1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 2019 - 2021 4 * 5 * Richard van Schagen <vschagen@icloud.com> 6 * Christian Marangi <ansuelsmth@gmail.com 7 */ 8 9 #include <crypto/aes.h> 10 #include <crypto/ctr.h> 11 #include <crypto/internal/des.h> 12 #include <linux/dma-mapping.h> 13 14 #include "eip93-aes.h" 15 #include "eip93-cipher.h" 16 #include "eip93-common.h" 17 #include "eip93-des.h" 18 #include "eip93-regs.h" 19 20 void eip93_skcipher_handle_result(struct crypto_async_request *async, int err) 21 { 22 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(async->tfm); 23 struct eip93_device *eip93 = ctx->eip93; 24 struct skcipher_request *req = skcipher_request_cast(async); 25 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req); 26 27 eip93_unmap_dma(eip93, rctx, req->src, req->dst); 28 eip93_handle_result(eip93, rctx, req->iv); 29 30 skcipher_request_complete(req, err); 31 } 32 33 static int eip93_skcipher_send_req(struct crypto_async_request *async) 34 { 35 struct skcipher_request *req = skcipher_request_cast(async); 36 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req); 37 int err; 38 39 err = check_valid_request(rctx); 40 41 if (err) { 42 skcipher_request_complete(req, err); 43 return err; 44 } 45 46 return eip93_send_req(async, req->iv, rctx); 47 } 48 49 /* Crypto skcipher API functions */ 50 static int eip93_skcipher_cra_init(struct crypto_tfm *tfm) 51 { 52 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(tfm); 53 struct eip93_alg_template *tmpl = container_of(tfm->__crt_alg, 54 struct eip93_alg_template, alg.skcipher.base); 55 56 crypto_skcipher_set_reqsize(__crypto_skcipher_cast(tfm), 57 sizeof(struct eip93_cipher_reqctx)); 58 59 memset(ctx, 0, sizeof(*ctx)); 60 61 ctx->eip93 = tmpl->eip93; 62 ctx->type = tmpl->type; 63 64 ctx->sa_record = kzalloc(sizeof(*ctx->sa_record), GFP_KERNEL); 65 if (!ctx->sa_record) 66 return -ENOMEM; 67 68 return 0; 69 } 70 71 static void eip93_skcipher_cra_exit(struct crypto_tfm *tfm) 72 { 73 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(tfm); 74 75 dma_unmap_single(ctx->eip93->dev, ctx->sa_record_base, 76 sizeof(*ctx->sa_record), DMA_TO_DEVICE); 77 kfree(ctx->sa_record); 78 } 79 80 static int eip93_skcipher_setkey(struct crypto_skcipher *ctfm, const u8 *key, 81 unsigned int len) 82 { 83 struct crypto_tfm *tfm = crypto_skcipher_tfm(ctfm); 84 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(tfm); 85 struct eip93_alg_template *tmpl = container_of(tfm->__crt_alg, 86 struct eip93_alg_template, 87 alg.skcipher.base); 88 struct sa_record *sa_record = ctx->sa_record; 89 unsigned int keylen = len; 90 u32 flags = tmpl->flags; 91 u32 nonce = 0; 92 int ret; 93 94 if (!key || !keylen) 95 return -EINVAL; 96 97 if (IS_RFC3686(flags)) { 98 if (len < CTR_RFC3686_NONCE_SIZE) 99 return -EINVAL; 100 101 keylen = len - CTR_RFC3686_NONCE_SIZE; 102 memcpy(&nonce, key + keylen, CTR_RFC3686_NONCE_SIZE); 103 } 104 105 if (flags & EIP93_ALG_DES) { 106 ctx->blksize = DES_BLOCK_SIZE; 107 ret = verify_skcipher_des_key(ctfm, key); 108 if (ret) 109 return ret; 110 } 111 if (flags & EIP93_ALG_3DES) { 112 ctx->blksize = DES3_EDE_BLOCK_SIZE; 