, 0xb3, 0x1a, 0x5d, 0xa2, | ||
7504 | 0xaf, 0x4d, 0xe0, 0xbd, 0x42, 0x0d, 0xbc, 0x74, | ||
7505 | 0x99, 0x9c, 0x8e, 0x53, 0x1a, 0xb4, 0x3e, 0xbd, | ||
7506 | 0xa2, 0x9a, 0x2d, 0xf7, 0xf8, 0x39, 0x0f, 0x67, | ||
7507 | 0x63, 0xfc, 0x6b, 0xc0, 0xaf, 0xb3, 0x4b, 0x4f, | ||
7508 | 0x55, 0xc4, 0xcf, 0xa7, 0xc8, 0x04, 0x11, 0x3e, | ||
7509 | 0x14, 0x32, 0xbb, 0x1b, 0x38, 0x77, 0xd6, 0x7f, | ||
7510 | 0x54, 0x4c, 0xdf, 0x75, 0xf3, 0x07, 0x2d, 0x33, | ||
7511 | 0x9b, 0xa8, 0x20, 0xe1, 0x7b, 0x12, 0xb5, 0xf3, | ||
7512 | 0xef, 0x2f, 0xce, 0x72, 0xe5, 0x24, 0x60, 0xc1, | ||
7513 | 0x30, 0xe2, 0xab, 0xa1, 0x8e, 0x11, 0x09, 0xa8, | ||
7514 | 0x21, 0x33, 0x44, 0xfe, 0x7f, 0x35, 0x32, 0x93, | ||
7515 | 0x39, 0xa7, 0xad, 0x8b, 0x79, 0x06, 0xb2, 0xcb, | ||
7516 | 0x4e, 0xa9, 0x5f, 0xc7, 0xba, 0x74, 0x29, 0xec, | ||
7517 | 0x93, 0xa0, 0x4e, 0x54, 0x93, 0xc0, 0xbc, 0x55, | ||
7518 | 0x64, 0xf0, 0x48, 0xe5, 0x57, 0x99, 0xee, 0x75, | ||
7519 | 0xd6, 0x79, 0x0f, 0x66, 0xb7, 0xc6, 0x57, 0x76, | ||
7520 | 0xf7, 0xb7, 0xf3, 0x9c, 0xc5, 0x60, 0xe8, 0x7f, | ||
7521 | 0x83, 0x76, 0xd6, 0x0e, 0xaa, 0xe6, 0x90, 0x39, | ||
7522 | 0x1d, 0xa6, 0x32, 0x6a, 0x34, 0xe3, 0x55, 0xf8, | ||
7523 | 0x58, 0xa0, 0x58, 0x7d, 0x33, 0xe0, 0x22, 0x39, | ||
7524 | 0x44, 0x64, 0x87, 0x86, 0x5a, 0x2f, 0xa7, 0x7e, | ||
7525 | 0x0f, 0x38, 0xea, 0xb0, 0x30, 0xcc, 0x61, 0xa5, | ||
7526 | 0x6a, 0x32, 0xae, 0x1e, 0xf7, 0xe9, 0xd0, 0xa9, | ||
7527 | 0x0c, 0x32, 0x4b, 0xb5, 0x49, 0x28, 0xab, 0x85, | ||
7528 | 0x2f, 0x8e, 0x01, 0x36, 0x38, 0x52, 0xd0, 0xba, | ||
7529 | 0xd6, 0x02, 0x78, 0xf8, 0x0e, 0x3e, 0x9c, 0x8b, | ||
7530 | 0x6b, 0x45, 0x99, 0x3f, 0x5c, 0xfe, 0x58, 0xf1, | ||
7531 | 0x5c, 0x94, 0x04, 0xe1, 0xf5, 0x18, 0x6d, 0x51, | ||
7532 | 0xb2, 0x5d, 0x18, 0x20, 0xb6, 0xc2, 0x9a, 0x42, | ||
7533 | 0x1d, 0xb3, 0xab, 0x3c, 0xb6, 0x3a, 0x13, 0x03, | ||
7534 | 0xb2, 0x46, 0x82, 0x4f, 0xfc, 0x64, 0xbc, 0x4f, | ||
7535 | 0xca, 0xfa, 0x9c, 0xc0, 0xd5, 0xa7, 0xbd, 0x11, | ||
7536 | 0xb7, 0xe4, 0x5a, 0xf6, 0x6f, 0x4d, 0x4d, 0x54, | ||
7537 | 0xea, 0xa4, 0x98, 0x66, 0xd4, 0x22, 0x3b, 0xd3, | ||
7538 | 0x8f, 0x34, 0x47, 0xd9, 0x7c, 0xf4, 0x72, 0x3b, | ||
7539 | 0x4d, 0x02, 0x77, 0xf6, 0xd6, 0xdd, 0x08, 0x0a, | ||
7540 | 0x81, 0xe1, 0x86, 0x89, 0x3e, 0x56, 0x10, 0x3c, | ||
7541 | 0xba, 0xd7, 0x81, 0x8c, 0x08, 0xbc, 0x8b, 0xe2, | ||
7542 | 0x53, 0xec, 0xa7, 0x89, 0xee, 0xc8, 0x56, 0xb5, | ||
7543 | 0x36, 0x2c, 0xb2, 0x03, 0xba, 0x99, 0xdd, 0x7c, | ||
7544 | 0x48, 0xa0, 0xb0, 0xbc, 0x91, 0x33, 0xe9, 0xa8, | ||
7545 | 0xcb, 0xcd, 0xcf, 0x59, 0x5f, 0x1f, 0x15, 0xe2, | ||
7546 | 0x56, 0xf5, 0x4e, 0x01, 0x35, 0x27, 0x45, 0x77, | ||
7547 | 0x47, 0xc8, 0xbc, 0xcb, 0x7e, 0x39, 0xc1, 0x97, | ||
7548 | 0x28, 0xd3, 0x84, 0xfc, 0x2c, 0x3e, 0xc8, 0xad, | ||
