OpenWrt – Blame information for rev 4

Subversion Repositories:
Rev:
Rev Author Line No. Line
4 office 1 /******************************************************************************
2 **
3 ** FILE NAME : ifxmips_aes.c
4 ** PROJECT : IFX UEIP
5 ** MODULES : DEU Module
6 **
7 ** DATE : September 8, 2009
8 ** AUTHOR : Mohammad Firdaus
9 ** DESCRIPTION : Data Encryption Unit Driver for AES Algorithm
10 ** COPYRIGHT : Copyright (c) 2009
11 ** Infineon Technologies AG
12 ** Am Campeon 1-12, 85579 Neubiberg, Germany
13 **
14 ** This program is free software; you can redistribute it and/or modify
15 ** it under the terms of the GNU General Public License as published by
16 ** the Free Software Foundation; either version 2 of the License, or
17 ** (at your option) any later version.
18 **
19 ** HISTORY
20 ** $Date $Author $Comment
21 ** 08,Sept 2009 Mohammad Firdaus Initial UEIP release
22 *******************************************************************************/
23 /*!
24 \defgroup IFX_DEU IFX_DEU_DRIVERS
25 \ingroup API
26 \brief ifx DEU driver module
27 */
28  
29 /*!
30 \file ifxmips_aes.c
31 \ingroup IFX_DEU
32 \brief AES Encryption Driver main file
33 */
34  
35 /*!
36 \defgroup IFX_AES_FUNCTIONS IFX_AES_FUNCTIONS
37 \ingroup IFX_DEU
38 \brief IFX AES driver Functions
39 */
40  
41  
42 /* Project Header Files */
43 #if defined(CONFIG_MODVERSIONS)
44 #define MODVERSIONS
45 #include <linux/modeversions>
46 #endif
47  
48 #include <linux/version.h>
49 #include <linux/module.h>
50 #include <linux/init.h>
51 #include <linux/proc_fs.h>
52 #include <linux/fs.h>
53 #include <linux/types.h>
54 #include <linux/errno.h>
55 #include <linux/crypto.h>
56 #include <linux/interrupt.h>
57 #include <linux/delay.h>
58 #include <asm/byteorder.h>
59 #include <crypto/algapi.h>
60  
61 #include "ifxmips_deu.h"
62  
63 #if defined(CONFIG_DANUBE)
64 #include "ifxmips_deu_danube.h"
65 extern int ifx_danube_pre_1_4;
66 #elif defined(CONFIG_AR9)
67 #include "ifxmips_deu_ar9.h"
68 #elif defined(CONFIG_VR9) || defined(CONFIG_AR10)
69 #include "ifxmips_deu_vr9.h"
70 #else
71 #error "Unkown platform"
72 #endif
73  
74 /* DMA related header and variables */
75  
76 spinlock_t aes_lock;
77 #define CRTCL_SECT_INIT spin_lock_init(&aes_lock)
78 #define CRTCL_SECT_START spin_lock_irqsave(&aes_lock, flag)
79 #define CRTCL_SECT_END spin_unlock_irqrestore(&aes_lock, flag)
80  
81 /* Definition of constants */
82 #define AES_START IFX_AES_CON
83 #define AES_MIN_KEY_SIZE 16
84 #define AES_MAX_KEY_SIZE 32
85 #define AES_BLOCK_SIZE 16
86 #define CTR_RFC3686_NONCE_SIZE 4
87 #define CTR_RFC3686_IV_SIZE 8
88 #define CTR_RFC3686_MAX_KEY_SIZE (AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE)
89  
90 #ifdef CRYPTO_DEBUG
91 extern char debug_level;
92 #define DPRINTF(level, format, args...) if (level < debug_level) printk(KERN_INFO "[%s %s %d]: " format, __FILE__, __func__, __LINE__, ##args);
93 #else
94 #define DPRINTF(level, format, args...)
