GIT 4ae39fbee98914323c3af77601bfa7ccc35650a7 git+ssh://master.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git commit 4ae39fbee98914323c3af77601bfa7ccc35650a7 Author: Herbert Xu Date: Wed Dec 21 19:01:58 2005 +0800 [CRYPTO] sha1: Fixed off-by-64 bug in sha1_update After a partial update, the done pointer is off to the right by 64 bytes. Signed-off-by: Herbert Xu commit d77118f93cbfc50c2be1a953d6fd5d3e2406955a Author: Daniel Marjamäki Date: Sat Dec 3 17:16:42 2005 +1100 [CRYPTO] aes-i586: Remove unused variable ls_tab It is assigned but never read. Signed-off-by: Daniel Marjamäki Signed-off-by: Herbert Xu commit 181a1cacad7d8592cffb8d88753d791dd4f5c429 Author: Denis Vlasenko Date: Tue Nov 29 22:23:20 2005 +1100 [CRYPTO] aes-i586: Nano-optimisation on key length check Reduce the number of comparisons by one through the use of jb/je. This patch also corrects the comments regarding the different key lengths. Signed-off-by: Herbert Xu commit 5072644ee51317e3e181fb4d0b65e312fb013799 Author: Herbert Xu Date: Tue Nov 29 22:04:41 2005 +1100 [CRYPTO] cipher: Align temporary buffer in cbc_process_decrypt Since the temporary buffer is used as an argument to cia_decrypt, it must be aligned by cra_alignmask. This bug was found by linux@horizon.com. Signed-off-by: Herbert Xu commit fd35feb79a2de92b40daf549541efb6b673de7cf Author: Nicolas Pitre Date: Sun Nov 13 11:17:33 2005 +1100 [CRYPTO] sha1: Avoid shifting count left and right This patch avoids shifting the count left and right needlessly for each call to sha1_update(). It instead can be done only once at the end in sha1_final(). Keeping the previous test example (sha1_update() successively called with len=64), a 1.3% performance increase can be observed on i386, or 0.2% on ARM. The generated code is also smaller on ARM. Signed-off-by: Nicolas Pitre Signed-off-by: Herbert Xu commit a5ded5f94847ef7622125bf64fc635d7e45586af Author: Nicolas Pitre Date: Sun Nov 13 10:59:54 2005 +1100 [CRYPTO] sha1: Rename i/j to done/partial This patch gives more descriptive names to the variables i and j. Signed-off-by: Nicolas Pitre Signed-off-by: Herbert Xu commit 0bca426e18e7626f8167bedecbd8118887d21c23 Author: Nicolas Pitre Date: Sun Nov 13 10:47:20 2005 +1100 [CRYPTO] sha1: Avoid useless memcpy() The current code unconditionally copy the first block for every call to sha1_update(). This can be avoided if there is no pending partial block. This is always the case on the first call to sha1_update() (if the length is >= 64 of course. Furthermore, temp does need to be called if sha_transform is never invoked. Also consolidate the sha_transform calls into one to reduce code size. Signed-off-by: Nicolas Pitre Signed-off-by: Herbert Xu commit 56ebf5d3b1db4a904c6858729fe446ee334fe0fc Author: Herbert Xu Date: Sat Nov 5 18:06:26 2005 +1100 [CRYPTO] Allow AES C/ASM implementations to coexist As the Crypto API now allows multiple implementations to be registered for the same algorithm, we no longer have to play tricks with Kconfig to select the right AES implementation. This patch sets the driver name and priority for all the AES implementations and removes the Kconfig conditions on the C implementation for AES. Signed-off-by: Herbert Xu commit fe5179279ae9f890f662a92005b3a76839fed8a7 Author: Herbert Xu Date: Sat Nov 5 16:58:14 2005 +1100 [CRYPTO] Allow multiple implementations of the same algorithm This is the first step on the road towards asynchronous support in the Crypto API. It adds support for having multiple crypto_alg objects for the same algorithm registered in the system. For example, each device driver would register a crypto_alg object for each algorithm that it supports. While at the same time the user may load software implementations of those same algorithms. Users of the Crypto API may then select a specific implementation by name, or choose any implementation for a given algorithm with the highest priority. The priority field is a 32-bit signed integer. In future it will be possible to modify it from user-space. This also provides a solution to the problem of selecting amongst various AES implementations, that is, aes vs. aes-i586 vs. aes-padlock. Signed-off-by: Herbert Xu commit b9a664f5623f4982dd6552443078f1ce9627fcf7 Author: Herbert Xu Date: Sun Oct 30 21:25:15 2005 +1100 [CRYPTO] Use standard byte order macros wherever possible A lot of crypto code needs to read/write a 32-bit/64-bit words in a specific gender. Many of them open code them by reading/writing one byte at a time. This patch converts all the applicable usages over to use the standard byte order macros. This is based on a previous patch by Denis Vlasenko. Signed-off-by: Herbert Xu commit 1447bdf77080e5cf1f75edc2de36b5f23b33ef09 Author: Herbert Xu Date: Sun Oct 30 20:44:37 2005 +1100 [PADLOCK] Fix sparse warning about 1-bit signed bit-field Change the bit-field in struct cword to unsigned to shut sparse up. Signed-off-by: Herbert Xu --- diff --git a/arch/i386/crypto/aes-i586-asm.S b/arch/i386/crypto/aes-i586-asm.S index 7b73c67..911b153 100644 --- a/arch/i386/crypto/aes-i586-asm.S +++ b/arch/i386/crypto/aes-i586-asm.S @@ -255,18 +255,17 @@ aes_enc_blk: xor 8(%ebp),%r4 xor 12(%ebp),%r5 - sub $8,%esp // space for register saves on stack - add $16,%ebp // increment to next round key - sub $10,%r3 - je 4f // 10 rounds for 128-bit key - add $32,%ebp - sub $2,%r3 - je 3f // 12 rounds for 128-bit key - add $32,%ebp + sub $8,%esp // space for register saves on stack + add $16,%ebp // increment to next round key + cmp $12,%r3 + jb 4f // 10 rounds for 128-bit key + lea 32(%ebp),%ebp + je 3f // 12 rounds for 192-bit key + lea 32(%ebp),%ebp -2: fwd_rnd1( -64(%ebp) ,ft_tab) // 14 rounds for 128-bit key +2: fwd_rnd1( -64(%ebp) ,ft_tab) // 14 rounds for 256-bit key fwd_rnd2( -48(%ebp) ,ft_tab) -3: fwd_rnd1( -32(%ebp) ,ft_tab) // 12 rounds for 128-bit key +3: fwd_rnd1( -32(%ebp) ,ft_tab) // 12 rounds for 192-bit key fwd_rnd2( -16(%ebp) ,ft_tab) 4: fwd_rnd1( (%ebp) ,ft_tab) // 10 rounds for 128-bit key fwd_rnd2( +16(%ebp) ,ft_tab) @@ -334,18 +333,17 @@ aes_dec_blk: xor 8(%ebp),%r4 xor 12(%ebp),%r5 - sub $8,%esp // space for register saves on stack - sub $16,%ebp // increment to next round key - sub $10,%r3 - je 4f // 10 rounds for 128-bit key - sub $32,%ebp - sub $2,%r3 - je 3f // 12 rounds for 128-bit key - sub $32,%ebp + sub $8,%esp // space for register saves on stack + sub $16,%ebp // increment to next round key + cmp $12,%r3 + jb 4f // 10 rounds for 128-bit key + lea -32(%ebp),%ebp + je 3f // 12 rounds for 192-bit key + lea -32(%ebp),%ebp -2: inv_rnd1( +64(%ebp), it_tab) // 14 rounds for 128-bit key +2: inv_rnd1( +64(%ebp), it_tab) // 14 rounds for 256-bit key inv_rnd2( +48(%ebp), it_tab) -3: inv_rnd1( +32(%ebp), it_tab) // 12 rounds for 128-bit key +3: inv_rnd1( +32(%ebp), it_tab) // 12 rounds for 192-bit key inv_rnd2( +16(%ebp), it_tab) 4: inv_rnd1( (%ebp), it_tab) // 10 rounds for 128-bit key inv_rnd2( -16(%ebp), it_tab) diff --git a/arch/i386/crypto/aes.c b/arch/i386/crypto/aes.c index 88ee85c..a50397b 100644 --- a/arch/i386/crypto/aes.c +++ b/arch/i386/crypto/aes.c @@ -36,6 +36,8 @@ * Copyright (c) 2004 Red Hat, Inc., James Morris * */ + +#include #include #include #include @@ -59,7 +61,6 @@ struct aes_ctx { }; #define WPOLY 0x011b -#define