7549 | 0x9c, 0xf8, 0x8a, 0x61, 0x9c, 0x28, 0xaa, 0xc5, | ||
7550 | 0x99, 0x20, 0x43, 0x85, 0x9d, 0xa5, 0xe2, 0x8b, | ||
7551 | 0xb8, 0xae, 0xeb, 0xd0, 0x32, 0x0d, 0x52, 0x78, | ||
7552 | 0x09, 0x56, 0x3f, 0xc7, 0xd8, 0x7e, 0x26, 0xfc, | ||
7553 | 0x37, 0xfb, 0x6f, 0x04, 0xfc, 0xfa, 0x92, 0x10, | ||
7554 | 0xac, 0xf8, 0x3e, 0x21, 0xdc, 0x8c, 0x21, 0x16, | ||
7555 | 0x7d, 0x67, 0x6e, 0xf6, 0xcd, 0xda, 0xb6, 0x98, | ||
7556 | 0x23, 0xab, 0x23, 0x3c, 0xb2, 0x10, 0xa0, 0x53, | ||
7557 | 0x5a, 0x56, 0x9f, 0xc5, 0xd0, 0xff, 0xbb, 0xe4, | ||
7558 | 0x98, 0x3c, 0x69, 0x1e, 0xdb, 0x38, 0x8f, 0x7e, | ||
7559 | 0x0f, 0xd2, 0x98, 0x88, 0x81, 0x8b, 0x45, 0x67, | ||
7560 | 0xea, 0x33, 0xf1, 0xeb, 0xe9, 0x97, 0x55, 0x2e, | ||
7561 | 0xd9, 0xaa, 0xeb, 0x5a, 0xec, 0xda, 0xe1, 0x68, | ||
7562 | 0xa8, 0x9d, 0x3c, 0x84, 0x7c, 0x05, 0x3d, 0x62, | ||
7563 | 0x87, 0x8f, 0x03, 0x21, 0x28, 0x95, 0x0c, 0x89, | ||
7564 | 0x25, 0x22, 0x4a, 0xb0, 0x93, 0xa9, 0x50, 0xa2, | ||
7565 | 0x2f, 0x57, 0x6e, 0x18, 0x42, 0x19, 0x54, 0x0c, | ||
7566 | 0x55, 0x67, 0xc6, 0x11, 0x49, 0xf4, 0x5c, 0xd2, | ||
7567 | 0xe9, 0x3d, 0xdd, 0x8b, 0x48, 0x71, 0x21, 0x00, | ||
7568 | 0xc3, 0x9a, 0x6c, 0x85, 0x74, 0x28, 0x83, 0x4a, | ||
7569 | 0x1b, 0x31, 0x05, 0xe1, 0x06, 0x92, 0xe7, 0xda, | ||
7570 | 0x85, 0x73, 0x78, 0x45, 0x20, 0x7f, 0xae, 0x13, | ||
7571 | 0x7c, 0x33, 0x06, 0x22, 0xf4, 0x83, 0xf9, 0x35, | ||
7572 | 0x3f, 0x6c, 0x71, 0xa8, 0x4e, 0x48, 0xbe, 0x9b, | ||
7573 | 0xce, 0x8a, 0xba, 0xda, 0xbe, 0x28, 0x08, 0xf7, | ||
7574 | 0xe2, 0x14, 0x8c, 0x71, 0xea, 0x72, 0xf9, 0x33, | ||
7575 | 0xf2, 0x88, 0x3f, 0xd7, 0xbb, 0x69, 0x6c, 0x29, | ||
7576 | 0x19, 0xdc, 0x84, 0xce, 0x1f, 0x12, 0x4f, 0xc8, | ||
7577 | 0xaf, 0xa5, 0x04, 0xba, 0x5a, 0xab, 0xb0, 0xd9, | ||
7578 | 0x14, 0x1f, 0x6c, 0x68, 0x98, 0x39, 0x89, 0x7a, | ||
7579 | 0xd9, 0xd8, 0x2f, 0xdf, 0xa8, 0x47, 0x4a, 0x25, | ||
7580 | 0xe2, 0xfb, 0x33, 0xf4, 0x59, 0x78, 0xe1, 0x68, | ||
7581 | 0x85, 0xcf, 0xfe, 0x59, 0x20, 0xd4, 0x05, 0x1d, | ||
7582 | 0x80, 0x99, 0xae, 0xbc, 0xca, 0xae, 0x0f, 0x2f, | ||
7583 | 0x65, 0x43, 0x34, 0x8e, 0x7e, 0xac, 0xd3, 0x93, | ||
7584 | 0x2f, 0xac, 0x6d, 0x14, 0x3d, 0x02, 0x07, 0x70, | ||
7585 | 0x9d, 0xa4, 0xf3, 0x1b, 0x5c, 0x36, 0xfc, 0x01, | ||
7586 | 0x73, 0x34, 0x85, 0x0c, 0x6c, 0xd6, 0xf1, 0xbd, | ||
7587 | 0x3f, 0xdf, 0xee, 0xf5, 0xd9, 0xba, 0x56, 0xef, | ||
7588 | 0xf4, 0x9b, 0x6b, 0xee, 0x9f, 0x5a, 0x78, 0x6d, | ||
7589 | 0x32, 0x19, 0xf4, 0xf7, 0xf8, 0x4c, 0x69, 0x0b, | ||
7590 | 0x4b, 0xbc, 0xbb, 0xb7, 0xf2, 0x85, 0xaf, 0x70, | ||
7591 | 0x75, 0x24, 0x6c, 0x54, 0xa7, 0x0e, 0x4d, 0x1d, | ||
7592 | 0x01, 0xbf, 0x08, 0xac, 0xcf, 0x7f, 0x2c, 0xe3, | ||
7593 | 0x14, 0x89, 0x5e, 0x70, 0x5a, 0x99, 0x92, 0xcd, | ||
7594 | 0x01, 0x84, 0xc8, 0xd2, 0xab, 0xe5, 0x4f, 0x58, | ||
