aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'crypto')
-rw-r--r--crypto/Kconfig14
-rw-r--r--crypto/Makefile1
-rw-r--r--crypto/ablkcipher.c4
-rw-r--r--crypto/aead.c4
-rw-r--r--crypto/aes_generic.c4
-rw-r--r--crypto/ahash.c1
-rw-r--r--crypto/algapi.c4
-rw-r--r--crypto/anubis.c22
-rw-r--r--crypto/api.c13
-rw-r--r--crypto/authenc.c37
-rw-r--r--crypto/blowfish.c18
-rw-r--r--crypto/camellia.c616
-rw-r--r--crypto/cast5.c14
-rw-r--r--crypto/cast6.c122
-rw-r--r--crypto/cipher.c2
-rw-r--r--crypto/compress.c4
-rw-r--r--crypto/crc32c.c6
-rw-r--r--crypto/cryptd.c2
-rw-r--r--crypto/crypto_null.c8
-rw-r--r--crypto/deflate.c20
-rw-r--r--crypto/des_generic.c3
-rw-r--r--crypto/ecb.c2
-rw-r--r--crypto/fcrypt.c6
-rw-r--r--crypto/gcm.c287
-rw-r--r--crypto/md5.c41
-rw-r--r--crypto/pcrypt.c445
-rw-r--r--crypto/testmgr.c84
27 files changed, 1311 insertions, 473 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 81c185a6971f..403857ad06d4 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -114,6 +114,16 @@ config CRYPTO_NULL
114 help 114 help
115 These are 'Null' algorithms, used by IPsec, which do nothing. 115 These are 'Null' algorithms, used by IPsec, which do nothing.
116 116
117config CRYPTO_PCRYPT
118 tristate "Parallel crypto engine (EXPERIMENTAL)"
119 depends on SMP && EXPERIMENTAL
120 select PADATA
121 select CRYPTO_MANAGER
122 select CRYPTO_AEAD
123 help
124 This converts an arbitrary crypto algorithm into a parallel
125 algorithm that executes in kernel threads.
126
117config CRYPTO_WORKQUEUE 127config CRYPTO_WORKQUEUE
118 tristate 128 tristate
119 129
@@ -816,8 +826,8 @@ config CRYPTO_ANSI_CPRNG
816 help 826 help
817 This option enables the generic pseudo random number generator 827 This option enables the generic pseudo random number generator
818 for cryptographic modules. Uses the Algorithm specified in 828 for cryptographic modules. Uses the Algorithm specified in
819 ANSI X9.31 A.2.4. Not this option must be enabled if CRYPTO_FIPS 829 ANSI X9.31 A.2.4. Note that this option must be enabled if
820 is selected 830 CRYPTO_FIPS is selected
821 831
822source "drivers/crypto/Kconfig" 832source "drivers/crypto/Kconfig"
823 833
diff --git a/crypto/Makefile b/crypto/Makefile
index 9e8f61908cb5..d7e6441df7fe 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -56,6 +56,7 @@ obj-$(CONFIG_CRYPTO_XTS) += xts.o
56obj-$(CONFIG_CRYPTO_CTR) += ctr.o 56obj-$(CONFIG_CRYPTO_CTR) += ctr.o
57obj-$(CONFIG_CRYPTO_GCM) += gcm.o 57obj-$(CONFIG_CRYPTO_GCM) += gcm.o
58obj-$(CONFIG_CRYPTO_CCM) += ccm.o 58obj-$(CONFIG_CRYPTO_CCM) += ccm.o
59obj-$(CONFIG_CRYPTO_PCRYPT) += pcrypt.o
59obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o 60obj-$(CONFIG_CRYPTO_CRYPTD) += cryptd.o
60obj-$(CONFIG_CRYPTO_DES) += des_generic.o 61obj-$(CONFIG_CRYPTO_DES) += des_generic.o
61obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o 62obj-$(CONFIG_CRYPTO_FCRYPT) += fcrypt.o
diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c
index f6f08336df5d..fe980dae1727 100644
--- a/crypto/ablkcipher.c
+++ b/crypto/ablkcipher.c
@@ -1,6 +1,6 @@
1/* 1/*
2 * Asynchronous block chaining cipher operations. 2 * Asynchronous block chaining cipher operations.
3 * 3 *
4 * This is the asynchronous version of blkcipher.c indicating completion 4 * This is the asynchronous version of blkcipher.c indicating completion
5 * via a callback. 5 * via a callback.
6 * 6 *
@@ -8,7 +8,7 @@
8 * 8 *
9 * This program is free software; you can redistribute it and/or modify it 9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the Free 10 * under the terms of the GNU General Public License as published by the Free
11 * Software Foundation; either version 2 of the License, or (at your option) 11 * Software Foundation; either version 2 of the License, or (at your option)
12 * any later version. 12 * any later version.
13 * 13 *
14 */ 14 */
diff --git a/crypto/aead.c b/crypto/aead.c
index 0a55da70845e..6729e8ff68e7 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -1,13 +1,13 @@
1/* 1/*
2 * AEAD: Authenticated Encryption with Associated Data 2 * AEAD: Authenticated Encryption with Associated Data
3 * 3 *
4 * This file provides API support for AEAD algorithms. 4 * This file provides API support for AEAD algorithms.
5 * 5 *
6 * Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au> 6 * Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au>
7 * 7 *
8 * This program is free software; you can redistribute it and/or modify it 8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the Free 9 * under the terms of the GNU General Public License as published by the Free
10 * Software Foundation; either version 2 of the License, or (at your option) 10 * Software Foundation; either version 2 of the License, or (at your option)
11 * any later version. 11 * any later version.
12 * 12 *
13 */ 13 */
diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c
index e78b7ee44a74..a68c73dae15a 100644
--- a/crypto/aes_generic.c
+++ b/crypto/aes_generic.c
@@ -1,4 +1,4 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * AES Cipher Algorithm. 4 * AES Cipher Algorithm.
@@ -1127,7 +1127,7 @@ EXPORT_SYMBOL_GPL(crypto_il_tab);
1127 1127
1128#define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b) 1128#define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b)
1129 1129
1130#define imix_col(y,x) do { \ 1130#define imix_col(y, x) do { \
1131 u = star_x(x); \ 1131 u = star_x(x); \
1132 v = star_x(u); \ 1132 v = star_x(u); \
1133 w = star_x(v); \ 1133 w = star_x(v); \
diff --git a/crypto/ahash.c b/crypto/ahash.c
index 33a4ff45f842..b8c59b889c6e 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -78,7 +78,6 @@ int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err)
78 walk->data -= walk->offset; 78 walk->data -= walk->offset;
79 79
80 if (nbytes && walk->offset & alignmask && !err) { 80 if (nbytes && walk->offset & alignmask && !err) {
81 walk->offset += alignmask - 1;
82 walk->offset = ALIGN(walk->offset, alignmask + 1); 81 walk->offset = ALIGN(walk->offset, alignmask + 1);
83 walk->data += walk->offset; 82 walk->data += walk->offset;
84 83
diff --git a/crypto/algapi.c b/crypto/algapi.c
index f149b1c8b76d..3e4524e6139b 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -230,7 +230,7 @@ static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg)
230 list_add(&alg->cra_list, &crypto_alg_list); 230 list_add(&alg->cra_list, &crypto_alg_list);
231 list_add(&larval->alg.cra_list, &crypto_alg_list); 231 list_add(&larval->alg.cra_list, &crypto_alg_list);
232 232
233out: 233out:
234 return larval; 234 return larval;
235 235
236free_larval: 236free_larval:
@@ -388,7 +388,7 @@ int crypto_unregister_alg(struct crypto_alg *alg)
388{ 388{
389 int ret; 389 int ret;
390 LIST_HEAD(list); 390 LIST_HEAD(list);
391 391
392 down_write(&crypto_alg_sem); 392 down_write(&crypto_alg_sem);
393 ret = crypto_remove_alg(alg, &list); 393 ret = crypto_remove_alg(alg, &list);
394 up_write(&crypto_alg_sem); 394 up_write(&crypto_alg_sem);
diff --git a/crypto/anubis.c b/crypto/anubis.c
index e42c3a8ba4aa..77530d571c96 100644
--- a/crypto/anubis.c
+++ b/crypto/anubis.c
@@ -469,14 +469,13 @@ static int anubis_setkey(struct crypto_tfm *tfm, const u8 *in_key,
469 u32 kappa[ANUBIS_MAX_N]; 469 u32 kappa[ANUBIS_MAX_N];
470 u32 inter[ANUBIS_MAX_N]; 470 u32 inter[ANUBIS_MAX_N];
471 471
472 switch (key_len) 472 switch (key_len) {
473 {
474 case 16: case 20: case 24: case 28: 473 case 16: case 20: case 24: case 28:
475 case 32: case 36: case 40: 474 case 32: case 36: case 40:
476 break; 475 break;
477 default: 476 default:
478 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; 477 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
479 return - EINVAL; 478 return -EINVAL;
480 } 479 }
481 480
482 ctx->key_len = key_len * 8; 481 ctx->key_len = key_len * 8;
@@ -530,23 +529,24 @@ static int anubis_setkey(struct crypto_tfm *tfm, const u8 *in_key,
530 /* 529 /*
531 * compute kappa^{r+1} from kappa^r: 530 * compute kappa^{r+1} from kappa^r:
532 */ 531 */
533 if (r == R) { 532 if (r == R)
534 break; 533 break;
535 }
536 for (i = 0; i < N; i++) { 534 for (i = 0; i < N; i++) {
537 int j = i; 535 int j = i;
538 inter[i] = T0[(kappa[j--] >> 24) ]; 536 inter[i] = T0[(kappa[j--] >> 24) ];
539 if (j < 0) j = N - 1; 537 if (j < 0)
538 j = N - 1;
540 inter[i] ^= T1[(kappa[j--] >> 16) & 0xff]; 539 inter[i] ^= T1[(kappa[j--] >> 16) & 0xff];
541 if (j < 0) j = N - 1; 540 if (j < 0)
541 j = N - 1;
542 inter[i] ^= T2[(kappa[j--] >> 8) & 0xff]; 542 inter[i] ^= T2[(kappa[j--] >> 8) & 0xff];
543 if (j < 0) j = N - 1; 543 if (j < 0)
544 j = N - 1;
544 inter[i] ^= T3[(kappa[j ] ) & 0xff]; 545 inter[i] ^= T3[(kappa[j ] ) & 0xff];
545 } 546 }
546 kappa[0] = inter[0] ^ rc[r]; 547 kappa[0] = inter[0] ^ rc[r];
547 for (i = 1; i < N; i++) { 548 for (i = 1; i < N; i++)
548 kappa[i] = inter[i]; 549 kappa[i] = inter[i];
549 }
550 } 550 }
551 551
552 /* 552 /*
@@ -690,7 +690,7 @@ static struct crypto_alg anubis_alg = {
690static int __init anubis_mod_init(void) 690static int __init anubis_mod_init(void)
691{ 691{
692 int ret = 0; 692 int ret = 0;
693 693
694 ret = crypto_register_alg(&anubis_alg); 694 ret = crypto_register_alg(&anubis_alg);
695 return ret; 695 return ret;
696} 696}
diff --git a/crypto/api.c b/crypto/api.c
index 798526d90538..033a7147e5eb 100644
--- a/crypto/api.c
+++ b/crypto/api.c
@@ -10,7 +10,7 @@
10 * 10 *
11 * This program is free software; you can redistribute it and/or modify it 11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the Free 12 * under the terms of the GNU General Public License as published by the Free
13 * Software Foundation; either version 2 of the License, or (at your option) 13 * Software Foundation; either version 2 of the License, or (at your option)
14 * any later version. 14 * any later version.
15 * 15 *
16 */ 16 */
@@ -288,11 +288,11 @@ static int crypto_init_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
288 288
289 case CRYPTO_ALG_TYPE_COMPRESS: 289 case CRYPTO_ALG_TYPE_COMPRESS:
290 return crypto_init_compress_ops(tfm); 290 return crypto_init_compress_ops(tfm);
291 291
292 default: 292 default:
293 break; 293 break;
294 } 294 }
295 295
296 BUG(); 296 BUG();
297 return -EINVAL; 297 return -EINVAL;
298} 298}
@@ -315,10 +315,9 @@ static void crypto_exit_ops(struct crypto_tfm *tfm)
315 case CRYPTO_ALG_TYPE_COMPRESS: 315 case CRYPTO_ALG_TYPE_COMPRESS:
316 crypto_exit_compress_ops(tfm); 316 crypto_exit_compress_ops(tfm);
317 break; 317 break;
318 318
319 default: 319 default:
320 BUG(); 320 BUG();
321
322 } 321 }
323} 322}
324 323
@@ -593,12 +592,12 @@ int crypto_has_alg(const char *name, u32 type, u32 mask)
593{ 592{
594 int ret = 0; 593 int ret = 0;
595 struct crypto_alg *alg = crypto_alg_mod_lookup(name, type, mask); 594 struct crypto_alg *alg = crypto_alg_mod_lookup(name, type, mask);
596 595
597 if (!IS_ERR(alg)) { 596 if (!IS_ERR(alg)) {
598 crypto_mod_put(alg); 597 crypto_mod_put(alg);
599 ret = 1; 598 ret = 1;
600 } 599 }
601 600
602 return ret; 601 return ret;
603} 602}
604EXPORT_SYMBOL_GPL(crypto_has_alg); 603EXPORT_SYMBOL_GPL(crypto_has_alg);
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 4d6f49a5daeb..2bb7348d8d55 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -194,7 +194,7 @@ static void authenc_verify_ahash_update_done(struct crypto_async_request *areq,
194 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, 194 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen,
195 authsize, 0); 195 authsize, 0);
196 196
197 err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG: 0; 197 err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG : 0;
198 if (err) 198 if (err)
199 goto out; 199 goto out;
200 200
@@ -231,7 +231,7 @@ static void authenc_verify_ahash_done(struct crypto_async_request *areq,
231 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, 231 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen,
232 authsize, 0); 232 authsize, 0);
233 233
234 err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG: 0; 234 err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG : 0;
235 if (err) 235 if (err)
236 goto out; 236 goto out;
237 237
@@ -386,11 +386,13 @@ static int crypto_authenc_encrypt(struct aead_request *req)
386{ 386{
387 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 387 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
388 struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); 388 struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
389 struct ablkcipher_request *abreq = aead_request_ctx(req); 389 struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
390 struct crypto_ablkcipher *enc = ctx->enc; 390 struct crypto_ablkcipher *enc = ctx->enc;
391 struct scatterlist *dst = req->dst; 391 struct scatterlist *dst = req->dst;
392 unsigned int cryptlen = req->cryptlen; 392 unsigned int cryptlen = req->cryptlen;
393 u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc); 393 struct ablkcipher_request *abreq = (void *)(areq_ctx->tail
394 + ctx->reqoff);
395 u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(enc);
394 int err; 396 int err;
395 397
396 ablkcipher_request_set_tfm(abreq, enc); 398 ablkcipher_request_set_tfm(abreq, enc);
@@ -454,7 +456,7 @@ static int crypto_authenc_verify(struct aead_request *req,
454 unsigned int authsize; 456 unsigned int authsize;
455 457
456 areq_ctx->complete = authenc_verify_ahash_done; 458 areq_ctx->complete = authenc_verify_ahash_done;
457 areq_ctx->complete = authenc_verify_ahash_update_done; 459 areq_ctx->update_complete = authenc_verify_ahash_update_done;
458 460
459 ohash = authenc_ahash_fn(req, CRYPTO_TFM_REQ_MAY_SLEEP); 461 ohash = authenc_ahash_fn(req, CRYPTO_TFM_REQ_MAY_SLEEP);
460 if (IS_ERR(ohash)) 462 if (IS_ERR(ohash))
@@ -464,7 +466,7 @@ static int crypto_authenc_verify(struct aead_request *req,
464 ihash = ohash + authsize; 466 ihash = ohash + authsize;
465 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, 467 scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen,
466 authsize, 0); 468 authsize, 0);
467 return memcmp(ihash, ohash, authsize) ? -EBADMSG: 0; 469 return memcmp(ihash, ohash, authsize) ? -EBADMSG : 0;
468} 470}
469 471
470static int crypto_authenc_iverify(struct aead_request *req, u8 *iv, 472static int crypto_authenc_iverify(struct aead_request *req, u8 *iv,
@@ -546,10 +548,6 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
546 if (IS_ERR(auth)) 548 if (IS_ERR(auth))
547 return PTR_ERR(auth); 549 return PTR_ERR(auth);
548 550
549 ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
550 crypto_ahash_alignmask(auth),
551 crypto_ahash_alignmask(auth) + 1);
552
553 enc = crypto_spawn_skcipher(&ictx->enc); 551 enc = crypto_spawn_skcipher(&ictx->enc);
554 err = PTR_ERR(enc); 552 err = PTR_ERR(enc);
555 if (IS_ERR(enc)) 553 if (IS_ERR(enc))
@@ -557,14 +555,19 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
557 555
558 ctx->auth = auth; 556 ctx->auth = auth;
559 ctx->enc = enc; 557 ctx->enc = enc;
560 558
561 tfm->crt_aead.reqsize = max_t(unsigned int, 559 ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
562 crypto_ahash_reqsize(auth) + ctx->reqoff + 560 crypto_ahash_alignmask(auth),
563 sizeof(struct authenc_request_ctx) + 561 crypto_ahash_alignmask(auth) + 1) +
564 sizeof(struct ahash_request), 562 crypto_ablkcipher_ivsize(enc);
563
564 tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
565 ctx->reqoff +
566 max_t(unsigned int,
567 crypto_ahash_reqsize(auth) +
568 sizeof(struct ahash_request),
565 sizeof(struct skcipher_givcrypt_request) + 569 sizeof(struct skcipher_givcrypt_request) +
566 crypto_ablkcipher_reqsize(enc) + 570 crypto_ablkcipher_reqsize(enc));
567 crypto_ablkcipher_ivsize(enc));
568 571
569 return 0; 572 return 0;
570 573
diff --git a/crypto/blowfish.c b/crypto/blowfish.c
index 6f5b48731922..a67d52ee0580 100644
--- a/crypto/blowfish.c
+++ b/crypto/blowfish.c
@@ -1,4 +1,4 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * Blowfish Cipher Algorithm, by Bruce Schneier. 4 * Blowfish Cipher Algorithm, by Bruce Schneier.