u32_in(x) le32_to_cpup((const __le32 *)(x)) #define bytes2word(b0, b1, b2, b3) \ (((u32)(b3) << 24) | ((u32)(b2) << 16) | ((u32)(b1) << 8) | (b0)) @@ -93,7 +94,6 @@ static u32 rcon_tab[RC_LENGTH]; u32 ft_tab[4][256]; u32 fl_tab[4][256]; -static u32 ls_tab[4][256]; static u32 im_tab[4][256]; u32 il_tab[4][256]; u32 it_tab[4][256]; @@ -144,15 +144,6 @@ static void gen_tabs(void) fl_tab[2][i] = upr(w, 2); fl_tab[3][i] = upr(w, 3); - /* - * table for key schedule if fl_tab above is - * not of the required form - */ - ls_tab[0][i] = w; - ls_tab[1][i] = upr(w, 1); - ls_tab[2][i] = upr(w, 2); - ls_tab[3][i] = upr(w, 3); - b = fi(inv_affine((u8)i)); w = bytes2word(fe(b), f9(b), fd(b), fb(b)); @@ -393,13 +384,14 @@ aes_set_key(void *ctx_arg, const u8 *in_ int i; u32 ss[8]; struct aes_ctx *ctx = ctx_arg; + const __le32 *key = (const __le32 *)in_key; /* encryption schedule */ - ctx->ekey[0] = ss[0] = u32_in(in_key); - ctx->ekey[1] = ss[1] = u32_in(in_key + 4); - ctx->ekey[2] = ss[2] = u32_in(in_key + 8); - ctx->ekey[3] = ss[3] = u32_in(in_key + 12); + ctx->ekey[0] = ss[0] = le32_to_cpu(key[0]); + ctx->ekey[1] = ss[1] = le32_to_cpu(key[1]); + ctx->ekey[2] = ss[2] = le32_to_cpu(key[2]); + ctx->ekey[3] = ss[3] = le32_to_cpu(key[3]); switch(key_len) { case 16: @@ -410,8 +402,8 @@ aes_set_key(void *ctx_arg, const u8 *in_ break; case 24: - ctx->ekey[4] = ss[4] = u32_in(in_key + 16); - ctx->ekey[5] = ss[5] = u32_in(in_key + 20); + ctx->ekey[4] = ss[4] = le32_to_cpu(key[4]); + ctx->ekey[5] = ss[5] = le32_to_cpu(key[5]); for (i = 0; i < 7; i++) ke6(ctx->ekey, i); kel6(ctx->ekey, 7); @@ -419,10 +411,10 @@ aes_set_key(void *ctx_arg, const u8 *in_ break; case 32: - ctx->ekey[4] = ss[4] = u32_in(in_key + 16); - ctx->ekey[5] = ss[5] = u32_in(in_key + 20); - ctx->ekey[6] = ss[6] = u32_in(in_key + 24); - ctx->ekey[7] = ss[7] = u32_in(in_key + 28); + ctx->ekey[4] = ss[4] = le32_to_cpu(key[4]); + ctx->ekey[5] = ss[5] = le32_to_cpu(key[5]); + ctx->ekey[6] = ss[6] = le32_to_cpu(key[6]); + ctx->ekey[7] = ss[7] = le32_to_cpu(key[7]); for (i = 0; i < 6; i++) ke8(ctx->ekey, i); kel8(ctx->ekey, 6); @@ -436,10 +428,10 @@ aes_set_key(void *ctx_arg, const u8 *in_ /* decryption schedule */ - ctx->dkey[0] = ss[0] = u32_in(in_key); - ctx->dkey[1] = ss[1] = u32_in(in_key + 4); - ctx->dkey[2] = ss[2] = u32_in(in_key + 8); - ctx->dkey[3] = ss[3] = u32_in(in_key + 12); + ctx->dkey[0] = ss[0] = le32_to_cpu(key[0]); + ctx->dkey[1] = ss[1] = le32_to_cpu(key[1]); + ctx->dkey[2] = ss[2] = le32_to_cpu(key[2]); + ctx->dkey[3] = ss[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: @@ -450,8 +442,8 @@ aes_set_key(void *ctx_arg, const u8 *in_ break; case 24: - ctx->dkey[4] = ff(ss[4] = u32_in(in_key + 16)); - ctx->dkey[5] = ff(ss[5] = u32_in(in_key + 20)); + ctx->dkey[4] = ff(ss[4] = le32_to_cpu(key[4])); + ctx->dkey[5] = ff(ss[5] = le32_to_cpu(key[5])); kdf6(ctx->dkey, 0); for (i = 1; i < 7; i++) kd6(ctx->dkey, i); @@ -459,10 +451,10 @@ aes_set_key(void *ctx_arg, const u8 *in_ break; case 32: - ctx->dkey[4] = ff(ss[4] = u32_in(in_key + 16)); - ctx->dkey[5] = ff(ss[5] = u32_in(in_key + 20)); - ctx->dkey[6] = ff(ss[6] = u32_in(in_key + 24)); - ctx->dkey[7] = ff(ss[7] = u32_in(in_key + 28)); + ctx->dkey[4] = ff(ss[4] = le32_to_cpu(key[4])); + ctx->dkey[5] = ff(ss[5] = le32_to_cpu(key[5])); + ctx->dkey[6] = ff(ss[6] = le32_to_cpu(key[6])); + ctx->dkey[7] = ff(ss[7] = le32_to_cpu(key[7])); kdf8(ctx->dkey, 0); for (i = 1; i < 6; i++) kd8(ctx->dkey, i); @@ -484,6 +476,8 @@ static inline void aes_decrypt(void *ctx static struct crypto_alg aes_alg = { .cra_name = "aes", + .cra_driver_name = "aes-i586", + .cra_priority = 200, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), diff --git a/arch/x86_64/crypto/aes.c b/arch/x86_64/crypto/aes.c index acfdaa2..fb1b961 100644 --- a/arch/x86_64/crypto/aes.c +++ b/arch/x86_64/crypto/aes.c @@ -74,8 +74,6 @@ static inline u8 byte(const u32 x, const return x >> (n << 3); } -#define u32_in(x) le32_to_cpu(*(const __le32 *)(x)) - struct aes_ctx { u32 key_length; @@ -234,6 +232,7 @@ static int aes_set_key(void *ctx_arg, co u32 *flags) { struct aes_ctx *ctx = ctx_arg; + const __le32 *key = (const __le32 *)in_key; u32 i, j, t, u, v, w; if (key_len != 16 && key_len != 24 && key_len != 32) { @@ -243,10 +242,10 @@ static int aes_set_key(void *ctx_arg, co ctx->key_length = key_len; - D_KEY[key_len + 24] = E_KEY[0] = u32_in(in_key); - D_KEY[key_len + 25] = E_KEY[1] = u32_in(in_key + 4); - D_KEY[key_len + 26] = E_KEY[2] = u32_in(in_key + 8); - D_KEY[key_len + 27] = E_KEY[3] = u32_in(in_key + 12); + D_KEY[key_len + 24] = E_KEY[0] = le32_to_cpu(key[0]); + D_KEY[key_len + 25] = E_KEY[1] = le32_to_cpu(key[1]); + D_KEY[key_len + 26] = E_KEY[2] = le32_to_cpu(key[2]); + D_KEY[key_len + 27] = E_KEY[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: @@ -256,17 +255,17 @@ static int aes_set_key(void *ctx_arg, co break; case 24: - E_KEY[4] = u32_in(in_key + 16); - t = E_KEY[5] = u32_in(in_key + 20); + E_KEY[4] = le32_to_cpu(key[4]); + t = E_KEY[5] = le32_to_cpu(key[5]); for (i = 0; i < 8; ++i) loop6 (i); break; case 32: - E_KEY[4] = u32_in(in_key + 16); - E_KEY[5] = u32_in(in_key + 20); - E_KEY[6] = u32_in(in_key + 24); - t = E_KEY[7] = u32_in(in_key + 28); + E_KEY[4] = le32_to_cpu(key[4]); + E_KEY[5] = le32_to_cpu(key[5]); + E_KEY[6] = le32_to_cpu(key[6]); + t = E_KEY[7] = le32_to_cpu(key[7]); for (i = 0; i < 7; ++i) loop8(i); break; @@ -290,6 +289,8 @@ extern void aes_decrypt(void *ctx_arg, u static struct crypto_alg aes_alg = { .cra_name = "aes", + .cra_driver_name = "aes-x86_64", + .cra_priority = 200, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), diff --git a/crypto/Kconfig b/crypto/Kconfig index 89299f4..0d4c4ca 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -146,7 +146,7 @@ config CRYPTO_SERPENT config CRYPTO_AES tristate "AES cipher algorithms" - depends on CRYPTO && !(X86 || UML_X86) + depends on CRYPTO help AES cipher algorithms (FIPS-197). AES uses the Rijndael algorithm. diff --git a/crypto/aes.c b/crypto/aes.c index 5df9288..b9b2afb 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -73,9 +73,6 @@ byte(const u32 x, const unsigned n) return x >> (n << 3); } -#define u32_in(x) le32_to_cpu(*(const u32 *)(x)) -#define u32_out(to, from) (*(u32 *)(to) = cpu_to_le32(from)) - struct aes_ctx { int key_length; u32 E[60]; @@ -256,6 +253,7 @@ static int aes_set_key(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { struct aes_ctx *ctx = ctx_arg; + const __le32 *key = (const __le32 *)in_key; u32 i, t, u, v, w; if (key_len != 16 && key_len != 24 && key_len != 32) { @@ -265,10 +263,10 @@ aes_set_key(void *ctx_arg, const u8 *in_ ctx->key_length = key_len; - E_KEY[0] = u32_in (in_key); - E_KEY[1] = u32_in (in_key + 4); - E_KEY[2] = u32_in (in_key + 8); - E_KEY[3] = u32_in (in_key + 12); + E_KEY[0] = le32_to_cpu(key[0]); + E_KEY[1] = le32_to_cpu(key[1]); + E_KEY[2] = le32_to_cpu(key[2]); + E_KEY[3] = le32_to_cpu(key[3]); switch (key_len) { case 16: @@ -278,17 +276,17 @@ aes_set_key(void *ctx_arg, const u8 *in_ break; case 24: - E_KEY[4] = u32_in (in_key + 16); - t = E_KEY[5] = u32_in (in_key + 20); + E_KEY[4] = le32_to_cpu(key[4]); + t = E_KEY[5] = le32_to_cpu(key[5]); for (i = 0; i < 8; ++i) loop6 (i); break; case 32: - E_KEY[4] = u32_in (in_key + 16); - E_KEY[5] = u32_in (in_key + 20); - E_KEY[6] = u32_in (in_key + 24); - t = E_KEY[7] = u32_in (in_key + 28); + E_KEY[4] = le32_to_cpu(key[4]); + E_KEY[5] = le32_to_cpu(key[5]); + E_KEY[6] = le32_to_cpu(key[6]); + t = E_KEY[7] = le32_to_cpu(key[7]); for (i = 0; i < 7; ++i) loop8 (i); break; @@ -324,13 +322,15 @@ aes_set_key(void *ctx_arg, const u8 *in_ static void aes_encrypt(void *ctx_arg, u8 *out, const u8 *in) { const struct aes_ctx *ctx = ctx_arg; + const __le32 *src = (const __le32 *)in; + __le32 *dst = (__le32 *)out; u32 b0[4], b1[4]; const u32 *kp = E_KEY + 4; - b0[0] = u32_in (in) ^ E_KEY[0]; - b0[1] = u32_in (in + 4) ^ E_KEY[1]; - b0[2] = u32_in (in + 8) ^ E_KEY[2]; - b0[3] = u32_in (in + 12) ^ E_KEY[3]; + b0[0] = le32_to_cpu(src[0]) ^ E_KEY[0]; + b0[1] = le32_to_cpu(src[1]) ^ E_KEY[1]; + b0[2] = le32_to_cpu(src[2]) ^ E_KEY[2]; + b0[3] = le32_to_cpu(src[3]) ^ E_KEY[3]; if (ctx->key_length > 24) { f_nround (b1, b0, kp); @@ -353,10 +353,10 @@ static void aes_encrypt(void *ctx_arg, u f_nround (b1, b0, kp); f_lround (b0, b1, kp); - u32_out (out, b0[0]); - u32_out (out + 4, b0[1]); - u32_out (out + 8, b0[2]); - u32_out (out + 12, b0[3]); + dst[0] = cpu_to_le32(b0[0]); + dst[1] = cpu_to_le32(b0[1]); + dst[2] = cpu_to_le32(b0[2]); + dst[3] = cpu_to_le32(b0[3]); } /* decrypt a block of text */ @@ -377,14 +377,16 @@ static void aes_encrypt(void *ctx_arg, u static void aes_decrypt(void *ctx_arg, u8 *out, const u8 *in) { const struct aes_ctx *ctx = ctx_arg; + const __le32 *src = (const __le32 *)in; + __le32 *dst = (__le32 *)out; u32 b0[4], b1[4]; const int key_len = ctx->key_length; const u32 *kp = D_KEY + key_len + 20; - b0[0] = u32_in (in) ^ E_KEY[key_len + 24]; - b0[1] = u32_in (in + 4) ^ E_KEY[key_len + 25]; - b0[2] = u32_in (in + 8) ^ E_KEY[key_len + 26]; - b0[3] = u32_in (in + 12) ^ E_KEY[key_len + 27]; + b0[0] = le32_to_cpu(src[0]) ^ E_KEY[key_len + 24]; + b0[1] = le32_to_cpu(src[1]) ^ E_KEY[key_len + 25]; + b0[2] = le32_to_cpu(src[2]) ^ E_KEY[key_len + 26]; + b0[3] = le32_to_cpu(src[3]) ^ E_KEY[key_len + 27]; if (key_len > 24) { i_nround (b1, b0, kp); @@ -407,15 +409,17 @@ static void aes_decrypt(void *ctx_arg, u i_nround (b1, b0, kp); i_lround (b0, b1, kp); - u32_out (out, b0[0]); - u32_out (out + 4, b0[1]); - u32_out (out + 8, b0[2]); - u32_out (out + 12, b0[3]); + dst[0] = cpu_to_le32(b0[0]); + dst[1] = cpu_to_le32(b0[1]); + dst[2] = cpu_to_le32(b0[2]); + dst[3] = cpu_to_le32(b0[3]); } static struct crypto_alg aes_alg = { .cra_name = "aes", + .cra_driver_name = "aes-generic", + .cra_priority = 100, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), diff --git a/crypto/anubis.c b/crypto/anubis.c index 3925eb0..94c4b1f 100644 --- a/crypto/anubis.c +++ b/crypto/anubis.c @@ -32,8 +32,10 @@ #include #include #include +#include #include #include +#include #define ANUBIS_MIN_KEY_SIZE 16 #define ANUBIS_MAX_KEY_SIZE 40 @@ -461,8 +463,8 @@ static const u32 rc[] = { static int anubis_setkey(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { - - int N, R, i, pos, r; + const __be32 *key = (const __be32 *)in_key; + int N, R, i, r; u32 kappa[ANUBIS_MAX_N]; u32 inter[ANUBIS_MAX_N]; @@ -483,13 +485,8 @@ static int anubis_setkey(void *ctx_arg, ctx->R = R = 8 + N; /* * map cipher key to initial key state (mu): */ - for (i = 0, pos = 0; i < N; i++, pos += 4) { - kappa[i] = - (in_key[pos ] << 24) ^ - (in_key[pos + 1] << 16) ^ - (in_key[pos + 2] << 8) ^ - (in_key[pos + 3] ); - } + for (i = 0; i < N; i++) + kappa[i] = be32_to_cpu(key[i]); /* * generate R + 1 round keys: @@ -578,7 +575,9 @@ static int anubis_setkey(void *ctx_arg, static void anubis_crypt(u32 roundKey[ANUBIS_MAX_ROUNDS + 1][4], u8 *ciphertext, const u8 *plaintext, const int R) { - int i, pos, r; + const __be32 *src = (const __be32 *)plaintext; + __be32 *dst = (__be32 *)ciphertext; + int i, r; u32 state[4]; u32 inter[4]; @@ -586,14 +585,8 @@ static void anubis_crypt(u32 roundKey[AN * map plaintext block to cipher state (mu) * and add initial round key (sigma[K^0]): */ - for (i = 0, pos = 0; i < 4; i++, pos += 4) { - state[i] = - (plaintext[pos ] << 24) ^ - (plaintext[pos + 1] << 16) ^ - (plaintext[pos + 2] << 8) ^ - (plaintext[pos + 3] ) ^ - roundKey[0][i]; - } + for (i = 0; i < 4; i++) + state[i] = be32_to_cpu(src[i]) ^ roundKey[0][i]; /* * R - 1 full rounds: @@ -663,13 +656,8 @@ static void anubis_crypt(u32 roundKey[AN * map cipher state to ciphertext block (mu^{-1}): */ - for (i = 0, pos = 0; i < 4; i++, pos += 4) { - u32 w = inter[i]; - ciphertext[pos ] = (u8)(w >> 24); - ciphertext[pos + 1] = (u8)(w >> 16); - ciphertext[pos + 2] = (u8)(w >> 8); - ciphertext[pos + 3] = (u8)(w ); - } + for (i = 0; i < 4; i++) + dst[i] = cpu_to_be32(inter[i]); } static void anubis_encrypt(void *ctx_arg, u8 *dst, const u8 *src) diff --git a/crypto/api.c b/crypto/api.c index 40ae42e..2715afd 100644 --- a/crypto/api.c +++ b/crypto/api.c @@ -3,6 +3,7 @@ * * Copyright (c) 2002 James Morris * Copyright (c) 2002 David S. Miller (davem@redhat.com) + * Copyright (c) 2005 Herbert Xu * * Portions derived from Cryptoapi, by Alexander Kjeldaas * and Nettle, by Niels Möller. @@ -18,9 +19,11 @@ #include #include #include +#include #include #include #include +#include #include "internal.h" LIST_HEAD(crypto_alg_list); @@ -39,6 +42,7 @@ static inline void crypto_alg_put(struct static struct crypto_alg *crypto_alg_lookup(const char *name) { struct crypto_alg *q, *alg = NULL; + int best = -1; if (!name) return NULL; @@ -46,11 +50,23 @@ static struct crypto_alg *crypto_alg_loo down_read(&crypto_alg_sem); list_for_each_entry(q, &crypto_alg_list, cra_list) { - if (!(strcmp(q->cra_name, name))) { - if (crypto_alg_get(q)) - alg = q; + int exact, fuzzy; + + exact = !strcmp(q->cra_driver_name, name); + fuzzy = !strcmp(q->cra_name, name); + if (!exact && !(fuzzy && q->cra_priority > best)) + continue; + + if (unlikely(!crypto_alg_get(q))) + continue; + + best = q->cra_priority; + if (alg) + crypto_alg_put(alg); + alg = q; + + if (exact) break; - } } up_read(&crypto_alg_sem); @@ -207,9 +223,26 @@ void crypto_free_tfm(struct crypto_tfm * kfree(tfm); } +static inline int crypto_set_driver_name(struct crypto_alg *alg) +{ + static const char suffix[] = "-generic"; + char *driver_name = (char *)alg->cra_driver_name; + int len; + + if (*driver_name) + return 0; + + len = strlcpy(driver_name, alg->cra_name, CRYPTO_MAX_ALG_NAME); + if (len + sizeof(suffix) > CRYPTO_MAX_ALG_NAME) + return -ENAMETOOLONG; + + memcpy(driver_name + len, suffix, sizeof(suffix)); + return 0; +} + int crypto_register_alg(struct crypto_alg *alg) { - int ret = 0; + int ret; struct crypto_alg *q; if (alg->cra_alignmask & (alg->cra_alignmask + 1)) @@ -220,11 +253,18 @@ int crypto_register_alg(struct crypto_al if (alg->cra_blocksize > PAGE_SIZE) return -EINVAL; + + if (alg->cra_priority < 0) + return -EINVAL; + ret = crypto_set_driver_name(alg); + if (unlikely(ret)) + return ret; + down_write(&crypto_alg_sem); list_for_each_entry(q, &crypto_alg_list, cra_list) { - if (!