crypto: drbg - Replace AES cipher calls with library calls

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Replace aes used in drbg with library calls.

Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Harsh Jain and committed by

Herbert Xu 5 months ago ba0570bd 6c4fed5f

+25 -28

3 changed files

expand all

crypto

df_sp80090a.c

drbg.c

include

crypto

df_sp80090a.h

+15 -14

crypto/df_sp80090a.c

··· 10 10 #include <linux/kernel.h> 11 11 #include <linux/module.h> 12 12 #include <linux/string.h> 13 + #include <crypto/aes.h> 13 14 #include <crypto/df_sp80090a.h> 14 15 #include <crypto/internal/drbg.h> 15 16 16 - static void drbg_kcapi_symsetkey(struct crypto_cipher *tfm, 17 + static void drbg_kcapi_symsetkey(struct crypto_aes_ctx *aesctx, 17 18 const unsigned char *key, 18 19 u8 keylen); 19 - static int drbg_kcapi_sym(struct crypto_cipher *tfm, unsigned char *outval, 20 + static int drbg_kcapi_sym(struct crypto_aes_ctx *aesctx, unsigned char *outval, 20 21 const struct drbg_string *in, u8 blocklen_bytes); 21 22 22 - static void drbg_kcapi_symsetkey(struct crypto_cipher *tfm, 23 + static void drbg_kcapi_symsetkey(struct crypto_aes_ctx *aesctx, 23 24 const unsigned char *key, u8 keylen) 24 25 { 25 - crypto_cipher_setkey(tfm, key, keylen); 26 + aes_expandkey(aesctx, key, keylen); 26 27 } 27 28 28 - static int drbg_kcapi_sym(struct crypto_cipher *tfm, unsigned char *outval, 29 + static int drbg_kcapi_sym(struct crypto_aes_ctx *aesctx, unsigned char *outval, 29 30 const struct drbg_string *in, u8 blocklen_bytes) 30 31 { 31 32 /* there is only component in *in */ 32 33 BUG_ON(in->len < blocklen_bytes); 33 - crypto_cipher_encrypt_one(tfm, outval, in->buf); 34 + aes_encrypt(aesctx, outval, in->buf); 34 35 return 0; 35 36 } 36 37 37 38 /* BCC function for CTR DRBG as defined in 10.4.3 */ 38 39 39 - static int drbg_ctr_bcc(struct crypto_cipher *tfm, 40 + static int drbg_ctr_bcc(struct crypto_aes_ctx *aesctx, 40 41 unsigned char *out, const unsigned char *key, 41 42 struct list_head *in, 42 43 u8 blocklen_bytes, ··· 51 50 drbg_string_fill(&data, out, blocklen_bytes); 52 51 53 52 /* 10.4.3 step 2 / 4 */ 54 - drbg_kcapi_symsetkey(tfm, key, keylen); 53 + drbg_kcapi_symsetkey(aesctx, key, keylen); 55 54 list_for_each_entry(curr, in, list) { 56 55 const unsigned char *pos = curr->buf; 57 56 size_t len = curr->len; ··· 60 59 /* 10.4.3 step 4.2 */ 61 60 if (blocklen_bytes == cnt) { 62 61 cnt = 0; 63 - ret = drbg_kcapi_sym(tfm, out, &data, blocklen_bytes); 62 + ret = drbg_kcapi_sym(aesctx, out, &data, blocklen_bytes); 64 63 if (ret) 65 64 return ret; 66 65 } ··· 72 71 } 73 72 /* 10.4.3 step 4.2 for last block */ 74 73 if (cnt) 75 - ret = drbg_kcapi_sym(tfm, out, &data, blocklen_bytes); 74 + ret = drbg_kcapi_sym(aesctx, out, &data, blocklen_bytes); 76 75 77 76 return ret; 78 77 } ··· 118 117 */ 119 118 120 119 /* Derivation Function for CTR DRBG as defined in 10.4.2 */ 121 - int crypto_drbg_ctr_df(struct crypto_cipher *tfm, 120 + int crypto_drbg_ctr_df(struct crypto_aes_ctx *aesctx, 122 121 unsigned char *df_data, size_t bytes_to_return, 123 122 struct list_head *seedlist, 124 123 u8 blocklen_bytes, ··· 196 195 */ 197 196 drbg_cpu_to_be32(i, iv); 198 197 /* 10.4.2 step 9.2 -- BCC and concatenation with temp */ 199 - ret = drbg_ctr_bcc(tfm, temp + templen, K, &bcc_list, 198 + ret = drbg_ctr_bcc(aesctx, temp + templen, K, &bcc_list, 200 199 blocklen_bytes, keylen); 201 200 if (ret) 202 201 goto out; ··· 212 211 /* 10.4.2 step 12: overwriting of outval is implemented in next step */ 213 212 214 213 /* 10.4.2 step 13 */ 215 - drbg_kcapi_symsetkey(tfm, temp, keylen); 214 + drbg_kcapi_symsetkey(aesctx, temp, keylen); 216 215 while (generated_len < bytes_to_return) { 217 216 short blocklen = 0; 218 217 /* ··· 220 219 * implicit as the key is only drbg_blocklen in size based on 221 220 * the implementation of the cipher function callback 222 221 */ 223 - ret = drbg_kcapi_sym(tfm, X, &cipherin, blocklen_bytes); 222 + ret = drbg_kcapi_sym(aesctx, X, &cipherin, blocklen_bytes); 224 223 if (ret) 225 224 goto out; 226 225 blocklen = (blocklen_bytes <