@@ -299,7 +299,7 @@ static const u32 bf_sbox[256 * 4] = {
299 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6, 299 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6,
300}; 300};
301 301
302/* 302/*
303 * Round loop unrolling macros, S is a pointer to a S-Box array 303 * Round loop unrolling macros, S is a pointer to a S-Box array
304 * organized in 4 unsigned longs at a row. 304 * organized in 4 unsigned longs at a row.
305 */ 305 */
@@ -315,7 +315,7 @@ static const u32 bf_sbox[256 * 4] = {
315 315
316/* 316/*
317 * The blowfish encipher, processes 64-bit blocks. 317 * The blowfish encipher, processes 64-bit blocks.
318 * NOTE: This function MUSTN'T respect endianess 318 * NOTE: This function MUSTN'T respect endianess
319 */ 319 */
320static void encrypt_block(struct bf_ctx *bctx, u32 *dst, u32 *src) 320static void encrypt_block(struct bf_ctx *bctx, u32 *dst, u32 *src)
321{ 321{
@@ -395,7 +395,7 @@ static void bf_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
395 out_blk[1] = cpu_to_be32(yl); 395 out_blk[1] = cpu_to_be32(yl);
396} 396}
397 397
398/* 398/*
399 * Calculates the blowfish S and P boxes for encryption and decryption. 399 * Calculates the blowfish S and P boxes for encryption and decryption.
400 */ 400 */
401static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) 401static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
@@ -417,10 +417,10 @@ static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
417 417
418 /* Actual subkey generation */ 418 /* Actual subkey generation */
419 for (j = 0, i = 0; i < 16 + 2; i++) { 419 for (j = 0, i = 0; i < 16 + 2; i++) {
420 temp = (((u32 )key[j] << 24) | 420 temp = (((u32)key[j] << 24) |
421 ((u32 )key[(j + 1) % keylen] << 16) | 421 ((u32)key[(j + 1) % keylen] << 16) |
422 ((u32 )key[(j + 2) % keylen] << 8) | 422 ((u32)key[(j + 2) % keylen] << 8) |
423 ((u32 )key[(j + 3) % keylen])); 423 ((u32)key[(j + 3) % keylen]));
424 424
425 P[i] = P[i] ^ temp; 425 P[i] = P[i] ^ temp;
426 j = (j + 4) % keylen; 426 j = (j + 4) % keylen;
@@ -444,7 +444,7 @@ static int bf_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
444 S[count + 1] = data[1]; 444 S[count + 1] = data[1];
445 } 445 }
446 } 446 }
447 447
448 /* Bruce says not to bother with the weak key check. */ 448 /* Bruce says not to bother with the weak key check. */
449 return 0; 449 return 0;
450} 450}
diff --git a/crypto/camellia.c b/crypto/camellia.c
index 964635d163f4..64cff46ea5e4 100644
--- a/crypto/camellia.c
+++ b/crypto/camellia.c
@@ -39,271 +39,271 @@
39#include <asm/unaligned.h> 39#include <asm/unaligned.h>
40 40
41static const u32 camellia_sp1110[256] = { 41static const u32 camellia_sp1110[256] = {
42 0x70707000,0x82828200,0x2c2c2c00,0xececec00, 42 0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00,
43 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, 43 0xb3b3b300, 0x27272700, 0xc0c0c000, 0xe5e5e500,
44 0xe4e4e400,0x85858500,0x57575700,0x35353500, 44 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
45 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100, 45 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100,
46 0x23232300,0xefefef00,0x6b6b6b00,0x93939300, 46 0x23232300, 0xefefef00, 0x6b6b6b00, 0x93939300,
47 0x45454500,0x19191900,0xa5a5a500,0x21212100, 47 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
48 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00, 48 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00,
49 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00, 49 0x1d1d1d00, 0x65656500, 0x92929200, 0xbdbdbd00,
50 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00, 50 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
51 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00, 51 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00,
52 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00, 52 0x3e3e3e00, 0x30303000, 0xdcdcdc00, 0x5f5f5f00,
53 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00, 53 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
54 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00, 54 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00,
55 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00, 55 0xd5d5d500, 0x47474700, 0x5d5d5d00, 0x3d3d3d00,
56 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600, 56 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
57 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00, 57 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00,
58 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600, 58 0x8b8b8b00, 0x0d0d0d00, 0x9a9a9a00, 0x66666600,
59 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00, 59 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
60 0x74747400,0x12121200,0x2b2b2b00,0x20202000, 60 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000,
61 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900, 61 0xf0f0f000, 0xb1b1b100, 0x84848400, 0x99999900,
62 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200, 62 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
63 0x34343400,0x7e7e7e00,0x76767600,0x05050500, 63 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500,
64 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100, 64 0x6d6d6d00, 0xb7b7b700, 0xa9a9a900, 0x31313100,
65 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700, 65 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
66 0x14141400,0x58585800,0x3a3a3a00,0x61616100, 66 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100,
67 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00, 67 0xdedede00, 0x1b1b1b00, 0x11111100, 0x1c1c1c00,
68 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600, 68 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
69 0x53535300,0x18181800,0xf2f2f200,0x22222200, 69 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200,
70 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200, 70 0xfefefe00, 0x44444400, 0xcfcfcf00, 0xb2b2b200,
71 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100, 71 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
72 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800, 72 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800,
73 0x60606000,0xfcfcfc00,0x69696900,0x50505000, 73 0x60606000, 0xfcfcfc00, 0x69696900, 0x50505000,
74 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00, 74 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
75 0xa1a1a100,0x89898900,0x62626200,0x97979700, 75 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700,
76 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500, 76 0x54545400, 0x5b5b5b00, 0x1e1e1e00, 0x95959500,
77 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200, 77 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
78 0x10101000,0xc4c4c400,0x00000000,0x48484800, 78 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800,
79 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00, 79 0xa3a3a300, 0xf7f7f700, 0x75757500, 0xdbdbdb00,
80 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00, 80 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
81 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400, 81 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400,
82 0x87878700,0x5c5c5c00,0x83838300,0x02020200, 82 0x87878700, 0x5c5c5c00, 0x83838300, 0x02020200,
83 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300, 83 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
84 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300, 84 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300,
85 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200, 85 0x9d9d9d00, 0x7f7f7f00, 0xbfbfbf00, 0xe2e2e200,
86 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600, 86 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
87 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00, 87 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00,
88 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00, 88 0x81818100, 0x96969600, 0x6f6f6f00, 0x4b4b4b00,
89 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00, 89 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
90 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00, 90 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00,
91 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00, 91 0x9f9f9f00, 0x6e6e6e00, 0xbcbcbc00, 0x8e8e8e00,
92 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600, 92 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
93 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900, 93 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900,
94 0x78787800,0x98989800,0x06060600,0x6a6a6a00, 94 0x78787800, 0x98989800, 0x06060600, 0x6a6a6a00,
95 0xe7e7e700,0x46464600,0x71717100,0xbababa00, 95 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
96 0xd4d4d400,0x25252500,0xababab00,0x42424200, 96 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200,
97 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00, 97 0x88888800, 0xa2a2a200, 0x8d8d8d00, 0xfafafa00,
98 0x72727200,0x07070700,0xb9b9b900,0x55555500, 98 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
99 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00, 99 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00,
100 0x36363600,0x49494900,0x2a2a2a00,0x68686800, 100 0x36363600, 0x49494900, 0x2a2a2a00, 0x68686800,
101 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400, 101 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
102 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00, 102 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00,
103 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100, 103 0xbbbbbb00, 0xc9c9c900, 0x43434300, 0xc1c1c100,
104 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400, 104 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
105 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00, 105 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00,
106}; 106};
107 107
108static const u32 camellia_sp0222[256] = { 108static const u32 camellia_sp0222[256] = {
109 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9, 109 0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9,
110 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb, 110 0x00676767, 0x004e4e4e, 0x00818181, 0x00cbcbcb,
111 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a, 111 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
112 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282, 112 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282,
113 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727, 113 0x00464646, 0x00dfdfdf, 0x00d6d6d6, 0x00272727,
114 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242, 114 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
115 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c, 115 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c,
116 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b, 116 0x003a3a3a, 0x00cacaca, 0x00252525, 0x007b7b7b,
117 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f, 117 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
118 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d, 118 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d,
119 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe, 119 0x007c7c7c, 0x00606060, 0x00b9b9b9, 0x00bebebe,
120 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434, 120 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
121 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595, 121 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595,
122 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a, 122 0x00ababab, 0x008e8e8e, 0x00bababa, 0x007a7a7a,
123 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad, 123 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
124 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a, 124 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a,
125 0x00171717,0x001a1a1a,0x00353535,0x00cccccc, 125 0x00171717, 0x001a1a1a, 0x00353535, 0x00cccccc,
126 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a, 126 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
127 0x00e8e8e8,0x00242424,0x00565656,0x00404040, 127 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040,
128 0x00e1e1e1,0x00636363,0x00090909,0x00333333, 128 0x00e1e1e1, 0x00636363, 0x00090909, 0x00333333,
129 0x00bfbfbf,0x00989898,0x00979797,0x00858585, 129 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
130 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a, 130 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a,
131 0x00dadada,0x006f6f6f,0x00535353,0x00626262, 131 0x00dadada, 0x006f6f6f, 0x00535353, 0x00626262,
132 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf, 132 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
133 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2, 133 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2,
134 0x00bdbdbd,0x00363636,0x00222222,0x00383838, 134 0x00bdbdbd, 0x00363636, 0x00222222, 0x00383838,
135 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c, 135 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
136 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444, 136 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444,
137 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565, 137 0x00fdfdfd, 0x00888888, 0x009f9f9f, 0x00656565,
138 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323, 138 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
139 0x00484848,0x00101010,0x00d1d1d1,0x00515151, 139 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151,
140 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0, 140 0x00c0c0c0, 0x00f9f9f9, 0x00d2d2d2, 0x00a0a0a0,
141 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa, 141 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
142 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f, 142 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f,
143 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b, 143 0x00a8a8a8, 0x00b6b6b6, 0x003c3c3c, 0x002b2b2b,
144 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5, 144 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
145 0x00202020,0x00898989,0x00000000,0x00909090, 145 0x00202020, 0x00898989, 0x00000000, 0x00909090,
146 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7, 146 0x00474747, 0x00efefef, 0x00eaeaea, 0x00b7b7b7,
147 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5, 147 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