95 #endif /* CRYPTO_DEBUG */
96  
97 /* Function decleration */
98 int aes_chip_init(void);
99 u32 endian_swap(u32 input);
100 u32 input_swap(u32 input);
101 u32* memory_alignment(const u8 *arg, u32 *buff_alloc, int in_out, int nbytes);
102 void aes_dma_memory_copy(u32 *outcopy, u32 *out_dma, u8 *out_arg, int nbytes);
103 void des_dma_memory_copy(u32 *outcopy, u32 *out_dma, u8 *out_arg, int nbytes);
104 int aes_memory_allocate(int value);
105 int des_memory_allocate(int value);
106 void memory_release(u32 *addr);
107  
108  
109 extern void ifx_deu_aes (void *ctx_arg, uint8_t *out_arg, const uint8_t *in_arg,
110 uint8_t *iv_arg, size_t nbytes, int encdec, int mode);
111 /* End of function decleration */
112  
113 struct aes_ctx {
114 int key_length;
115 u32 buf[AES_MAX_KEY_SIZE];
116 u8 nonce[CTR_RFC3686_NONCE_SIZE];
117 };
118  
119 extern int disable_deudma;
120 extern int disable_multiblock;
121  
122 /*! \fn int aes_set_key (struct crypto_tfm *tfm, const uint8_t *in_key, unsigned int key_len)
123 * \ingroup IFX_AES_FUNCTIONS
124 * \brief sets the AES keys
125 * \param tfm linux crypto algo transform
126 * \param in_key input key
127 * \param key_len key lengths of 16, 24 and 32 bytes supported
128 * \return -EINVAL - bad key length, 0 - SUCCESS
129 */
130 int aes_set_key (struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len)
131 {
132 struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
133 unsigned long *flags = (unsigned long *) &tfm->crt_flags;
134  
135 //printk("set_key in %s\n", __FILE__);
136  
137 //aes_chip_init();
138  
139 if (key_len != 16 && key_len != 24 && key_len != 32) {
140 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
141 return -EINVAL;
142 }
143  
144 ctx->key_length = key_len;
145 DPRINTF(0, "ctx @%p, key_len %d, ctx->key_length %d\n", ctx, key_len, ctx->key_length);
146 memcpy ((u8 *) (ctx->buf), in_key, key_len);
147  
148 return 0;
149 }
150  
151  
152 /*! \fn void ifx_deu_aes (void *ctx_arg, u8 *out_arg, const u8 *in_arg, u8 *iv_arg, size_t nbytes, int encdec, int mode)
153 * \ingroup IFX_AES_FUNCTIONS
154 * \brief main interface to AES hardware
155 * \param ctx_arg crypto algo context
156 * \param out_arg output bytestream
157 * \param in_arg input bytestream
158 * \param iv_arg initialization vector
159 * \param nbytes length of bytestream
160 * \param encdec 1 for encrypt; 0 for decrypt
161 * \param mode operation mode such as ebc, cbc, ctr
162 *
163 */
164 void ifx_deu_aes (void *ctx_arg, u8 *out_arg, const u8 *in_arg,
165 u8 *iv_arg, size_t nbytes, int encdec, int mode)
166  
167 {
168 /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
169 volatile struct aes_t *aes = (volatile struct aes_t *) AES_START;
170 struct aes_ctx *ctx = (struct aes_ctx *)ctx_arg;
171 u32 *in_key = ctx->buf;
172 unsigned long flag;
173 /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
174 int key_len = ctx->key_length;
175  
176 int i = 0;
177 int byte_cnt = nbytes;
178  
179  
180 CRTCL_SECT_START;
181 /* 128, 192 or 256 bit key length */
182 aes->controlr.K = key_len / 8 - 2;
183 if (key_len == 128 / 8) {
184 aes->K3R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 0));
185 aes->K2R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 1));
186 aes->K1R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 2));
187 aes->K0R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 3));
188 }
189 else if (key_len == 192 / 8) {
190 aes->K5R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 0));
191 aes->K4R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 1));
192 aes->K3R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 2));
193 aes->K2R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 3));
194 aes->K1R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 4));
195 aes->K0R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 5));
196 }
197 else if (key_len == 256 / 8) {
198 aes->K7R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 0));
199 aes->K6R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 1));
200 aes->K5R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 2));
201 aes->K4R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 3));
202 aes->K3R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 4));
203 aes->K2R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 5));