(strcmp(q->cra_name, alg->cra_name))) { + if (!strcmp(q->cra_driver_name, alg->cra_driver_name)) { ret = -EEXIST; goto out; } diff --git a/crypto/blowfish.c b/crypto/blowfish.c index a8b29d5..99fc459 100644 --- a/crypto/blowfish.c +++ b/crypto/blowfish.c @@ -19,8 +19,10 @@ #include #include #include +#include #include #include +#include #define BF_BLOCK_SIZE 8 #define BF_MIN_KEY_SIZE 4 diff --git a/crypto/cast5.c b/crypto/cast5.c index bc42f42..282641c 100644 --- a/crypto/cast5.c +++ b/crypto/cast5.c @@ -21,11 +21,13 @@ */ +#include #include #include #include #include #include +#include #define CAST5_BLOCK_SIZE 8 #define CAST5_MIN_KEY_SIZE 5 @@ -578,6 +580,8 @@ static const u32 sb8[256] = { static void cast5_encrypt(void *ctx, u8 * outbuf, const u8 * inbuf) { struct cast5_ctx *c = (struct cast5_ctx *) ctx; + const __be32 *src = (const __be32 *)inbuf; + __be32 *dst = (__be32 *)outbuf; u32 l, r, t; u32 I; /* used by the Fx macros */ u32 *Km; @@ -589,8 +593,8 @@ static void cast5_encrypt(void *ctx, u8 /* (L0,R0) <-- (m1...m64). (Split the plaintext into left and * right 32-bit halves L0 = m1...m32 and R0 = m33...m64.) */ - l = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3]; - r = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7]; + l = be32_to_cpu(src[0]); + r = be32_to_cpu(src[1]); /* (16 rounds) for i from 1 to 16, compute Li and Ri as follows: * Li = Ri-1; @@ -634,19 +638,15 @@ static void cast5_encrypt(void *ctx, u8 /* c1...c64 <-- (R16,L16). (Exchange final blocks L16, R16 and * concatenate to form the ciphertext.) */ - outbuf[0] = (r >> 24) & 0xff; - outbuf[1] = (r >> 16) & 0xff; - outbuf[2] = (r >> 8) & 0xff; - outbuf[3] = r & 0xff; - outbuf[4] = (l >> 24) & 0xff; - outbuf[5] = (l >> 16) & 0xff; - outbuf[6] = (l >> 8) & 0xff; - outbuf[7] = l & 0xff; + dst[0] = cpu_to_be32(r); + dst[1] = cpu_to_be32(l); } static void cast5_decrypt(void *ctx, u8 * outbuf, const u8 * inbuf) { struct cast5_ctx *c = (struct cast5_ctx *) ctx; + const __be32 *src = (const __be32 *)inbuf; + __be32 *dst = (__be32 *)outbuf; u32 l, r, t; u32 I; u32 *Km; @@ -655,8 +655,8 @@ static void cast5_decrypt(void *ctx, u8 Km = c->Km; Kr = c->Kr; - l = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3]; - r = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7]; + l = be32_to_cpu(src[0]); + r = be32_to_cpu(src[1]); if (!(c->rr)) { t = l; l = r; r = t ^ F1(r, Km[15], Kr[15]); @@ -690,14 +690,8 @@ static void cast5_decrypt(void *ctx, u8 t = l; l = r; r = t ^ F1(r, Km[0], Kr[0]); } - outbuf[0] = (r >> 24) & 0xff; - outbuf[1] = (r >> 16) & 0xff; - outbuf[2] = (r >> 8) & 0xff; - outbuf[3] = r & 0xff; - outbuf[4] = (l >> 24) & 0xff; - outbuf[5] = (l >> 16) & 0xff; - outbuf[6] = (l >> 8) & 0xff; - outbuf[7] = l & 0xff; + dst[0] = cpu_to_be32(r); + dst[1] = cpu_to_be32(l); } static void key_schedule(u32 * x, u32 * z, u32 * k) @@ -782,7 +776,7 @@ cast5_setkey(void *ctx, const u8 * key, u32 x[4]; u32 z[4]; u32 k[16]; - u8 p_key[16]; + __be32 p_key[4]; struct cast5_ctx *c = (struct cast5_ctx *) ctx; if (key_len < 5 || key_len > 16) { @@ -796,12 +790,10 @@ cast5_setkey(void *ctx, const u8 * key, memcpy(p_key, key, key_len); - x[0] = p_key[0] << 24 | p_key[1] << 16 | p_key[2] << 8 | p_key[3]; - x[1] = p_key[4] << 24 | p_key[5] << 16 | p_key[6] << 8 | p_key[7]; - x[2] = - p_key[8] << 24 | p_key[9] << 16 | p_key[10] << 8 | p_key[11]; - x[3] = - p_key[12] << 24 | p_key[13] << 16 | p_key[14] << 8 | p_key[15]; + x[0] = be32_to_cpu(p_key[0]); + x[1] = be32_to_cpu(p_key[1]); + x[2] = be32_to_cpu(p_key[2]); + x[3] = be32_to_cpu(p_key[3]); key_schedule(x, z, k); for (i = 0; i < 16; i++) diff --git a/crypto/cast6.c b/crypto/cast6.c index 3eb0810..d317fff 100644 --- a/crypto/cast6.c +++ b/crypto/cast6.c @@ -18,11 +18,13 @@ */ +#include #include #include #include #include #include +#include #define CAST6_BLOCK_SIZE 16 #define CAST6_MIN_KEY_SIZE 16 @@ -384,7 +386,7 @@ cast6_setkey(void *ctx, const u8 * in_ke { int i; u32 key[8]; - u8 p_key[32]; /* padded key */ + __be32 p_key[8]; /* padded key */ struct cast6_ctx *c = (struct cast6_ctx *) ctx; if (key_len < 16 || key_len > 32 || key_len % 4 != 0) { @@ -395,14 +397,14 @@ cast6_setkey(void *ctx, const u8 * in_ke memset (p_key, 0, 32); memcpy (p_key, in_key, key_len); - key[0] = p_key[0] << 24 | p_key[1] << 16 | p_key[2] << 8 | p_key[3]; /* A */ - key[1] = p_key[4] << 24 | p_key[5] << 16 | p_key[6] << 8 | p_key[7]; /* B */ - key[2] = p_key[8] << 24 | p_key[9] << 16 | p_key[10] << 8 | p_key[11]; /* C */ - key[3] = p_key[12] << 24 | p_key[13] << 16 | p_key[14] << 8 | p_key[15]; /* D */ - key[4] = p_key[16] << 24 | p_key[17] << 16 | p_key[18] << 8 | p_key[19]; /* E */ - key[5] = p_key[20] << 24 | p_key[21] << 16 | p_key[22] << 8 | p_key[23]; /* F */ - key[6] = p_key[24] << 24 | p_key[25] << 16 | p_key[26] << 8 | p_key[27]; /* G */ - key[7] = p_key[28] << 24 | p_key[29] << 16 | p_key[30] << 8 | p_key[31]; /* H */ + key[0] = be32_to_cpu(p_key[0]); /* A */ + key[1] = be32_to_cpu(p_key[1]); /* B */ + key[2] = be32_to_cpu(p_key[2]); /* C */ + key[3] = be32_to_cpu(p_key[3]); /* D */ + key[4] = be32_to_cpu(p_key[4]); /* E */ + key[5] = be32_to_cpu(p_key[5]); /* F */ + key[6] = be32_to_cpu(p_key[6]); /* G */ + key[7] = be32_to_cpu(p_key[7]); /* H */ @@ -444,14 +446,16 @@ static inline void QBAR (u32 * block, u8 static void cast6_encrypt (void * ctx, u8 * outbuf, const u8 * inbuf) { struct cast6_ctx * c = (struct cast6_ctx *)ctx; + const __be32 *src = (const __be32 *)inbuf; + __be32 *dst = (__be32 *)outbuf; u32 block[4]; u32 * Km; u8 * Kr; - block[0] = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3]; - block[1] = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7]; - block[2] = inbuf[8] << 24 | inbuf[9] << 16 | inbuf[10] << 8 | inbuf[11]; - block[3] = inbuf[12] << 24 | inbuf[13] << 16 | inbuf[14] << 8 | inbuf[15]; + block[0] = be32_to_cpu(src[0]); + block[1] = be32_to_cpu(src[1]); + block[2] = be32_to_cpu(src[2]); + block[3] = be32_to_cpu(src[3]); Km = c->Km[0]; Kr = c->Kr[0]; Q (block, Kr, Km); Km = c->Km[1]; Kr = c->Kr[1]; Q (block, Kr, Km); @@ -465,35 +469,25 @@ static void cast6_encrypt (void * ctx, u Km = c->Km[9]; Kr = c->Kr[9]; QBAR (block, Kr, Km); Km = c->Km[10]; Kr = c->Kr[10]; QBAR (block, Kr, Km); Km = c->Km[11]; Kr = c->Kr[11]; QBAR (block, Kr, Km); - - outbuf[0] = (block[0] >> 24) & 0xff; - outbuf[1] = (block[0] >> 16) & 0xff; - outbuf[2] = (block[0] >> 8) & 0xff; - outbuf[3] = block[0] & 0xff; - outbuf[4] = (block[1] >> 24) & 0xff; - outbuf[5] = (block[1] >> 16) & 0xff; - outbuf[6] = (block[1] >> 8) & 0xff; - outbuf[7] = block[1] & 0xff; - outbuf[8] = (block[2] >> 24) & 0xff; - outbuf[9] = (block[2] >> 16) & 0xff; - outbuf[10] = (block[2] >> 8) & 0xff; - outbuf[11] = block[2] & 0xff; - outbuf[12] = (block[3] >> 24) & 0xff; - outbuf[13] = (block[3] >> 16) & 0xff; - outbuf[14] = (block[3] >> 8) & 0xff; - outbuf[15] = block[3] & 0xff; + + dst[0] = cpu_to_be32(block[0]); + dst[1] = cpu_to_be32(block[1]); + dst[2] = cpu_to_be32(block[2]); + dst[3] = cpu_to_be32(block[3]); } static void cast6_decrypt (void * ctx, u8 * outbuf, const u8 * inbuf) { struct cast6_ctx * c = (struct cast6_ctx *)ctx; + const __be32 *src = (const __be32 *)inbuf; + __be32 *dst = (__be32 *)outbuf; u32 block[4]; u32 * Km; u8 * Kr; - block[0] = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3]; - block[1] = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7]; - block[2] = inbuf[8] << 24 | inbuf[9] << 16 | inbuf[10] << 8 | inbuf[11]; - block[3] = inbuf[12] << 24 | inbuf[13] << 16 | inbuf[14] << 8 | inbuf[15]; + block[0] = be32_to_cpu(src[0]); + block[1] = be32_to_cpu(src[1]); + block[2] = be32_to_cpu(src[2]); + block[3] = be32_to_cpu(src[3]); Km = c->Km[11]; Kr = c->Kr[11]; Q (block, Kr, Km); Km = c->Km[10]; Kr = c->Kr[10]; Q (block, Kr, Km); @@ -508,22 +502,10 @@ static void cast6_decrypt (void * ctx, u Km = c->Km[1]; Kr = c->Kr[1]; QBAR (block, Kr, Km); Km = c->Km[0]; Kr = c->Kr[0]; QBAR (block, Kr, Km); - outbuf[0] = (block[0] >> 24) & 0xff; - outbuf[1] = (block[0] >> 16) & 0xff; - outbuf[2] = (block[0] >> 8) & 0xff; - outbuf[3] = block[0] & 0xff; - outbuf[4] = (block[1] >> 24) & 0xff; - outbuf[5] = (block[1] >> 16) & 0xff; - outbuf[6] = (block[1] >> 8) & 0xff; - outbuf[7] = block[1] & 0xff; - outbuf[8] = (block[2] >> 24) & 0xff; - outbuf[9] = (block[2] >> 16) & 0xff; - outbuf[10] = (block[2] >> 8) & 0xff; - outbuf[11] = block[2] & 0xff; - outbuf[12] = (block[3] >> 24) & 0xff; - outbuf[13] = (block[3] >> 16) & 0xff; - outbuf[14] = (block[3] >> 8) & 0xff; - outbuf[15] = block[3] & 0xff; + dst[0] = cpu_to_be32(block[0]); + dst[1] = cpu_to_be32(block[1]); + dst[2] = cpu_to_be32(block[2]); + dst[3] = cpu_to_be32(block[3]); } static struct crypto_alg alg = { diff --git a/crypto/cipher.c b/crypto/cipher.c index dfd4bcf..65bcea0 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -212,9 +212,10 @@ static unsigned int cbc_process_decrypt( struct crypto_tfm *tfm = desc->tfm; void (*xor)(u8 *, const u8 *) = tfm->crt_u.cipher.cit_xor_block; int bsize = crypto_tfm_alg_blocksize(tfm); + unsigned long alignmask = crypto_tfm_alg_alignmask(desc->tfm); - u8 stack[src == dst ? bsize : 0]; - u8 *buf = stack; + u8 stack[src == dst ? bsize + alignmask : 0]; + u8 *buf = (u8 *)ALIGN((unsigned long)stack, alignmask + 1); u8 **dst_p = src == dst ? &buf : &dst; void (*fn)(void *, u8 *, const u8 *) = desc->crfn; diff --git a/crypto/crc32c.c b/crypto/crc32c.c index 256956c..9533624 100644 --- a/crypto/crc32c.c +++ b/crypto/crc32c.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #define CHKSUM_BLOCK_SIZE 32 diff --git a/crypto/des.c b/crypto/des.c index a3c863d..dae4298 100644 --- a/crypto/des.c +++ b/crypto/des.c @@ -12,11 +12,13 @@ * */ +#include #include #include #include #include #include +#include #define DES_KEY_SIZE 8 #define DES_EXPKEY_WORDS 32 diff --git a/crypto/internal.h b/crypto/internal.h index 37aa652..959e602 100644 --- a/crypto/internal.h +++ b/crypto/internal.h @@ -2,6 +2,7 @@ * Cryptographic API. * * Copyright (c) 2002 James Morris + * Copyright (c) 2005 Herbert Xu * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the Free @@ -16,10 +17,15 @@ #include #include #include +#include #include +#include #include #include +extern struct list_head crypto_alg_list; +extern struct rw_semaphore crypto_alg_sem; + extern enum km_type crypto_km_types[]; static inline enum km_type crypto_kmap_type(int out) diff --git a/crypto/khazad.c b/crypto/khazad.c index 738cb0d..6809210 100644 --- a/crypto/khazad.c +++ b/crypto/khazad.c @@ -22,8 +22,10 @@ #include #include #include +#include #include #include +#include #define KHAZAD_KEY_SIZE 16 #define KHAZAD_BLOCK_SIZE 8 @@ -755,8 +757,8 @@ static const u64 c[KHAZAD_ROUNDS + 1] = static int khazad_setkey(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { - struct khazad_ctx *ctx = ctx_arg; + const __be64 *key = (const __be64 *)in_key; int r; const u64 *S = T7; u64 K2, K1; @@ -767,22 +769,8 @@ static int khazad_setkey(void *ctx_arg, return -EINVAL; } - K2 = ((u64)in_key[ 0] << 56) ^ - ((u64)in_key[ 1] << 48) ^ - ((u64)in_key[ 2] << 40) ^ - ((u64)in_key[ 3] << 32) ^ - ((u64)in_key[ 4] << 24) ^ - ((u64)in_key[ 5] << 16) ^ - ((u64)in_key[ 6] << 8) ^ - ((u64)in_key[ 7] ); - K1 = ((u64)in_key[ 8] << 56) ^ - ((u64)in_key[ 9] << 48) ^ - ((u64)in_key[10] << 40) ^ - ((u64)in_key[11] << 32) ^ - ((u64)in_key[12] << 24) ^ - ((u64)in_key[13] << 16) ^ - ((u64)in_key[14] << 8) ^ - ((u64)in_key[15] ); + K2 = be64_to_cpu(key[0]); + K1 = be64_to_cpu(key[1]); /* setup the encrypt key */ for (r = 0; r <= KHAZAD_ROUNDS; r++) { @@ -820,19 +808,12 @@ static int khazad_setkey(void *ctx_arg, static void khazad_crypt(const u64 roundKey[KHAZAD_ROUNDS + 1], u8 *ciphertext, const u8 *plaintext) { - + const __be64 *src = (const __be64 *)plaintext; + __be64 *dst = (__be64 *)ciphertext; int r; u64 state; - state = ((u64)plaintext[0] << 56) ^ - ((u64)plaintext[1] << 48) ^ - ((u64)plaintext[2] << 40) ^ - ((u64)plaintext[3] << 32) ^ - ((u64)plaintext[4] << 24) ^ - ((u64)plaintext[5] << 16) ^ - ((u64)plaintext[6] << 8) ^ - ((u64)plaintext[7] ) ^ - roundKey[0]; + state = be64_to_cpu(*src) ^ roundKey[0]; for (r = 1; r < KHAZAD_ROUNDS; r++) { state = T0[(int)(state >> 56) ] ^ @@ -856,15 +837,7 @@ static void khazad_crypt(const u64 round (T7[(int)(state ) & 0xff] & 0x00000000000000ffULL) ^ roundKey[KHAZAD_ROUNDS]; - ciphertext[0] = (u8)(state >> 56); - ciphertext[1] = (u8)(state >> 48); - ciphertext[2] = (u8)(state >> 40); - ciphertext[3] = (u8)(state >> 32); - ciphertext[4] = (u8)(state >> 24); - ciphertext[5] = (u8)(state >> 16); - ciphertext[6] = (u8)(state >> 8); - ciphertext[7] = (u8)(state ); - + *dst = cpu_to_be64(state); } static void khazad_encrypt(void *ctx_arg, u8 *dst, const u8 *src) diff --git a/crypto/md4.c b/crypto/md4.c index bef6a9e..a2d6df5 100644 --- a/crypto/md4.c +++ b/crypto/md4.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #define MD4_DIGEST_SIZE 16 diff --git a/crypto/md5.c b/crypto/md5.c index 1ed45f9..7f041ae 100644 --- a/crypto/md5.c +++ b/crypto/md5.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #define MD5_DIGEST_SIZE 16 diff --git a/crypto/michael_mic.c b/crypto/michael_mic.c index a470bcb..4f6ab23 100644 --- a/crypto/michael_mic.c +++ b/crypto/michael_mic.c @@ -10,10 +10,12 @@ * published by the Free Software Foundation. */ +#include #include #include #include #include +#include struct michael_mic_ctx { @@ -43,21 +45,6 @@ do { \ } while (0) -static inline u32 get_le32(const u8 *p) -{ - return p[0] | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); -} - - -static inline void put_le32(u8 *p, u32 v) -{ - p[0] = v; - p[1] = v >> 8; - p[2] = v >> 16; - p[3] = v >> 24; -} - - static void michael_init(void *ctx) { struct michael_mic_ctx *mctx = ctx; @@ -68,6 +55,7 @@ static void michael_init(void *ctx) static void michael_update(void *ctx, const u8 *data, unsigned int len) { struct michael_mic_ctx *mctx = ctx; + const __le32 *src; if (mctx->pending_len) { int flen = 4 - mctx->pending_len; @@ -81,21 +69,23 @@ static void michael_update(void *ctx, co if (mctx->pending_len < 4) return; - mctx->l ^= get_le32(mctx->pending); + src = (const __le32 *)mctx->pending; + mctx->l ^= le32_to_cpup(src); michael_block(mctx->l, mctx->r); mctx->pending_len = 0; } + src = (const __le32 *)data; + while (len >= 4) { - mctx->l ^= get_le32(data); + mctx->l ^= le32_to_cpup(src++); michael_block(mctx->l, mctx->r); - data += 4; len -= 4; } if (len > 0) { mctx->pending_len = len; - memcpy(mctx->pending, data, len); + memcpy(mctx->pending, src, len); } } @@ -104,6 +94,7 @@ static void michael_final(void *ctx, u8 { struct michael_mic_ctx *mctx = ctx; u8 *data = mctx->pending; + __le32 *dst = (__le32 *)out; /* Last block and padding (0x5a, 4..7 x 0) */ switch (mctx->pending_len) { @@ -125,8 +116,8 @@ static void michael_final(void *ctx, u8 /* l ^= 0; */ michael_block(mctx->l, mctx->r); - put_le32(out, mctx->l); - put_le32(out + 4, mctx->r); + dst[0] = cpu_to_le32(mctx->l); + dst[1] = cpu_to_le32(mctx->r); } @@ -134,13 +125,16 @@ static int michael_setkey(void *ctx, con u32 *flags) { struct michael_mic_ctx *mctx = ctx; + const __le32 *data = (const __le32 *)key; + if (keylen != 8) { if (flags) *flags = CRYPTO_TFM_RES_BAD_KEY_LEN; return -EINVAL; } - mctx->l = get_le32(key); - mctx->r = get_le32(key + 4); + + mctx->l = le32_to_cpu(data[0]); + mctx->r = le32_to_cpu(data[1]); return 0; } diff --git a/crypto/proc.c b/crypto/proc.c index 630ba91..c0a5dd7 100644 --- a/crypto/proc.c +++ b/crypto/proc.c @@ -4,6 +4,7 @@ * Procfs information. * * Copyright (c) 2002 James Morris + * Copyright (c) 2005 Herbert Xu * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the Free @@ -18,9 +19,6 @@ #include #include "internal.h" -extern struct list_head crypto_alg_list; -extern struct rw_semaphore crypto_alg_sem; - static void *c_start(struct seq_file *m, loff_t *pos) { struct list_head *v; @@ -53,7 +51,9 @@ static int c_show(struct seq_file *m, vo struct crypto_alg *alg = (struct crypto_alg *)p; seq_printf(m, "name : %s\n", alg->cra_name); + seq_printf(m, "driver : %s\n", alg->cra_driver_name); seq_printf(m, "module : %s\n", module_name(alg->cra_module)); + seq_printf(m, "priority : %d\n", alg->cra_priority); switch (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) { case CRYPTO_ALG_TYPE_CIPHER: diff --git a/crypto/serpent.c b/crypto/serpent.c index 3cf2c50..a950ff8 100644 --- a/crypto/serpent.c +++ b/crypto/serpent.c @@ -20,6 +20,7 @@ #include #include #include +#include /* Key is padded to the maximum of 256 bits before round key generation. * Any key length <= 256 bits (32 bytes) is allowed by the algorithm. diff --git a/crypto/sha1.c b/crypto/sha1.c index 4016f3b..21571ed 100644 --- a/crypto/sha1.c +++ b/crypto/sha1.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include @@ -48,23 +49,33 @@ static void sha1_init(void *ctx) static void sha1_update(void *ctx, const u8 *data, unsigned int len) { struct sha1_ctx *sctx = ctx; - unsigned int i, j; - u32 temp[SHA_WORKSPACE_WORDS]; + unsigned int partial, done; + const u8 *src; - j = (sctx->count >> 3) & 0x3f; - sctx->count += len << 3; - - if ((j + len) > 63) { - memcpy(&sctx->buffer[j], data, (i = 64-j)); - sha_transform(sctx->state, sctx->buffer, temp); - for ( ; i + 63 < len; i += 64) { - sha_transform(sctx->state, &data[i], temp); + partial = sctx->count & 0x3f; + sctx->count += len; + done = 0; + src = data; + + if ((partial + len) > 63) { + u32 temp[SHA_WORKSPACE_WORDS]; + + if (partial) { + done = -partial; + memcpy(sctx->buffer + partial, data, done + 64); + src = sctx->buffer; } - j = 0; + + do { + sha_transform(sctx->state, src, temp); + done += 64; + src = data + done; + } while (done + 63 < len); + + memset(temp, 0, sizeof(temp)); + partial = 0; } - else i = 0; - memset(temp, 0, sizeof(temp)); - memcpy(&sctx->buffer[j], &data[i], len - i); + memcpy(sctx->buffer + partial, src, len - done); } @@ -72,37 +83,24 @@ static void sha1_update(void *ctx, const static void sha1_final(void* ctx, u8 *out) { struct sha1_ctx *sctx = ctx; - u32 i, j, index, padlen; - u64 t; - u8 bits[8] = { 0, }; + __be32 *dst = (__be32 *)out; + u32 i, index, padlen; + __be64 bits; static const u8 padding[64] = { 0x80, }; - t = sctx->count; - bits[7] = 0xff & t; t>>=8; - bits[6] = 0xff & t; t>>=8; - bits[5] = 0xff & t; t>>=8; - bits[4] = 0xff & t; t>>=8; - bits[3] = 0xff & t; t>>=8; - bits[2] = 0xff & t; t>>=8; - bits[1] = 0xff & t; t>>=8; - bits[0] = 0xff & t; + bits = cpu_to_be64(sctx->count << 3); /* Pad out to 56 mod 64 */ - index = (sctx->count >> 3) & 0x3f; + index = sctx->count & 0x3f; padlen = (index < 56) ? (56 - index) : ((64+56) - index); sha1_update(sctx, padding, padlen); /* Append length */ - sha1_update(sctx, bits, sizeof bits); + sha1_update(sctx, (const u8 *)&bits, sizeof(bits)); /* Store state in digest */ - for (i = j = 0; i < 5; i++, j += 4) { - u32 t2 = sctx->state[i]; - out[j+3] = t2 & 0xff; t2>>=8; - out[j+2] = t2 & 0xff; t2>>=8; - out[j+1] = t2 & 0xff; t2>>=8; - out[j ] = t2 & 0xff; - } + for (i = 0; i < 5; i++) + dst[i] = cpu_to_be32(sctx->state[i]); /* Wipe context */ memset(sctx, 0, sizeof *sctx); diff --git a/crypto/sha256.c b/crypto/sha256.c index c78da50..9d5ef67 100644 --- a/crypto/sha256.c +++ b/crypto/sha256.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include @@ -279,22 +280,15 @@ static void sha256_update(void *ctx, con static void sha256_final(void* ctx, u8 *out) { struct sha256_ctx *sctx = ctx; - u8 bits[8]; - unsigned int index, pad_len, t; - int i, j; + __be32 *dst = (__be32 *)out; + __be32 bits[2]; + unsigned int index, pad_len; + int i; static const u8 padding[64] = { 0x80, }; /* Save number of bits */ - t = sctx->count[0]; - bits[7] = t; t >>= 8; - bits[6] = t; t >>= 8; - bits[5] = t; t >>= 8; - bits[4] = t; - t = sctx->count[1]; - bits[3] = t; t >>= 8; - bits[2] = t; t >>= 8; - bits[1] = t; t >>= 8; - bits[0] = t; + bits[1] = cpu_to_be32(sctx->count[0]); + bits[0] = cpu_to_be32(sctx->count[1]); /* Pad out to 56 mod 64. */ index = (sctx->count[0] >> 3) & 0x3f; @@ -302,16 +296,11 @@ static void sha256_final(void* ctx, u8 * sha256_update(sctx, padding, pad_len); /* Append length (before padding) */ - sha256_update(sctx, bits, 8); + sha256_update(sctx, (const u8 *)bits, sizeof(bits)); /* Store state in digest */ - for (i = j = 0; i < 8; i++, j += 4) { - t = sctx->state[i]; - out[j+3] = t; t >>= 8; - out[j+2] = t; t >>= 8; - out[j+1] = t; t >>= 8; - out[j ] = t; - } + for (i = 0; i < 8; i++) + dst[i] = cpu_to_be32(sctx->state[i]); /* Zeroize sensitive information. */ memset(sctx, 0, sizeof(*sctx)); diff --git a/crypto/sha512.c b/crypto/sha512.c index c663438..3e6e939 100644 --- a/crypto/sha512.c +++ b/crypto/sha512.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include @@ -235,39 +236,17 @@ static void sha512_final(void *ctx, u8 *hash) { struct sha512_ctx *sctx = ctx; - static u8 padding[128] = { 0x80, }; - - u32 t; - u64 t2; - u8 bits[128]; + __be64 *dst = (__be64 *)hash; + __be32 bits[4]; unsigned int index, pad_len; - int i, j; - - index = pad_len = t = i = j = 0; - t2 = 0; + int i; /* Save number of bits */ - t = sctx->count[0]; - bits[15] = t; t>>=8; - bits[14] = t; t>>=8; - bits[13] = t; t>>=8; - bits[12] = t; - t = sctx->count[1]; - bits[11] = t; t>>=8; - bits[10] = t; t>>=8; - bits[9 ] = t; t>>=8; - bits[8 ] = t; - t = sctx->count[2]; - bits[7 ] = t; t>>=8; - bits[6 ] = t; t>>=8; - bits[5 ] = t; t>>=8; - bits[4 ] = t; - t = sctx->count[3]; - bits[3 ] = t; t>>=8; - bits[2 ] = t; t>>=8; - bits[1 ] = t; t>>=8; - bits[0 ] = t; + bits[3] = cpu_to_be32(sctx->count[0]); + bits[2] = cpu_to_be32(sctx->count[1]); + bits[1] = cpu_to_be32(sctx->count[2]); + bits[0] = cpu_to_be32(sctx->count[3]); /* Pad out to 112 mod 128. */ index = (sctx->count[0] >> 3) & 0x7f; @@ -275,21 +254,12 @@ sha512_final(void *ctx, u8 *hash) sha512_update(sctx, padding, pad_len); /* Append length (before padding) */ - sha512_update(sctx, bits, 16); + sha512_update(sctx, (const u8 *)bits, sizeof(bits)); /* Store state in digest */ - for (i = j = 0; i < 8; i++, j += 8) { - t2 = sctx->state[i]; - hash[j+7] = (char)t2 & 0xff; t2>>=8; - hash[j+6] = (char)t2 & 