148 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929, 148 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929,
149 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404, 149 0x000f0f0f, 0x00b8b8b8, 0x00070707, 0x00040404,
150 0x009b9b9b,0x00949494,0x00212121,0x00666666, 150 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
151 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7, 151 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7,
152 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5, 152 0x003b3b3b, 0x00fefefe, 0x007f7f7f, 0x00c5c5c5,
153 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c, 153 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
154 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676, 154 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676,
155 0x00030303,0x002d2d2d,0x00dedede,0x00969696, 155 0x00030303, 0x002d2d2d, 0x00dedede, 0x00969696,
156 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c, 156 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
157 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919, 157 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919,
158 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d, 158 0x003f3f3f, 0x00dcdcdc, 0x00797979, 0x001d1d1d,
159 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d, 159 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
160 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2, 160 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2,
161 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4, 161 0x00f0f0f0, 0x00313131, 0x000c0c0c, 0x00d4d4d4,
162 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575, 162 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
163 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484, 163 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484,
164 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5, 164 0x00111111, 0x00454545, 0x001b1b1b, 0x00f5f5f5,
165 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa, 165 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
166 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414, 166 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414,
167 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0, 167 0x006c6c6c, 0x00929292, 0x00545454, 0x00d0d0d0,
168 0x00787878,0x00707070,0x00e3e3e3,0x00494949, 168 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
169 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6, 169 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6,
170 0x00777777,0x00939393,0x00868686,0x00838383, 170 0x00777777, 0x00939393, 0x00868686, 0x00838383,
171 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9, 171 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
172 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d, 172 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d,
173}; 173};
174 174
175static const u32 camellia_sp3033[256] = { 175static const u32 camellia_sp3033[256] = {
176 0x38003838,0x41004141,0x16001616,0x76007676, 176 0x38003838, 0x41004141, 0x16001616, 0x76007676,
177 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2, 177 0xd900d9d9, 0x93009393, 0x60006060, 0xf200f2f2,
178 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a, 178 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
179 0x75007575,0x06000606,0x57005757,0xa000a0a0, 179 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0,
180 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9, 180 0x91009191, 0xf700f7f7, 0xb500b5b5, 0xc900c9c9,
181 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090, 181 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
182 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727, 182 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727,
183 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede, 183 0x8e008e8e, 0xb200b2b2, 0x49004949, 0xde00dede,
184 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7, 184 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
185 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767, 185 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767,
186 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf, 186 0x1f001f1f, 0x18001818, 0x6e006e6e, 0xaf00afaf,
187 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d, 187 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
188 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565, 188 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565,
189 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e, 189 0xea00eaea, 0xa300a3a3, 0xae00aeae, 0x9e009e9e,
190 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b, 190 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
191 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6, 191 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6,
192 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333, 192 0xc500c5c5, 0x86008686, 0x4d004d4d, 0x33003333,
193 0xfd00fdfd,0x66006666,0x58005858,0x96009696, 193 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
194 0x3a003a3a,0x09000909,0x95009595,0x10001010, 194 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010,
195 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc, 195 0x78007878, 0xd800d8d8, 0x42004242, 0xcc00cccc,
196 0xef00efef,0x26002626,0xe500e5e5,0x61006161, 196 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
197 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282, 197 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282,
198 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898, 198 0xb600b6b6, 0xdb00dbdb, 0xd400d4d4, 0x98009898,
199 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb, 199 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
200 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0, 200 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0,
201 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e, 201 0x6f006f6f, 0x8d008d8d, 0x88008888, 0x0e000e0e,
202 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b, 202 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
203 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111, 203 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111,
204 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959, 204 0x7f007f7f, 0x22002222, 0xe700e7e7, 0x59005959,
205 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8, 205 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
206 0x12001212,0x04000404,0x74007474,0x54005454, 206 0x12001212, 0x04000404, 0x74007474, 0x54005454,
207 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828, 207 0x30003030, 0x7e007e7e, 0xb400b4b4, 0x28002828,
208 0x55005555,0x68006868,0x50005050,0xbe00bebe, 208 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
209 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb, 209 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb,
210 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca, 210 0x2a002a2a, 0xad00adad, 0x0f000f0f, 0xca00caca,
211 0x70007070,0xff00ffff,0x32003232,0x69006969, 211 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
212 0x08000808,0x62006262,0x00000000,0x24002424, 212 0x08000808, 0x62006262, 0x00000000, 0x24002424,
213 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded, 213 0xd100d1d1, 0xfb00fbfb, 0xba00baba, 0xed00eded,
214 0x45004545,0x81008181,0x73007373,0x6d006d6d, 214 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
215 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a, 215 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a,
216 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101, 216 0xc300c3c3, 0x2e002e2e, 0xc100c1c1, 0x01000101,
217 0xe600e6e6,0x25002525,0x48004848,0x99009999, 217 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
218 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9, 218 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9,
219 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171, 219 0xce00cece, 0xbf00bfbf, 0xdf00dfdf, 0x71007171,
220 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313, 220 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
221 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d, 221 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d,
222 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5, 222 0xc000c0c0, 0x4b004b4b, 0xb700b7b7, 0xa500a5a5,
223 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717, 223 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
224 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646, 224 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646,
225 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747, 225 0xcf00cfcf, 0x37003737, 0x5e005e5e, 0x47004747,
226 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b, 226 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
227 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac, 227 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac,
228 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535, 228 0x3c003c3c, 0x4c004c4c, 0x03000303, 0x35003535,
229 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d, 229 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
230 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121, 230 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121,
231 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d, 231 0x44004444, 0x51005151, 0xc600c6c6, 0x7d007d7d,
232 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa, 232 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
233 0x7c007c7c,0x77007777,0x56005656,0x05000505, 233 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505,
234 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434, 234 0x1b001b1b, 0xa400a4a4, 0x15001515, 0x34003434,
235 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252, 235 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
236 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd, 236 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd,
237 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0, 237 0xdd00dddd, 0xe400e4e4, 0xa100a1a1, 0xe000e0e0,
238 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a, 238 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
239 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f, 239 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f,
240}; 240};
241 241
242static const u32 camellia_sp4404[256] = { 242static const u32 camellia_sp4404[256] = {
243 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0, 243 0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0,
244 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae, 244 0xe4e400e4, 0x57570057, 0xeaea00ea, 0xaeae00ae,
245 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5, 245 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
246 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092, 246 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092,
247 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f, 247 0x86860086, 0xafaf00af, 0x7c7c007c, 0x1f1f001f,
248 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b, 248 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
249 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d, 249 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d,
250 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c, 250 0xd9d900d9, 0x5a5a005a, 0x51510051, 0x6c6c006c,
251 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0, 251 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
252 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084, 252 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084,
253 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076, 253 0xdfdf00df, 0xcbcb00cb, 0x34340034, 0x76760076,
254 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004, 254 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
255 0x14140014,0x3a3a003a,0xdede00de,0x11110011, 255 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011,
256 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2, 256 0x32320032, 0x9c9c009c, 0x53530053, 0xf2f200f2,
257 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a, 257 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
258 0x24240024,0xe8e800e8,0x60600060,0x69690069, 258 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069,
259 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062, 259 0xaaaa00aa, 0xa0a000a0, 0xa1a100a1, 0x62620062,
260 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064, 260 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
261 0x10100010,0x00000000,0xa3a300a3,0x75750075, 261 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075,
262 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd, 262 0x8a8a008a, 0xe6e600e6, 0x09090009, 0xdddd00dd,
263 0x87870087,0x83830083,0xcdcd00cd,0x90900090, 263 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
264 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf, 264 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf,
265 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6, 265 0x52520052, 0xd8d800d8, 0xc8c800c8, 0xc6c600c6,
266 0x81810081,0x6f6f006f,0x13130013,0x63630063, 266 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
267 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc, 267 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc,
268 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4, 268 0x29290029, 0xf9f900f9, 0x2f2f002f, 0xb4b400b4,
269 0x78780078,0x06060006,0xe7e700e7,0x71710071, 269 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
270 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d, 270 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d,
271 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac, 271 0x72720072, 0xb9b900b9, 0xf8f800f8, 0xacac00ac,
272 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1, 272 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
273 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043, 273 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043,
274 0x15150015,0xadad00ad,0x77770077,0x80800080, 274 0x15150015, 0xadad00ad, 0x77770077, 0x80800080,
275 0x82820082,0xecec00ec,0x27270027,0xe5e500e5, 275 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
276 0x85850085,0x35350035,0x0c0c000c,0x41410041, 276 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041,
277 0xefef00ef,0x93930093,0x19190019,0x21210021, 277 0xefef00ef, 0x93930093, 0x19190019, 0x21210021,
278 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd, 278 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