204 aes->K1R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 6));
205 aes->K0R = DEU_ENDIAN_SWAP(*((u32 *) in_key + 7));
206 }
207 else {
208 printk (KERN_ERR "[%s %s %d]: Invalid key_len : %d\n", __FILE__, __func__, __LINE__, key_len);
209 CRTCL_SECT_END;
210 return;// -EINVAL;
211 }
212  
213 /* let HW pre-process DEcryption key in any case (even if
214 ENcryption is used). Key Valid (KV) bit is then only
215 checked in decryption routine! */
216 aes->controlr.PNK = 1;
217  
218  
219 aes->controlr.E_D = !encdec; //encryption
220 aes->controlr.O = mode; //0 ECB 1 CBC 2 OFB 3 CFB 4 CTR
221  
222 //aes->controlr.F = 128; //default; only for CFB and OFB modes; change only for customer-specific apps
223 if (mode > 0) {
224 aes->IV3R = DEU_ENDIAN_SWAP(*(u32 *) iv_arg);
225 aes->IV2R = DEU_ENDIAN_SWAP(*((u32 *) iv_arg + 1));
226 aes->IV1R = DEU_ENDIAN_SWAP(*((u32 *) iv_arg + 2));
227 aes->IV0R = DEU_ENDIAN_SWAP(*((u32 *) iv_arg + 3));
228 };
229  
230  
231 i = 0;
232 while (byte_cnt >= 16) {
233  
234 aes->ID3R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 0));
235 aes->ID2R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 1));
236 aes->ID1R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 2));
237 aes->ID0R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 3)); /* start crypto */
238  
239 while (aes->controlr.BUS) {
240 // this will not take long
241 }
242  
243 *((volatile u32 *) out_arg + (i * 4) + 0) = aes->OD3R;
244 *((volatile u32 *) out_arg + (i * 4) + 1) = aes->OD2R;
245 *((volatile u32 *) out_arg + (i * 4) + 2) = aes->OD1R;
246 *((volatile u32 *) out_arg + (i * 4) + 3) = aes->OD0R;
247  
248 i++;
249 byte_cnt -= 16;
250 }
251  
252 /* To handle all non-aligned bytes (not aligned to 16B size) */
253 if (byte_cnt) {
254 aes->ID3R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 0));
255 aes->ID2R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 1));
256 aes->ID1R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 2));
257 aes->ID0R = INPUT_ENDIAN_SWAP(*((u32 *) in_arg + (i * 4) + 3)); /* start crypto */
258  
259 while (aes->controlr.BUS) {
260 }
261  
262 *((volatile u32 *) out_arg + (i * 4) + 0) = aes->OD3R;
263 *((volatile u32 *) out_arg + (i * 4) + 1) = aes->OD2R;
264 *((volatile u32 *) out_arg + (i * 4) + 2) = aes->OD1R;
265 *((volatile u32 *) out_arg + (i * 4) + 3) = aes->OD0R;
266  
267 /* to ensure that the extended pages are clean */
268 memset (out_arg + (i * 16) + (nbytes % AES_BLOCK_SIZE), 0,
269 (AES_BLOCK_SIZE - (nbytes % AES_BLOCK_SIZE)));
270  
271 }
272  
273 //tc.chen : copy iv_arg back
274 if (mode > 0) {
275 *((u32 *) iv_arg) = DEU_ENDIAN_SWAP(aes->IV3R);
276 *((u32 *) iv_arg + 1) = DEU_ENDIAN_SWAP(aes->IV2R);
277 *((u32 *) iv_arg + 2) = DEU_ENDIAN_SWAP(aes->IV1R);
278 *((u32 *) iv_arg + 3) = DEU_ENDIAN_SWAP(aes->IV0R);
279 }
280  
281 CRTCL_SECT_END;
282 }
283  
284 /*!
285 * \fn int ctr_rfc3686_aes_set_key (struct crypto_tfm *tfm, const uint8_t *in_key, unsigned int key_len)
286 * \ingroup IFX_AES_FUNCTIONS
287 * \brief sets RFC3686 key
288 * \param tfm linux crypto algo transform
289 * \param in_key input key
290 * \param key_len key lengths of 20, 28 and 36 bytes supported; last 4 bytes is nonce
291 * \return 0 - SUCCESS
292 * -EINVAL - bad key length
293 */
294 int ctr_rfc3686_aes_set_key (struct crypto_tfm *tfm, const uint8_t *in_key, unsigned int key_len)
295 {
296 struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
297 unsigned long *flags = (unsigned long *)&tfm->crt_flags;
298  
299 //printk("ctr_rfc3686_aes_set_key in %s\n", __FILE__);
300  
301 memcpy(ctx->nonce, in_key + (key_len - CTR_RFC3686_NONCE_SIZE),
302 CTR_RFC3686_NONCE_SIZE);
303  
304 key_len -= CTR_RFC3686_NONCE_SIZE; // remove 4 bytes of nonce
305  
306 if (key_len != 16 && key_len != 24 && key_len != 32) {
307 *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
308 return -EINVAL;
309 }
310  
311 ctx->key_length = key_len;
312  
313 memcpy ((u8 *) (ctx->buf), in_key, key_len);
314  
315 return 0;
316 }
317  
318 /*! \fn void ifx_deu_aes (void *ctx_arg, u8 *out_arg, const u8 *in_arg, u8 *iv_arg, u32 nbytes, int encdec, int mode)
319 * \ingroup IFX_AES_FUNCTIONS
320 * \brief main interface with deu hardware in DMA mode