7595 | 0xe7, 0x0f, 0x2f, 0x0e, 0xff, 0x68, 0xea, 0xfd, | ||
7596 | 0x15, 0xb3, 0x17, 0xe6, 0xb0, 0xe7, 0x85, 0xd8, | ||
7597 | 0x23, 0x2e, 0x05, 0xc7, 0xc9, 0xc4, 0x46, 0x1f, | ||
7598 | 0xe1, 0x9e, 0x49, 0x20, 0x23, 0x24, 0x4d, 0x7e, | ||
7599 | 0x29, 0x65, 0xff, 0xf4, 0xb6, 0xfd, 0x1a, 0x85, | ||
7600 | 0xc4, 0x16, 0xec, 0xfc, 0xea, 0x7b, 0xd6, 0x2c, | ||
7601 | 0x43, 0xf8, 0xb7, 0xbf, 0x79, 0xc0, 0x85, 0xcd, | ||
7602 | 0xef, 0xe1, 0x98, 0xd3, 0xa5, 0xf7, 0x90, 0x8c, | ||
7603 | 0xe9, 0x7f, 0x80, 0x6b, 0xd2, 0xac, 0x4c, 0x30, | ||
7604 | 0xa7, 0xc6, 0x61, 0x6c, 0xd2, 0xf9, 0x2c, 0xff, | ||
7605 | 0x30, 0xbc, 0x22, 0x81, 0x7d, 0x93, 0x12, 0xe4, | ||
7606 | 0x0a, 0xcd, 0xaf, 0xdd, 0xe8, 0xab, 0x0a, 0x1e, | ||
7607 | 0x13, 0xa4, 0x27, 0xc3, 0x5f, 0xf7, 0x4b, 0xbb, | ||
7608 | 0x37, 0x09, 0x4b, 0x91, 0x6f, 0x92, 0x4f, 0xaf, | ||
7609 | 0x52, 0xee, 0xdf, 0xef, 0x09, 0x6f, 0xf7, 0x5c, | ||
7610 | 0x6e, 0x12, 0x17, 0x72, 0x63, 0x57, 0xc7, 0xba, | ||
7611 | 0x3b, 0x6b, 0x38, 0x32, 0x73, 0x1b, 0x9c, 0x80, | ||
7612 | 0xc1, 0x7a, 0xc6, 0xcf, 0xcd, 0x35, 0xc0, 0x6b, | ||
7613 | 0x31, 0x1a, 0x6b, 0xe9, 0xd8, 0x2c, 0x29, 0x3f, | ||
7614 | 0x96, 0xfb, 0xb6, 0xcd, 0x13, 0x91, 0x3b, 0xc2, | ||
7615 | 0xd2, 0xa3, 0x31, 0x8d, 0xa4, 0xcd, 0x57, 0xcd, | ||
7616 | 0x13, 0x3d, 0x64, 0xfd, 0x06, 0xce, 0xe6, 0xdc, | ||
7617 | 0x0c, 0x24, 0x43, 0x31, 0x40, 0x57, 0xf1, 0x72, | ||
7618 | 0x17, 0xe3, 0x3a, 0x63, 0x6d, 0x35, 0xcf, 0x5d, | ||
7619 | 0x97, 0x40, 0x59, 0xdd, 0xf7, 0x3c, 0x02, 0xf7, | ||
7620 | 0x1c, 0x7e, 0x05, 0xbb, 0xa9, 0x0d, 0x01, 0xb1, | ||
7621 | 0x8e, 0xc0, 0x30, 0xa9, 0x53, 0x24, 0xc9, 0x89, | ||
7622 | 0x84, 0x6d, 0xaa, 0xd0, 0xcd, 0x91, 0xc2, 0x4d, | ||
7623 | 0x91, 0xb0, 0x89, 0xe2, 0xbf, 0x83, 0x44, 0xaa, | ||
7624 | 0x28, 0x72, 0x23, 0xa0, 0xc2, 0xad, 0xad, 0x1c, | ||
7625 | 0xfc, 0x3f, 0x09, 0x7a, 0x0b, 0xdc, 0xc5, 0x1b, | ||
7626 | 0x87, 0x13, 0xc6, 0x5b, 0x59, 0x8d, 0xf2, 0xc8, | ||
7627 | 0xaf, 0xdf, 0x11, 0x95, | ||
7628 | }, | ||
7629 | .rlen = 4100, | ||
7630 | }, | ||
7631 | }; | ||
7632 | |||
4320 | /* | 7633 | /* |
4321 | * Compression stuff. | 7634 | * Compression stuff. |
4322 | */ | 7635 | */ |
@@ -4408,6 +7721,88 @@ static struct comp_testvec deflate_decomp_tv_template[] = { | |||
4408 | }; | 7721 | }; |
4409 | 7722 | ||
4410 | /* | 7723 | /* |
7724 | * LZO test vectors (null-terminated strings). | ||
7725 | */ | ||
7726 | #define LZO_COMP_TEST_VECTORS 2 | ||
7727 | #define LZO_DECOMP_TEST_VECTORS 2 | ||
7728 | |||
7729 | static struct comp_testvec lzo_comp_tv_template[] = { | ||
7730 | { | ||
7731 | .inlen = 70, | ||
7732 | .outlen = 46, | ||
7733 | .input = "Join us now and share the software " | ||
7734 | "Join us now and share the software ", | ||