279 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce, 279 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce,
280 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a, 280 0x30300030, 0x5f5f005f, 0xc5c500c5, 0x1a1a001a,
281 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d, 281 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
282 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d, 282 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d,
283 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d, 283 0x0d0d000d, 0x66660066, 0xcccc00cc, 0x2d2d002d,
284 0x12120012,0x20200020,0xb1b100b1,0x99990099, 284 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
285 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005, 285 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005,
286 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7, 286 0xb7b700b7, 0x31310031, 0x17170017, 0xd7d700d7,
287 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c, 287 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
288 0x0f0f000f,0x16160016,0x18180018,0x22220022, 288 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022,
289 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091, 289 0x44440044, 0xb2b200b2, 0xb5b500b5, 0x91910091,
290 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050, 290 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
291 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097, 291 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097,
292 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2, 292 0x5b5b005b, 0x95950095, 0xffff00ff, 0xd2d200d2,
293 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db, 293 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
294 0x03030003,0xdada00da,0x3f3f003f,0x94940094, 294 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094,
295 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033, 295 0x5c5c005c, 0x02020002, 0x4a4a004a, 0x33330033,
296 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2, 296 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
297 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b, 297 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b,
298 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e, 298 0x96960096, 0x4b4b004b, 0xbebe00be, 0x2e2e002e,
299 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e, 299 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
300 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059, 300 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059,
301 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba, 301 0x98980098, 0x6a6a006a, 0x46460046, 0xbaba00ba,
302 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa, 302 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
303 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a, 303 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a,
304 0x49490049,0x68680068,0x38380038,0xa4a400a4, 304 0x49490049, 0x68680068, 0x38380038, 0xa4a400a4,
305 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1, 305 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
306 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e, 306 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e,
307}; 307};
308 308
309 309
@@ -344,7 +344,7 @@ static const u32 camellia_sp4404[256] = {
344 lr = (lr << bits) + (rl >> (32 - bits)); \ 344 lr = (lr << bits) + (rl >> (32 - bits)); \
345 rl = (rl << bits) + (rr >> (32 - bits)); \ 345 rl = (rl << bits) + (rr >> (32 - bits)); \
346 rr = (rr << bits) + (w0 >> (32 - bits)); \ 346 rr = (rr << bits) + (w0 >> (32 - bits)); \
347 } while(0) 347 } while (0)
348 348
349#define ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ 349#define ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \
350 do { \ 350 do { \
@@ -354,7 +354,7 @@ static const u32 camellia_sp4404[256] = {
354 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ 354 lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \
355 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ 355 rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \
356 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ 356 rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \
357 } while(0) 357 } while (0)
358 358
359#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ 359#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \
360 do { \ 360 do { \
@@ -373,7 +373,7 @@ static const u32 camellia_sp4404[256] = {
373 yl ^= yr; \ 373 yl ^= yr; \
374 yr = ror32(yr, 8); \ 374 yr = ror32(yr, 8); \
375 yr ^= yl; \ 375 yr ^= yl; \
376 } while(0) 376 } while (0)
377 377
378#define SUBKEY_L(INDEX) (subkey[(INDEX)*2]) 378#define SUBKEY_L(INDEX) (subkey[(INDEX)*2])
379#define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1]) 379#define SUBKEY_R(INDEX) (subkey[(INDEX)*2 + 1])
@@ -835,7 +835,7 @@ static void camellia_setup256(const unsigned char *key, u32 *subkey)
835static void camellia_setup192(const unsigned char *key, u32 *subkey) 835static void camellia_setup192(const unsigned char *key, u32 *subkey)
836{ 836{
837 unsigned char kk[32]; 837 unsigned char kk[32];
838 u32 krll, krlr, krrl,krrr; 838 u32 krll, krlr, krrl, krrr;
839 839
840 memcpy(kk, key, 24); 840 memcpy(kk, key, 24);
841 memcpy((unsigned char *)&krll, key+16, 4); 841 memcpy((unsigned char *)&krll, key+16, 4);
@@ -865,7 +865,7 @@ static void camellia_setup192(const unsigned char *key, u32 *subkey)
865 t1 |= lr; \ 865 t1 |= lr; \
866 ll ^= t1; \ 866 ll ^= t1; \
867 rr ^= rol32(t3, 1); \ 867 rr ^= rol32(t3, 1); \
868 } while(0) 868 } while (0)
869 869
870#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir) \ 870#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir) \
871 do { \ 871 do { \
@@ -881,12 +881,12 @@ static void camellia_setup192(const unsigned char *key, u32 *subkey)
881 ir ^= il ^ kr; \ 881 ir ^= il ^ kr; \
882 yl ^= ir; \ 882 yl ^= ir; \
883 yr ^= ror32(il, 8) ^ ir; \ 883 yr ^= ror32(il, 8) ^ ir; \
884 } while(0) 884 } while (0)
885 885
886/* max = 24: 128bit encrypt, max = 32: 256bit encrypt */ 886/* max = 24: 128bit encrypt, max = 32: 256bit encrypt */
887static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max) 887static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max)
888{ 888{
889 u32 il,ir,t0,t1; /* temporary variables */ 889 u32 il, ir, t0, t1; /* temporary variables */
890 890
891 /* pre whitening but absorb kw2 */ 891 /* pre whitening but absorb kw2 */
892 io[0] ^= SUBKEY_L(0); 892 io[0] ^= SUBKEY_L(0);
@@ -894,30 +894,30 @@ static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max)
894 894
895 /* main iteration */ 895 /* main iteration */
896#define ROUNDS(i) do { \ 896#define ROUNDS(i) do { \
897 CAMELLIA_ROUNDSM(io[0],io[1], \ 897 CAMELLIA_ROUNDSM(io[0], io[1], \
898 SUBKEY_L(i + 2),SUBKEY_R(i + 2), \ 898 SUBKEY_L(i + 2), SUBKEY_R(i + 2), \
899 io[2],io[3],il,ir); \ 899 io[2], io[3], il, ir); \
900 CAMELLIA_ROUNDSM(io[2],io[3], \ 900 CAMELLIA_ROUNDSM(io[2], io[3], \
901 SUBKEY_L(i + 3),SUBKEY_R(i + 3), \ 901 SUBKEY_L(i + 3), SUBKEY_R(i + 3), \
902 io[0],io[1],il,ir); \ 902 io[0], io[1], il, ir); \
903 CAMELLIA_ROUNDSM(io[0],io[1], \ 903 CAMELLIA_ROUNDSM(io[0], io[1], \
904 SUBKEY_L(i + 4),SUBKEY_R(i + 4), \ 904 SUBKEY_L(i + 4), SUBKEY_R(i + 4), \
905 io[2],io[3],il,ir); \ 905 io[2], io[3], il, ir); \
906 CAMELLIA_ROUNDSM(io[2],io[3], \ 906 CAMELLIA_ROUNDSM(io[2], io[3], \
907 SUBKEY_L(i + 5),SUBKEY_R(i + 5), \ 907 SUBKEY_L(i + 5), SUBKEY_R(i + 5), \
908 io[0],io[1],il,ir); \ 908 io[0], io[1], il, ir); \
909 CAMELLIA_ROUNDSM(io[0],io[1], \ 909 CAMELLIA_ROUNDSM(io[0], io[1], \
910 SUBKEY_L(i + 6),SUBKEY_R(i + 6), \ 910 SUBKEY_L(i + 6), SUBKEY_R(i + 6), \
911 io[2],io[3],il,ir); \ 911 io[2], io[3], il, ir); \
912 CAMELLIA_ROUNDSM(io[2],io[3], \ 912 CAMELLIA_ROUNDSM(io[2], io[3], \
913 SUBKEY_L(i + 7),SUBKEY_R(i + 7), \ 913 SUBKEY_L(i + 7), SUBKEY_R(i + 7), \
914 io[0],io[1],il,ir); \ 914 io[0], io[1], il, ir); \
915} while (0) 915} while (0)
916#define FLS(i) do { \ 916#define FLS(i) do { \
917 CAMELLIA_FLS(io[0],io[1],io[2],io[3], \ 917 CAMELLIA_FLS(io[0], io[1], io[2], io[3], \
918 SUBKEY_L(i + 0),SUBKEY_R(i + 0), \ 918 SUBKEY_L(i + 0), SUBKEY_R(i + 0), \
919 SUBKEY_L(i + 1),SUBKEY_R(i + 1), \ 919 SUBKEY_L(i + 1), SUBKEY_R(i + 1), \
920 t0,t1,il,ir); \ 920 t0, t1, il, ir); \
921} while (0) 921} while (0)
922 922
923 ROUNDS(0); 923 ROUNDS(0);
@@ -941,7 +941,7 @@ static void camellia_do_encrypt(const u32 *subkey, u32 *io, unsigned max)
941 941
942static void camellia_do_decrypt(const u32 *subkey, u32 *io, unsigned i) 942static void camellia_do_decrypt(const u32 *subkey, u32 *io, unsigned i)
943{ 943{
944 u32 il,ir,t0,t1; /* temporary variables */ 944 u32 il, ir, t0, t1; /* temporary variables */
945 945
946 /* pre whitening but absorb kw2 */ 946 /* pre whitening but absorb kw2 */
947 io[0] ^= SUBKEY_L(i); 947 io[0] ^= SUBKEY_L(i);
@@ -949,30 +949,30 @@ static void camellia_do_decrypt(const u32 *subkey, u32 *io, unsigned i)
949 949
950 /* main iteration */ 950 /* main iteration */
951#define ROUNDS(i) do { \ 951#define ROUNDS(i) do { \
952 CAMELLIA_ROUNDSM(io[0],io[1], \ 952 CAMELLIA_ROUNDSM(io[0], io[1], \
953 SUBKEY_L(i + 7),SUBKEY_R(i + 7), \ 953 SUBKEY_L(i + 7), SUBKEY_R(i + 7), \
954 io[2],io[3],il,ir); \ 954 io[2], io[3], il, ir); \
955 CAMELLIA_ROUNDSM(io[2],io[3], \ 955 CAMELLIA_ROUNDSM(io[2], io[3], \
956 SUBKEY_L(i + 6),SUBKEY_R(i + 6), \ 956 SUBKEY_L(i + 6), SUBKEY_R(i + 6), \
957 io[0],io[1],il,ir); \ 957 io[0], io[1], il, ir); \
958 CAMELLIA_ROUNDSM(io[0],io[1], \ 958 CAMELLIA_ROUNDSM(io[0], io[1], \
959 SUBKEY_L(i + 5),SUBKEY_R(i + 5), \ 959 SUBKEY_L(i + 5), SUBKEY_R(i + 5), \
960 io[2],io[3],il,ir); \ 960 io[2], io[3], il, ir); \
961 CAMELLIA_ROUNDSM(io[2],io[3], \ 961 CAMELLIA_ROUNDSM(io[2], io[3], \
962 SUBKEY_L(i + 4),SUBKEY_R(i + 4), \ 962 SUBKEY_L(i + 4), SUBKEY_R(i + 4), \
963 io[0],io[1],il,ir); \ 963 io[0], io[1], il, ir); \
964 CAMELLIA_ROUNDSM(io[0],io[1], \ 964 CAMELLIA_ROUNDSM(io[0], io[1], \
965 SUBKEY_L(i + 3),SUBKEY_R(i + 3), \ 965 SUBKEY_L(i + 3), SUBKEY_R(i + 3), \
966 io[2],io[3],il,ir); \ 966 io[2], io[3], il, ir); \
967 CAMELLIA_ROUNDSM(io[2],io[3], \ 967 CAMELLIA_ROUNDSM(io[2], io[3], \
968 SUBKEY_L(i + 2),SUBKEY_R(i + 2), \ 968 SUBKEY_L(i + 2), SUBKEY_R(i + 2), \
969 io[0],io[1],il,ir); \ 969 io[0], io[1], il, ir); \
970} while (0) 970} while (0)
971#define FLS(i) do { \ 971#define FLS(i) do { \
972 CAMELLIA_FLS(io[0],io[1],io[2],io[3], \ 972 CAMELLIA_FLS(io[0], io[1], io[2], io[3], \
973 SUBKEY_L(i + 1),SUBKEY_R(i + 1), \ 973 SUBKEY_L(i + 1), SUBKEY_R(i + 1), \
974 SUBKEY_L(i + 0),SUBKEY_R(i + 0), \ 974 SUBKEY_L(i + 0), SUBKEY_R(i + 0), \
975 t0,t1,il,ir); \ 975 t0, t1, il, ir); \
976} while (0) 976} while (0)
977 977
978 if (i == 32) { 978 if (i == 32) {
diff --git a/crypto/cast5.c b/crypto/cast5.c
index 8cbe28fa0e0c..a1d2294b50ad 100644
--- a/crypto/cast5.c
+++ b/crypto/cast5.c
@@ -569,12 +569,12 @@ static const u32 sb8[256] = {
569 0xeaee6801, 0x8db2a283, 0xea8bf59e 569 0xeaee6801, 0x8db2a283, 0xea8bf59e
570}; 570};
571 571
572#define F1(D,m,r) ( (I = ((m) + (D))), (I=rol32(I,(r))), \ 572#define F1(D, m, r) ((I = ((m) + (D))), (I = rol32(I, (r))), \
573 (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]) ) 573 (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]))
574#define F2(D,m,r) ( (I = ((m) ^ (D))), (I=rol32(I,(r))), \ 574#define F2(D, m, r) ((I = ((m) ^ (D))), (I = rol32(I, (r))), \
575 (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]) ) 575 (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]))
576#define F3(D,m,r) ( (I = ((m) - (D))), (I=rol32(I,(r))), \ 576#define F3(D, m, r) ((I = ((m) - (D))), (I = rol32(I, (r))), \
577 (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]) ) 577 (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]))
578 578
579 579
580static void cast5_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf) 580static void cast5_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
@@ -694,7 +694,7 @@ static void cast5_decrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
694 dst[1] = cpu_to_be32(l); 694 dst[1] = cpu_to_be32(l);
695} 695}
696 696
697static void key_schedule(u32 * x, u32 * z, u32 * k) 697static void key_schedule(u32 *x, u32 *z, u32 *k)
698{ 698{
699 699
700#define xi(i) ((x[(i)/4] >> (8*(3-((i)%4)))) & 0xff) 700#define xi(i) ((x[(i)/4] >> (8*(3-((i)%4)))) & 0xff)
diff --git a/crypto/cast6.c b/crypto/cast6.c
index 007d02beed67..e0c15a6c7c34 100644
--- a/crypto/cast6.c
+++ b/crypto/cast6.c
@@ -11,7 +11,7 @@
11 * under the terms of GNU General Public License as published by the Free 11 * under the terms of GNU General Public License as published by the Free
12 * Software Foundation; either version 2 of the License, or (at your option) 12 * Software Foundation; either version 2 of the License, or (at your option)
13 * any later version. 13 * any later version.
14 * 14 *
15 * You should have received a copy of the GNU General Public License 15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software 16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
@@ -35,12 +35,12 @@ struct cast6_ctx {
35 u8 Kr[12][4]; 35 u8 Kr[12][4];
36}; 36};
37 37
38#define F1(D,r,m) ( (I = ((m) + (D))), (I=rol32(I,(r))), \ 38#define F1(D, r, m) ((I = ((m) + (D))), (I = rol32(I, (r))), \
39 (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]) ) 39 (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]))
40#define F2(D,r,m) ( (I = ((m) ^ (D))), (I=rol32(I,(r))), \ 40#define F2(D, r, m) ((I = ((m) ^ (D))), (I = rol32(I, (r))), \
41 (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]) ) 41 (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]))
42#define F3(D,r,m) ( (I = ((m) - (D))), (I=rol32(I,(r))), \ 42#define F3(D, r, m) ((I = ((m) - (D))), (I = rol32(I, (r))), \
43 (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]) ) 43 (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]))
44 44
45static const u32 s1[256] = { 45static const u32 s1[256] = {
46 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 46 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f,
@@ -312,7 +312,7 @@ static const u32 s4[256] = {
312 312
313static const u32 Tm[24][8] = { 313static const u32 Tm[24][8] = {
314 { 0x5a827999, 0xc95c653a, 0x383650db, 0xa7103c7c, 0x15ea281d, 314 { 0x5a827999, 0xc95c653a, 0x383650db, 0xa7103c7c, 0x15ea281d,
315 0x84c413be, 0xf39dff5f, 0x6277eb00 } , 315 0x84c413be, 0xf39dff5f, 0x6277eb00 } ,
