| Jan Glauber | bf754ae | 2006-01-06 00:19:18 -0800 | [diff] [blame^] | 1 | /* |
| 2 | * Cryptographic API. |
| 3 | * |
| 4 | * s390 implementation of the AES Cipher Algorithm. |
| 5 | * |
| 6 | * s390 Version: |
| 7 | * Copyright (C) 2005 IBM Deutschland GmbH, IBM Corporation |
| 8 | * Author(s): Jan Glauber (jang@de.ibm.com) |
| 9 | * |
| 10 | * Derived from "crypto/aes.c" |
| 11 | * |
| 12 | * This program is free software; you can redistribute it and/or modify it |
| 13 | * under the terms of the GNU General Public License as published by the Free |
| 14 | * Software Foundation; either version 2 of the License, or (at your option) |
| 15 | * any later version. |
| 16 | * |
| 17 | */ |
| 18 | |
| 19 | #include <linux/module.h> |
| 20 | #include <linux/init.h> |
| 21 | #include <linux/crypto.h> |
| 22 | #include "crypt_s390.h" |
| 23 | |
| 24 | #define AES_MIN_KEY_SIZE 16 |
| 25 | #define AES_MAX_KEY_SIZE 32 |
| 26 | |
| 27 | /* data block size for all key lengths */ |
| 28 | #define AES_BLOCK_SIZE 16 |
| 29 | |
| 30 | int has_aes_128 = 0; |
| 31 | int has_aes_192 = 0; |
| 32 | int has_aes_256 = 0; |
| 33 | |
| 34 | struct s390_aes_ctx { |
| 35 | u8 iv[AES_BLOCK_SIZE]; |
| 36 | u8 key[AES_MAX_KEY_SIZE]; |
| 37 | int key_len; |
| 38 | }; |
| 39 | |
| 40 | static int aes_set_key(void *ctx, const u8 *in_key, unsigned int key_len, |
| 41 | u32 *flags) |
| 42 | { |
| 43 | struct s390_aes_ctx *sctx = ctx; |
| 44 | |
| 45 | switch (key_len) { |
| 46 | case 16: |
| 47 | if (!has_aes_128) |
| 48 | goto fail; |
| 49 | break; |
| 50 | case 24: |
| 51 | if (!has_aes_192) |
| 52 | goto fail; |
| 53 | |
| 54 | break; |
| 55 | case 32: |
| 56 | if (!has_aes_256) |
| 57 | goto fail; |
| 58 | break; |
| 59 | default: |
| 60 | /* invalid key length */ |
| 61 | goto fail; |
| 62 | break; |
| 63 | } |
| 64 | |
| 65 | sctx->key_len = key_len; |
| 66 | memcpy(sctx->key, in_key, key_len); |
| 67 | return 0; |
| 68 | fail: |
| 69 | *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; |
| 70 | return -EINVAL; |
| 71 | } |
| 72 | |
| 73 | static void aes_encrypt(void *ctx, u8 *out, const u8 *in) |
| 74 | { |
| 75 | const struct s390_aes_ctx *sctx = ctx; |
| 76 | |
| 77 | switch (sctx->key_len) { |
| 78 | case 16: |
| 79 | crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, |
| 80 | AES_BLOCK_SIZE); |
| 81 | break; |
| 82 | case 24: |
| 83 | crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, |
| 84 | AES_BLOCK_SIZE); |
| 85 | break; |
| 86 | case 32: |
| 87 | crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, |
| 88 | AES_BLOCK_SIZE); |
| 89 | break; |
| 90 | } |
| 91 | } |
| 92 | |
| 93 | static void aes_decrypt(void *ctx, u8 *out, const u8 *in) |
| 94 | { |
| 95 | const struct s390_aes_ctx *sctx = ctx; |
| 96 | |
| 97 | switch (sctx->key_len) { |
| 98 | case 16: |
| 99 | crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, |
| 100 | AES_BLOCK_SIZE); |
| 101 | break; |
| 102 | case 24: |
| 103 | crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, |
| 104 | AES_BLOCK_SIZE); |
| 105 | break; |
| 106 | case 32: |
| 107 | crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, |
| 108 | AES_BLOCK_SIZE); |
| 109 | break; |
| 110 | } |
| 111 | } |
| 112 | |
| 113 | static unsigned int aes_encrypt_ecb(const struct cipher_desc *desc, u8 *out, |
| 114 | const u8 *in, unsigned int nbytes) |
| 115 | { |
| 116 | struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm); |
| 117 | |
| 118 | switch (sctx->key_len) { |
| 119 | case 16: |
| 120 | crypt_s390_km(KM_AES_128_ENCRYPT, &sctx->key, out, in, nbytes); |
| 121 | break; |
| 122 | case 24: |
| 123 | crypt_s390_km(KM_AES_192_ENCRYPT, &sctx->key, out, in, nbytes); |
| 124 | break; |
| 125 | case 32: |
| 126 | crypt_s390_km(KM_AES_256_ENCRYPT, &sctx->key, out, in, nbytes); |
| 127 | break; |
| 128 | } |
| 129 | return nbytes & ~(AES_BLOCK_SIZE - 1); |
| 130 | } |
| 131 | |
| 132 | static unsigned int aes_decrypt_ecb(const struct cipher_desc *desc, u8 *out, |