321 * \param ctx_arg crypto algo context
322 * \param out_arg output bytestream
323 * \param in_arg input bytestream
324 * \param iv_arg initialization vector
325 * \param nbytes length of bytestream
326 * \param encdec 1 for encrypt; 0 for decrypt
327 * \param mode operation mode such as ebc, cbc, ctr
328 */
329  
330  
331 //definitions from linux/include/crypto.h:
332 //#define CRYPTO_TFM_MODE_ECB 0x00000001
333 //#define CRYPTO_TFM_MODE_CBC 0x00000002
334 //#define CRYPTO_TFM_MODE_CFB 0x00000004
335 //#define CRYPTO_TFM_MODE_CTR 0x00000008
336 //#define CRYPTO_TFM_MODE_OFB 0x00000010 // not even defined
337 //but hardware definition: 0 ECB 1 CBC 2 OFB 3 CFB 4 CTR
338  
339 /*! \fn void ifx_deu_aes_ecb (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
340 * \ingroup IFX_AES_FUNCTIONS
341 * \brief sets AES hardware to ECB mode
342 * \param ctx crypto algo context
343 * \param dst output bytestream
344 * \param src input bytestream
345 * \param iv initialization vector
346 * \param nbytes length of bytestream
347 * \param encdec 1 for encrypt; 0 for decrypt
348 * \param inplace not used
349 */
350 void ifx_deu_aes_ecb (void *ctx, uint8_t *dst, const uint8_t *src,
351 uint8_t *iv, size_t nbytes, int encdec, int inplace)
352 {
353 ifx_deu_aes (ctx, dst, src, NULL, nbytes, encdec, 0);
354 }
355  
356 /*! \fn void ifx_deu_aes_cbc (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
357 * \ingroup IFX_AES_FUNCTIONS
358 * \brief sets AES hardware to CBC mode
359 * \param ctx crypto algo context
360 * \param dst output bytestream
361 * \param src input bytestream
362 * \param iv initialization vector
363 * \param nbytes length of bytestream
364 * \param encdec 1 for encrypt; 0 for decrypt
365 * \param inplace not used
366 */
367 void ifx_deu_aes_cbc (void *ctx, uint8_t *dst, const uint8_t *src,
368 uint8_t *iv, size_t nbytes, int encdec, int inplace)
369 {
370 ifx_deu_aes (ctx, dst, src, iv, nbytes, encdec, 1);
371 }
372  
373 /*! \fn void ifx_deu_aes_ofb (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
374 * \ingroup IFX_AES_FUNCTIONS
375 * \brief sets AES hardware to OFB mode
376 * \param ctx crypto algo context
377 * \param dst output bytestream
378 * \param src input bytestream
379 * \param iv initialization vector
380 * \param nbytes length of bytestream
381 * \param encdec 1 for encrypt; 0 for decrypt
382 * \param inplace not used
383 */
384 void ifx_deu_aes_ofb (void *ctx, uint8_t *dst, const uint8_t *src,
385 uint8_t *iv, size_t nbytes, int encdec, int inplace)
386 {
387 ifx_deu_aes (ctx, dst, src, iv, nbytes, encdec, 2);
388 }
389  
390 /*! \fn void ifx_deu_aes_cfb (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
391 * \ingroup IFX_AES_FUNCTIONS
392 * \brief sets AES hardware to CFB mode
393 * \param ctx crypto algo context
394 * \param dst output bytestream
395 * \param src input bytestream
396 * \param iv initialization vector
397 * \param nbytes length of bytestream
398 * \param encdec 1 for encrypt; 0 for decrypt
399 * \param inplace not used
400 */
401 void ifx_deu_aes_cfb (void *ctx, uint8_t *dst, const uint8_t *src,
402 uint8_t *iv, size_t nbytes, int encdec, int inplace)
403 {
404 ifx_deu_aes (ctx, dst, src, iv, nbytes, encdec, 3);
405 }
406  
407 /*! \fn void ifx_deu_aes_ctr (void *ctx, uint8_t *dst, const uint8_t *src, uint8_t *iv, size_t nbytes, int encdec, int inplace)
408 * \ingroup IFX_AES_FUNCTIONS
409 * \brief sets AES hardware to CTR mode
410 * \param ctx crypto algo context
411 * \param dst output bytestream
412 * \param src input bytestream
413 * \param iv initialization vector
414 * \param nbytes length of bytestream
415 * \param encdec 1 for encrypt; 0 for decrypt
416 * \param inplace not used
417 */
418 void ifx_deu_aes_ctr (void *ctx, uint8_t *dst, const uint8_t *src,
419 uint8_t *iv, size_t nbytes, int encdec, int inplace)
420 {
421 ifx_deu_aes (ctx, dst, src, iv, nbytes, encdec, 4);
422 }
423  
424 /*! \fn void aes_encrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
425 * \ingroup IFX_AES_FUNCTIONS
426 * \brief encrypt AES_BLOCK_SIZE of data
427 * \param tfm linux crypto algo transform
428 * \param out output bytestream
429 * \param in input bytestream
430 */
431 void aes_encrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
432 {
433 struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