316 { 0xd151d6a1, 0x402bc242, 0xaf05ade3, 0x1ddf9984, 0x8cb98525, 316 { 0xd151d6a1, 0x402bc242, 0xaf05ade3, 0x1ddf9984, 0x8cb98525,
317 0xfb9370c6, 0x6a6d5c67, 0xd9474808 } , 317 0xfb9370c6, 0x6a6d5c67, 0xd9474808 } ,
318 { 0x482133a9, 0xb6fb1f4a, 0x25d50aeb, 0x94aef68c, 0x0388e22d, 318 { 0x482133a9, 0xb6fb1f4a, 0x25d50aeb, 0x94aef68c, 0x0388e22d,
@@ -369,7 +369,8 @@ static const u8 Tr[4][8] = {
369}; 369};
370 370
371/* forward octave */ 371/* forward octave */
372static void W(u32 *key, unsigned int i) { 372static void W(u32 *key, unsigned int i)
373{
373 u32 I; 374 u32 I;
374 key[6] ^= F1(key[7], Tr[i % 4][0], Tm[i][0]); 375 key[6] ^= F1(key[7], Tr[i % 4][0], Tm[i][0]);
375 key[5] ^= F2(key[6], Tr[i % 4][1], Tm[i][1]); 376 key[5] ^= F2(key[6], Tr[i % 4][1], Tm[i][1]);
@@ -377,7 +378,7 @@ static void W(u32 *key, unsigned int i) {
377 key[3] ^= F1(key[4], Tr[i % 4][3], Tm[i][3]); 378 key[3] ^= F1(key[4], Tr[i % 4][3], Tm[i][3]);
378 key[2] ^= F2(key[3], Tr[i % 4][4], Tm[i][4]); 379 key[2] ^= F2(key[3], Tr[i % 4][4], Tm[i][4]);
379 key[1] ^= F3(key[2], Tr[i % 4][5], Tm[i][5]); 380 key[1] ^= F3(key[2], Tr[i % 4][5], Tm[i][5]);
380 key[0] ^= F1(key[1], Tr[i % 4][6], Tm[i][6]); 381 key[0] ^= F1(key[1], Tr[i % 4][6], Tm[i][6]);
381 key[7] ^= F2(key[0], Tr[i % 4][7], Tm[i][7]); 382 key[7] ^= F2(key[0], Tr[i % 4][7], Tm[i][7]);
382} 383}
383 384
@@ -393,11 +394,11 @@ static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key,
393 if (key_len % 4 != 0) { 394 if (key_len % 4 != 0) {
394 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; 395 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
395 return -EINVAL; 396 return -EINVAL;
396 } 397 }
398
399 memset(p_key, 0, 32);
400 memcpy(p_key, in_key, key_len);
397 401
398 memset (p_key, 0, 32);
399 memcpy (p_key, in_key, key_len);
400
401 key[0] = be32_to_cpu(p_key[0]); /* A */ 402 key[0] = be32_to_cpu(p_key[0]); /* A */
402 key[1] = be32_to_cpu(p_key[1]); /* B */ 403 key[1] = be32_to_cpu(p_key[1]); /* B */
403 key[2] = be32_to_cpu(p_key[2]); /* C */ 404 key[2] = be32_to_cpu(p_key[2]); /* C */
@@ -406,18 +407,16 @@ static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key,
406 key[5] = be32_to_cpu(p_key[5]); /* F */ 407 key[5] = be32_to_cpu(p_key[5]); /* F */
407 key[6] = be32_to_cpu(p_key[6]); /* G */ 408 key[6] = be32_to_cpu(p_key[6]); /* G */
408 key[7] = be32_to_cpu(p_key[7]); /* H */ 409 key[7] = be32_to_cpu(p_key[7]); /* H */
409
410
411 410
412 for (i = 0; i < 12; i++) { 411 for (i = 0; i < 12; i++) {
413 W (key, 2 * i); 412 W(key, 2 * i);
414 W (key, 2 * i + 1); 413 W(key, 2 * i + 1);
415 414
416 c->Kr[i][0] = key[0] & 0x1f; 415 c->Kr[i][0] = key[0] & 0x1f;
417 c->Kr[i][1] = key[2] & 0x1f; 416 c->Kr[i][1] = key[2] & 0x1f;
418 c->Kr[i][2] = key[4] & 0x1f; 417 c->Kr[i][2] = key[4] & 0x1f;
419 c->Kr[i][3] = key[6] & 0x1f; 418 c->Kr[i][3] = key[6] & 0x1f;
420 419
421 c->Km[i][0] = key[7]; 420 c->Km[i][0] = key[7];
422 c->Km[i][1] = key[5]; 421 c->Km[i][1] = key[5];
423 c->Km[i][2] = key[3]; 422 c->Km[i][2] = key[3];
@@ -428,21 +427,23 @@ static int cast6_setkey(struct crypto_tfm *tfm, const u8 *in_key,
428} 427}
429 428
430/*forward quad round*/ 429/*forward quad round*/
431static void Q (u32 * block, u8 * Kr, u32 * Km) { 430static void Q(u32 *block, u8 *Kr, u32 *Km)
431{
432 u32 I; 432 u32 I;
433 block[2] ^= F1(block[3], Kr[0], Km[0]); 433 block[2] ^= F1(block[3], Kr[0], Km[0]);
434 block[1] ^= F2(block[2], Kr[1], Km[1]); 434 block[1] ^= F2(block[2], Kr[1], Km[1]);
435 block[0] ^= F3(block[1], Kr[2], Km[2]); 435 block[0] ^= F3(block[1], Kr[2], Km[2]);
436 block[3] ^= F1(block[0], Kr[3], Km[3]); 436 block[3] ^= F1(block[0], Kr[3], Km[3]);
437} 437}
438 438
439/*reverse quad round*/ 439/*reverse quad round*/
440static void QBAR (u32 * block, u8 * Kr, u32 * Km) { 440static void QBAR(u32 *block, u8 *Kr, u32 *Km)
441{
441 u32 I; 442 u32 I;
442 block[3] ^= F1(block[0], Kr[3], Km[3]); 443 block[3] ^= F1(block[0], Kr[3], Km[3]);
443 block[0] ^= F3(block[1], Kr[2], Km[2]); 444 block[0] ^= F3(block[1], Kr[2], Km[2]);
444 block[1] ^= F2(block[2], Kr[1], Km[1]); 445 block[1] ^= F2(block[2], Kr[1], Km[1]);
445 block[2] ^= F1(block[3], Kr[0], Km[0]); 446 block[2] ^= F1(block[3], Kr[0], Km[0]);
446} 447}
447 448
448static void cast6_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf) 449static void cast6_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
@@ -451,64 +452,65 @@ static void cast6_encrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
451 const __be32 *src = (const __be32 *)inbuf; 452 const __be32 *src = (const __be32 *)inbuf;
452 __be32 *dst = (__be32 *)outbuf; 453 __be32 *dst = (__be32 *)outbuf;
453 u32 block[4]; 454 u32 block[4];
454 u32 * Km; 455 u32 *Km;
455 u8 * Kr; 456 u8 *Kr;
456 457
457 block[0] = be32_to_cpu(src[0]); 458 block[0] = be32_to_cpu(src[0]);
458 block[1] = be32_to_cpu(src[1]); 459 block[1] = be32_to_cpu(src[1]);
459 block[2] = be32_to_cpu(src[2]); 460 block[2] = be32_to_cpu(src[2]);
460 block[3] = be32_to_cpu(src[3]); 461 block[3] = be32_to_cpu(src[3]);
461 462
462 Km = c->Km[0]; Kr = c->Kr[0]; Q (block, Kr, Km); 463 Km = c->Km[0]; Kr = c->Kr[0]; Q(block, Kr, Km);
463 Km = c->Km[1]; Kr = c->Kr[1]; Q (block, Kr, Km); 464 Km = c->Km[1]; Kr = c->Kr[1]; Q(block, Kr, Km);
464 Km = c->Km[2]; Kr = c->Kr[2]; Q (block, Kr, Km); 465 Km = c->Km[2]; Kr = c->Kr[2]; Q(block, Kr, Km);
465 Km = c->Km[3]; Kr = c->Kr[3]; Q (block, Kr, Km); 466 Km = c->Km[3]; Kr = c->Kr[3]; Q(block, Kr, Km);
466 Km = c->Km[4]; Kr = c->Kr[4]; Q (block, Kr, Km); 467 Km = c->Km[4]; Kr = c->Kr[4]; Q(block, Kr, Km);
467 Km = c->Km[5]; Kr = c->Kr[5]; Q (block, Kr, Km); 468 Km = c->Km[5]; Kr = c->Kr[5]; Q(block, Kr, Km);
468 Km = c->Km[6]; Kr = c->Kr[6]; QBAR (block, Kr, Km); 469 Km = c->Km[6]; Kr = c->Kr[6]; QBAR(block, Kr, Km);
469 Km = c->Km[7]; Kr = c->Kr[7]; QBAR (block, Kr, Km); 470 Km = c->Km[7]; Kr = c->Kr[7]; QBAR(block, Kr, Km);
470 Km = c->Km[8]; Kr = c->Kr[8]; QBAR (block, Kr, Km); 471 Km = c->Km[8]; Kr = c->Kr[8]; QBAR(block, Kr, Km);
471 Km = c->Km[9]; Kr = c->Kr[9]; QBAR (block, Kr, Km); 472 Km = c->Km[9]; Kr = c->Kr[9]; QBAR(block, Kr, Km);
472 Km = c->Km[10]; Kr = c->Kr[10]; QBAR (block, Kr, Km); 473 Km = c->Km[10]; Kr = c->Kr[10]; QBAR(block, Kr, Km);
473 Km = c->Km[11]; Kr = c->Kr[11]; QBAR (block, Kr, Km); 474 Km = c->Km[11]; Kr = c->Kr[11]; QBAR(block, Kr, Km);
474 475
475 dst[0] = cpu_to_be32(block[0]); 476 dst[0] = cpu_to_be32(block[0]);
476 dst[1] = cpu_to_be32(block[1]); 477 dst[1] = cpu_to_be32(block[1]);
477 dst[2] = cpu_to_be32(block[2]); 478 dst[2] = cpu_to_be32(block[2]);
478 dst[3] = cpu_to_be32(block[3]); 479 dst[3] = cpu_to_be32(block[3]);
479} 480}
480 481
481static void cast6_decrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf) { 482static void cast6_decrypt(struct crypto_tfm *tfm, u8 *outbuf, const u8 *inbuf)
482 struct cast6_ctx * c = crypto_tfm_ctx(tfm); 483{
484 struct cast6_ctx *c = crypto_tfm_ctx(tfm);
483 const __be32 *src = (const __be32 *)inbuf; 485 const __be32 *src = (const __be32 *)inbuf;
484 __be32 *dst = (__be32 *)outbuf; 486 __be32 *dst = (__be32 *)outbuf;
485 u32 block[4]; 487 u32 block[4];
486 u32 * Km; 488 u32 *Km;
487 u8 * Kr; 489 u8 *Kr;
488 490
489 block[0] = be32_to_cpu(src[0]); 491 block[0] = be32_to_cpu(src[0]);
490 block[1] = be32_to_cpu(src[1]); 492 block[1] = be32_to_cpu(src[1]);
491 block[2] = be32_to_cpu(src[2]); 493 block[2] = be32_to_cpu(src[2]);
492 block[3] = be32_to_cpu(src[3]); 494 block[3] = be32_to_cpu(src[3]);
493 495
494 Km = c->Km[11]; Kr = c->Kr[11]; Q (block, Kr, Km); 496 Km = c->Km[11]; Kr = c->Kr[11]; Q(block, Kr, Km);
495 Km = c->Km[10]; Kr = c->Kr[10]; Q (block, Kr, Km); 497 Km = c->Km[10]; Kr = c->Kr[10]; Q(block, Kr, Km);
496 Km = c->Km[9]; Kr = c->Kr[9]; Q (block, Kr, Km); 498 Km = c->Km[9]; Kr = c->Kr[9]; Q(block, Kr, Km);
497 Km = c->Km[8]; Kr = c->Kr[8]; Q (block, Kr, Km); 499 Km = c->Km[8]; Kr = c->Kr[8]; Q(block, Kr, Km);
498 Km = c->Km[7]; Kr = c->Kr[7]; Q (block, Kr, Km); 500 Km = c->Km[7]; Kr = c->Kr[7]; Q(block, Kr, Km);
499 Km = c->Km[6]; Kr = c->Kr[6]; Q (block, Kr, Km); 501 Km = c->Km[6]; Kr = c->Kr[6]; Q(block, Kr, Km);
500 Km = c->Km[5]; Kr = c->Kr[5]; QBAR (block, Kr, Km); 502 Km = c->Km[5]; Kr = c->Kr[5]; QBAR(block, Kr, Km);
501 Km = c->Km[4]; Kr = c->Kr[4]; QBAR (block, Kr, Km); 503 Km = c->Km[4]; Kr = c->Kr[4]; QBAR(block, Kr, Km);
502 Km = c->Km[3]; Kr = c->Kr[3]; QBAR (block, Kr, Km); 504 Km = c->Km[3]; Kr = c->Kr[3]; QBAR(block, Kr, Km);
503 Km = c->Km[2]; Kr = c->Kr[2]; QBAR (block, Kr, Km); 505 Km = c->Km[2]; Kr = c->Kr[2]; QBAR(block, Kr, Km);
504 Km = c->Km[1]; Kr = c->Kr[1]; QBAR (block, Kr, Km); 506 Km = c->Km[1]; Kr = c->Kr[1]; QBAR(block, Kr, Km);
505 Km = c->Km[0]; Kr = c->Kr[0]; QBAR (block, Kr, Km); 507 Km = c->Km[0]; Kr = c->Kr[0]; QBAR(block, Kr, Km);
506 508
507 dst[0] = cpu_to_be32(block[0]); 509 dst[0] = cpu_to_be32(block[0]);
508 dst[1] = cpu_to_be32(block[1]); 510 dst[1] = cpu_to_be32(block[1]);
509 dst[2] = cpu_to_be32(block[2]); 511 dst[2] = cpu_to_be32(block[2]);
510 dst[3] = cpu_to_be32(block[3]); 512 dst[3] = cpu_to_be32(block[3]);
511} 513}
512 514
513static struct crypto_alg alg = { 515static struct crypto_alg alg = {
514 .cra_name = "cast6", 516 .cra_name = "cast6",
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 9a1a7316eeac..39541e0e537d 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -8,7 +8,7 @@
8 * 8 *
9 * This program is free software; you can redistribute it and/or modify it 9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the Free 10 * under the terms of the GNU General Public License as published by the Free
11 * Software Foundation; either version 2 of the License, or (at your option) 11 * Software Foundation; either version 2 of the License, or (at your option)
12 * any later version. 12 * any later version.
13 * 13 *
14 */ 14 */
diff --git a/crypto/compress.c b/crypto/compress.c
index 1ee357085d3a..c33f0763a956 100644
--- a/crypto/compress.c
+++ b/crypto/compress.c
@@ -7,7 +7,7 @@
7 * 7 *
8 * This program is free software; you can redistribute it and/or modify it 8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the Free 9 * under the terms of the GNU General Public License as published by the Free
10 * Software Foundation; either version 2 of the License, or (at your option) 10 * Software Foundation; either version 2 of the License, or (at your option)
11 * any later version. 11 * any later version.
12 * 12 *
13 */ 13 */
@@ -39,7 +39,7 @@ int crypto_init_compress_ops(struct crypto_tfm *tfm)
39 39
40 ops->cot_compress = crypto_compress; 40 ops->cot_compress = crypto_compress;
41 ops->cot_decompress = crypto_decompress; 41 ops->cot_decompress = crypto_decompress;
42 42
43 return 0; 43 return 0;
44} 44}
45 45
diff --git a/crypto/crc32c.c b/crypto/crc32c.c
index 973bc2cfab2e..de9e55c29794 100644
--- a/crypto/crc32c.c
+++ b/crypto/crc32c.c
@@ -1,4 +1,4 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * CRC32C chksum 4 * CRC32C chksum
@@ -30,7 +30,7 @@
30 * 30 *
31 * This program is free software; you can redistribute it and/or modify it 31 * This program is free software; you can redistribute it and/or modify it
32 * under the terms of the GNU General Public License as published by the Free 32 * under the terms of the GNU General Public License as published by the Free
33 * Software Foundation; either version 2 of the License, or (at your option) 33 * Software Foundation; either version 2 of the License, or (at your option)
34 * any later version. 34 * any later version.
35 * 35 *
36 */ 36 */
@@ -142,7 +142,7 @@ static u32 crc32c(u32 crc, const u8 *data, unsigned int length)
142} 142}
143 143
144/* 144/*
145 * Steps through buffer one byte at at time, calculates reflected 145 * Steps through buffer one byte at at time, calculates reflected
146 * crc using table. 146 * crc using table.
147 */ 147 */
148 148
diff --git a/crypto/cryptd.c b/crypto/cryptd.c
index 704c14115323..ef71318976c7 100644
--- a/crypto/cryptd.c
+++ b/crypto/cryptd.c
@@ -31,7 +31,7 @@ struct cryptd_cpu_queue {
31}; 31};
32 32
33struct cryptd_queue { 33struct cryptd_queue {
34 struct cryptd_cpu_queue *cpu_queue; 34 struct cryptd_cpu_queue __percpu *cpu_queue;
35}; 35};
36 36
37struct cryptd_instance_ctx { 37struct cryptd_instance_ctx {
diff --git a/crypto/crypto_null.c b/crypto/crypto_null.c
index cb71c9122bc0..07a8a96d46fc 100644
--- a/crypto/crypto_null.c
+++ b/crypto/crypto_null.c
@@ -1,11 +1,11 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * Null algorithms, aka Much Ado About Nothing. 4 * Null algorithms, aka Much Ado About Nothing.
5 * 5 *
6 * These are needed for IPsec, and may be useful in general for 6 * These are needed for IPsec, and may be useful in general for
7 * testing & debugging. 7 * testing & debugging.
8 * 8 *
9 * The null cipher is compliant with RFC2410. 9 * The null cipher is compliant with RFC2410.
10 * 10 *
11 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 11 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
@@ -163,7 +163,7 @@ MODULE_ALIAS("cipher_null");
163static int __init crypto_null_mod_init(void) 163static int __init crypto_null_mod_init(void)
164{ 164{
165 int ret = 0; 165 int ret = 0;
166 166
167 ret = crypto_register_alg(&cipher_null); 167 ret = crypto_register_alg(&cipher_null);
168 if (ret < 0) 168 if (ret < 0)
169 goto out; 169 goto out;
@@ -180,7 +180,7 @@ static int __init crypto_null_mod_init(void)
180 if (ret < 0) 180 if (ret < 0)
181 goto out_unregister_digest; 181 goto out_unregister_digest;
182 182
183out: 183out:
184 return ret; 184 return ret;
185 185
186out_unregister_digest: 186out_unregister_digest:
diff --git a/crypto/deflate.c b/crypto/deflate.c
index 9128da44e953..463dc859aa05 100644
--- a/crypto/deflate.c
+++ b/crypto/deflate.c
@@ -1,14 +1,14 @@
1/* 1/*
2 * Cryptographic API. 2 * Cryptographic API.
3 * 3 *
4 * Deflate algorithm (RFC 1951), implemented here primarily for use 4 * Deflate algorithm (RFC 1951), implemented here primarily for use
5 * by IPCOMP (RFC 3173 & RFC 2394). 5 * by IPCOMP (RFC 3173 & RFC 2394).
6 * 6 *
7 * Copyright (c) 2003 James Morris <jmorris@intercode.com.au> 7 * Copyright (c) 2003 James Morris <jmorris@intercode.com.au>
8 * 8 *
9 * This program is free software; you can redistribute it and/or modify it 9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the Free 10 * under the terms of the GNU General Public License as published by the Free
11 * Software Foundation; either version 2 of the License, or (at your option) 11 * Software Foundation; either version 2 of the License, or (at your option)
12 * any later version. 12 * any later version.