7735 | .output = { 0x00, 0x0d, 0x4a, 0x6f, 0x69, 0x6e, 0x20, 0x75, | ||
7736 | 0x73, 0x20, 0x6e, 0x6f, 0x77, 0x20, 0x61, 0x6e, | ||
7737 | 0x64, 0x20, 0x73, 0x68, 0x61, 0x72, 0x65, 0x20, | ||
7738 | 0x74, 0x68, 0x65, 0x20, 0x73, 0x6f, 0x66, 0x74, | ||
7739 | 0x77, 0x70, 0x01, 0x01, 0x4a, 0x6f, 0x69, 0x6e, | ||
7740 | 0x3d, 0x88, 0x00, 0x11, 0x00, 0x00 }, | ||
7741 | }, { | ||
7742 | .inlen = 159, | ||
7743 | .outlen = 133, | ||
7744 | .input = "This document describes a compression method based on the LZO " | ||
7745 | "compression algorithm. This document defines the application of " | ||
7746 | "the LZO algorithm used in UBIFS.", | ||
7747 | .output = { 0x00, 0x2b, 0x54, 0x68, 0x69, 0x73, 0x20, 0x64, | ||
7748 | 0x6f, 0x63, 0x75, 0x6d, 0x65, 0x6e, 0x74, 0x20, | ||
7749 | 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, | ||
7750 | 0x73, 0x20, 0x61, 0x20, 0x63, 0x6f, 0x6d, 0x70, | ||
7751 | 0x72, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x20, | ||
7752 | 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x20, 0x62, | ||
7753 | 0x61, 0x73, 0x65, 0x64, 0x20, 0x6f, 0x6e, 0x20, | ||
7754 | 0x74, 0x68, 0x65, 0x20, 0x4c, 0x5a, 0x4f, 0x2b, | ||
7755 | 0x8c, 0x00, 0x0d, 0x61, 0x6c, 0x67, 0x6f, 0x72, | ||
7756 | 0x69, 0x74, 0x68, 0x6d, 0x2e, 0x20, 0x20, 0x54, | ||
7757 | 0x68, 0x69, 0x73, 0x2a, 0x54, 0x01, 0x02, 0x66, | ||
7758 | 0x69, 0x6e, 0x65, 0x73, 0x94, 0x06, 0x05, 0x61, | ||
7759 | 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x76, | ||
7760 | 0x0a, 0x6f, 0x66, 0x88, 0x02, 0x60, 0x09, 0x27, | ||
7761 | 0xf0, 0x00, 0x0c, 0x20, 0x75, 0x73, 0x65, 0x64, | ||
7762 | 0x20, 0x69, 0x6e, 0x20, 0x55, 0x42, 0x49, 0x46, | ||
7763 | 0x53, 0x2e, 0x11, 0x00, 0x00 }, | ||
7764 | }, | ||
7765 | }; | ||
7766 | |||
7767 | static struct comp_testvec lzo_decomp_tv_template[] = { | ||
7768 | { | ||
7769 | .inlen = 133, | ||
7770 | .outlen = 159, | ||
7771 | .input = { 0x00, 0x2b, 0x54, 0x68, 0x69, 0x73, 0x20, 0x64, | ||
7772 | 0x6f, 0x63, 0x75, 0x6d, 0x65, 0x6e, 0x74, 0x20, | ||
7773 | 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x62, 0x65, | ||
7774 | 0x73, 0x20, 0x61, 0x20, 0x63, 0x6f, 0x6d, 0x70, | ||
7775 | 0x72, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x20, | ||
7776 | 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x20, 0x62, | ||
7777 | 0x61, 0x73, 0x65, 0x64, 0x20, 0x6f, 0x6e, 0x20, | ||
7778 | 0x74, 0x68, 0x65, 0x20, 0x4c, 0x5a, 0x4f, 0x2b, | ||
7779 | 0x8c, 0x00, 0x0d, 0x61, 0x6c, 0x67, 0x6f, 0x72, | ||
7780 | 0x69, 0x74, 0x68, 0x6d, 0x2e, 0x20, 0x20, 0x54, | ||
7781 | 0x68, 0x69, 0x73, 0x2a, 0x54, 0x01, 0x02, 0x66, | ||
7782 | 0x69, 0x6e, 0x65, 0x73, 0x94, 0x06, 0x05, 0x61, | ||
7783 | 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x76, | ||
