crypto: update aes algorithm process
(1)update iv in each encryption process (2)support aes-ofb/aes-cfb128/aes-cfb8 Signed-off-by: makejian <makejian@xiaomi.com>
This commit is contained in:
parent
e8a2df4f80
commit
afbe6239ae
@ -225,6 +225,9 @@ static int cryptof_ioctl(FAR struct file *filep,
|
||||
case CRYPTO_AES_CBC:
|
||||
case CRYPTO_AES_CTR:
|
||||
case CRYPTO_AES_XTS:
|
||||
case CRYPTO_AES_OFB:
|
||||
case CRYPTO_AES_CFB_8:
|
||||
case CRYPTO_AES_CFB_128:
|
||||
case CRYPTO_NULL:
|
||||
txform = true;
|
||||
break;
|
||||
|
@ -74,13 +74,6 @@ int swcr_encdec(FAR struct cryptop *crp, FAR struct cryptodesc *crd,
|
||||
blks = exf->blocksize;
|
||||
ivlen = exf->ivsize;
|
||||
|
||||
/* Check for non-padded data */
|
||||
|
||||
if (crd->crd_len % blks)
|
||||
{
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
/* Initialize the IV */
|
||||
|
||||
if (crd->crd_flags & CRD_F_ENCRYPT)
|
||||
@ -191,6 +184,8 @@ int swcr_encdec(FAR struct cryptop *crp, FAR struct cryptodesc *crd,
|
||||
}
|
||||
}
|
||||
|
||||
bcopy(ivp, crp->crp_iv, ivlen);
|
||||
|
||||
return 0; /* Done with encryption/decryption */
|
||||
}
|
||||
|
||||
@ -664,6 +659,15 @@ int swcr_newsession(FAR uint32_t *sid, FAR struct cryptoini *cri)
|
||||
txf = &enc_xform_aes_gmac;
|
||||
(*swd)->sw_exf = txf;
|
||||
break;
|
||||
case CRYPTO_AES_OFB:
|
||||
txf = &enc_xform_aes_ofb;
|
||||
goto enccommon;
|
||||
case CRYPTO_AES_CFB_8:
|
||||
txf = &enc_xform_aes_cfb_8;
|
||||
goto enccommon;
|
||||
case CRYPTO_AES_CFB_128:
|
||||
txf = &enc_xform_aes_cfb_128;
|
||||
goto enccommon;
|
||||
case CRYPTO_CHACHA20_POLY1305:
|
||||
txf = &enc_xform_chacha20_poly1305;
|
||||
goto enccommon;
|
||||
@ -882,6 +886,9 @@ int swcr_freesession(uint64_t tid)
|
||||
case CRYPTO_AES_XTS:
|
||||
case CRYPTO_AES_GCM_16:
|
||||
case CRYPTO_AES_GMAC:
|
||||
case CRYPTO_AES_OFB:
|
||||
case CRYPTO_AES_CFB_8:
|
||||
case CRYPTO_AES_CFB_128:
|
||||
case CRYPTO_CHACHA20_POLY1305:
|
||||
case CRYPTO_NULL:
|
||||
txf = swd->sw_exf;
|
||||
@ -1010,14 +1017,11 @@ int swcr_process(struct cryptop *crp)
|
||||
case CRYPTO_RIJNDAEL128_CBC:
|
||||
case CRYPTO_AES_CTR:
|
||||
case CRYPTO_AES_XTS:
|
||||
case CRYPTO_AES_OFB:
|
||||
case CRYPTO_AES_CFB_8:
|
||||
case CRYPTO_AES_CFB_128:
|
||||
txf = sw->sw_exf;
|
||||
|
||||
if ((crd->crd_len % txf->blocksize) != 0)
|
||||
{
|
||||
crp->crp_etype = -EINVAL;
|
||||
goto done;
|
||||
}
|
||||
|
||||
if (crp->crp_iv)
|
||||
{
|
||||
if (!(crd->crd_flags & CRD_F_IV_EXPLICIT))
|
||||
@ -1127,6 +1131,9 @@ void swcr_init(void)
|
||||