13 * 13 *
14 * FIXME: deflate transforms will require up to a total of about 436k of kernel 14 * FIXME: deflate transforms will require up to a total of about 436k of kernel
@@ -49,7 +49,7 @@ static int deflate_comp_init(struct deflate_ctx *ctx)
49 struct z_stream_s *stream = &ctx->comp_stream; 49 struct z_stream_s *stream = &ctx->comp_stream;
50 50
51 stream->workspace = vmalloc(zlib_deflate_workspacesize()); 51 stream->workspace = vmalloc(zlib_deflate_workspacesize());
52 if (!stream->workspace ) { 52 if (!stream->workspace) {
53 ret = -ENOMEM; 53 ret = -ENOMEM;
54 goto out; 54 goto out;
55 } 55 }
@@ -61,7 +61,7 @@ static int deflate_comp_init(struct deflate_ctx *ctx)
61 ret = -EINVAL; 61 ret = -EINVAL;
62 goto out_free; 62 goto out_free;
63 } 63 }
64out: 64out:
65 return ret; 65 return ret;
66out_free: 66out_free:
67 vfree(stream->workspace); 67 vfree(stream->workspace);
@@ -74,7 +74,7 @@ static int deflate_decomp_init(struct deflate_ctx *ctx)
74 struct z_stream_s *stream = &ctx->decomp_stream; 74 struct z_stream_s *stream = &ctx->decomp_stream;
75 75
76 stream->workspace = kzalloc(zlib_inflate_workspacesize(), GFP_KERNEL); 76 stream->workspace = kzalloc(zlib_inflate_workspacesize(), GFP_KERNEL);
77 if (!stream->workspace ) { 77 if (!stream->workspace) {
78 ret = -ENOMEM; 78 ret = -ENOMEM;
79 goto out; 79 goto out;
80 } 80 }
@@ -106,7 +106,7 @@ static int deflate_init(struct crypto_tfm *tfm)
106{ 106{
107 struct deflate_ctx *ctx = crypto_tfm_ctx(tfm); 107 struct deflate_ctx *ctx = crypto_tfm_ctx(tfm);
108 int ret; 108 int ret;
109 109
110 ret = deflate_comp_init(ctx); 110 ret = deflate_comp_init(ctx);
111 if (ret) 111 if (ret)
112 goto out; 112 goto out;
@@ -153,11 +153,11 @@ static int deflate_compress(struct crypto_tfm *tfm, const u8 *src,
153out: 153out:
154 return ret; 154 return ret;
155} 155}
156 156
157static int deflate_decompress(struct crypto_tfm *tfm, const u8 *src, 157static int deflate_decompress(struct crypto_tfm *tfm, const u8 *src,
158 unsigned int slen, u8 *dst, unsigned int *dlen) 158 unsigned int slen, u8 *dst, unsigned int *dlen)
159{ 159{
160 160
161 int ret = 0; 161 int ret = 0;
162 struct deflate_ctx *dctx = crypto_tfm_ctx(tfm); 162 struct deflate_ctx *dctx = crypto_tfm_ctx(tfm);
163 struct z_stream_s *stream = &dctx->decomp_stream; 163 struct z_stream_s *stream = &dctx->decomp_stream;
@@ -182,7 +182,7 @@ static int deflate_decompress(struct crypto_tfm *tfm, const u8 *src,
182 if (ret == Z_OK && !stream->avail_in && stream->avail_out) { 182 if (ret == Z_OK && !stream->avail_in && stream->avail_out) {
183 u8 zerostuff = 0; 183 u8 zerostuff = 0;
184 stream->next_in = &zerostuff; 184 stream->next_in = &zerostuff;
185 stream->avail_in = 1; 185 stream->avail_in = 1;
186 ret = zlib_inflate(stream, Z_FINISH); 186 ret = zlib_inflate(stream, Z_FINISH);
187 } 187 }
188 if (ret != Z_STREAM_END) { 188 if (ret != Z_STREAM_END) {
diff --git a/crypto/des_generic.c b/crypto/des_generic.c
index 5bd3ee345a64..249f903cc453 100644
--- a/crypto/des_generic.c
+++ b/crypto/des_generic.c
@@ -869,8 +869,7 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8 *key,
869 869
870 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || 870 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
871 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && 871 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
872 (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) 872 (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) {
873 {
874 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 873 *flags |= CRYPTO_TFM_RES_WEAK_KEY;
875 return -EINVAL; 874 return -EINVAL;
876 } 875 }
diff --git a/crypto/ecb.c b/crypto/ecb.c
index a46838e98a71..935cfef4aa84 100644
--- a/crypto/ecb.c
+++ b/crypto/ecb.c
@@ -55,7 +55,7 @@ static int crypto_ecb_crypt(struct blkcipher_desc *desc,
55 55
56 do { 56 do {
57 fn(crypto_cipher_tfm(tfm), wdst, wsrc); 57 fn(crypto_cipher_tfm(tfm), wdst, wsrc);
58 58
59 wsrc += bsize; 59 wsrc += bsize;
60 wdst += bsize; 60 wdst += bsize;
61 } while ((nbytes -= bsize) >= bsize); 61 } while ((nbytes -= bsize) >= bsize);
diff --git a/crypto/fcrypt.c b/crypto/fcrypt.c
index b82d61f4e26c..c33107e340b6 100644
--- a/crypto/fcrypt.c
+++ b/crypto/fcrypt.c
@@ -60,13 +60,13 @@ do { \
60 u32 t = lo & ((1 << n) - 1); \ 60 u32 t = lo & ((1 << n) - 1); \
61 lo = (lo >> n) | ((hi & ((1 << n) - 1)) << (32 - n)); \ 61 lo = (lo >> n) | ((hi & ((1 << n) - 1)) << (32 - n)); \
62 hi = (hi >> n) | (t << (24-n)); \ 62 hi = (hi >> n) | (t << (24-n)); \
63} while(0) 63} while (0)
64 64
65/* Rotate right one 64 bit number as a 56 bit number */ 65/* Rotate right one 64 bit number as a 56 bit number */
66#define ror56_64(k, n) \ 66#define ror56_64(k, n) \
67do { \ 67do { \
68 k = (k >> n) | ((k & ((1 << n) - 1)) << (56 - n)); \ 68 k = (k >> n) | ((k & ((1 << n) - 1)) << (56 - n)); \
69} while(0) 69} while (0)
70 70
71/* 71/*
72 * Sboxes for Feistel network derived from 72 * Sboxes for Feistel network derived from
@@ -228,7 +228,7 @@ do { \
228 union lc4 { __be32 l; u8 c[4]; } u; \ 228 union lc4 { __be32 l; u8 c[4]; } u; \
229 u.l = sched ^ R; \ 229 u.l = sched ^ R; \
230 L ^= sbox0[u.c[0]] ^ sbox1[u.c[1]] ^ sbox2[u.c[2]] ^ sbox3[u.c[3]]; \ 230 L ^= sbox0[u.c[0]] ^ sbox1[u.c[1]] ^ sbox2[u.c[2]] ^ sbox3[u.c[3]]; \
231} while(0) 231} while (0)
232 232
233/* 233/*
234 * encryptor 234 * encryptor
diff --git a/crypto/gcm.c b/crypto/gcm.c
index c6547130624c..2f5fbba6576c 100644
--- a/crypto/gcm.c
+++ b/crypto/gcm.c
@@ -37,6 +37,19 @@ struct crypto_rfc4106_ctx {
37 u8 nonce[4]; 37 u8 nonce[4];
38}; 38};
39 39
40struct crypto_rfc4543_ctx {
41 struct crypto_aead *child;
42 u8 nonce[4];
43};
44
45struct crypto_rfc4543_req_ctx {
46 u8 auth_tag[16];
47 struct scatterlist cipher[1];
48 struct scatterlist payload[2];
49 struct scatterlist assoc[2];
50 struct aead_request subreq;
51};
52
40struct crypto_gcm_ghash_ctx { 53struct crypto_gcm_ghash_ctx {
41 unsigned int cryptlen; 54 unsigned int cryptlen;
42 struct scatterlist *src; 55 struct scatterlist *src;
@@ -1047,6 +1060,272 @@ static struct crypto_template crypto_rfc4106_tmpl = {
1047 .module = THIS_MODULE, 1060 .module = THIS_MODULE,
1048}; 1061};
1049 1062
1063static inline struct crypto_rfc4543_req_ctx *crypto_rfc4543_reqctx(
1064 struct aead_request *req)
1065{
1066 unsigned long align = crypto_aead_alignmask(crypto_aead_reqtfm(req));
1067
1068 return (void *)PTR_ALIGN((u8 *)aead_request_ctx(req), align + 1);
1069}
1070
1071static int crypto_rfc4543_setkey(struct crypto_aead *parent, const u8 *key,
1072 unsigned int keylen)
1073{
1074 struct crypto_rfc4543_ctx *ctx = crypto_aead_ctx(parent);
1075 struct crypto_aead *child = ctx->child;
1076 int err;
1077
1078 if (keylen < 4)
1079 return -EINVAL;
1080
1081 keylen -= 4;
1082 memcpy(ctx->nonce, key + keylen, 4);
1083
1084 crypto_aead_clear_flags(child, CRYPTO_TFM_REQ_MASK);
1085 crypto_aead_set_flags(child, crypto_aead_get_flags(parent) &
1086 CRYPTO_TFM_REQ_MASK);
1087 err = crypto_aead_setkey(child, key, keylen);
1088 crypto_aead_set_flags(parent, crypto_aead_get_flags(child) &
1089 CRYPTO_TFM_RES_MASK);
1090
1091 return err;
1092}
1093
1094static int crypto_rfc4543_setauthsize(struct crypto_aead *parent,
1095 unsigned int authsize)
1096{
1097 struct crypto_rfc4543_ctx *ctx = crypto_aead_ctx(parent);
1098
1099 if (authsize != 16)
1100 return -EINVAL;
1101
1102 return crypto_aead_setauthsize(ctx->child, authsize);
1103}
1104
1105/* this is the same as crypto_authenc_chain */
1106static void crypto_rfc4543_chain(struct scatterlist *head,
1107 struct scatterlist *sg, int chain)
1108{
1109 if (chain) {
1110 head->length += sg->length;
1111 sg = scatterwalk_sg_next(sg);
1112 }
1113
1114 if (sg)
1115 scatterwalk_sg_chain(head, 2, sg);
1116 else
1117 sg_mark_end(head);
1118}
1119
1120static struct aead_request *crypto_rfc4543_crypt(struct aead_request *req,
1121 int enc)
1122{
1123 struct crypto_aead *aead = crypto_aead_reqtfm(req);
1124 struct crypto_rfc4543_ctx *ctx = crypto_aead_ctx(aead);
1125 struct crypto_rfc4543_req_ctx *rctx = crypto_rfc4543_reqctx(req);
1126 struct aead_request *subreq = &rctx->subreq;
1127 struct scatterlist *dst = req->dst;
1128 struct scatterlist *cipher = rctx->cipher;
1129 struct scatterlist *payload = rctx->payload;
1130 struct scatterlist *assoc = rctx->assoc;
1131 unsigned int authsize = crypto_aead_authsize(aead);
1132 unsigned int assoclen = req->assoclen;
1133 struct page *dstp;
1134 u8 *vdst;
1135 u8 *iv = PTR_ALIGN((u8 *)(rctx + 1) + crypto_aead_reqsize(ctx->child),
1136 crypto_aead_alignmask(ctx->child) + 1);
1137
1138 memcpy(iv, ctx->nonce, 4);
1139 memcpy(iv + 4, req->iv, 8);
1140
1141 /* construct cipher/plaintext */
1142 if (enc)
1143 memset(rctx->auth_tag, 0, authsize);
1144 else
1145 scatterwalk_map_and_copy(rctx->auth_tag, dst,
1146 req->cryptlen - authsize,
1147 authsize, 0);
1148
1149 sg_init_one(cipher, rctx->auth_tag, authsize);
1150
1151 /* construct the aad */
1152 dstp = sg_page(dst);
1153 vdst = PageHighMem(dstp) ? NULL : page_address(dstp) + dst->offset;
1154
1155 sg_init_table(payload, 2);
1156 sg_set_buf(payload, req->iv, 8);
1157 crypto_rfc4543_chain(payload, dst, vdst == req->iv + 8);
1158 assoclen += 8 + req->cryptlen - (enc ? 0 : authsize);
1159
1160 sg_init_table(assoc, 2);
1161 sg_set_page(assoc, sg_page(req->assoc), req->assoc->length,
1162 req->assoc->offset);
1163 crypto_rfc4543_chain(assoc, payload, 0);
1164
1165 aead_request_set_tfm(subreq, ctx->child);
1166 aead_request_set_callback(subreq, req->base.flags, req->base.complete,
1167 req->base.data);
1168 aead_request_set_crypt(subreq, cipher, cipher, enc ? 0 : authsize, iv);
1169 aead_request_set_assoc(subreq, assoc, assoclen);
1170
1171 return subreq;
1172}
1173
1174static int crypto_rfc4543_encrypt(struct aead_request *req)
1175{
1176 struct crypto_aead *aead = crypto_aead_reqtfm(req);
1177 struct crypto_rfc4543_req_ctx *rctx = crypto_rfc4543_reqctx(req);
1178 struct aead_request *subreq;
1179 int err;
1180
1181 subreq = crypto_rfc4543_crypt(req, 1);
1182 err = crypto_aead_encrypt(subreq);
1183 if (err)
1184 return err;
1185
1186 scatterwalk_map_and_copy(rctx->auth_tag, req->dst, req->cryptlen,
1187 crypto_aead_authsize(aead), 1);
1188
1189 return 0;
1190}
1191
1192static int crypto_rfc4543_decrypt(struct aead_request *req)
1193{
1194 req = crypto_rfc4543_crypt(req, 0);
1195
1196 return crypto_aead_decrypt(req);
1197}
1198