7784 | 0x0a, 0x6f, 0x66, 0x88, 0x02, 0x60, 0x09, 0x27, | ||
7785 | 0xf0, 0x00, 0x0c, 0x20, 0x75, 0x73, 0x65, 0x64, | ||
7786 | 0x20, 0x69, 0x6e, 0x20, 0x55, 0x42, 0x49, 0x46, | ||
7787 | 0x53, 0x2e, 0x11, 0x00, 0x00 }, | ||
7788 | .output = "This document describes a compression method based on the LZO " | ||
7789 | "compression algorithm. This document defines the application of " | ||
7790 | "the LZO algorithm used in UBIFS.", | ||
7791 | }, { | ||
7792 | .inlen = 46, | ||
7793 | .outlen = 70, | ||
7794 | .input = { 0x00, 0x0d, 0x4a, 0x6f, 0x69, 0x6e, 0x20, 0x75, | ||
7795 | 0x73, 0x20, 0x6e, 0x6f, 0x77, 0x20, 0x61, 0x6e, | ||
7796 | 0x64, 0x20, 0x73, 0x68, 0x61, 0x72, 0x65, 0x20, | ||
7797 | 0x74, 0x68, 0x65, 0x20, 0x73, 0x6f, 0x66, 0x74, | ||
7798 | 0x77, 0x70, 0x01, 0x01, 0x4a, 0x6f, 0x69, 0x6e, | ||
7799 | 0x3d, 0x88, 0x00, 0x11, 0x00, 0x00 }, | ||
7800 | .output = "Join us now and share the software " | ||
7801 | "Join us now and share the software ", | ||
7802 | }, | ||
7803 | }; | ||
7804 | |||
7805 | /* | ||
4411 | * Michael MIC test vectors from IEEE 802.11i | 7806 | * Michael MIC test vectors from IEEE 802.11i |
4412 | */ | 7807 | */ |
4413 | #define MICHAEL_MIC_TEST_VECTORS 6 | 7808 | #define MICHAEL_MIC_TEST_VECTORS 6 |
@@ -4812,4 +8207,20 @@ static struct cipher_speed camellia_speed_template[] = { | |||
4812 | { .klen = 0, .blen = 0, } | 8207 | { .klen = 0, .blen = 0, } |
4813 | }; | 8208 | }; |
4814 | 8209 | ||
8210 | static struct cipher_speed salsa20_speed_template[] = { | ||
8211 | { .klen = 16, .blen = 16, }, | ||
8212 | { .klen = 16, .blen = 64, }, | ||
8213 | { .klen = 16, .blen = 256, }, | ||
8214 | { .klen = 16, .blen = 1024, }, | ||
8215 | { .klen = 16, .blen = 8192, }, | ||
8216 | { .klen = 32, .blen = 16, }, | ||
8217 | { .klen = 32, .blen = 64, }, | ||
8218 | { .klen = 32, .blen = 256, }, | ||
8219 | { .klen = 32, .blen = 1024, }, | ||
8220 | { .klen = 32, .blen = 8192, }, | ||
8221 | |||
8222 | /* End marker */ | ||
8223 | { .klen = 0, .blen = 0, } | ||
8224 | }; | ||
8225 | |||
4815 | #endif /* _CRYPTO_TCRYPT_H */ | 8226 | #endif /* _CRYPTO_TCRYPT_H */ |
diff --git a/crypto/twofish_common.c b/crypto/twofish_common.c index b4b9c0c3f4ae..0af216c75d7e 100644 --- a/crypto/twofish_common.c +++ b/crypto/twofish_common.c | |||
@@ -655,84 +655,48 @@ int twofish_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len) | |||
655 | CALC_SB256_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); | 655 | CALC_SB256_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); |
656 | } | 656 | } |
657 | 657 | ||
658 | /* Calculate whitening and round subkeys. The constants are | 658 | /* CALC_K256/CALC_K192/CALC_K loops were unrolled. |