algs[CRYPTO_AES_128_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_192_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_256_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_OFB] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_CFB_8] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_AES_CFB_128] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_CHACHA20_POLY1305] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_CHACHA20_POLY1305_MAC] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
|
||||
|
149
crypto/xform.c
149
crypto/xform.c
@ -88,6 +88,7 @@ int cast5_setkey(FAR void *, FAR uint8_t *, int);
|
||||
int aes_setkey_xform(FAR void *, FAR uint8_t *, int);
|
||||
int aes_ctr_setkey(FAR void *, FAR uint8_t *, int);
|
||||
int aes_xts_setkey(FAR void *, FAR uint8_t *, int);
|
||||
int aes_ofb_setkey(FAR void *, FAR uint8_t *, int);
|
||||
int null_setkey(FAR void *, FAR uint8_t *, int);
|
||||
|
||||
void des3_encrypt(caddr_t, FAR uint8_t *);
|
||||
@ -96,6 +97,9 @@ void cast5_encrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_encrypt_xform(caddr_t, FAR uint8_t *);
|
||||
void null_encrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_xts_encrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_ofb_encrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_cfb8_encrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_cfb128_encrypt(caddr_t, FAR uint8_t *);
|
||||
|
||||
void des3_decrypt(caddr_t, FAR uint8_t *);
|
||||
void blf_decrypt(caddr_t, FAR uint8_t *);
|
||||
@ -103,12 +107,15 @@ void cast5_decrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_decrypt_xform(caddr_t, FAR uint8_t *);
|
||||
void null_decrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_xts_decrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_cfb8_decrypt(caddr_t, FAR uint8_t *);
|
||||
void aes_cfb128_decrypt(caddr_t, FAR uint8_t *);
|
||||
|
||||
void aes_ctr_crypt(caddr_t, FAR uint8_t *);
|
||||
|
||||
void aes_ctr_reinit(caddr_t, FAR uint8_t *);
|
||||
void aes_xts_reinit(caddr_t, FAR uint8_t *);
|
||||
void aes_gcm_reinit(caddr_t, FAR uint8_t *);
|
||||
void aes_ofb_reinit(caddr_t, FAR uint8_t *);
|
||||
|
||||
int md5update_int(FAR void *, FAR const uint8_t *, uint16_t);
|
||||
int sha1update_int(FAR void *, FAR const uint8_t *, uint16_t);
|
||||
@ -131,6 +138,12 @@ struct aes_xts_ctx
|
||||
uint8_t tweak[AES_XTS_BLOCKSIZE];
|
||||
};
|
||||
|
||||
struct aes_ofb_ctx
|
||||
{
|
||||
AES_CTX ac_key;
|
||||
FAR uint8_t *iv;
|
||||
};
|
||||
|
||||
/* Helper */
|
||||
|
||||
void aes_xts_crypt(FAR struct aes_xts_ctx *, FAR uint8_t *, u_int);
|
||||
@ -223,6 +236,39 @@ const struct enc_xform enc_xform_aes_xts =
|
||||
aes_xts_reinit
|
||||
};
|
||||
|
||||
const struct enc_xform enc_xform_aes_ofb =
|
||||
{
|
||||
CRYPTO_AES_OFB, "AES-OFB",
|
||||
16, 16, 16, 32,
|
||||
sizeof(struct aes_ofb_ctx),
|
||||
aes_ofb_encrypt,
|
||||
aes_ofb_encrypt,
|
||||
aes_ofb_setkey,
|
||||
aes_ofb_reinit
|
||||
};
|
||||
|
||||
const struct enc_xform enc_xform_aes_cfb_8 =
|
||||
{
|
||||
CRYPTO_AES_CFB_8, "AES-CFB-8",
|
||||
16, 16, 16, 32,
|
||||
sizeof(struct aes_ofb_ctx),
|
||||
aes_cfb8_encrypt,
|
||||
aes_cfb8_decrypt,
|
||||
aes_ofb_setkey,
|
||||
aes_ofb_reinit
|
||||
};
|
||||
|
||||
const struct enc_xform enc_xform_aes_cfb_128 =
|
||||
{
|
||||
CRYPTO_AES_CFB_128, "AES-CFB-128",
|
||||
16, 16, 16, 32,
|
||||
sizeof(struct aes_ofb_ctx),
|
||||
aes_cfb128_encrypt,
|
||||
aes_cfb128_decrypt,
|
||||
aes_ofb_setkey,
|
||||
aes_ofb_reinit
|
||||
};
|
||||
|
||||
const struct enc_xform enc_xform_chacha20_poly1305 =
|
||||
{
|
||||
CRYPTO_CHACHA20_POLY1305, "CHACHA20-POLY1305",
|
||||
@ -638,6 +684,109 @@ int aes_xts_setkey(FAR void *sched, FAR uint8_t *key, int len)
|
||||
return 0;
|
||||
}
|
||||
|
||||
void aes_ofb_encrypt(caddr_t key, FAR uint8_t *data)
|
||||
{
|
||||
FAR struct aes_ofb_ctx *ctx;
|
||||
int i;
|
||||
|
||||
ctx = (FAR struct aes_ofb_ctx *)key;
|
||||
|
||||
aes_encrypt(&ctx->ac_key, ctx->iv, ctx->iv);
|
||||
for (i = 0; i < AESOFB_IVSIZE; i++)
|
||||
{
|
||||
data[i] ^= ctx->iv[i];
|
||||
}
|
||||
}
|
||||
|
||||
int aes_ofb_setkey(FAR void *sched, FAR uint8_t *key, int len)
|
||||
{
|
||||
FAR struct aes_ofb_ctx *ctx;
|
||||
|
||||
ctx = (FAR struct aes_ofb_ctx *)sched;
|
||||
if (aes_setkey(&ctx->ac_key, key, len) != 0)
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void aes_ofb_reinit(caddr_t key, FAR uint8_t *iv)
|
||||
{
|
||||
FAR struct aes_ofb_ctx *ctx;
|
||||
|
||||
ctx = (FAR struct aes_ofb_ctx *)key;
|
||||
ctx->iv = iv;
|
||||
}
|
||||
|
||||
void aes_cfb8_encrypt(caddr_t key, FAR uint8_t *data)
|
||||
{
|
||||
FAR struct aes_ofb_ctx *ctx;
|
||||
uint8_t ov[AESOFB_IVSIZE + 1];
|
||||
int i;
|
||||
|
||||
ctx = (FAR struct aes_ofb_ctx *)key;
|
||||
|
||||
for (i = 0; i < AESOFB_IVSIZE; i++)
|
||||
{
|
||||
bcopy(ctx->iv, ov, AESOFB_IVSIZE);
|
||||
aes_encrypt(&ctx->ac_key, ctx->iv, ctx->iv);
|
||||
data[i] ^= ctx->iv[0];
|
||||
ov[AESOFB_IVSIZE] = data[i];
|
||||
bcopy(ov + 1, ctx->iv, AESOFB_IVSIZE);
|
||||
}
|
||||
}
|
||||
|
||||
void aes_cfb8_decrypt(caddr_t key, FAR uint8_t *data)
|
||||
{
|
||||
FAR struct aes_ofb_ctx *ctx;
|
||||
uint8_t ov[AESOFB_IVSIZE + 1];
|
||||
int i;
|
||||
|
||||
ctx = (FAR struct aes_ofb_ctx *)key;
|
||||
|
||||
for (i = 0; i < AESOFB_IVSIZE; i++)
|
||||
{
|
||||
bcopy(ctx->iv, ov, AESOFB_IVSIZE);
|
||||
aes_encrypt(&ctx->ac_key, ctx->iv, ctx->iv);
|
||||
ov[AESOFB_IVSIZE] = data[i];
|
||||
data[i] ^= ctx->iv[0];
|
||||
bcopy(ov + 1, ctx->iv, AESOFB_IVSIZE);
|
||||
}
|
||||
}
|
||||
|
||||
void aes_cfb128_encrypt(caddr_t key, FAR uint8_t *data)
|
||||
{
|
||||
FAR struct aes_ofb_ctx *ctx;
|
||||
int i;
|
||||
|
||||
ctx = (FAR struct aes_ofb_ctx *)key;
|
||||
|
||||
aes_encrypt(&ctx->ac_key, ctx->iv, ctx->iv);
|
||||
for (i = 0; i < AESOFB_IVSIZE; i++)
|
||||
{
|
||||
data[i] ^= ctx->iv[i];
|
||||
ctx->iv[i] = data[i];
|
||||
}
|
||||
}
|
||||
|
||||
void aes_cfb128_decrypt(caddr_t key, FAR uint8_t *data)
|
||||
{
|
||||
FAR struct aes_ofb_ctx *ctx;
|
||||
uint8_t c;
|
||||
int i;
|
||||
|
||||
ctx = (FAR struct aes_ofb_ctx *)key;
|
||||
|
||||
aes_encrypt(&ctx->ac_key, ctx->iv, ctx->iv);
|
||||
for (i = 0; i < AESOFB_IVSIZE; i++)
|
||||
{
|
||||
c = data[i];
|
||||
data[i] ^= ctx->iv[i];
|
||||
ctx->iv[i] = c;
|
||||
}
|
||||
}
|
||||
|
||||
/* And now for auth. */
|
||||
|
||||
int rmd160update_int(FAR void *ctx, FAR const uint8_t *buf, uint16_t len)
|
||||
|
@ -111,16 +111,19 @@
|
||||
#define CRYPTO_AES_192_GMAC 18
|
||||
#define CRYPTO_AES_256_GMAC 19
|
||||
#define CRYPTO_AES_GMAC 20
|
||||
#define CRYPTO_CHACHA20_POLY1305 21
|
||||
#define CRYPTO_CHACHA20_POLY1305_MAC 22
|
||||
#define CRYPTO_MD5 23
|
||||
#define CRYPTO_SHA1 24
|
||||
#define CRYPTO_SHA2_224 25
|
||||
#define CRYPTO_SHA2_256 26
|
||||
#define CRYPTO_SHA2_384 27
|
||||
#define CRYPTO_SHA2_512 28
|
||||
#define CRYPTO_ESN 29 /* Support for Extended Sequence Numbers */
|
||||
#define CRYPTO_ALGORITHM_MAX 29 /* Keep updated */
|
||||
#define CRYPTO_AES_OFB 21
|
||||
#define CRYPTO_AES_CFB_8 22
|
||||
#define CRYPTO_AES_CFB_128 23
|
||||
#define CRYPTO_CHACHA20_POLY1305 24
|
||||
#define CRYPTO_CHACHA20_POLY1305_MAC 25
|
||||
#define CRYPTO_MD5 26
|
||||
#define CRYPTO_SHA1 27
|
||||
#define CRYPTO_SHA2_224 28
|
||||
#define CRYPTO_SHA2_256 29
|
||||
#define CRYPTO_SHA2_384 30
|
||||
#define CRYPTO_SHA2_512 31
|
||||
#define CRYPTO_ESN 32 /* Support for Extended Sequence Numbers */
|
||||
#define CRYPTO_ALGORITHM_MAX 32 /* Keep updated */
|
||||
|
||||
/* Algorithm flags */
|
||||
|
||||
|
@ -39,6 +39,7 @@
|
||||
#define AESCTR_NONCESIZE 4
|
||||
#define AESCTR_IVSIZE 8
|
||||
#define AESCTR_BLOCKSIZE 16
|
||||
#define AESOFB_IVSIZE 16
|
||||
|
||||
#define AES_XTS_BLOCKSIZE 16
|
||||
#define AES_XTS_IVSIZE 8
|
||||
@ -103,6 +104,9 @@ extern const struct enc_xform enc_xform_aes_ctr;
|
||||
extern const struct enc_xform enc_xform_aes_gcm;
|
||||
extern const struct enc_xform enc_xform_aes_gmac;
|
||||
extern const struct enc_xform enc_xform_aes_xts;
|
||||
extern const struct enc_xform enc_xform_aes_ofb;
|
||||
extern const struct enc_xform enc_xform_aes_cfb_8;
|
||||
extern const struct enc_xform enc_xform_aes_cfb_128;
|
||||
extern const struct enc_xform enc_xform_chacha20_poly1305;
|
||||
extern const struct enc_xform enc_xform_null;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user