434 ifx_deu_aes (ctx, out, in, NULL, AES_BLOCK_SIZE,
435 CRYPTO_DIR_ENCRYPT, 0);
436 }
437  
438 /*! \fn void aes_decrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
439 * \ingroup IFX_AES_FUNCTIONS
440 * \brief decrypt AES_BLOCK_SIZE of data
441 * \param tfm linux crypto algo transform
442 * \param out output bytestream
443 * \param in input bytestream
444 */
445 void aes_decrypt (struct crypto_tfm *tfm, uint8_t *out, const uint8_t *in)
446 {
447 struct aes_ctx *ctx = crypto_tfm_ctx(tfm);
448 ifx_deu_aes (ctx, out, in, NULL, AES_BLOCK_SIZE,
449 CRYPTO_DIR_DECRYPT, 0);
450 }
451  
452 /*
453 * \brief AES function mappings
454 */
455 struct crypto_alg ifxdeu_aes_alg = {
456 .cra_name = "aes",
457 .cra_driver_name = "ifxdeu-aes",
458 .cra_priority = 300,
459 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
460 .cra_blocksize = AES_BLOCK_SIZE,
461 .cra_ctxsize = sizeof(struct aes_ctx),
462 .cra_module = THIS_MODULE,
463 .cra_list = LIST_HEAD_INIT(ifxdeu_aes_alg.cra_list),
464 .cra_u = {
465 .cipher = {
466 .cia_min_keysize = AES_MIN_KEY_SIZE,
467 .cia_max_keysize = AES_MAX_KEY_SIZE,
468 .cia_setkey = aes_set_key,
469 .cia_encrypt = aes_encrypt,
470 .cia_decrypt = aes_decrypt,
471 }
472 }
473 };
474  
475 /*! \fn int ecb_aes_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
476 * \ingroup IFX_AES_FUNCTIONS
477 * \brief ECB AES encrypt using linux crypto blkcipher
478 * \param desc blkcipher descriptor
479 * \param dst output scatterlist
480 * \param src input scatterlist
481 * \param nbytes data size in bytes
482 * \return err
483 */
484 int ecb_aes_encrypt(struct blkcipher_desc *desc,
485 struct scatterlist *dst, struct scatterlist *src,
486 unsigned int nbytes)
487 {
488 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
489 struct blkcipher_walk walk;
490 int err;
491 unsigned int enc_bytes;
492  
493 blkcipher_walk_init(&walk, dst, src, nbytes);
494 err = blkcipher_walk_virt(desc, &walk);
495  
496 while ((nbytes = enc_bytes = walk.nbytes)) {
497 enc_bytes -= (nbytes % AES_BLOCK_SIZE);
498 ifx_deu_aes_ecb(ctx, walk.dst.virt.addr, walk.src.virt.addr,
499 NULL, enc_bytes, CRYPTO_DIR_ENCRYPT, 0);
500 nbytes &= AES_BLOCK_SIZE - 1;
501 err = blkcipher_walk_done(desc, &walk, nbytes);
502 }
503  
504 return err;
505 }
506  
507 /*! \fn int ecb_aes_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
508 * \ingroup IFX_AES_FUNCTIONS
509 * \brief ECB AES decrypt using linux crypto blkcipher
510 * \param desc blkcipher descriptor
511 * \param dst output scatterlist
512 * \param src input scatterlist
513 * \param nbytes data size in bytes
514 * \return err
515 */
516 int ecb_aes_decrypt(struct blkcipher_desc *desc,
517 struct scatterlist *dst, struct scatterlist *src,
518 unsigned int nbytes)
519 {
520 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
521 struct blkcipher_walk walk;
522 int err;
523 unsigned int dec_bytes;
524  
525 blkcipher_walk_init(&walk, dst, src, nbytes);
526 err = blkcipher_walk_virt(desc, &walk);
527  
528 while ((nbytes = dec_bytes = walk.nbytes)) {
529 dec_bytes -= (nbytes % AES_BLOCK_SIZE);
530 ifx_deu_aes_ecb(ctx, walk.dst.virt.addr, walk.src.virt.addr,
531 NULL, dec_bytes, CRYPTO_DIR_DECRYPT, 0);
532 nbytes &= AES_BLOCK_SIZE - 1;
533 err = blkcipher_walk_done(desc, &walk, nbytes);
534 }
535  
536 return err;
537 }
538  
539 /*
540 * \brief AES function mappings
541 */
542 struct crypto_alg ifxdeu_ecb_aes_alg = {
543 .cra_name = "ecb(aes)",
544 .cra_driver_name = "ifxdeu-ecb(aes)",
545 .cra_priority = 400,
546 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
547 .cra_blocksize = AES_BLOCK_SIZE,
548 .cra_ctxsize = sizeof(struct aes_ctx),
549 .cra_type = &crypto_blkcipher_type,
550 .cra_module = THIS_MODULE,
551 .cra_list = LIST_HEAD_INIT(ifxdeu_ecb_aes_alg.cra_list),
552 .cra_u = {
553 .blkcipher = {
554 .min_keysize = AES_MIN_KEY_SIZE,
555 .max_keysize = AES_MAX_KEY_SIZE,
556 .setkey = aes_set_key,
557 .encrypt = ecb_aes_encrypt,
558 .decrypt = ecb_aes_decrypt,
559 }
560 }
561 };
562  
563  
564 /*! \fn int cbc_aes_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
565 * \ingroup IFX_AES_FUNCTIONS
566 * \brief CBC AES encrypt using linux crypto blkcipher
567 * \param desc blkcipher descriptor
568 * \param dst output scatterlist