113 ret = verify_skcipher_des3_key(ctfm, key); 114 if (ret) 115 return ret; 116 } 117 118 if (flags & EIP93_ALG_AES) { 119 struct crypto_aes_ctx aes; 120 121 ctx->blksize = AES_BLOCK_SIZE; 122 ret = aes_expandkey(&aes, key, keylen); 123 if (ret) 124 return ret; 125 } 126 127 eip93_set_sa_record(sa_record, keylen, flags); 128 129 memcpy(sa_record->sa_key, key, keylen); 130 ctx->sa_nonce = nonce; 131 sa_record->sa_nonce = nonce; 132 133 return 0; 134 } 135 136 static int eip93_skcipher_crypt(struct skcipher_request *req) 137 { 138 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req); 139 struct crypto_async_request *async = &req->base; 140 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(req->base.tfm); 141 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); 142 int ret; 143 144 if (!req->cryptlen) 145 return 0; 146 147 /* 148 * ECB and CBC algorithms require message lengths to be 149 * multiples of block size. 150 */ 151 if (IS_ECB(rctx->flags) || IS_CBC(rctx->flags)) 152 if (!IS_ALIGNED(req->cryptlen, 153 crypto_skcipher_blocksize(skcipher))) 154 return -EINVAL; 155 156 ctx->sa_record_base = dma_map_single(ctx->eip93->dev, ctx->sa_record, 157 sizeof(*ctx->sa_record), DMA_TO_DEVICE); 158 ret = dma_mapping_error(ctx->eip93->dev, ctx->sa_record_base); 159 if (ret) 160 return ret; 161 162 rctx->assoclen = 0; 163 rctx->textsize = req->cryptlen; 164 rctx->authsize = 0; 165 rctx->sg_src = req->src; 166 rctx->sg_dst = req->dst; 167 rctx->ivsize = crypto_skcipher_ivsize(skcipher); 168 rctx->blksize = ctx->blksize; 169 rctx->desc_flags = EIP93_DESC_SKCIPHER; 170 rctx->sa_record_base = ctx->sa_record_base; 171 172 return eip93_skcipher_send_req(async); 173 } 174 175 static int eip93_skcipher_encrypt(struct skcipher_request *req) 176 { 177 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req); 178 struct eip93_alg_template *tmpl = container_of(req->base.tfm->__crt_alg, 179 struct eip93_alg_template, alg.skcipher.base); 180 181 rctx->flags = tmpl->flags; 182 rctx->flags |= EIP93_ENCRYPT; 183 184 return eip93_skcipher_crypt(req); 185 } 186 187 static int eip93_skcipher_decrypt(struct skcipher_request *req) 188 { 189 struct eip93_crypto_ctx *ctx = crypto_tfm_ctx(req->base.tfm); 190 struct eip93_cipher_reqctx *rctx = skcipher_request_ctx(req); 191 struct eip93_alg_template *tmpl = container_of(req->base.tfm->__crt_alg, 192 struct eip93_alg_template, alg.skcipher.base); 193 194 ctx->sa_record->sa_cmd0_word |= EIP93_SA_CMD_DIRECTION_IN; 195 196 rctx->flags = tmpl->flags; 197 rctx->flags |= EIP93_DECRYPT; 198 199 return eip93_skcipher_crypt(req); 200 } 201 202 /* Available algorithms in this module */ 203 struct eip93_alg_template eip93_alg_ecb_aes = { 204 .type = EIP93_ALG_TYPE_SKCIPHER, 205 .flags = EIP93_MODE_ECB | EIP93_ALG_AES, 206 .alg.skcipher = { 207 .setkey = eip93_skcipher_setkey, 208 .encrypt = eip93_skcipher_encrypt, 209 .decrypt = eip93_skcipher_decrypt, 210 .min_keysize = AES_MIN_KEY_SIZE, 211 .max_keysize = AES_MAX_KEY_SIZE, 212 .ivsize = 0, 213 .base = { 214 .cra_name = "ecb(aes)", 215 .cra_driver_name = "ecb(aes-eip93)", 216 .cra_priority = EIP93_CRA_PRIORITY, 217 .cra_flags = CRYPTO_ALG_ASYNC | 218 CRYPTO_ALG_NEED_FALLBACK | 219 CRYPTO_ALG_KERN_DRIVER_ONLY, 220 .cra_blocksize = AES_BLOCK_SIZE, 221 .cra_ctxsize = sizeof(struct eip93_crypto_ctx), 222 .cra_alignmask = 0xf, 223 .cra_init = eip93_skcipher_cra_init, 224 .cra_exit = eip93_skcipher_cra_exit, 225 .cra_module = THIS_MODULE, 226 }, 227 }, 228 }; 229 230 struct eip93_alg_template eip93_alg_cbc_aes = { 231 .type = EIP93_ALG_TYPE_SKCIPHER, 232 .flags = EIP93_MODE_CBC | EIP93_ALG_AES, 233 .alg.skcipher = { 234 .setkey = eip93_skcipher_setkey, 235 .encrypt = eip93_skcipher_encrypt, 236 .decrypt = eip93_skcipher_decrypt, 237 .min_keysize = AES_MIN_KEY_SIZE, 238 .max_keysize = AES_MAX_KEY_SIZE, 239 .ivsize = AES_BLOCK_SIZE, 240 .base = { 241 .cra_name = "cbc(aes)", 242 .cra_driver_name = "cbc(aes-eip93)", 243 .cra_priority = EIP93_CRA_PRIORITY, 244 .cra_flags = CRYPTO_ALG_ASYNC | 245 CRYPTO_ALG_NEED_FALLBACK | 246 CRYPTO_ALG_KERN_DRIVER_ONLY, 247 .cra_blocksize = AES_BLOCK_SIZE, 248 .cra_ctxsize = sizeof(struct eip93_crypto_ctx), 249 .cra_alignmask = 0xf, 250 .cra_init = eip93_skcipher_cra_init, 251 .cra_exit = eip93_skcipher_cra_exit, 252 .cra_module = THIS_MODULE, 253 }, 254 }, 255 }; 256 257 struct eip93_alg_template eip93_alg_ctr_aes = { 258 .type = EIP93_ALG_TYPE_SKCIPHER, 259 .flags = EIP93_MODE_CTR | EIP93_ALG_AES, 260 .alg.skcipher = { 261 .setkey = eip93_skcipher_setkey, 262 .encrypt = eip93_skcipher_encrypt, 263 .decrypt = eip93_skcipher_decrypt, 264 .min_keysize = AES_MIN_KEY_SIZE, 265 .max_keysize = AES_MAX_KEY_SIZE, 266 .ivsize = AES_BLOCK_SIZE, 267 .base = { 268 .cra_name = "ctr(aes)", 269 .cra_driver_name = "ctr(aes-eip93)", 270 .cra_priority = EIP93_CRA_PRIORITY, 271 .cra_flags = CRYPTO_ALG_ASYNC | 272 CRYPTO_ALG_NEED_FALLBACK | 273 CRYPTO_ALG_KERN_DRIVER_ONLY, 274 .cra_blocksize = 1, 275 .cra_ctxsize = sizeof(struct eip93_crypto_ctx), 276 .cra_alignmask = 0xf, 277 .cra_init = eip93_skcipher_cra_init, 278 .cra_exit = eip93_skcipher_cra_exit, 279 .cra_module = THIS_MODULE, 280 }, 281 }, 282 }; 283 284 struct eip93_alg_template eip93_alg_rfc3686_aes = { 285 .type = EIP93_ALG_TYPE_SKCIPHER, 286 .flags = EIP93_MODE_CTR | EIP93_MODE_RFC3686 | EIP93_ALG_AES, 287 .alg.skcipher = { 288 .setkey = eip93_skcipher_setkey, 289 .encrypt = eip93_skcipher_encrypt, 290 .decrypt = eip93_skcipher_decrypt, 291 .min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, 292 .max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE, 293 .ivsize = CTR_RFC3686_IV_SIZE, 294 .base = { 295 .cra_name = "rfc3686(ctr(aes))", 296 .cra_driver_name = "rfc3686(ctr(aes-eip93))", 297 .cra_priority = EIP93_CRA_PRIORITY, 298 .cra_flags = CRYPTO_ALG_ASYNC | 299 CRYPTO_ALG_NEED_FALLBACK | 300 CRYPTO_ALG_KERN_DRIVER_ONLY, 301 .cra_blocksize = 1, 302 .cra_ctxsize = sizeof(struct eip93_crypto_ctx), 303 .cra_alignmask = 0xf, 304 .cra_init = eip93_skcipher_cra_init, 305 .cra_exit = eip93_skcipher_cra_exit, 306 .cra_module = THIS_MODULE, 307 }, 308 }, 309 }; 310 311 struct eip93_alg_template eip93_alg_ecb_des = { 312 .type = EIP93_ALG_TYPE_SKCIPHER, 313 .flags = EIP93_MODE_ECB | EIP93_ALG_DES, 314 .alg.skcipher = { 315 .setkey = eip93_skcipher_setkey, 316 .encrypt = eip93_skcipher_encrypt, 317 .decrypt = eip93_skcipher_decrypt, 318 .min_keysize = DES_KEY_SIZE, 319 .max_keysize = DES_KEY_SIZE, 320 .ivsize = 0, 321 .base = { 322 .cra_name = "ecb(des)", 323 .cra_driver_name = "ebc(des-eip93)", 324 .cra_priority = EIP93_CRA_PRIORITY, 325 .cra_flags = CRYPTO_ALG_ASYNC | 326 CRYPTO_ALG_KERN_DRIVER_ONLY, 327 .cra_blocksize = DES_BLOCK_SIZE, 328 .cra_ctxsize = sizeof(struct eip93_crypto_ctx), 329 .cra_alignmask = 0, 330 .cra_init = eip93_skcipher_cra_init, 331 .cra_exit = eip93_skcipher_cra_exit, 332 .cra_module = THIS_MODULE, 333 }, 334 }, 335 }; 336 337 struct eip93_alg_template eip93_alg_cbc_des = { 338 .type = EIP93_ALG_TYPE_SKCIPHER, 339 .flags = EIP93_MODE_CBC | EIP93_ALG_DES, 340 .alg.skcipher = { 341 .setkey = eip93_skcipher_setkey, 342 .encrypt = eip93_skcipher_encrypt, 343 .decrypt = eip93_skcipher_decrypt, 344 .min_keysize = DES_KEY_SIZE, 345 .max_keysize = DES_KEY_SIZE, 346 .ivsize = DES_BLOCK_SIZE, 347 .base = { 348 .cra_name = "cbc(des)", 349 .cra_driver_name = "cbc(des-eip93)", 350 .cra_priority = EIP93_CRA_PRIORITY, 351 .cra_flags = CRYPTO_ALG_ASYNC | 352 CRYPTO_ALG_KERN_DRIVER_ONLY, 353 .cra_blocksize = DES_BLOCK_SIZE, 354 .cra_ctxsize = sizeof(struct eip93_crypto_ctx), 355 .cra_alignmask = 0, 356 .cra_init = eip93_skcipher_cra_init, 357 .cra_exit = eip93_skcipher_cra_exit, 358 .cra_module = THIS_MODULE, 359 }, 360 }, 361 }; 362 363 struct eip93_alg_template eip93_alg_ecb_des3_ede = { 364 .type = EIP93_ALG_TYPE_SKCIPHER, 365 .flags = EIP93_MODE_ECB | EIP93_ALG_3DES, 366 .alg.skcipher = { 367 .setkey = eip93_skcipher_setkey, 368 .encrypt = eip93_skcipher_encrypt, 369 .decrypt = eip93_skcipher_decrypt, 370 .min_keysize = DES3_EDE_KEY_SIZE, 371 .max_keysize = DES3_EDE_KEY_SIZE, 372 .ivsize = 0, 373 .base = { 374 .cra_name = "ecb(des3_ede)", 375 .cra_driver_name = "ecb(des3_ede-eip93)", 376 .cra_priority = EIP93_CRA_PRIORITY, 377 .cra_flags = CRYPTO_ALG_ASYNC | 378 CRYPTO_ALG_KERN_DRIVER_ONLY, 379 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 380 .cra_ctxsize = sizeof(struct eip93_crypto_ctx), 381 .cra_alignmask = 0, 382 .cra_init = eip93_skcipher_cra_init, 383 .cra_exit = eip93_skcipher_cra_exit, 384 .cra_module = THIS_MODULE, 385 }, 386 }, 387 }; 388 389 struct eip93_alg_template eip93_alg_cbc_des3_ede = { 390 .type = EIP93_ALG_TYPE_SKCIPHER, 391 .flags = EIP93_MODE_CBC | EIP93_ALG_3DES, 392 .alg.skcipher = { 393 .setkey = eip93_skcipher_setkey, 394 .encrypt = eip93_skcipher_encrypt, 395 .decrypt = eip93_skcipher_decrypt, 396 .min_keysize = DES3_EDE_KEY_SIZE, 397 .max_keysize = DES3_EDE_KEY_SIZE, 398 .ivsize = DES3_EDE_BLOCK_SIZE, 399 .base = { 400 .cra_name = "cbc(des3_ede)", 401 .cra_driver_name = "cbc(des3_ede-eip93)", 402 .cra_priority = EIP93_CRA_PRIORITY, 403 .cra_flags = CRYPTO_ALG_ASYNC | 404 CRYPTO_ALG_KERN_DRIVER_ONLY, 405 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 406 .cra_ctxsize = sizeof(struct eip93_crypto_ctx), 407 .cra_alignmask = 0, 408 .cra_init = eip93_skcipher_cra_init, 409 .cra_exit = eip93_skcipher_cra_exit, 410 .cra_module = THIS_MODULE, 411 }, 412 }, 413 }; 414