659 | * indices of subkeys, preprocessed through q0 and q1. */ | 659 | * Unrolling produced x2.5 more code (+18k on i386), |
660 | CALC_K256 (w, 0, 0xA9, 0x75, 0x67, 0xF3); | 660 | * and speeded up key setup by 7%: |
661 | CALC_K256 (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); | 661 | * unrolled: twofish_setkey/sec: 41128 |
662 | CALC_K256 (w, 4, 0x04, 0xDB, 0xFD, 0x7B); | 662 | * loop: twofish_setkey/sec: 38148 |
663 | CALC_K256 (w, 6, 0xA3, 0xFB, 0x76, 0xC8); | 663 | * CALC_K256: ~100 insns each |
664 | CALC_K256 (k, 0, 0x9A, 0x4A, 0x92, 0xD3); | 664 | * CALC_K192: ~90 insns |
665 | CALC_K256 (k, 2, 0x80, 0xE6, 0x78, 0x6B); | 665 | * CALC_K: ~70 insns |
666 | CALC_K256 (k, 4, 0xE4, 0x45, 0xDD, 0x7D); | 666 | */ |
667 | CALC_K256 (k, 6, 0xD1, 0xE8, 0x38, 0x4B); | 667 | /* Calculate whitening and round subkeys */ |
668 | CALC_K256 (k, 8, 0x0D, 0xD6, 0xC6, 0x32); | 668 | for ( i = 0; i < 8; i += 2 ) { |
669 | CALC_K256 (k, 10, 0x35, 0xD8, 0x98, 0xFD); | 669 | CALC_K256 (w, i, q0[i], q1[i], q0[i+1], q1[i+1]); |
670 | CALC_K256 (k, 12, 0x18, 0x37, 0xF7, 0x71); | 670 | } |
671 | CALC_K256 (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); | 671 | for ( i = 0; i < 32; i += 2 ) { |
672 | CALC_K256 (k, 16, 0x43, 0x30, 0x75, 0x0F); | 672 | CALC_K256 (k, i, q0[i+8], q1[i+8], q0[i+9], q1[i+9]); |
673 | CALC_K256 (k, 18, 0x37, 0xF8, 0x26, 0x1B); | 673 | } |
674 | CALC_K256 (k, 20, 0xFA, 0x87, 0x13, 0xFA); | ||
675 | CALC_K256 (k, 22, 0x94, 0x06, 0x48, 0x3F); | ||
676 | CALC_K256 (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); | ||
677 | CALC_K256 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); | ||
678 | CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00); | ||
679 | CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); | ||
680 | } else if (key_len == 24) { /* 192-bit key */ | 674 | } else if (key_len == 24) { /* 192-bit key */ |
681 | /* Compute the S-boxes. */ | 675 | /* Compute the S-boxes. */ |
682 | for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { | 676 | for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { |
683 | CALC_SB192_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); | 677 | CALC_SB192_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); |
684 | } | 678 | } |
685 | 679 | ||
686 | /* Calculate whitening and round subkeys. The constants are | 680 | /* Calculate whitening and round subkeys */ |
687 | * indices of subkeys, preprocessed through q0 and q1. */ | 681 | for ( i = 0; i < 8; i += 2 ) { |
688 | CALC_K192 (w, 0, 0xA9, 0x75, 0x67, 0xF3); | 682 | CALC_K192 (w, i, q0[i], q1[i], q0[i+1], q1[i+1]); |
689 | CALC_K192 (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); | 683 | } |
690 | CALC_K192 (w, 4, 0x04, 0xDB, 0xFD, 0x7B); | 684 | for ( i = 0; i < 32; i += 2 ) { |