569 * \param src input scatterlist
570 * \param nbytes data size in bytes
571 * \return err
572 */
573 int cbc_aes_encrypt(struct blkcipher_desc *desc,
574 struct scatterlist *dst, struct scatterlist *src,
575 unsigned int nbytes)
576 {
577 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
578 struct blkcipher_walk walk;
579 int err;
580 unsigned int enc_bytes;
581  
582 blkcipher_walk_init(&walk, dst, src, nbytes);
583 err = blkcipher_walk_virt(desc, &walk);
584  
585 while ((nbytes = enc_bytes = walk.nbytes)) {
586 u8 *iv = walk.iv;
587 enc_bytes -= (nbytes % AES_BLOCK_SIZE);
588 ifx_deu_aes_cbc(ctx, walk.dst.virt.addr, walk.src.virt.addr,
589 iv, enc_bytes, CRYPTO_DIR_ENCRYPT, 0);
590 nbytes &= AES_BLOCK_SIZE - 1;
591 err = blkcipher_walk_done(desc, &walk, nbytes);
592 }
593  
594 return err;
595 }
596  
597 /*! \fn int cbc_aes_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
598 * \ingroup IFX_AES_FUNCTIONS
599 * \brief CBC AES decrypt using linux crypto blkcipher
600 * \param desc blkcipher descriptor
601 * \param dst output scatterlist
602 * \param src input scatterlist
603 * \param nbytes data size in bytes
604 * \return err
605 */
606 int cbc_aes_decrypt(struct blkcipher_desc *desc,
607 struct scatterlist *dst, struct scatterlist *src,
608 unsigned int nbytes)
609 {
610 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
611 struct blkcipher_walk walk;
612 int err;
613 unsigned int dec_bytes;
614  
615 blkcipher_walk_init(&walk, dst, src, nbytes);
616 err = blkcipher_walk_virt(desc, &walk);
617  
618 while ((nbytes = dec_bytes = walk.nbytes)) {
619 u8 *iv = walk.iv;
620 dec_bytes -= (nbytes % AES_BLOCK_SIZE);
621 ifx_deu_aes_cbc(ctx, walk.dst.virt.addr, walk.src.virt.addr,
622 iv, dec_bytes, CRYPTO_DIR_DECRYPT, 0);
623 nbytes &= AES_BLOCK_SIZE - 1;
624 err = blkcipher_walk_done(desc, &walk, nbytes);
625 }
626  
627 return err;
628 }
629  
630 /*
631 * \brief AES function mappings
632 */
633 struct crypto_alg ifxdeu_cbc_aes_alg = {
634 .cra_name = "cbc(aes)",
635 .cra_driver_name = "ifxdeu-cbc(aes)",
636 .cra_priority = 400,
637 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
638 .cra_blocksize = AES_BLOCK_SIZE,
639 .cra_ctxsize = sizeof(struct aes_ctx),
640 .cra_type = &crypto_blkcipher_type,
641 .cra_module = THIS_MODULE,
642 .cra_list = LIST_HEAD_INIT(ifxdeu_cbc_aes_alg.cra_list),
643 .cra_u = {
644 .blkcipher = {
645 .min_keysize = AES_MIN_KEY_SIZE,
646 .max_keysize = AES_MAX_KEY_SIZE,
647 .ivsize = AES_BLOCK_SIZE,
648 .setkey = aes_set_key,
649 .encrypt = cbc_aes_encrypt,
650 .decrypt = cbc_aes_decrypt,
651 }
652 }
653 };
654  
655  
656 /*! \fn int ctr_basic_aes_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
657 * \ingroup IFX_AES_FUNCTIONS
658 * \brief Counter mode AES encrypt using linux crypto blkcipher
659 * \param desc blkcipher descriptor
660 * \param dst output scatterlist
661 * \param src input scatterlist
662 * \param nbytes data size in bytes
663 * \return err
664 */
665 int ctr_basic_aes_encrypt(struct blkcipher_desc *desc,
666 struct scatterlist *dst, struct scatterlist *src,
667 unsigned int nbytes)
668 {
669 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
670 struct blkcipher_walk walk;
671 int err;
672 unsigned int enc_bytes;
673  
674 blkcipher_walk_init(&walk, dst, src, nbytes);
675 err = blkcipher_walk_virt(desc, &walk);
676  
677 while ((nbytes = enc_bytes = walk.nbytes)) {
678 u8 *iv = walk.iv;
679 enc_bytes -= (nbytes % AES_BLOCK_SIZE);
680 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
681 iv, enc_bytes, CRYPTO_DIR_ENCRYPT, 0);
682 nbytes &= AES_BLOCK_SIZE - 1;
683 err = blkcipher_walk_done(desc, &walk, nbytes);
684 }
685  
686 return err;
687 }
688  
689 /*! \fn int ctr_basic_aes_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
690 * \ingroup IFX_AES_FUNCTIONS
691 * \brief Counter mode AES decrypt using linux crypto blkcipher
692 * \param desc blkcipher descriptor
693 * \param dst output scatterlist
694 * \param src input scatterlist
695 * \param nbytes data size in bytes
696 * \return err
697 */
698 int ctr_basic_aes_decrypt(struct blkcipher_desc *desc,
699 struct scatterlist *dst, struct scatterlist *src,
700 unsigned int nbytes)
701 {
702 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
703 struct blkcipher_walk walk;
704 int err;