1199static int crypto_rfc4543_init_tfm(struct crypto_tfm *tfm)
1200{
1201 struct crypto_instance *inst = (void *)tfm->__crt_alg;
1202 struct crypto_aead_spawn *spawn = crypto_instance_ctx(inst);
1203 struct crypto_rfc4543_ctx *ctx = crypto_tfm_ctx(tfm);
1204 struct crypto_aead *aead;
1205 unsigned long align;
1206
1207 aead = crypto_spawn_aead(spawn);
1208 if (IS_ERR(aead))
1209 return PTR_ERR(aead);
1210
1211 ctx->child = aead;
1212
1213 align = crypto_aead_alignmask(aead);
1214 align &= ~(crypto_tfm_ctx_alignment() - 1);
1215 tfm->crt_aead.reqsize = sizeof(struct crypto_rfc4543_req_ctx) +
1216 ALIGN(crypto_aead_reqsize(aead),
1217 crypto_tfm_ctx_alignment()) +
1218 align + 16;
1219
1220 return 0;
1221}
1222
1223static void crypto_rfc4543_exit_tfm(struct crypto_tfm *tfm)
1224{
1225 struct crypto_rfc4543_ctx *ctx = crypto_tfm_ctx(tfm);
1226
1227 crypto_free_aead(ctx->child);
1228}
1229
1230static struct crypto_instance *crypto_rfc4543_alloc(struct rtattr **tb)
1231{
1232 struct crypto_attr_type *algt;
1233 struct crypto_instance *inst;
1234 struct crypto_aead_spawn *spawn;
1235 struct crypto_alg *alg;
1236 const char *ccm_name;
1237 int err;
1238
1239 algt = crypto_get_attr_type(tb);
1240 err = PTR_ERR(algt);
1241 if (IS_ERR(algt))
1242 return ERR_PTR(err);
1243
1244 if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask)
1245 return ERR_PTR(-EINVAL);
1246
1247 ccm_name = crypto_attr_alg_name(tb[1]);
1248 err = PTR_ERR(ccm_name);
1249 if (IS_ERR(ccm_name))
1250 return ERR_PTR(err);
1251
1252 inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL);
1253 if (!inst)
1254 return ERR_PTR(-ENOMEM);
1255
1256 spawn = crypto_instance_ctx(inst);
1257 crypto_set_aead_spawn(spawn, inst);
1258 err = crypto_grab_aead(spawn, ccm_name, 0,
1259 crypto_requires_sync(algt->type, algt->mask));
1260 if (err)
1261 goto out_free_inst;
1262
1263 alg = crypto_aead_spawn_alg(spawn);
1264
1265 err = -EINVAL;
1266
1267 /* We only support 16-byte blocks. */
1268 if (alg->cra_aead.ivsize != 16)
1269 goto out_drop_alg;
1270
1271 /* Not a stream cipher? */
1272 if (alg->cra_blocksize != 1)
1273 goto out_drop_alg;
1274
1275 err = -ENAMETOOLONG;
1276 if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME,
1277 "rfc4543(%s)", alg->cra_name) >= CRYPTO_MAX_ALG_NAME ||
1278 snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME,
1279 "rfc4543(%s)", alg->cra_driver_name) >=
1280 CRYPTO_MAX_ALG_NAME)
1281 goto out_drop_alg;
1282
1283 inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD;
1284 inst->alg.cra_flags |= alg->cra_flags & CRYPTO_ALG_ASYNC;
1285 inst->alg.cra_priority = alg->cra_priority;
1286 inst->alg.cra_blocksize = 1;
1287 inst->alg.cra_alignmask = alg->cra_alignmask;
1288 inst->alg.cra_type = &crypto_nivaead_type;
1289
1290 inst->alg.cra_aead.ivsize = 8;
1291 inst->alg.cra_aead.maxauthsize = 16;
1292
1293 inst->alg.cra_ctxsize = sizeof(struct crypto_rfc4543_ctx);
1294
1295 inst->alg.cra_init = crypto_rfc4543_init_tfm;
1296 inst->alg.cra_exit = crypto_rfc4543_exit_tfm;
1297
1298 inst->alg.cra_aead.setkey = crypto_rfc4543_setkey;
1299 inst->alg.cra_aead.setauthsize = crypto_rfc4543_setauthsize;
1300 inst->alg.cra_aead.encrypt = crypto_rfc4543_encrypt;
1301 inst->alg.cra_aead.decrypt = crypto_rfc4543_decrypt;
1302
1303 inst->alg.cra_aead.geniv = "seqiv";
1304
1305out:
1306 return inst;
1307
1308out_drop_alg:
1309 crypto_drop_aead(spawn);
1310out_free_inst:
1311 kfree(inst);
1312 inst = ERR_PTR(err);
1313 goto out;
1314}
1315
1316static void crypto_rfc4543_free(struct crypto_instance *inst)
1317{
1318 crypto_drop_spawn(crypto_instance_ctx(inst));
1319 kfree(inst);
1320}
1321
1322static struct crypto_template crypto_rfc4543_tmpl = {
1323 .name = "rfc4543",
1324 .alloc = crypto_rfc4543_alloc,
1325 .free = crypto_rfc4543_free,
1326 .module = THIS_MODULE,
1327};
1328
1050static int __init crypto_gcm_module_init(void) 1329static int __init crypto_gcm_module_init(void)
1051{ 1330{
1052 int err; 1331 int err;
@@ -1067,8 +1346,14 @@ static int __init crypto_gcm_module_init(void)
1067 if (err) 1346 if (err)
1068 goto out_undo_gcm; 1347 goto out_undo_gcm;
1069 1348
1349 err = crypto_register_template(&crypto_rfc4543_tmpl);
1350 if (err)
1351 goto out_undo_rfc4106;
1352
1070 return 0; 1353 return 0;
1071 1354
1355out_undo_rfc4106:
1356 crypto_unregister_template(&crypto_rfc4106_tmpl);
1072out_undo_gcm: 1357out_undo_gcm:
1073 crypto_unregister_template(&crypto_gcm_tmpl); 1358 crypto_unregister_template(&crypto_gcm_tmpl);
1074out_undo_base: 1359out_undo_base:
@@ -1081,6 +1366,7 @@ out:
1081static void __exit crypto_gcm_module_exit(void) 1366static void __exit crypto_gcm_module_exit(void)
1082{ 1367{
1083 kfree(gcm_zeroes); 1368 kfree(gcm_zeroes);
1369 crypto_unregister_template(&crypto_rfc4543_tmpl);
1084 crypto_unregister_template(&crypto_rfc4106_tmpl); 1370 crypto_unregister_template(&crypto_rfc4106_tmpl);
1085 crypto_unregister_template(&crypto_gcm_tmpl); 1371 crypto_unregister_template(&crypto_gcm_tmpl);
1086 crypto_unregister_template(&crypto_gcm_base_tmpl); 1372 crypto_unregister_template(&crypto_gcm_base_tmpl);
@@ -1094,3 +1380,4 @@ MODULE_DESCRIPTION("Galois/Counter Mode");
1094MODULE_AUTHOR("Mikko Herranen <mh1@iki.fi>"); 1380MODULE_AUTHOR("Mikko Herranen <mh1@iki.fi>");
1095MODULE_ALIAS("gcm_base"); 1381MODULE_ALIAS("gcm_base");
1096MODULE_ALIAS("rfc4106"); 1382MODULE_ALIAS("rfc4106");
1383MODULE_ALIAS("rfc4543");
diff --git a/crypto/md5.c b/crypto/md5.c
index 83eb52961750..30efc7dad891 100644
--- a/crypto/md5.c
+++ b/crypto/md5.c
@@ -16,17 +16,13 @@
16 * 16 *
17 */ 17 */
18#include <crypto/internal/hash.h> 18#include <crypto/internal/hash.h>
19#include <crypto/md5.h>
19#include <linux/init.h> 20#include <linux/init.h>
20#include <linux/module.h> 21#include <linux/module.h>
21#include <linux/string.h> 22#include <linux/string.h>
22#include <linux/types.h> 23#include <linux/types.h>
23#include <asm/byteorder.h> 24#include <asm/byteorder.h>
24 25
25#define MD5_DIGEST_SIZE 16
26#define MD5_HMAC_BLOCK_SIZE 64
27#define MD5_BLOCK_WORDS 16
28#define MD5_HASH_WORDS 4
29
30#define F1(x, y, z) (z ^ (x & (y ^ z))) 26#define F1(x, y, z) (z ^ (x & (y ^ z)))
31#define F2(x, y, z) F1(z, x, y) 27#define F2(x, y, z) F1(z, x, y)
32#define F3(x, y, z) (x ^ y ^ z) 28#define F3(x, y, z) (x ^ y ^ z)
@@ -35,12 +31,6 @@
35#define MD5STEP(f, w, x, y, z, in, s) \ 31#define MD5STEP(f, w, x, y, z, in, s) \
36 (w += f(x, y, z) + in, w = (w<<s | w>>(32-s)) + x) 32 (w += f(x, y, z) + in, w = (w<<s | w>>(32-s)) + x)
37 33
38struct md5_ctx {
39 u32 hash[MD5_HASH_WORDS];
40 u32 block[MD5_BLOCK_WORDS];
41 u64 byte_count;
42};
43
44static void md5_transform(u32 *hash, u32 const *in) 34static void md5_transform(u32 *hash, u32 const *in)
45{ 35{
46 u32 a, b, c, d; 36 u32 a, b, c, d;
@@ -141,7 +131,7 @@ static inline void cpu_to_le32_array(u32 *buf, unsigned int words)
141 } 131 }
142} 132}
143 133
144static inline void md5_transform_helper(struct md5_ctx *ctx) 134static inline void md5_transform_helper(struct md5_state *ctx)
145{ 135{
146 le32_to_cpu_array(ctx->block, sizeof(ctx->block) / sizeof(u32)); 136 le32_to_cpu_array(ctx->block, sizeof(ctx->block) / sizeof(u32));
147 md5_transform(ctx->hash, ctx->block); 137 md5_transform(ctx->hash, ctx->block);
@@ -149,7 +139,7 @@ static inline void md5_transform_helper(struct md5_ctx *ctx)
149 139
150static int md5_init(struct shash_desc *desc) 140static int md5_init(struct shash_desc *desc)
151{ 141{
152 struct md5_ctx *mctx = shash_desc_ctx(desc); 142 struct md5_state *mctx = shash_desc_ctx(desc);
153 143
154 mctx->hash[0] = 0x67452301; 144 mctx->hash[0] = 0x67452301;
155 mctx->hash[1] = 0xefcdab89; 145 mctx->hash[1] = 0xefcdab89;
@@ -162,7 +152,7 @@ static int md5_init(struct shash_desc *desc)
162 152
163static int md5_update(struct shash_desc *desc, const u8 *data, unsigned int len) 153static int md5_update(struct shash_desc *desc, const u8 *data, unsigned int len)
164{ 154{
165 struct md5_ctx *mctx = shash_desc_ctx(desc); 155 struct md5_state *mctx = shash_desc_ctx(desc);
166 const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f); 156 const u32 avail = sizeof(mctx->block) - (mctx->byte_count & 0x3f);
167 157
168 mctx->byte_count += len; 158 mctx->byte_count += len;
@@ -194,7 +184,7 @@ static int md5_update(struct shash_desc *desc, const u8 *data, unsigned int len)
194 184
195static int md5_final(struct shash_desc *desc, u8 *out) 185static int md5_final(struct shash_desc *desc, u8 *out)
196{ 186{
197 struct md5_ctx *mctx = shash_desc_ctx(desc); 187 struct md5_state *mctx = shash_desc_ctx(desc);
198 const unsigned int offset = mctx->byte_count & 0x3f; 188 const unsigned int offset = mctx->byte_count & 0x3f;
199 char *p = (char *)mctx->block + offset; 189 char *p = (char *)mctx->block + offset;
200 int padding = 56 - (offset + 1); 190 int padding = 56 - (offset + 1);
@@ -220,12 +210,31 @@ static int md5_final(struct shash_desc *desc, u8 *out)
220 return 0; 210 return 0;
221} 211}
222 212
213static int md5_export(struct shash_desc *desc, void *out)
214{
215 struct md5_state *ctx = shash_desc_ctx(desc);
216
217 memcpy(out, ctx, sizeof(*ctx));
218 return 0;
219}
220
221static int md5_import(struct shash_desc *desc, const void *in)
222{
223 struct md5_state *ctx = shash_desc_ctx(desc);
224
225 memcpy(ctx, in, sizeof(*ctx));
226 return 0;
227}
228
223static struct shash_alg alg = { 229static struct shash_alg alg = {
224 .digestsize = MD5_DIGEST_SIZE, 230 .digestsize = MD5_DIGEST_SIZE,
225 .init = md5_init, 231 .init = md5_init,
226 .update = md5_update, 232 .update = md5_update,
227 .final = md5_final, 233 .final = md5_final,
228 .descsize = sizeof(struct md5_ctx), 234 .export = md5_export,
235 .import = md5_import,
236 .descsize = sizeof(struct md5_state),
237 .statesize = sizeof(struct md5_state),
229 .base = { 238 .base = {
230 .cra_name = "md5", 239 .cra_name = "md5",
231 .cra_flags = CRYPTO_ALG_TYPE_SHASH, 240 .cra_flags = CRYPTO_ALG_TYPE_SHASH,
diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c
new file mode 100644
index 000000000000..80201241b698
--- /dev/null
+++ b/crypto/pcrypt.c
@@ -0,0 +1,445 @@
1/*
2 * pcrypt - Parallel crypto wrapper.
3 *
4 * Copyright (C) 2009 secunet Security Networks AG
5 * Copyright (C) 2009 Steffen Klassert <steffen.klassert@secunet.com>
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms and conditions of the GNU General Public License,
9 * version 2, as published by the Free Software Foundation.