691 | CALC_K192 (w, 6, 0xA3, 0xFB, 0x76, 0xC8); | 685 | CALC_K192 (k, i, q0[i+8], q1[i+8], q0[i+9], q1[i+9]); |
692 | CALC_K192 (k, 0, 0x9A, 0x4A, 0x92, 0xD3); | 686 | } |
693 | CALC_K192 (k, 2, 0x80, 0xE6, 0x78, 0x6B); | ||
694 | CALC_K192 (k, 4, 0xE4, 0x45, 0xDD, 0x7D); | ||
695 | CALC_K192 (k, 6, 0xD1, 0xE8, 0x38, 0x4B); | ||
696 | CALC_K192 (k, 8, 0x0D, 0xD6, 0xC6, 0x32); | ||
697 | CALC_K192 (k, 10, 0x35, 0xD8, 0x98, 0xFD); | ||
698 | CALC_K192 (k, 12, 0x18, 0x37, 0xF7, 0x71); | ||
699 | CALC_K192 (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); | ||
700 | CALC_K192 (k, 16, 0x43, 0x30, 0x75, 0x0F); | ||
701 | CALC_K192 (k, 18, 0x37, 0xF8, 0x26, 0x1B); | ||
702 | CALC_K192 (k, 20, 0xFA, 0x87, 0x13, 0xFA); | ||
703 | CALC_K192 (k, 22, 0x94, 0x06, 0x48, 0x3F); | ||
704 | CALC_K192 (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); | ||
705 | CALC_K192 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); | ||
706 | CALC_K192 (k, 28, 0x84, 0x8A, 0x54, 0x00); | ||
707 | CALC_K192 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); | ||
708 | } else { /* 128-bit key */ | 687 | } else { /* 128-bit key */ |
709 | /* Compute the S-boxes. */ | 688 | /* Compute the S-boxes. */ |
710 | for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { | 689 | for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { |
711 | CALC_SB_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); | 690 | CALC_SB_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); |
712 | } | 691 | } |
713 | 692 | ||
714 | /* Calculate whitening and round subkeys. The constants are | 693 | /* Calculate whitening and round subkeys */ |
715 | * indices of subkeys, preprocessed through q0 and q1. */ | 694 | for ( i = 0; i < 8; i += 2 ) { |
716 | CALC_K (w, 0, 0xA9, 0x75, 0x67, 0xF3); | 695 | CALC_K (w, i, q0[i], q1[i], q0[i+1], q1[i+1]); |
717 | CALC_K (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); | 696 | } |
718 | CALC_K (w, 4, 0x04, 0xDB, 0xFD, 0x7B); | 697 | for ( i = 0; i < 32; i += 2 ) { |
719 | CALC_K (w, 6, 0xA3, 0xFB, 0x76, 0xC8); | 698 | CALC_K (k, i, q0[i+8], q1[i+8], q0[i+9], q1[i+9]); |
720 | CALC_K (k, 0, 0x9A, 0x4A, 0x92, 0xD3); | 699 | } |
721 | CALC_K (k, 2, 0x80, 0xE6, 0x78, 0x6B); | ||
722 | CALC_K (k, 4, 0xE4, 0x45, 0xDD, 0x7D); | ||
723 | CALC_K (k, 6, 0xD1, 0xE8, 0x38, 0x4B); | ||
724 | CALC_K (k, 8, 0x0D, 0xD6, 0xC6, 0x32); | ||
725 | CALC_K (k, 10, 0x35, 0xD8, 0x98, 0xFD); | ||
726 | CALC_K (k, 12, 0x18, 0x37, 0xF7, 0x71); | ||
727 | CALC_K (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); | ||
728 | CALC_K (k, 16, 0x43, 0x30, 0x75, 0x0F); | ||
729 | CALC_K (k, 18, 0x37, 0xF8, 0x26, 0x1B); | ||
730 | CALC_K (k, 20, 0xFA, 0x87, 0x13, 0xFA); | ||
