1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (C) 2019 - 2021
4 *
5 * Richard van Schagen <vschagen@icloud.com>
6 * Christian Marangi <ansuelsmth@gmail.com
7 */
8
9 #include <crypto/aes.h>
10 #include <crypto/ctr.h>
11 #include <crypto/internal/des.h>
12 #include <linux/dma-mapping.h>
13
14 #include "eip93-aes.h"
15 #include "eip93-cipher.h"
16 #include "eip93-common.h"
17 #include "eip93-des.h"
18 #include "eip93-regs.h"
19
eip93_skcipher_handle_result(struct crypto_async_request * async,int err)20 void eip93_skcipher_handle_result(struct crypto_async_request *async, int err)
21 {
22 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(async->tfm);
23 struct eip93_device *eip93 = ctx->eip93;
24 struct skcipher_request *req = skcipher_request_cast(async);
25 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req);
26
27 eip93_unmap_dma(eip93, rctx, req->src, req->dst);
28 eip93_handle_result(eip93, rctx, req->iv);
29
30 skcipher_request_complete(req, err);
31 }
32
eip93_skcipher_send_req(struct crypto_async_request * async)33 static int eip93_skcipher_send_req(struct crypto_async_request *async)
34 {
35 struct skcipher_request *req = skcipher_request_cast(async);
36 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req);
37 int err;
38
39 err = check_valid_request(rctx);
40
41 if (err) {
42 skcipher_request_complete(req, err);
43 return err;
44 }
45
46 return eip93_send_req(async, req->iv, rctx);
47 }
48
49 /* Crypto skcipher API functions */
eip93_skcipher_cra_init(struct crypto_tfm * tfm)50 static int eip93_skcipher_cra_init(struct crypto_tfm *tfm)
51 {
52 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(tfm);
53 struct eip93_alg_template *tmpl = container_of(tfm->__crt_alg,
54 struct eip93_alg_template, alg.skcipher.base);
55
56 crypto_skcipher_set_reqsize(__crypto_skcipher_cast(tfm),
57 sizeof(struct eip93_cipher_reqctx));
58
59 memset(ctx, 0, sizeof(*ctx));
60
61 ctx->eip93 = tmpl->eip93;
62 ctx->type = tmpl->type;
63
64 ctx->sa_record = kzalloc(sizeof(*ctx->sa_record), GFP_KERNEL);
65 if (!ctx->sa_record)
66 return -ENOMEM;
67
68 return 0;
69 }
70
eip93_skcipher_cra_exit(struct crypto_tfm * tfm)71 static void eip93_skcipher_cra_exit(struct crypto_tfm *tfm)
72 {
73 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(tfm);
74
75 dma_unmap_single(ctx->eip93->dev, ctx->sa_record_base,
76 sizeof(*ctx->sa_record), DMA_TO_DEVICE);
77 kfree(ctx->sa_record);
78 }
79
eip93_skcipher_setkey(struct crypto_skcipher * ctfm,const u8 * key,unsigned int len)80 static int eip93_skcipher_setkey(struct crypto_skcipher *ctfm, const u8 *key,
81 unsigned int len)
82 {
83 struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm);
84 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(tfm);
85 struct eip93_alg_template *tmpl = container_of(tfm->__crt_alg,
86 struct eip93_alg_template,
87 alg.skcipher.base);
88 struct sa_record *sa_record = ctx->sa_record;
89 unsigned int keylen = len;
90 u32 flags = tmpl->flags;
91 u32 nonce = 0;
92 int ret;
93
94 if (!key || !keylen)
95 return -EINVAL;
96
97 if (IS_RFC3686(flags)) {
98 if (len < CTR_RFC3686_NONCE_SIZE)
99 return -EINVAL;
100
101 keylen = len - CTR_RFC3686_NONCE_SIZE;
102 memcpy(&nonce, key + keylen, CTR_RFC3686_NONCE_SIZE);
103 }
104
105 if (flags & EIP93_ALG_DES) {
106 ctx->blksize = DES_BLOCK_SIZE;
107 ret = verify_skcipher_des_key(ctfm, key);
108 if (ret)
109 return ret;
110 }
111 if (flags & EIP93_ALG_3DES) {
112 ctx->blksize = DES3_EDE_BLOCK_SIZE;
113 ret = verify_skcipher_des3_key(ctfm, key);
114 if (ret)
115 return ret;
116 }
117
118 if (flags & EIP93_ALG_AES) {
119 struct crypto_aes_ctx aes;
120
121 ctx->blksize = AES_BLOCK_SIZE;
122 ret = aes_expandkey(&aes, key, keylen);
123 if (ret)
124 return ret;
125 }
126
127 eip93_set_sa_record(sa_record, keylen, flags);
128
129 memcpy(sa_record->sa_key, key, keylen);
130 ctx->sa_nonce = nonce;
131 sa_record->sa_nonce = nonce;
132
133 return 0;
134 }
135
eip93_skcipher_crypt(struct skcipher_request * req)136 static int eip93_skcipher_crypt(struct skcipher_request *req)
137 {
138 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req);
139 struct crypto_async_request *async = &req->base;
140 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
141 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
142 int ret;
143
144 if (!req->cryptlen)
145 return 0;
146
147 /*
148 * ECB and CBC algorithms require message lengths to be
149 * multiples of block size.