| 133 | const u8 *in, unsigned int nbytes) |
| 134 | { |
| 135 | struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm); |
| 136 | |
| 137 | switch (sctx->key_len) { |
| 138 | case 16: |
| 139 | crypt_s390_km(KM_AES_128_DECRYPT, &sctx->key, out, in, nbytes); |
| 140 | break; |
| 141 | case 24: |
| 142 | crypt_s390_km(KM_AES_192_DECRYPT, &sctx->key, out, in, nbytes); |
| 143 | break; |
| 144 | case 32: |
| 145 | crypt_s390_km(KM_AES_256_DECRYPT, &sctx->key, out, in, nbytes); |
| 146 | break; |
| 147 | } |
| 148 | return nbytes & ~(AES_BLOCK_SIZE - 1); |
| 149 | } |
| 150 | |
| 151 | static unsigned int aes_encrypt_cbc(const struct cipher_desc *desc, u8 *out, |
| 152 | const u8 *in, unsigned int nbytes) |
| 153 | { |
| 154 | struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm); |
| 155 | |
| 156 | memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE); |
| 157 | switch (sctx->key_len) { |
| 158 | case 16: |
| 159 | crypt_s390_kmc(KMC_AES_128_ENCRYPT, &sctx->iv, out, in, nbytes); |
| 160 | break; |
| 161 | case 24: |
| 162 | crypt_s390_kmc(KMC_AES_192_ENCRYPT, &sctx->iv, out, in, nbytes); |
| 163 | break; |
| 164 | case 32: |
| 165 | crypt_s390_kmc(KMC_AES_256_ENCRYPT, &sctx->iv, out, in, nbytes); |
| 166 | break; |
| 167 | } |
| 168 | memcpy(desc->info, &sctx->iv, AES_BLOCK_SIZE); |
| 169 | |
| 170 | return nbytes & ~(AES_BLOCK_SIZE - 1); |
| 171 | } |
| 172 | |
| 173 | static unsigned int aes_decrypt_cbc(const struct cipher_desc *desc, u8 *out, |
| 174 | const u8 *in, unsigned int nbytes) |
| 175 | { |
| 176 | struct s390_aes_ctx *sctx = crypto_tfm_ctx(desc->tfm); |
| 177 | |
| 178 | memcpy(&sctx->iv, desc->info, AES_BLOCK_SIZE); |
| 179 | switch (sctx->key_len) { |
| 180 | case 16: |
| 181 | crypt_s390_kmc(KMC_AES_128_DECRYPT, &sctx->iv, out, in, nbytes); |
| 182 | break; |
| 183 | case 24: |
| 184 | crypt_s390_kmc(KMC_AES_192_DECRYPT, &sctx->iv, out, in, nbytes); |
| 185 | break; |
| 186 | case 32: |
| 187 | crypt_s390_kmc(KMC_AES_256_DECRYPT, &sctx->iv, out, in, nbytes); |
| 188 | break; |
| 189 | } |
| 190 | return nbytes & ~(AES_BLOCK_SIZE - 1); |
| 191 | } |
| 192 | |
| 193 | |
| 194 | static struct crypto_alg aes_alg = { |
| 195 | .cra_name = "aes", |
| 196 | .cra_flags = CRYPTO_ALG_TYPE_CIPHER, |
| 197 | .cra_blocksize = AES_BLOCK_SIZE, |
| 198 | .cra_ctxsize = sizeof(struct s390_aes_ctx), |
| 199 | .cra_module = THIS_MODULE, |
| 200 | .cra_list = LIST_HEAD_INIT(aes_alg.cra_list), |
| 201 | .cra_u = { |
| 202 | .cipher = { |
| 203 | .cia_min_keysize = AES_MIN_KEY_SIZE, |
| 204 | .cia_max_keysize = AES_MAX_KEY_SIZE, |
| 205 | .cia_setkey = aes_set_key, |
| 206 | .cia_encrypt = aes_encrypt, |
| 207 | .cia_decrypt = aes_decrypt, |
| 208 | .cia_encrypt_ecb = aes_encrypt_ecb, |
| 209 | .cia_decrypt_ecb = aes_decrypt_ecb, |
| 210 | .cia_encrypt_cbc = aes_encrypt_cbc, |
| 211 | .cia_decrypt_cbc = aes_decrypt_cbc, |
| 212 | } |
| 213 | } |
| 214 | }; |
| 215 | |
| 216 | static int __init aes_init(void) |
| 217 | { |
| 218 | int ret; |
| 219 | |
| 220 | if (crypt_s390_func_available(KM_AES_128_ENCRYPT)) |
| 221 | has_aes_128 = 1; |
| 222 | if (crypt_s390_func_available(KM_AES_192_ENCRYPT)) |
| 223 | has_aes_192 = 1; |
| 224 | if (crypt_s390_func_available(KM_AES_256_ENCRYPT)) |
| 225 | has_aes_256 = 1; |
| 226 | |
| 227 | if (!has_aes_128 && !has_aes_192 && !has_aes_256) |
| 228 | return -ENOSYS; |
| 229 | |
| 230 | ret = crypto_register_alg(&aes_alg); |
| 231 | if (ret != 0) |
| 232 | printk(KERN_INFO "crypt_s390: aes_s390 couldn't be loaded.\n"); |
| 233 | return ret; |
| 234 | } |
| 235 | |
| 236 | static void __exit aes_fini(void) |
| 237 | { |
| 238 | crypto_unregister_alg(&aes_alg); |
| 239 | } |
| 240 | |
| 241 | module_init(aes_init); |
| 242 | module_exit(aes_fini); |
| 243 | |
| 244 | MODULE_ALIAS("aes"); |
| 245 | |
| 246 | MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm"); |
| 247 | MODULE_LICENSE("GPL"); |
| 248 | |