731 | CALC_K (k, 22, 0x94, 0x06, 0x48, 0x3F); | ||
732 | CALC_K (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); | ||
733 | CALC_K (k, 26, 0x8B, 0xAE, 0x30, 0x5B); | ||
734 | CALC_K (k, 28, 0x84, 0x8A, 0x54, 0x00); | ||
735 | CALC_K (k, 30, 0xDF, 0xBC, 0x23, 0x9D); | ||
736 | } | 700 | } |
737 | 701 | ||
738 | return 0; | 702 | return 0; |
diff --git a/crypto/xcbc.c b/crypto/xcbc.c index ac68f3b62fde..a82959df678c 100644 --- a/crypto/xcbc.c +++ b/crypto/xcbc.c | |||
@@ -19,6 +19,7 @@ | |||
19 | * Kazunori Miyazawa <miyazawa@linux-ipv6.org> | 19 | * Kazunori Miyazawa <miyazawa@linux-ipv6.org> |
20 | */ | 20 | */ |
21 | 21 | ||
22 | #include <crypto/scatterwalk.h> | ||
22 | #include <linux/crypto.h> | 23 | #include <linux/crypto.h> |
23 | #include <linux/err.h> | 24 | #include <linux/err.h> |
24 | #include <linux/hardirq.h> | 25 | #include <linux/hardirq.h> |
@@ -27,7 +28,6 @@ | |||
27 | #include <linux/rtnetlink.h> | 28 | #include <linux/rtnetlink.h> |
28 | #include <linux/slab.h> | 29 | #include <linux/slab.h> |
29 | #include <linux/scatterlist.h> | 30 | #include <linux/scatterlist.h> |
30 | #include "internal.h" | ||
31 | 31 | ||
32 | static u_int32_t ks[12] = {0x01010101, 0x01010101, 0x01010101, 0x01010101, | 32 | static u_int32_t ks[12] = {0x01010101, 0x01010101, 0x01010101, 0x01010101, |
33 | 0x02020202, 0x02020202, 0x02020202, 0x02020202, | 33 | 0x02020202, 0x02020202, 0x02020202, 0x02020202, |
@@ -307,7 +307,8 @@ static struct crypto_instance *xcbc_alloc(struct rtattr **tb) | |||
307 | case 16: | 307 | case 16: |
308 | break; | 308 | break; |
309 | default: | 309 | default: |
310 | return ERR_PTR(PTR_ERR(alg)); | 310 | inst = ERR_PTR(-EINVAL); |
311 | goto out_put_alg; | ||
311 | } | 312 | } |
312 | 313 | ||
313 | inst = crypto_alloc_instance("xcbc", alg); | 314 | inst = crypto_alloc_instance("xcbc", alg); |
@@ -320,10 +321,7 @@ static struct crypto_instance *xcbc_alloc(struct rtattr **tb) | |||
320 | inst->alg.cra_alignmask = alg->cra_alignmask; | 321 | inst->alg.cra_alignmask = alg->cra_alignmask; |
321 | inst->alg.cra_type = &crypto_hash_type; | 322 | inst->alg.cra_type = &crypto_hash_type; |
322 | 323 | ||
323 | inst->alg.cra_hash.digestsize = | 324 | inst->alg.cra_hash.digestsize = alg->cra_blocksize; |
324 | (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == | ||
325 | CRYPTO_ALG_TYPE_HASH ? alg->cra_hash.digestsize : | ||
326 | alg->cra_blocksize; | ||
327 | inst->alg.cra_ctxsize = sizeof(struct crypto_xcbc_ctx) + | 325 | inst->alg.cra_ctxsize = sizeof(struct crypto_xcbc_ctx) + |
328 | ALIGN(inst->alg.cra_blocksize * 3, sizeof(void *)); | 326 | ALIGN(inst->alg.cra_blocksize * 3, sizeof(void *)); |
329 | inst->alg.cra_init = xcbc_init_tfm; | 327 | inst->alg.cra_init = xcbc_init_tfm; |