150 */
151 if (IS_ECB(rctx->flags) || IS_CBC(rctx->flags))
152 if (!IS_ALIGNED(req->cryptlen,
153 crypto_skcipher_blocksize(skcipher)))
154 return -EINVAL;
155
156 ctx->sa_record_base = dma_map_single(ctx->eip93->dev, ctx->sa_record,
157 sizeof(*ctx->sa_record), DMA_TO_DEVICE);
158 ret = dma_mapping_error(ctx->eip93->dev, ctx->sa_record_base);
159 if (ret)
160 return ret;
161
162 rctx->assoclen = 0;
163 rctx->textsize = req->cryptlen;
164 rctx->authsize = 0;
165 rctx->sg_src = req->src;
166 rctx->sg_dst = req->dst;
167 rctx->ivsize = crypto_skcipher_ivsize(skcipher);
168 rctx->blksize = ctx->blksize;
169 rctx->desc_flags = EIP93_DESC_SKCIPHER;
170 rctx->sa_record_base = ctx->sa_record_base;
171
172 return eip93_skcipher_send_req(async);
173 }
174
eip93_skcipher_encrypt(struct skcipher_request * req)175 static int eip93_skcipher_encrypt(struct skcipher_request *req)
176 {
177 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req);
178 struct eip93_alg_template *tmpl = container_of(req->base.tfm->__crt_alg,
179 struct eip93_alg_template, alg.skcipher.base);
180
181 rctx->flags = tmpl->flags;
182 rctx->flags |= EIP93_ENCRYPT;
183
184 return eip93_skcipher_crypt(req);
185 }
186
eip93_skcipher_decrypt(struct skcipher_request * req)187 static int eip93_skcipher_decrypt(struct skcipher_request *req)
188 {
189 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(req->base.tfm);
190 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req);
191 struct eip93_alg_template *tmpl = container_of(req->base.tfm->__crt_alg,
192 struct eip93_alg_template, alg.skcipher.base);
193
194 ctx->sa_record->sa_cmd0_word |= EIP93_SA_CMD_DIRECTION_IN;
195
196 rctx->flags = tmpl->flags;
197 rctx->flags |= EIP93_DECRYPT;
198
199 return eip93_skcipher_crypt(req);
200 }
201
202 /* Available algorithms in this module */
203 struct eip93_alg_template eip93_alg_ecb_aes = {
204 .type = EIP93_ALG_TYPE_SKCIPHER,
205 .flags = EIP93_MODE_ECB | EIP93_ALG_AES,
206 .alg.skcipher = {
207 .setkey = eip93_skcipher_setkey,
208 .encrypt = eip93_skcipher_encrypt,
209 .decrypt = eip93_skcipher_decrypt,
210 .min_keysize = AES_MIN_KEY_SIZE,
211 .max_keysize = AES_MAX_KEY_SIZE,
212 .ivsize = 0,
213 .base = {
214 .cra_name = "ecb(aes)",
215 .cra_driver_name = "ecb(aes-eip93)",
216 .cra_priority = EIP93_CRA_PRIORITY,
217 .cra_flags = CRYPTO_ALG_ASYNC |
218 CRYPTO_ALG_NEED_FALLBACK |
219 CRYPTO_ALG_KERN_DRIVER_ONLY,
220 .cra_blocksize = AES_BLOCK_SIZE,
221 .cra_ctxsize = sizeof(struct eip93_crypto_ctx),
222 .cra_alignmask = 0xf,
223 .cra_init = eip93_skcipher_cra_init,
224 .cra_exit = eip93_skcipher_cra_exit,
225 .cra_module = THIS_MODULE,
226 },
227 },
228 };
229
230 struct eip93_alg_template eip93_alg_cbc_aes = {
231 .type = EIP93_ALG_TYPE_SKCIPHER,
232 .flags = EIP93_MODE_CBC | EIP93_ALG_AES,
233 .alg.skcipher = {
234 .setkey = eip93_skcipher_setkey,