705 unsigned int dec_bytes;
706  
707 blkcipher_walk_init(&walk, dst, src, nbytes);
708 err = blkcipher_walk_virt(desc, &walk);
709  
710 while ((nbytes = dec_bytes = walk.nbytes)) {
711 u8 *iv = walk.iv;
712 dec_bytes -= (nbytes % AES_BLOCK_SIZE);
713 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
714 iv, dec_bytes, CRYPTO_DIR_DECRYPT, 0);
715 nbytes &= AES_BLOCK_SIZE - 1;
716 err = blkcipher_walk_done(desc, &walk, nbytes);
717 }
718  
719 return err;
720 }
721  
722 /*
723 * \brief AES function mappings
724 */
725 struct crypto_alg ifxdeu_ctr_basic_aes_alg = {
726 .cra_name = "ctr(aes)",
727 .cra_driver_name = "ifxdeu-ctr(aes)",
728 .cra_priority = 400,
729 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
730 .cra_blocksize = AES_BLOCK_SIZE,
731 .cra_ctxsize = sizeof(struct aes_ctx),
732 .cra_type = &crypto_blkcipher_type,
733 .cra_module = THIS_MODULE,
734 .cra_list = LIST_HEAD_INIT(ifxdeu_ctr_basic_aes_alg.cra_list),
735 .cra_u = {
736 .blkcipher = {
737 .min_keysize = AES_MIN_KEY_SIZE,
738 .max_keysize = AES_MAX_KEY_SIZE,
739 .ivsize = AES_BLOCK_SIZE,
740 .setkey = aes_set_key,
741 .encrypt = ctr_basic_aes_encrypt,
742 .decrypt = ctr_basic_aes_decrypt,
743 }
744 }
745 };
746  
747  
748 /*! \fn int ctr_rfc3686_aes_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
749 * \ingroup IFX_AES_FUNCTIONS
750 * \brief Counter mode AES (rfc3686) encrypt using linux crypto blkcipher
751 * \param desc blkcipher descriptor
752 * \param dst output scatterlist
753 * \param src input scatterlist
754 * \param nbytes data size in bytes
755 * \return err
756 */
757 int ctr_rfc3686_aes_encrypt(struct blkcipher_desc *desc,
758 struct scatterlist *dst, struct scatterlist *src,
759 unsigned int nbytes)
760 {
761 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
762 struct blkcipher_walk walk;
763 int err, bsize = nbytes;
764 u8 rfc3686_iv[16];
765  
766 blkcipher_walk_init(&walk, dst, src, nbytes);
767 err = blkcipher_walk_virt(desc, &walk);
768  
769 /* set up counter block */
770 memcpy(rfc3686_iv, ctx->nonce, CTR_RFC3686_NONCE_SIZE);
771 memcpy(rfc3686_iv + CTR_RFC3686_NONCE_SIZE, walk.iv, CTR_RFC3686_IV_SIZE);
772  
773 /* initialize counter portion of counter block */
774 *(__be32 *)(rfc3686_iv + CTR_RFC3686_NONCE_SIZE + CTR_RFC3686_IV_SIZE) =
775 cpu_to_be32(1);
776  
777 /* scatterlist source is the same size as request size, just process once */
778 if (nbytes == walk.nbytes) {
779 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
780 rfc3686_iv, nbytes, CRYPTO_DIR_ENCRYPT, 0);
781 nbytes -= walk.nbytes;
782 err = blkcipher_walk_done(desc, &walk, nbytes);
783 return err;
784 }
785  
786 while ((nbytes = walk.nbytes) && (walk.nbytes >= AES_BLOCK_SIZE)) {
787 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
788 rfc3686_iv, nbytes, CRYPTO_DIR_ENCRYPT, 0);
789  
790 nbytes -= walk.nbytes;
791 bsize -= walk.nbytes;
792 err = blkcipher_walk_done(desc, &walk, nbytes);
793 }
794  
795 /* to handle remaining bytes < AES_BLOCK_SIZE */
796 if (walk.nbytes) {
797 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
798 rfc3686_iv, walk.nbytes, CRYPTO_DIR_ENCRYPT, 0);
799 err = blkcipher_walk_done(desc, &walk, 0);
800 }
801  
802 return err;
803 }
804  
805 /*! \fn int ctr_rfc3686_aes_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst, struct scatterlist *src, unsigned int nbytes)
806 * \ingroup IFX_AES_FUNCTIONS
807 * \brief Counter mode AES (rfc3686) decrypt using linux crypto blkcipher
808 * \param desc blkcipher descriptor
809 * \param dst output scatterlist
810 * \param src input scatterlist
811 * \param nbytes data size in bytes
812 * \return err
813 */
814 int ctr_rfc3686_aes_decrypt(struct blkcipher_desc *desc,
815 struct scatterlist *dst, struct scatterlist *src,
816 unsigned int nbytes)
817 {
818 struct aes_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
819 struct blkcipher_walk walk;
820 int err, bsize = nbytes;
821 u8 rfc3686_iv[16];
822  
823 blkcipher_walk_init(&walk, dst, src, nbytes);
824 err = blkcipher_walk_virt(desc, &walk);
825  
826 /* set up counter block */
827 memcpy(rfc3686_iv, ctx->nonce, CTR_RFC3686_NONCE_SIZE);
828 memcpy(rfc3686_iv + CTR_RFC3686_NONCE_SIZE, walk.iv, CTR_RFC3686_IV_SIZE);
829  
830 /* initialize counter portion of counter block */
831 *(__be32 *)(rfc3686_iv + CTR_RFC3686_NONCE_SIZE + CTR_RFC3686_IV_SIZE) =
832 cpu_to_be32(1);
833  
834 /* scatterlist source is the same size as request size, just process once */
835 if (nbytes == walk.nbytes) {
836 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
837 rfc3686_iv, nbytes, CRYPTO_DIR_ENCRYPT, 0);
838 nbytes -= walk.nbytes;
839 err = blkcipher_walk_done(desc, &walk, nbytes);
840 return err;
841 }
842  
843 while ((nbytes = walk.nbytes) % (walk.nbytes >= AES_BLOCK_SIZE)) {
844 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
845 rfc3686_iv, nbytes, CRYPTO_DIR_DECRYPT, 0);
846  
847 nbytes -= walk.nbytes;
848 bsize -= walk.nbytes;
849 err = blkcipher_walk_done(desc, &walk, nbytes);
850 }
851  
852 /* to handle remaining bytes < AES_BLOCK_SIZE */
853 if (walk.nbytes) {
854 ifx_deu_aes_ctr(ctx, walk.dst.virt.addr, walk.src.virt.addr,
855 rfc3686_iv, walk.nbytes, CRYPTO_DIR_ENCRYPT, 0);
856 err = blkcipher_walk_done(desc, &walk, 0);
857 }
858  
859 return err;
860 }
861  
862 /*
863 * \brief AES function mappings
864 */
865 struct crypto_alg ifxdeu_ctr_rfc3686_aes_alg = {
866 .cra_name = "rfc3686(ctr(aes))",
867 .cra_driver_name = "ifxdeu-ctr-rfc3686(aes)",
868 .cra_priority = 400,
869 .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
870 .cra_blocksize = AES_BLOCK_SIZE,
871 .cra_ctxsize = sizeof(struct aes_ctx),
872 .cra_type = &crypto_blkcipher_type,
873 .cra_module = THIS_MODULE,
874 .cra_list = LIST_HEAD_INIT(ifxdeu_ctr_rfc3686_aes_alg.cra_list),
875 .cra_u = {
876 .blkcipher = {
877 .min_keysize = AES_MIN_KEY_SIZE,
878 .max_keysize = CTR_RFC3686_MAX_KEY_SIZE,
879 .ivsize = CTR_RFC3686_IV_SIZE,
880 .setkey = ctr_rfc3686_aes_set_key,
881 .encrypt = ctr_rfc3686_aes_encrypt,
882 .decrypt = ctr_rfc3686_aes_decrypt,
883 }
884 }
885 };
886  
887  
888 /*! \fn int ifxdeu_init_aes (void)
889 * \ingroup IFX_AES_FUNCTIONS
890 * \brief function to initialize AES driver
891 * \return ret
892 */
893 int ifxdeu_init_aes (void)
894 {
895 int ret = -ENOSYS;
896  
897  
898  
899 #if (LINUX_VERSION_CODE < KERNEL_VERSION(2,6,20))
900 if (!disable_multiblock) {
901 ifxdeu_aes_alg.cra_u.cipher.cia_max_nbytes = AES_BLOCK_SIZE; //(size_t)-1;
902 ifxdeu_aes_alg.cra_u.cipher.cia_req_align = 16;
903 ifxdeu_aes_alg.cra_u.cipher.cia_ecb = ifx_deu_aes_ecb;
904 ifxdeu_aes_alg.cra_u.cipher.cia_cbc = ifx_deu_aes_cbc;
905 ifxdeu_aes_alg.cra_u.cipher.cia_cfb = ifx_deu_aes_cfb;
906 ifxdeu_aes_alg.cra_u.cipher.cia_ofb = ifx_deu_aes_ofb;
907 }
908 #endif
909  
910 if ((ret = crypto_register_alg(&ifxdeu_aes_alg)))
911 goto aes_err;
912  
913 if ((ret = crypto_register_alg(&ifxdeu_ecb_aes_alg)))
914 goto ecb_aes_err;
915  
916 if ((ret = crypto_register_alg(&ifxdeu_cbc_aes_alg)))
917 goto cbc_aes_err;
918  
919 if ((ret = crypto_register_alg(&ifxdeu_ctr_basic_aes_alg)))
920 goto ctr_basic_aes_err;
921  
922 if ((ret = crypto_register_alg(&ifxdeu_ctr_rfc3686_aes_alg)))
923 goto ctr_rfc3686_aes_err;
924  
925 aes_chip_init ();
926  
927 CRTCL_SECT_INIT;
928  
929  
930 printk (KERN_NOTICE "IFX DEU AES initialized%s%s.\n", disable_multiblock ? "" : " (multiblock)", disable_deudma ? "" : " (DMA)");
931 return ret;
932  
933 ctr_rfc3686_aes_err:
934 crypto_unregister_alg(&ifxdeu_ctr_rfc3686_aes_alg);
935 printk (KERN_ERR "IFX ctr_rfc3686_aes initialization failed!\n");
936 return ret;
937 ctr_basic_aes_err:
938 crypto_unregister_alg(&ifxdeu_ctr_basic_aes_alg);
939 printk (KERN_ERR "IFX ctr_basic_aes initialization failed!\n");
940 return ret;
941 cbc_aes_err:
942 crypto_unregister_alg(&ifxdeu_cbc_aes_alg);
943 printk (KERN_ERR "IFX cbc_aes initialization failed!\n");
944 return ret;
945 ecb_aes_err:
946 crypto_unregister_alg(&ifxdeu_ecb_aes_alg);
947 printk (KERN_ERR "IFX aes initialization failed!\n");
948 return ret;
949 aes_err:
950 printk(KERN_ERR "IFX DEU AES initialization failed!\n");
951  
952 return ret;
953 }
954  
955 /*! \fn void ifxdeu_fini_aes (void)
956 * \ingroup IFX_AES_FUNCTIONS
957 * \brief unregister aes driver
958 */
959 void ifxdeu_fini_aes (void)
960 {
961 crypto_unregister_alg (&ifxdeu_aes_alg);
962 crypto_unregister_alg (&ifxdeu_ecb_aes_alg);
963 crypto_unregister_alg (&ifxdeu_cbc_aes_alg);
964 crypto_unregister_alg (&ifxdeu_ctr_basic_aes_alg);
965 crypto_unregister_alg (&ifxdeu_ctr_rfc3686_aes_alg);
966  
967 }
968  
969