0xff; t2>>=8; - hash[j+5] = (char)t2 & 0xff; t2>>=8; - hash[j+4] = (char)t2 & 0xff; t2>>=8; - hash[j+3] = (char)t2 & 0xff; t2>>=8; - hash[j+2] = (char)t2 & 0xff; t2>>=8; - hash[j+1] = (char)t2 & 0xff; t2>>=8; - hash[j ] = (char)t2 & 0xff; - } - + for (i = 0; i < 8; i++) + dst[i] = cpu_to_be64(sctx->state[i]); + /* Zeroize sensitive information. */ memset(sctx, 0, sizeof(struct sha512_ctx)); } diff --git a/crypto/tea.c b/crypto/tea.c index 5924efd..e0077c7 100644 --- a/crypto/tea.c +++ b/crypto/tea.c @@ -22,8 +22,10 @@ #include #include #include +#include #include #include +#include #define TEA_KEY_SIZE 16 #define TEA_BLOCK_SIZE 8 @@ -35,9 +37,6 @@ #define XTEA_ROUNDS 32 #define XTEA_DELTA 0x9e3779b9 -#define u32_in(x) le32_to_cpu(*(const __le32 *)(x)) -#define u32_out(to, from) (*(__le32 *)(to) = cpu_to_le32(from)) - struct tea_ctx { u32 KEY[4]; }; @@ -49,8 +48,8 @@ struct xtea_ctx { static int tea_setkey(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { - struct tea_ctx *ctx = ctx_arg; + const __le32 *key = (const __le32 *)in_key; if (key_len != 16) { @@ -58,10 +57,10 @@ static int tea_setkey(void *ctx_arg, con return -EINVAL; } - ctx->KEY[0] = u32_in (in_key); - ctx->KEY[1] = u32_in (in_key + 4); - ctx->KEY[2] = u32_in (in_key + 8); - ctx->KEY[3] = u32_in (in_key + 12); + ctx->KEY[0] = le32_to_cpu(key[0]); + ctx->KEY[1] = le32_to_cpu(key[1]); + ctx->KEY[2] = le32_to_cpu(key[2]); + ctx->KEY[3] = le32_to_cpu(key[3]); return 0; @@ -73,9 +72,11 @@ static void tea_encrypt(void *ctx_arg, u u32 k0, k1, k2, k3; struct tea_ctx *ctx = ctx_arg; + const __le32 *in = (const __le32 *)src; + __le32 *out = (__le32 *)dst; - y = u32_in (src); - z = u32_in (src + 4); + y = le32_to_cpu(in[0]); + z = le32_to_cpu(in[1]); k0 = ctx->KEY[0]; k1 = ctx->KEY[1]; @@ -90,19 +91,20 @@ static void tea_encrypt(void *ctx_arg, u z += ((y << 4) + k2) ^ (y + sum) ^ ((y >> 5) + k3); } - u32_out (dst, y); - u32_out (dst + 4, z); + out[0] = cpu_to_le32(y); + out[1] = cpu_to_le32(z); } static void tea_decrypt(void *ctx_arg, u8 *dst, const u8 *src) { u32 y, z, n, sum; u32 k0, k1, k2, k3; - struct tea_ctx *ctx = ctx_arg; + const __le32 *in = (const __le32 *)src; + __le32 *out = (__le32 *)dst; - y = u32_in (src); - z = u32_in (src + 4); + y = le32_to_cpu(in[0]); + z = le32_to_cpu(in[1]); k0 = ctx->KEY[0]; k1 = ctx->KEY[1]; @@ -119,16 +121,15 @@ static void tea_decrypt(void *ctx_arg, u sum -= TEA_DELTA; } - u32_out (dst, y); - u32_out (dst + 4, z); - + out[0] = cpu_to_le32(y); + out[1] = cpu_to_le32(z); } static int xtea_setkey(void *ctx_arg, const u8 *in_key, unsigned int key_len, u32 *flags) { - struct xtea_ctx *ctx = ctx_arg; + const __le32 *key = (const __le32 *)in_key; if (key_len != 16) { @@ -136,10 +137,10 @@ static int xtea_setkey(void *ctx_arg, co return -EINVAL; } - ctx->KEY[0] = u32_in (in_key); - ctx->KEY[1] = u32_in (in_key + 4); - ctx->KEY[2] = u32_in (in_key + 8); - ctx->KEY[3] = u32_in (in_key + 12); + ctx->KEY[0] = le32_to_cpu(key[0]); + ctx->KEY[1] = le32_to_cpu(key[1]); + ctx->KEY[2] = le32_to_cpu(key[2]); + ctx->KEY[3] = le32_to_cpu(key[3]); return 0; @@ -147,14 +148,15 @@ static int xtea_setkey(void *ctx_arg, co static void xtea_encrypt(void *ctx_arg, u8 *dst, const u8 *src) { - u32 y, z, sum = 0; u32 limit = XTEA_DELTA * XTEA_ROUNDS; struct xtea_ctx *ctx = ctx_arg; + const __le32 *in = (const __le32 *)src; + __le32 *out = (__le32 *)dst; - y = u32_in (src); - z = u32_in (src + 4); + y = le32_to_cpu(in[0]); + z = le32_to_cpu(in[1]); while (sum != limit) { y += ((z << 4 ^ z >> 5) + z) ^ (sum + ctx->KEY[sum&3]); @@ -162,19 +164,19 @@ static void xtea_encrypt(void *ctx_arg, z += ((y << 4 ^ y >> 5) + y) ^ (sum + ctx->KEY[sum>>11 &3]); } - u32_out (dst, y); - u32_out (dst + 4, z); - + out[0] = cpu_to_le32(y); + out[1] = cpu_to_le32(z); } static void xtea_decrypt(void *ctx_arg, u8 *dst, const u8 *src) { - u32 y, z, sum; struct tea_ctx *ctx = ctx_arg; + const __le32 *in = (const __le32 *)src; + __le32 *out = (__le32 *)dst; - y = u32_in (src); - z = u32_in (src + 4); + y = le32_to_cpu(in[0]); + z = le32_to_cpu(in[1]); sum = XTEA_DELTA * XTEA_ROUNDS; @@ -184,22 +186,22 @@ static void xtea_decrypt(void *ctx_arg, y -= ((z << 4 ^ z >> 5) + z) ^ (sum + ctx->KEY[sum & 3]); } - u32_out (dst, y); - u32_out (dst + 4, z); - + out[0] = cpu_to_le32(y); + out[1] = cpu_to_le32(z); } static void xeta_encrypt(void *ctx_arg, u8 *dst, const u8 *src) { - u32 y, z, sum = 0; u32 limit = XTEA_DELTA * XTEA_ROUNDS; struct xtea_ctx *ctx = ctx_arg; + const __le32 *in = (const __le32 *)src; + __le32 *out = (__le32 *)dst; - y = u32_in (src); - z = u32_in (src + 4); + y = le32_to_cpu(in[0]); + z = le32_to_cpu(in[1]); while (sum != limit) { y += (z << 4 ^ z >> 5) + (z ^ sum) + ctx->KEY[sum&3]; @@ -207,19 +209,19 @@ static void xeta_encrypt(void *ctx_arg, z += (y << 4 ^ y >> 5) + (y ^ sum) + ctx->KEY[sum>>11 &3]; } - u32_out (dst, y); - u32_out (dst + 4, z); - + out[0] = cpu_to_le32(y); + out[1] = cpu_to_le32(z); } static void xeta_decrypt(void *ctx_arg, u8 *dst, const u8 *src) { - u32 y, z, sum; struct tea_ctx *ctx = ctx_arg; + const __le32 *in = (const __le32 *)src; + __le32 *out = (__le32 *)dst; - y = u32_in (src); - z = u32_in (src + 4); + y = le32_to_cpu(in[0]); + z = le32_to_cpu(in[1]); sum = XTEA_DELTA * XTEA_ROUNDS; @@ -229,9 +231,8 @@ static void xeta_decrypt(void *ctx_arg, y -= (z << 4 ^ z >> 5) + (z ^ sum) + ctx->KEY[sum & 3]; } - u32_out (dst, y); - u32_out (dst + 4, z); - + out[0] = cpu_to_le32(y); + out[1] = cpu_to_le32(z); } static struct crypto_alg tea_alg = { diff --git a/crypto/tgr192.c b/crypto/tgr192.c index f0a45cf..2d8e44f 100644 --- a/crypto/tgr192.c +++ b/crypto/tgr192.c @@ -24,8 +24,10 @@ #include #include #include +#include #include #include +#include #define TGR192_DIGEST_SIZE 24 #define TGR160_DIGEST_SIZE 20 @@ -467,18 +469,10 @@ static void tgr192_transform(struct tgr1 u64 a, b, c, aa, bb, cc; u64 x[8]; int i; - const u8 *ptr = data; + const __le64 *ptr = (const __le64 *)data; - for (i = 0; i < 8; i++, ptr += 8) { - x[i] = (((u64)ptr[7] ) << 56) ^ - (((u64)ptr[6] & 0xffL) << 48) ^ - (((u64)ptr[5] & 0xffL) << 40) ^ - (((u64)ptr[4] & 0xffL) << 32) ^ - (((u64)ptr[3] & 0xffL) << 24) ^ - (((u64)ptr[2] & 0xffL) << 16) ^ - (((u64)ptr[1] & 0xffL) << 8) ^ - (((u64)ptr[0] & 0xffL) ); - } + for (i = 0; i < 8; i++) + x[i] = le64_to_cpu(ptr[i]); /* save */ a = aa = tctx->a; @@ -558,9 +552,10 @@ static void tgr192_update(void *ctx, con static void tgr192_final(void *ctx, u8 * out) { struct tgr192_ctx *tctx = ctx; + __be64 *dst = (__be64 *)out; + __be64 *be64p; + __le32 *le32p; u32 t, msb, lsb; - u8 *p; - int i, j; tgr192_update(tctx, NULL, 0); /* flush */ ; @@ -594,41 +589,16 @@ static void tgr192_final(void *ctx, u8 * memset(tctx->hash, 0, 56); /* fill next block with zeroes */ } /* append the 64 bit count */ - tctx->hash[56] = lsb; - tctx->hash[57] = lsb >> 8; - tctx->hash[58] = lsb >> 16; - tctx->hash[59] = lsb >> 24; - tctx->hash[60] = msb; - tctx->hash[61] = msb >> 8; - tctx->hash[62] = msb >> 16; - tctx->hash[63] = msb >> 24; + le32p = (__le32 *)&tctx->hash[56]; + le32p[0] = cpu_to_le32(lsb); + le32p[1] = cpu_to_le32(msb); + tgr192_transform(tctx, tctx->hash); - p = tctx->hash; - *p++ = tctx->a >> 56; *p++ = tctx->a >> 48; *p++ = tctx->a >> 40; - *p++ = tctx->a >> 32; *p++ = tctx->a >> 24; *p++ = tctx->a >> 16; - *p++ = tctx->a >> 8; *p++ = tctx->a;\ - *p++ = tctx->b >> 56; *p++ = tctx->b >> 48; *p++ = tctx->b >> 40; - *p++ = tctx->b >> 32; *p++ = tctx->b >> 24; *p++ = tctx->b >> 16; - *p++ = tctx->b >> 8; *p++ = tctx->b; - *p++ = tctx->c >> 56; *p++ = tctx->c >> 48; *p++ = tctx->c >> 40; - *p++ = tctx->c >> 32; *p++ = tctx->c >> 24; *p++ = tctx->c >> 16; - *p++ = tctx->c >> 8; *p++ = tctx->c; - - - /* unpack the hash */ - j = 7; - for (i = 0; i < 8; i++) { - out[j--] = (tctx->a >> 8 * i) & 0xff; - } - j = 15; - for (i = 0; i < 8; i++) { - out[j--] = (tctx->b >> 8 * i) & 0xff; - } - j = 23; - for (i = 0; i < 8; i++) { - out[j--] = (tctx->c >> 8 * i) & 0xff; - } + be64p = (__be64 *)tctx->hash; + dst[0] = be64p[0] = cpu_to_be64(tctx->a); + dst[1] = be64p[1] = cpu_to_be64(tctx->b); + dst[2] = be64p[2] = cpu_to_be64(tctx->c); } static void tgr160_final(void *ctx, u8 * out) diff --git a/crypto/twofish.c b/crypto/twofish.c index 4efff8c..b501d5a 100644 --- a/crypto/twofish.c +++ b/crypto/twofish.c @@ -37,6 +37,8 @@ * Abstract Algebra_ by Joseph A. Gallian, especially chapter 22 in the * Third Edition. */ + +#include #include #include #include @@ -621,13 +623,11 @@ static const u8 calc_sb_tbl[512] = { * whitening subkey number m. */ #define INPACK(n, x, m) \ - x = in[4 * (n)] ^ (in[4 * (n) + 1] << 8) \ - ^ (in[4 * (n) + 2] << 16) ^ (in[4 * (n) + 3] << 24) ^ ctx->w[m] + x = le32_to_cpu(src[n]) ^ ctx->w[m] #define OUTUNPACK(n, x, m) \ x ^= ctx->w[m]; \ - out[4 * (n)] = x; out[4 * (n) + 1] = x >> 8; \ - out[4 * (n) + 2] = x >> 16; out[4 * (n) + 3] = x >> 24 + dst[n] = cpu_to_le32(x) #define TF_MIN_KEY_SIZE 16 #define TF_MAX_KEY_SIZE 32 @@ -804,6 +804,8 @@ static int twofish_setkey(void *cx, cons static void twofish_encrypt(void *cx, u8 *out, const u8 *in) { struct twofish_ctx *ctx = cx; + const __le32 *src = (const __le32 *)in; + __le32 *dst = (__le32 *)out; /* The four 32-bit chunks of the text. */ u32 a, b, c, d; @@ -839,6 +841,8 @@ static void twofish_encrypt(void *cx, u8 static void twofish_decrypt(void *cx, u8 *out, const u8 *in) { struct twofish_ctx *ctx = cx; + const __le32 *src = (const __le32 *)in; + __le32 *dst = (__le32 *)out; /* The four 32-bit chunks of the text. */ u32 a, b, c, d; diff --git a/crypto/wp512.c b/crypto/wp512.c index fd6e20e..b226a12 100644 --- a/crypto/wp512.c +++ b/crypto/wp512.c @@ -22,8 +22,10 @@ #include #include #include +#include #include #include +#include #define WP512_DIGEST_SIZE 64 #define WP384_DIGEST_SIZE 48 @@ -778,19 +780,10 @@ static void wp512_process_buffer(struct u64 block[8]; /* mu(buffer) */ u64 state[8]; /* the cipher state */ u64 L[8]; - u8 *buffer = wctx->buffer; + const __be64 *buffer = (const __be64 *)wctx->buffer; - for (i = 0; i < 8; i++, buffer += 8) { - block[i] = - (((u64)buffer[0] ) << 56) ^ - (((u64)buffer[1] & 0xffL) << 48) ^ - (((u64)buffer[2] & 0xffL) << 40) ^ - (((u64)buffer[3] & 0xffL) << 32) ^ - (((u64)buffer[4] & 0xffL) << 24) ^ - (((u64)buffer[5] & 0xffL) << 16) ^ - (((u64)buffer[6] & 0xffL) << 8) ^ - (((u64)buffer[7] & 0xffL) ); - } + for (i = 0; i < 8; i++) + block[i] = be64_to_cpu(buffer[i]); state[0] = block[0] ^ (K[0] = wctx->hash[0]); state[1] = block[1] ^ (K[1] = wctx->hash[1]); @@ -1069,7 +1062,7 @@ static void wp512_final(void *ctx, u8 *o u8 *bitLength = wctx->bitLength; int bufferBits = wctx->bufferBits; int bufferPos = wctx->bufferPos; - u8 *digest = out; + __be64 *digest = (__be64 *)out; buffer[bufferPos] |= 0x80U >> (bufferBits & 7); bufferPos++; @@ -1088,17 +1081,8 @@ static void wp512_final(void *ctx, u8 *o memcpy(&buffer[WP512_BLOCK_SIZE - WP512_LENGTHBYTES], bitLength, WP512_LENGTHBYTES); wp512_process_buffer(wctx); - for (i = 0; i < WP512_DIGEST_SIZE/8; i++) { - digest[0] = (u8)(wctx->hash[i] >> 56); - digest[1] = (u8)(wctx->hash[i] >> 48); - digest[2] = (u8)(wctx->hash[i] >> 40); - digest[3] = (u8)(wctx->hash[i] >> 32); - digest[4] = (u8)(wctx->hash[i] >> 24); - digest[5] = (u8)(wctx->hash[i] >> 16); - digest[6] = (u8)(wctx->hash[i] >> 8); - digest[7] = (u8)(wctx->hash[i] ); - digest += 8; - } + for (i = 0; i < WP512_DIGEST_SIZE/8; i++) + digest[i] = cpu_to_be64(wctx->hash[i]); wctx->bufferBits = bufferBits; wctx->bufferPos = bufferPos; } diff --git a/drivers/crypto/padlock-aes.c b/drivers/crypto/padlock-aes.c index 71407c5..64819aa 100644 --- a/drivers/crypto/padlock-aes.c +++ b/drivers/crypto/padlock-aes.c @@ -99,9 +99,6 @@ byte(const uint32_t x, const unsigned n) return x >> (n << 3); } -#define uint32_t_in(x) le32_to_cpu(*(const uint32_t *)(x)) -#define uint32_t_out(to, from) (*(uint32_t *)(to) = cpu_to_le32(from)) - #define E_KEY ctx->E #define D_KEY ctx->D @@ -294,6 +291,7 @@ static int aes_set_key(void *ctx_arg, const uint8_t *in_key, unsigned int key_len, uint32_t *flags) { struct aes_ctx *ctx = aes_ctx(ctx_arg); + const __le32 *key = (const __le32 *)in_key; uint32_t i, t, u, v, w; uint32_t P[AES_EXTENDED_KEY_SIZE]; uint32_t rounds; @@ -313,10 +311,10 @@ aes_set_key(void *ctx_arg, const uint8_t ctx->E = ctx->e_data; ctx->D = ctx->e_data; - E_KEY[0] = uint32_t_in (in_key); - E_KEY[1] = uint32_t_in (in_key + 4); - E_KEY[2] = uint32_t_in (in_key + 8); - E_KEY[3] = uint32_t_in (in_key + 12); + E_KEY[0] = le32_to_cpu(key[0]); + E_KEY[1] = le32_to_cpu(key[1]); + E_KEY[2] = le32_to_cpu(key[2]); + E_KEY[3] = le32_to_cpu(key[3]); /* Prepare control words. */ memset(&ctx->cword, 0, sizeof(ctx->cword)); @@ -343,17 +341,17 @@ aes_set_key(void *ctx_arg, const uint8_t break; case 24: - E_KEY[4] = uint32_t_in (in_key + 16); - t = E_KEY[5] = uint32_t_in (in_key + 20); + E_KEY[4] = le32_to_cpu(key[4]); + t = E_KEY[5] = le32_to_cpu(key[5]); for (i = 0; i < 8; ++i) loop6 (i); break; case 32: - E_KEY[4] = uint32_t_in (in_key + 16); - E_KEY[5] = uint32_t_in (in_key + 20); - E_KEY[6] = uint32_t_in (in_key + 24); - t = E_KEY[7] = uint32_t_in (in_key + 28); + E_KEY[4] = le32_to_cpu(in_key[4]); + E_KEY[5] = le32_to_cpu(in_key[5]); + E_KEY[6] = le32_to_cpu(in_key[6]); + t = E_KEY[7] = le32_to_cpu(in_key[7]); for (i = 0; i < 7; ++i) loop8 (i); break; @@ -468,6 +466,8 @@ static unsigned int aes_decrypt_cbc(cons static struct crypto_alg aes_alg = { .cra_name = "aes", + .cra_driver_name = "aes-padlock", + .cra_priority = 300, .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = AES_BLOCK_SIZE, .cra_ctxsize = sizeof(struct aes_ctx), diff --git a/drivers/crypto/padlock.h b/drivers/crypto/padlock.h index 3cf2b7a..b78489b 100644 --- a/drivers/crypto/padlock.h +++ b/drivers/crypto/padlock.h @@ -17,7 +17,7 @@ /* Control word. */ struct cword { - int __attribute__ ((__packed__)) + unsigned int __attribute__ ((__packed__)) rounds:4, algo:3, keygen:1, diff --git a/include/linux/crypto.h b/include/linux/crypto.h index 3c89df6..d88bf8a 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -3,6 +3,7 @@ * * Copyright (c) 2002 James Morris * Copyright (c) 2002 David S. Miller (davem@redhat.com) + * Copyright (c) 2005 Herbert Xu * * Portions derived from Cryptoapi, by Alexander Kjeldaas * and Nettle, by Niels Möller. @@ -126,7 +127,11 @@ struct crypto_alg { unsigned int cra_blocksize; unsigned int cra_ctxsize; unsigned int cra_alignmask; + + int cra_priority; + const char cra_name[CRYPTO_MAX_ALG_NAME]; + const char cra_driver_name[CRYPTO_MAX_ALG_NAME]; union { struct cipher_alg cipher;