Commit c1844729 authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Herbert Xu

crypto: arm64/aes-ce - switch to library version of key expansion routine

Switch to the new AES library that also provides an implementation of
the AES key expansion routine. This removes the dependency on the
generic AES cipher, allowing it to be omitted entirely in the future.

While at it, remove some references to the table based arm64 version
of AES and replace them with AES library calls as well.
Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent f68df543
...@@ -96,7 +96,7 @@ config CRYPTO_AES_ARM64_NEON_BLK ...@@ -96,7 +96,7 @@ config CRYPTO_AES_ARM64_NEON_BLK
depends on KERNEL_MODE_NEON depends on KERNEL_MODE_NEON
select CRYPTO_BLKCIPHER select CRYPTO_BLKCIPHER
select CRYPTO_AES_ARM64 select CRYPTO_AES_ARM64
select CRYPTO_AES select CRYPTO_LIB_AES
select CRYPTO_SIMD select CRYPTO_SIMD
config CRYPTO_CHACHA20_NEON config CRYPTO_CHACHA20_NEON
......
...@@ -23,7 +23,6 @@ ...@@ -23,7 +23,6 @@
#ifdef USE_V8_CRYPTO_EXTENSIONS #ifdef USE_V8_CRYPTO_EXTENSIONS
#define MODE "ce" #define MODE "ce"
#define PRIO 300 #define PRIO 300
#define aes_setkey ce_aes_setkey
#define aes_expandkey ce_aes_expandkey #define aes_expandkey ce_aes_expandkey
#define aes_ecb_encrypt ce_aes_ecb_encrypt #define aes_ecb_encrypt ce_aes_ecb_encrypt
#define aes_ecb_decrypt ce_aes_ecb_decrypt #define aes_ecb_decrypt ce_aes_ecb_decrypt
...@@ -39,8 +38,6 @@ MODULE_DESCRIPTION("AES-ECB/CBC/CTR/XTS using ARMv8 Crypto Extensions"); ...@@ -39,8 +38,6 @@ MODULE_DESCRIPTION("AES-ECB/CBC/CTR/XTS using ARMv8 Crypto Extensions");
#else #else
#define MODE "neon" #define MODE "neon"
#define PRIO 200 #define PRIO 200
#define aes_setkey crypto_aes_set_key
#define aes_expandkey crypto_aes_expand_key
#define aes_ecb_encrypt neon_aes_ecb_encrypt #define aes_ecb_encrypt neon_aes_ecb_encrypt
#define aes_ecb_decrypt neon_aes_ecb_decrypt #define aes_ecb_decrypt neon_aes_ecb_decrypt
#define aes_cbc_encrypt neon_aes_cbc_encrypt #define aes_cbc_encrypt neon_aes_cbc_encrypt
...@@ -118,7 +115,14 @@ struct mac_desc_ctx { ...@@ -118,7 +115,14 @@ struct mac_desc_ctx {
static int skcipher_aes_setkey(struct crypto_skcipher *tfm, const u8 *in_key, static int skcipher_aes_setkey(struct crypto_skcipher *tfm, const u8 *in_key,
unsigned int key_len) unsigned int key_len)
{ {
return aes_setkey(crypto_skcipher_tfm(tfm), in_key, key_len); struct crypto_aes_ctx *ctx = crypto_skcipher_ctx(tfm);
int ret;
ret = aes_expandkey(ctx, in_key, key_len);
if (ret)
crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
return ret;
} }
static int xts_set_key(struct crypto_skcipher *tfm, const u8 *in_key, static int xts_set_key(struct crypto_skcipher *tfm, const u8 *in_key,
...@@ -646,15 +650,14 @@ static void mac_do_update(struct crypto_aes_ctx *ctx, u8 const in[], int blocks, ...@@ -646,15 +650,14 @@ static void mac_do_update(struct crypto_aes_ctx *ctx, u8 const in[], int blocks,
kernel_neon_end(); kernel_neon_end();
} else { } else {
if (enc_before) if (enc_before)
__aes_arm64_encrypt(ctx->key_enc, dg, dg, rounds); aes_encrypt(ctx, dg, dg);
while (blocks--) { while (blocks--) {
crypto_xor(dg, in, AES_BLOCK_SIZE); crypto_xor(dg, in, AES_BLOCK_SIZE);
in += AES_BLOCK_SIZE; in += AES_BLOCK_SIZE;
if (blocks || enc_after) if (blocks || enc_after)
__aes_arm64_encrypt(ctx->key_enc, dg, dg, aes_encrypt(ctx, dg, dg);
rounds);
} }
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment