1 /* 2 * AMD Cryptographic Coprocessor (CCP) DES3 crypto API support 3 * 4 * Copyright (C) 2016,2017 Advanced Micro Devices, Inc. 5 * 6 * Author: Gary R Hook <ghook@amd.com> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13 #include <linux/module.h> 14 #include <linux/sched.h> 15 #include <linux/delay.h> 16 #include <linux/scatterlist.h> 17 #include <linux/crypto.h> 18 #include <crypto/algapi.h> 19 #include <crypto/scatterwalk.h> 20 #include <crypto/des.h> 21 22 #include "ccp-crypto.h" 23 24 static int ccp_des3_complete(struct crypto_async_request *async_req, int ret) 25 { 26 struct ablkcipher_request *req = ablkcipher_request_cast(async_req); 27 struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm); 28 struct ccp_des3_req_ctx *rctx = ablkcipher_request_ctx(req); 29 30 if (ret) 31 return ret; 32 33 if (ctx->u.des3.mode != CCP_DES3_MODE_ECB) 34 memcpy(req->info, rctx->iv, DES3_EDE_BLOCK_SIZE); 35 36 return 0; 37 } 38 39 static int ccp_des3_setkey(struct crypto_ablkcipher *tfm, const u8 *key, 40 unsigned int key_len) 41 { 42 struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ablkcipher_tfm(tfm)); 43 struct ccp_crypto_ablkcipher_alg *alg = 44 ccp_crypto_ablkcipher_alg(crypto_ablkcipher_tfm(tfm)); 45 u32 *flags = &tfm->base.crt_flags; 46 47 48 /* From des_generic.c: 49 * 50 * RFC2451: 51 * If the first two or last two independent 64-bit keys are 52 * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the 53 * same as DES. Implementers MUST reject keys that exhibit this 54 * property. 55 */ 56 const u32 *K = (const u32 *)key; 57 58 if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) || 59 !((K[2] ^ K[4]) | (K[3] ^ K[5]))) && 60 (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 61 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 62 return -EINVAL; 63 } 64 65 /* It's not clear that there is any support for a keysize of 112. 66 * If needed, the caller should make K1 == K3 67 */ 68 ctx->u.des3.type = CCP_DES3_TYPE_168; 69 ctx->u.des3.mode = alg->mode; 70 ctx->u.des3.key_len = key_len; 71 72 memcpy(ctx->u.des3.key, key, key_len); 73 sg_init_one(&ctx->u.des3.key_sg, ctx->u.des3.key, key_len); 74 75 return 0; 76 } 77 78 static int ccp_des3_crypt(struct ablkcipher_request *req, bool encrypt) 79 { 80 struct ccp_ctx *ctx = crypto_tfm_ctx(req->base.tfm); 81 struct ccp_des3_req_ctx *rctx = ablkcipher_request_ctx(req); 82 struct scatterlist *iv_sg = NULL; 83 unsigned int iv_len = 0; 84 int ret; 85 86 if (!ctx->u.des3.key_len) 87 return -EINVAL; 88 89 if (((ctx->u.des3.mode == CCP_DES3_MODE_ECB) || 90 (ctx->u.des3.mode == CCP_DES3_MODE_CBC)) && 91 (req->nbytes & (DES3_EDE_BLOCK_SIZE - 1))) 92 return -EINVAL; 93 94 if (ctx->u.des3.mode != CCP_DES3_MODE_ECB) { 95 if (!req->info) 96 return -EINVAL; 97 98 memcpy(rctx->iv, req->info, DES3_EDE_BLOCK_SIZE); 99 iv_sg = &rctx->iv_sg; 100 iv_len = DES3_EDE_BLOCK_SIZE; 101 sg_init_one(iv_sg, rctx->iv, iv_len); 102 } 103 104 memset(&rctx->cmd, 0, sizeof(rctx->cmd)); 105 INIT_LIST_HEAD(&rctx->cmd.entry); 106 rctx->cmd.engine = CCP_ENGINE_DES3; 107 rctx->cmd.u.des3.type = ctx->u.des3.type; 108 rctx->cmd.u.des3.mode = ctx->u.des3.mode; 109 rctx->cmd.u.des3.action = (encrypt) 110 ? CCP_DES3_ACTION_ENCRYPT 111 : CCP_DES3_ACTION_DECRYPT; 112 rctx->cmd.u.des3.key = &ctx->u.des3.key_sg; 113 rctx->cmd.u.des3.key_len = ctx->u.des3.key_len; 114 rctx->cmd.u.des3.iv = iv_sg; 115 rctx->cmd.u.des3.iv_len = iv_len; 116 rctx->cmd.u.des3.src = req->src; 117 rctx->cmd.u.des3.src_len = req->nbytes; 118 rctx->cmd.u.des3.dst = req->dst; 119 120 ret = ccp_crypto_enqueue_request(&req->base, &rctx->cmd); 121 122 return ret; 123 } 124 125 static int ccp_des3_encrypt(struct ablkcipher_request *req) 126 { 127 return ccp_des3_crypt(req, true); 128 } 129 130 static int ccp_des3_decrypt(struct ablkcipher_request *req) 131 { 132 return ccp_des3_crypt(req, false); 133 } 134 135 static int ccp_des3_cra_init(struct crypto_tfm *tfm) 136 { 137 struct ccp_ctx *ctx = crypto_tfm_ctx(tfm); 138 139 ctx->complete = ccp_des3_complete; 140 ctx->u.des3.key_len = 0; 141 142 tfm->crt_ablkcipher.reqsize = sizeof(struct ccp_des3_req_ctx); 143 144 return 0; 145 } 146 147 static void ccp_des3_cra_exit(struct crypto_tfm *tfm) 148 { 149 } 150 151 static struct crypto_alg ccp_des3_defaults = { 152 .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | 153 CRYPTO_ALG_ASYNC | 154 CRYPTO_ALG_KERN_DRIVER_ONLY | 155 CRYPTO_ALG_NEED_FALLBACK, 156 .cra_blocksize = DES3_EDE_BLOCK_SIZE, 157 .cra_ctxsize = sizeof(struct ccp_ctx), 158 .cra_priority = CCP_CRA_PRIORITY, 159 .cra_type = &crypto_ablkcipher_type, 160 .cra_init = ccp_des3_cra_init, 161 .cra_exit = ccp_des3_cra_exit, 162 .cra_module = THIS_MODULE, 163 .cra_ablkcipher = { 164 .setkey = ccp_des3_setkey, 165 .encrypt = ccp_des3_encrypt, 166 .decrypt = ccp_des3_decrypt, 167 .min_keysize = DES3_EDE_KEY_SIZE, 168 .max_keysize = DES3_EDE_KEY_SIZE, 169 }, 170 }; 171 172 struct ccp_des3_def { 173 enum ccp_des3_mode mode; 174 unsigned int version; 175 const char *name; 176 const char *driver_name; 177 unsigned int blocksize; 178 unsigned int ivsize; 179 struct crypto_alg *alg_defaults; 180 }; 181 182 static struct ccp_des3_def des3_algs[] = { 183 { 184 .mode = CCP_DES3_MODE_ECB, 185 .version = CCP_VERSION(5, 0), 186 .name = "ecb(des3_ede)", 187 .driver_name = "ecb-des3-ccp", 188 .blocksize = DES3_EDE_BLOCK_SIZE, 189 .ivsize = 0, 190 .alg_defaults = &ccp_des3_defaults, 191 }, 192 { 193 .mode = CCP_DES3_MODE_CBC, 194 .version = CCP_VERSION(5, 0), 195 .name = "cbc(des3_ede)", 196 .driver_name = "cbc-des3-ccp", 197 .blocksize = DES3_EDE_BLOCK_SIZE, 198 .ivsize = DES3_EDE_BLOCK_SIZE, 199 .alg_defaults = &ccp_des3_defaults, 200 }, 201 }; 202 203 static int ccp_register_des3_alg(struct list_head *head, 204 const struct ccp_des3_def *def) 205 { 206 struct ccp_crypto_ablkcipher_alg *ccp_alg; 207 struct crypto_alg *alg; 208 int ret; 209 210 ccp_alg = kzalloc(sizeof(*ccp_alg), GFP_KERNEL); 211 if (!ccp_alg) 212 return -ENOMEM; 213 214 INIT_LIST_HEAD(&ccp_alg->entry); 215 216 ccp_alg->mode = def->mode; 217 218 /* Copy the defaults and override as necessary */ 219 alg = &ccp_alg->alg; 220 *alg = *def->alg_defaults; 221 snprintf(alg->cra_name, CRYPTO_MAX_ALG_NAME, "%s", def->name); 222 snprintf(alg->cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s", 223 def->driver_name); 224 alg->cra_blocksize = def->blocksize; 225 alg->cra_ablkcipher.ivsize = def->ivsize; 226 227 ret = crypto_register_alg(alg); 228 if (ret) { 229 pr_err("%s ablkcipher algorithm registration error (%d)\n", 230 alg->cra_name, ret); 231 kfree(ccp_alg); 232 return ret; 233 } 234 235 list_add(&ccp_alg->entry, head); 236 237 return 0; 238 } 239 240 int ccp_register_des3_algs(struct list_head *head) 241 { 242 int i, ret; 243 unsigned int ccpversion = ccp_version(); 244 245 for (i = 0; i < ARRAY_SIZE(des3_algs); i++) { 246 if (des3_algs[i].version > ccpversion) 247 continue; 248 ret = ccp_register_des3_alg(head, &des3_algs[i]); 249 if (ret) 250 return ret; 251 } 252 253 return 0; 254 } 255