235 .encrypt = eip93_skcipher_encrypt,
236 .decrypt = eip93_skcipher_decrypt,
237 .min_keysize = AES_MIN_KEY_SIZE,
238 .max_keysize = AES_MAX_KEY_SIZE,
239 .ivsize = AES_BLOCK_SIZE,
240 .base = {
241 .cra_name = "cbc(aes)",
242 .cra_driver_name = "cbc(aes-eip93)",
243 .cra_priority = EIP93_CRA_PRIORITY,
244 .cra_flags = CRYPTO_ALG_ASYNC |
245 CRYPTO_ALG_NEED_FALLBACK |
246 CRYPTO_ALG_KERN_DRIVER_ONLY,
247 .cra_blocksize = AES_BLOCK_SIZE,
248 .cra_ctxsize = sizeof(struct eip93_crypto_ctx),
249 .cra_alignmask = 0xf,
250 .cra_init = eip93_skcipher_cra_init,
251 .cra_exit = eip93_skcipher_cra_exit,
252 .cra_module = THIS_MODULE,
253 },
254 },
255 };
256
257 struct eip93_alg_template eip93_alg_ctr_aes = {
258 .type = EIP93_ALG_TYPE_SKCIPHER,
259 .flags = EIP93_MODE_CTR | EIP93_ALG_AES,
260 .alg.skcipher = {
261 .setkey = eip93_skcipher_setkey,
262 .encrypt = eip93_skcipher_encrypt,
263 .decrypt = eip93_skcipher_decrypt,
264 .min_keysize = AES_MIN_KEY_SIZE,
265 .max_keysize = AES_MAX_KEY_SIZE,
266 .ivsize = AES_BLOCK_SIZE,
267 .base = {
268 .cra_name = "ctr(aes)",
269 .cra_driver_name = "ctr(aes-eip93)",
270 .cra_priority = EIP93_CRA_PRIORITY,
271 .cra_flags = CRYPTO_ALG_ASYNC |
272 CRYPTO_ALG_NEED_FALLBACK |
273 CRYPTO_ALG_KERN_DRIVER_ONLY,
274 .cra_blocksize = 1,
275 .cra_ctxsize = sizeof(struct eip93_crypto_ctx),
276 .cra_alignmask = 0xf,
277 .cra_init = eip93_skcipher_cra_init,
278 .cra_exit = eip93_skcipher_cra_exit,
279 .cra_module = THIS_MODULE,
280 },
281 },
282 };
283
284 struct eip93_alg_template eip93_alg_rfc3686_aes = {
285 .type = EIP93_ALG_TYPE_SKCIPHER,
286 .flags = EIP93_MODE_CTR | EIP93_MODE_RFC3686 | EIP93_ALG_AES,
287 .alg.skcipher = {
288 .setkey = eip93_skcipher_setkey,
289 .encrypt = eip93_skcipher_encrypt,
290 .decrypt = eip93_skcipher_decrypt,
291 .min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE,
292 .max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE,
293 .ivsize = CTR_RFC3686_IV_SIZE,
294 .base = {
295 .cra_name = "rfc3686(ctr(aes))",
296 .cra_driver_name = "rfc3686(ctr(aes-eip93))",
297 .cra_priority = EIP93_CRA_PRIORITY,
298 .cra_flags = CRYPTO_ALG_ASYNC |
299 CRYPTO_ALG_NEED_FALLBACK |
300 CRYPTO_ALG_KERN_DRIVER_ONLY,
301 .cra_blocksize = 1,
302 .cra_ctxsize = sizeof(struct eip93_crypto_ctx),
303 .cra_alignmask = 0xf,
304 .cra_init = eip93_skcipher_cra_init,
305 .cra_exit = eip93_skcipher_cra_exit,
306 .cra_module = THIS_MODULE,
307 },
308 },
309 };
310
311 struct eip93_alg_template eip93_alg_ecb_des = {
312 .type = EIP93_ALG_TYPE_SKCIPHER,
313 .flags = EIP93_MODE_ECB | EIP93_ALG_DES,
314 .alg.skcipher = {
315 .setkey = eip93_skcipher_setkey,
316 .encrypt = eip93_skcipher_encrypt,
317 .decrypt = eip93_skcipher_decrypt,
318 .min_keysize = DES_KEY_SIZE,
319 .max_keysize = DES_KEY_SIZE,
320 .ivsize = 0,
321 .base = {
322 .cra_name = "ecb(des)",
323 .cra_driver_name = "ebc(des-eip93)",