10 *
11 * This program is distributed in the hope it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
19 */
20
21#include <crypto/algapi.h>
22#include <crypto/internal/aead.h>
23#include <linux/err.h>
24#include <linux/init.h>
25#include <linux/module.h>
26#include <linux/slab.h>
27#include <crypto/pcrypt.h>
28
29static struct padata_instance *pcrypt_enc_padata;
30static struct padata_instance *pcrypt_dec_padata;
31static struct workqueue_struct *encwq;
32static struct workqueue_struct *decwq;
33
34struct pcrypt_instance_ctx {
35 struct crypto_spawn spawn;
36 unsigned int tfm_count;
37};
38
39struct pcrypt_aead_ctx {
40 struct crypto_aead *child;
41 unsigned int cb_cpu;
42};
43
44static int pcrypt_do_parallel(struct padata_priv *padata, unsigned int *cb_cpu,
45 struct padata_instance *pinst)
46{
47 unsigned int cpu_index, cpu, i;
48
49 cpu = *cb_cpu;
50
51 if (cpumask_test_cpu(cpu, cpu_active_mask))
52 goto out;
53
54 cpu_index = cpu % cpumask_weight(cpu_active_mask);
55
56 cpu = cpumask_first(cpu_active_mask);
57 for (i = 0; i < cpu_index; i++)
58 cpu = cpumask_next(cpu, cpu_active_mask);
59
60 *cb_cpu = cpu;
61
62out:
63 return padata_do_parallel(pinst, padata, cpu);
64}
65
66static int pcrypt_aead_setkey(struct crypto_aead *parent,
67 const u8 *key, unsigned int keylen)
68{
69 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(parent);
70
71 return crypto_aead_setkey(ctx->child, key, keylen);
72}
73
74static int pcrypt_aead_setauthsize(struct crypto_aead *parent,
75 unsigned int authsize)
76{
77 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(parent);
78
79 return crypto_aead_setauthsize(ctx->child, authsize);
80}
81
82static void pcrypt_aead_serial(struct padata_priv *padata)
83{
84 struct pcrypt_request *preq = pcrypt_padata_request(padata);
85 struct aead_request *req = pcrypt_request_ctx(preq);
86
87 aead_request_complete(req->base.data, padata->info);
88}
89
90static void pcrypt_aead_giv_serial(struct padata_priv *padata)
91{
92 struct pcrypt_request *preq = pcrypt_padata_request(padata);
93 struct aead_givcrypt_request *req = pcrypt_request_ctx(preq);
94
95 aead_request_complete(req->areq.base.data, padata->info);
96}
97
98static void pcrypt_aead_done(struct crypto_async_request *areq, int err)
99{
100 struct aead_request *req = areq->data;
101 struct pcrypt_request *preq = aead_request_ctx(req);
102 struct padata_priv *padata = pcrypt_request_padata(preq);
103
104 padata->info = err;
105 req->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
106
107 padata_do_serial(padata);
108}
109
110static void pcrypt_aead_enc(struct padata_priv *padata)
111{
112 struct pcrypt_request *preq = pcrypt_padata_request(padata);
113 struct aead_request *req = pcrypt_request_ctx(preq);
114
115 padata->info = crypto_aead_encrypt(req);
116
117 if (padata->info == -EINPROGRESS)
118 return;
119
120 padata_do_serial(padata);
121}
122
123static int pcrypt_aead_encrypt(struct aead_request *req)
124{
125 int err;
126 struct pcrypt_request *preq = aead_request_ctx(req);
127 struct aead_request *creq = pcrypt_request_ctx(preq);
128 struct padata_priv *padata = pcrypt_request_padata(preq);
129 struct crypto_aead *aead = crypto_aead_reqtfm(req);
130 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(aead);
131 u32 flags = aead_request_flags(req);
132
133 memset(padata, 0, sizeof(struct padata_priv));
134
135 padata->parallel = pcrypt_aead_enc;
136 padata->serial = pcrypt_aead_serial;
137
138 aead_request_set_tfm(creq, ctx->child);
139 aead_request_set_callback(creq, flags & ~CRYPTO_TFM_REQ_MAY_SLEEP,
140 pcrypt_aead_done, req);
141 aead_request_set_crypt(creq, req->src, req->dst,
142 req->cryptlen, req->iv);
143 aead_request_set_assoc(creq, req->assoc, req->assoclen);
144
145 err = pcrypt_do_parallel(padata, &ctx->cb_cpu, pcrypt_enc_padata);
146 if (err)
147 return err;
148 else
149 err = crypto_aead_encrypt(creq);
150
151 return err;
152}
153
154static void pcrypt_aead_dec(struct padata_priv *padata)
155{
156 struct pcrypt_request *preq = pcrypt_padata_request(padata);
157 struct aead_request *req = pcrypt_request_ctx(preq);
158
159 padata->info = crypto_aead_decrypt(req);
160
161 if (padata->info == -EINPROGRESS)
162 return;
163
164 padata_do_serial(padata);
165}
166
167static int pcrypt_aead_decrypt(struct aead_request *req)
168{
169 int err;
170 struct pcrypt_request *preq = aead_request_ctx(req);
171 struct aead_request *creq = pcrypt_request_ctx(preq);
172 struct padata_priv *padata = pcrypt_request_padata(preq);
173 struct crypto_aead *aead = crypto_aead_reqtfm(req);
174 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(aead);
175 u32 flags = aead_request_flags(req);
176
177 memset(padata, 0, sizeof(struct padata_priv));
178
179 padata->parallel = pcrypt_aead_dec;
180 padata->serial = pcrypt_aead_serial;
181
182 aead_request_set_tfm(creq, ctx->child);
183 aead_request_set_callback(creq, flags & ~CRYPTO_TFM_REQ_MAY_SLEEP,
184 pcrypt_aead_done, req);
185 aead_request_set_crypt(creq, req->src, req->dst,
186 req->cryptlen, req->iv);
187 aead_request_set_assoc(creq, req->assoc, req->assoclen);
188
189 err = pcrypt_do_parallel(padata, &ctx->cb_cpu, pcrypt_dec_padata);
190 if (err)
191 return err;
192 else
193 err = crypto_aead_decrypt(creq);
194
195 return err;
196}
197
198static void pcrypt_aead_givenc(struct padata_priv *padata)
199{
200 struct pcrypt_request *preq = pcrypt_padata_request(padata);
201 struct aead_givcrypt_request *req = pcrypt_request_ctx(preq);
202
203 padata->info = crypto_aead_givencrypt(req);
204
205 if (padata->info == -EINPROGRESS)
206 return;
207
208 padata_do_serial(padata);
209}
210
211static int pcrypt_aead_givencrypt(struct aead_givcrypt_request *req)
212{
213 int err;
214 struct aead_request *areq = &req->areq;
215 struct pcrypt_request *preq = aead_request_ctx(areq);
216 struct aead_givcrypt_request *creq = pcrypt_request_ctx(preq);
217 struct padata_priv *padata = pcrypt_request_padata(preq);
218 struct crypto_aead *aead = aead_givcrypt_reqtfm(req);
219 struct pcrypt_aead_ctx *ctx = crypto_aead_ctx(aead);
220 u32 flags = aead_request_flags(areq);
221
222 memset(padata, 0, sizeof(struct padata_priv));
223
224 padata->parallel = pcrypt_aead_givenc;
225 padata->serial = pcrypt_aead_giv_serial;
226
227 aead_givcrypt_set_tfm(creq, ctx->child);
228 aead_givcrypt_set_callback(creq, flags & ~CRYPTO_TFM_REQ_MAY_SLEEP,
229 pcrypt_aead_done, areq);
230 aead_givcrypt_set_crypt(creq, areq->src, areq->dst,
231 areq->cryptlen, areq->iv);
232 aead_givcrypt_set_assoc(creq, areq->assoc, areq->assoclen);
233 aead_givcrypt_set_giv(creq, req->giv, req->seq);
234
235 err = pcrypt_do_parallel(padata, &ctx->cb_cpu, pcrypt_enc_padata);
236 if (err)
237 return err;
238 else
239 err = crypto_aead_givencrypt(creq);
240
241 return err;
242}
243
244static int pcrypt_aead_init_tfm(struct crypto_tfm *tfm)
245{
246 int cpu, cpu_index;
247 struct crypto_instance *inst = crypto_tfm_alg_instance(tfm);
248 struct pcrypt_instance_ctx *ictx = crypto_instance_ctx(inst);
249 struct pcrypt_aead_ctx *ctx = crypto_tfm_ctx(tfm);
250 struct crypto_aead *cipher;
251
252 ictx->tfm_count++;
253
254 cpu_index = ictx->tfm_count % cpumask_weight(cpu_active_mask);
255
256 ctx->cb_cpu = cpumask_first(cpu_active_mask);
257 for (cpu = 0; cpu < cpu_index; cpu++)
258 ctx->cb_cpu = cpumask_next(ctx->cb_cpu, cpu_active_mask);
259
260 cipher = crypto_spawn_aead(crypto_instance_ctx(inst));
261
262 if (IS_ERR(cipher))
263 return PTR_ERR(cipher);
264
265 ctx->child = cipher;
266 tfm->crt_aead.reqsize = sizeof(struct pcrypt_request)
267 + sizeof(struct aead_givcrypt_request)
268 + crypto_aead_reqsize(cipher);
269
270 return 0;
271}
272
273static void pcrypt_aead_exit_tfm(struct crypto_tfm *tfm)
274{
275 struct pcrypt_aead_ctx *ctx = crypto_tfm_ctx(tfm);
276
277 crypto_free_aead(ctx->child);
278}
279
280static struct crypto_instance *pcrypt_alloc_instance(struct crypto_alg *alg)
281{
282 struct crypto_instance *inst;
283 struct pcrypt_instance_ctx *ctx;
284 int err;
285
286 inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL);
287 if (!inst) {
288 inst = ERR_PTR(-ENOMEM);
289 goto out;
290 }
291
292 err = -ENAMETOOLONG;
293 if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME,
294 "pcrypt(%s)", alg->cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
295 goto out_free_inst;
296
297 memcpy(inst->alg.cra_name, alg->cra_name, CRYPTO_MAX_ALG_NAME);
298
299 ctx = crypto_instance_ctx(inst);
300 err = crypto_init_spawn(&ctx->spawn, alg, inst,
301 CRYPTO_ALG_TYPE_MASK);
302 if (err)
303 goto out_free_inst;
304
305 inst->alg.cra_priority = alg->cra_priority + 100;
306 inst->alg.cra_blocksize = alg->cra_blocksize;
307 inst->alg.cra_alignmask = alg->cra_alignmask;
308
309out:
310 return inst;
311
312out_free_inst:
313 kfree(inst);
314 inst = ERR_PTR(err);
315 goto out;
316}
317
318static struct crypto_instance *pcrypt_alloc_aead(struct rtattr **tb)
319{
320 struct crypto_instance *inst;
321 struct crypto_alg *alg;
322 struct crypto_attr_type *algt;
323
324 algt = crypto_get_attr_type(tb);
325
326 alg = crypto_get_attr_alg(tb, algt->type,
327 (algt->mask & CRYPTO_ALG_TYPE_MASK));
328 if (IS_ERR(alg))
329 return ERR_CAST(alg);
330
331 inst = pcrypt_alloc_instance(alg);
332 if (IS_ERR(inst))
333 goto out_put_alg;
334
335 inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD | CRYPTO_ALG_ASYNC;
336 inst->alg.cra_type = &crypto_aead_type;
337
338 inst->alg.cra_aead.ivsize = alg->cra_aead.ivsize;
339 inst->alg.cra_aead.geniv = alg->cra_aead.geniv;
340 inst->alg.cra_aead.maxauthsize = alg->cra_aead.maxauthsize;
341
342 inst->alg.cra_ctxsize = sizeof(struct pcrypt_aead_ctx);
343
344 inst->alg.cra_init = pcrypt_aead_init_tfm;
345 inst->alg.cra_exit = pcrypt_aead_exit_tfm;
346
347 inst->alg.cra_aead.setkey = pcrypt_aead_setkey;
348 inst->alg.cra_aead.setauthsize = pcrypt_aead_setauthsize;
349 inst->alg.cra_aead.encrypt = pcrypt_aead_encrypt;
350 inst->alg.cra_aead.decrypt = pcrypt_aead_decrypt;
351 inst->alg.cra_aead.givencrypt = pcrypt_aead_givencrypt;
352
353out_put_alg:
354 crypto_mod_put(alg);
355 return inst;
356}
357
358static struct crypto_instance *pcrypt_alloc(struct rtattr **tb)
359{
360 struct crypto_attr_type *algt;
361
362 algt = crypto_get_attr_type(tb);
363 if (IS_ERR(algt))
364 return ERR_CAST(algt);
365
366 switch (algt->type & algt->mask & CRYPTO_ALG_TYPE_MASK) {
367 case CRYPTO_ALG_TYPE_AEAD:
368 return pcrypt_alloc_aead(tb);
369 }
370
371 return ERR_PTR(-EINVAL);
372}
373
374static void pcrypt_free(struct crypto_instance *inst)
375{
376 struct pcrypt_instance_ctx *ctx = crypto_instance_ctx(inst);
377
378 crypto_drop_spawn(&ctx->spawn);
379 kfree(inst);
380}
381
382static struct crypto_template pcrypt_tmpl = {
383 .name = "pcrypt",
384 .alloc = pcrypt_alloc,
385 .free = pcrypt_free,
386 .module = THIS_MODULE,
387};
388
389static int __init pcrypt_init(void)
390{
391 encwq = create_workqueue("pencrypt");
392 if (!encwq)
393 goto err;
394
395 decwq = create_workqueue("pdecrypt");
396 if (!decwq)
397 goto err_destroy_encwq;
398
399
400 pcrypt_enc_padata = padata_alloc(cpu_possible_mask, encwq);
401 if (!pcrypt_enc_padata)
402 goto err_destroy_decwq;
403
404 pcrypt_dec_padata = padata_alloc(cpu_possible_mask, decwq);
405 if (!pcrypt_dec_padata)
406 goto err_free_padata;
407
408 padata_start(pcrypt_enc_padata);
409 padata_start(pcrypt_dec_padata);
410
411 return crypto_register_template(&pcrypt_tmpl);
412
413err_free_padata:
414 padata_free(pcrypt_enc_padata);
415
416err_destroy_decwq:
417 destroy_workqueue(decwq);
418
419err_destroy_encwq:
420 destroy_workqueue(encwq);
421
422err:
423 return -ENOMEM;
424}
425
426static void __exit pcrypt_exit(void)
427{
428 padata_stop(pcrypt_enc_padata);
429 padata_stop(pcrypt_dec_padata);
430
431 destroy_workqueue(encwq);
432 destroy_workqueue(decwq);
433
434 padata_free(pcrypt_enc_padata);
435 padata_free(pcrypt_dec_padata);
436
437 crypto_unregister_template(&pcrypt_tmpl);
438}
439
440module_init(pcrypt_init);
441module_exit(pcrypt_exit);
442
443MODULE_LICENSE("GPL");
444MODULE_AUTHOR("Steffen Klassert <steffen.klassert@secunet.com>");
445MODULE_DESCRIPTION("Parallel crypto wrapper");
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 7620bfce92f2..c494d7610be1 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1477,9 +1477,54 @@ static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
1477 return err; 1477 return err;
1478} 1478}
1479 1479
1480static int alg_test_null(const struct alg_test_desc *desc,
1481 const char *driver, u32 type, u32 mask)
1482{
1483 return 0;
1484}
1485
1480/* Please keep this list sorted by algorithm name. */ 1486/* Please keep this list sorted by algorithm name. */
1481static const struct alg_test_desc alg_test_descs[] = { 1487static const struct alg_test_desc alg_test_descs[] = {
1482 { 1488 {
1489 .alg = "__driver-cbc-aes-aesni",
1490 .test = alg_test_null,
1491 .suite = {
1492 .cipher = {
1493 .enc = {
1494 .vecs = NULL,
1495 .count = 0
1496 },
1497 .dec = {
1498 .vecs = NULL,
1499 .count = 0
1500 }
1501 }
1502 }
1503 }, {
1504 .alg = "__driver-ecb-aes-aesni",
1505 .test = alg_test_null,
1506 .suite = {
1507 .cipher = {
1508 .enc = {
1509 .vecs = NULL,
1510 .count = 0
1511 },
1512 .dec = {
1513 .vecs = NULL,
1514 .count = 0
1515 }
1516 }
1517 }
1518 }, {
1519 .alg = "__ghash-pclmulqdqni",
1520 .test = alg_test_null,
1521 .suite = {
1522 .hash = {
1523 .vecs = NULL,
1524 .count = 0
1525 }
1526 }
1527 }, {
1483 .alg = "ansi_cprng", 1528 .alg = "ansi_cprng",
1484 .test = alg_test_cprng, 1529 .test = alg_test_cprng,
1485 .fips_allowed = 1, 1530 .fips_allowed = 1,
@@ -1623,6 +1668,30 @@ static const struct alg_test_desc alg_test_descs[] = {
1623 } 1668 }
1624 } 1669 }
1625 }, { 1670 }, {
1671 .alg = "cryptd(__driver-ecb-aes-aesni)",
1672 .test = alg_test_null,
1673 .suite = {
1674 .cipher = {
1675 .enc = {
1676 .vecs = NULL,
1677 .count = 0
1678 },
1679 .dec = {
1680 .vecs = NULL,
1681 .count = 0
1682 }
1683 }
1684 }
1685 }, {
1686 .alg = "cryptd(__ghash-pclmulqdqni)",
1687 .test = alg_test_null,
1688 .suite = {
1689 .hash = {
1690 .vecs = NULL,
1691 .count = 0
1692 }
1693 }
1694 }, {
1626 .alg = "ctr(aes)", 1695 .alg = "ctr(aes)",
1627 .test = alg_test_skcipher, 1696 .test = alg_test_skcipher,
1628 .fips_allowed = 1, 1697 .fips_allowed = 1,
@@ -1669,6 +1738,21 @@ static const struct alg_test_desc alg_test_descs[] = {
1669 } 1738 }
1670 } 1739 }
1671 }, { 1740 }, {
1741 .alg = "ecb(__aes-aesni)",
1742 .test = alg_test_null,
1743 .suite = {
1744 .cipher = {
1745 .enc = {
1746 .vecs = NULL,
1747 .count = 0
1748 },
1749 .dec = {
1750 .vecs = NULL,
1751 .count = 0
1752 }
1753 }
1754 }
1755 }, {
1672 .alg = "ecb(aes)", 1756 .alg = "ecb(aes)",
1673 .test = alg_test_skcipher, 1757 .test = alg_test_skcipher,
1674 .fips_allowed = 1, 1758 .fips_allowed = 1,