+8 -13

crypto/drbg.c

··· 1506 1506 #ifdef CONFIG_CRYPTO_DRBG_CTR 1507 1507 static int drbg_fini_sym_kernel(struct drbg_state *drbg) 1508 1508 { 1509 - struct crypto_cipher *tfm = 1510 - (struct crypto_cipher *)drbg->priv_data; 1511 - if (tfm) 1512 - crypto_free_cipher(tfm); 1509 + struct crypto_aes_ctx *aesctx = (struct crypto_aes_ctx *)drbg->priv_data; 1510 + 1511 + kfree(aesctx); 1513 1512 drbg->priv_data = NULL; 1514 1513 1515 1514 if (drbg->ctr_handle) ··· 1527 1528 1528 1529 static int drbg_init_sym_kernel(struct drbg_state *drbg) 1529 1530 { 1530 - struct crypto_cipher *tfm; 1531 + struct crypto_aes_ctx *aesctx; 1531 1532 struct crypto_skcipher *sk_tfm; 1532 1533 struct skcipher_request *req; 1533 1534 unsigned int alignmask; 1534 1535 char ctr_name[CRYPTO_MAX_ALG_NAME]; 1535 1536 1536 - tfm = crypto_alloc_cipher(drbg->core->backend_cra_name, 0, 0); 1537 - if (IS_ERR(tfm)) { 1538 - pr_info("DRBG: could not allocate cipher TFM handle: %s\n", 1539 - drbg->core->backend_cra_name); 1540 - return PTR_ERR(tfm); 1541 - } 1542 - BUG_ON(drbg_blocklen(drbg) != crypto_cipher_blocksize(tfm)); 1543 - drbg->priv_data = tfm; 1537 + aesctx = kzalloc(sizeof(*aesctx), GFP_KERNEL); 1538 + if (!aesctx) 1539 + return -ENOMEM; 1540 + drbg->priv_data = aesctx; 1544 1541 1545 1542 if (snprintf(ctr_name, CRYPTO_MAX_ALG_NAME, "ctr(%s)", 1546 1543 drbg->core->backend_cra_name) >= CRYPTO_MAX_ALG_NAME) {

+2 -1

include/crypto/df_sp80090a.h

··· 8 8 #define _CRYPTO_DF80090A_H 9 9 10 10 #include <crypto/internal/cipher.h> 11 + #include <crypto/aes.h> 11 12 12 13 static inline int crypto_drbg_ctr_df_datalen(u8 statelen, u8 blocklen) 13 14 { ··· 18 17 statelen + blocklen; /* temp */ 19 18 } 20 19 21 - int crypto_drbg_ctr_df(struct crypto_cipher *tfm, 20 + int crypto_drbg_ctr_df(struct crypto_aes_ctx *aes, 22 21 unsigned char *df_data, 23 22 size_t bytes_to_return, 24 23 struct list_head *seedlist,