324 .cra_priority = EIP93_CRA_PRIORITY,
325 .cra_flags = CRYPTO_ALG_ASYNC |
326 CRYPTO_ALG_KERN_DRIVER_ONLY,
327 .cra_blocksize = DES_BLOCK_SIZE,
328 .cra_ctxsize = sizeof(struct eip93_crypto_ctx),
329 .cra_alignmask = 0,
330 .cra_init = eip93_skcipher_cra_init,
331 .cra_exit = eip93_skcipher_cra_exit,
332 .cra_module = THIS_MODULE,
333 },
334 },
335 };
336
337 struct eip93_alg_template eip93_alg_cbc_des = {
338 .type = EIP93_ALG_TYPE_SKCIPHER,
339 .flags = EIP93_MODE_CBC | EIP93_ALG_DES,
340 .alg.skcipher = {
341 .setkey = eip93_skcipher_setkey,
342 .encrypt = eip93_skcipher_encrypt,
343 .decrypt = eip93_skcipher_decrypt,
344 .min_keysize = DES_KEY_SIZE,
345 .max_keysize = DES_KEY_SIZE,
346 .ivsize = DES_BLOCK_SIZE,
347 .base = {
348 .cra_name = "cbc(des)",
349 .cra_driver_name = "cbc(des-eip93)",
350 .cra_priority = EIP93_CRA_PRIORITY,
351 .cra_flags = CRYPTO_ALG_ASYNC |
352 CRYPTO_ALG_KERN_DRIVER_ONLY,
353 .cra_blocksize = DES_BLOCK_SIZE,
354 .cra_ctxsize = sizeof(struct eip93_crypto_ctx),
355 .cra_alignmask = 0,
356 .cra_init = eip93_skcipher_cra_init,
357 .cra_exit = eip93_skcipher_cra_exit,
358 .cra_module = THIS_MODULE,
359 },
360 },
361 };
362
363 struct eip93_alg_template eip93_alg_ecb_des3_ede = {
364 .type = EIP93_ALG_TYPE_SKCIPHER,
365 .flags = EIP93_MODE_ECB | EIP93_ALG_3DES,
366 .alg.skcipher = {
367 .setkey = eip93_skcipher_setkey,
368 .encrypt = eip93_skcipher_encrypt,
369 .decrypt = eip93_skcipher_decrypt,
370 .min_keysize = DES3_EDE_KEY_SIZE,
371 .max_keysize = DES3_EDE_KEY_SIZE,
372 .ivsize = 0,
373 .base = {
374 .cra_name = "ecb(des3_ede)",
375 .cra_driver_name = "ecb(des3_ede-eip93)",
376 .cra_priority = EIP93_CRA_PRIORITY,
377 .cra_flags = CRYPTO_ALG_ASYNC |
378 CRYPTO_ALG_KERN_DRIVER_ONLY,
379 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
380 .cra_ctxsize = sizeof(struct eip93_crypto_ctx),
381 .cra_alignmask = 0,
382 .cra_init = eip93_skcipher_cra_init,
383 .cra_exit = eip93_skcipher_cra_exit,
384 .cra_module = THIS_MODULE,
385 },
386 },
387 };
388
389 struct eip93_alg_template eip93_alg_cbc_des3_ede = {
390 .type = EIP93_ALG_TYPE_SKCIPHER,
391 .flags = EIP93_MODE_CBC | EIP93_ALG_3DES,
392 .alg.skcipher = {
393 .setkey = eip93_skcipher_setkey,
394 .encrypt = eip93_skcipher_encrypt,
395 .decrypt = eip93_skcipher_decrypt,
396 .min_keysize = DES3_EDE_KEY_SIZE,
397 .max_keysize = DES3_EDE_KEY_SIZE,
398 .ivsize = DES3_EDE_BLOCK_SIZE,
399 .base = {
400 .cra_name = "cbc(des3_ede)",
401 .cra_driver_name = "cbc(des3_ede-eip93)",
402 .cra_priority = EIP93_CRA_PRIORITY,
403 .cra_flags = CRYPTO_ALG_ASYNC |
404 CRYPTO_ALG_KERN_DRIVER_ONLY,
405 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
406 .cra_ctxsize = sizeof(struct eip93_crypto_ctx),
407 .cra_alignmask = 0,
408 .cra_init = eip93_skcipher_cra_init,
409 .cra_exit = eip93_skcipher_cra_exit,
410 .cra_module = THIS_MODULE,
411 },
412 },
413 };
414