Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src-draft/trunk]: src/sys cgd(4): Switch from legacy rijndael API to new aes...
details: https://anonhg.NetBSD.org/src-all/rev/f2bfdffcb27b
branches: trunk
changeset: 934748:f2bfdffcb27b
user: Taylor R Campbell <riastradh%NetBSD.org@localhost>
date: Sun Jun 14 19:56:07 2020 +0000
description:
cgd(4): Switch from legacy rijndael API to new aes API.
diffstat:
sys/conf/files | 2 +-
sys/dev/cgd_crypto.c | 84 ++++++++++++++++++++++++++++++---------------------
2 files changed, 50 insertions(+), 36 deletions(-)
diffs (164 lines):
diff -r 0eb81d1b858c -r f2bfdffcb27b sys/conf/files
--- a/sys/conf/files Sun Jun 14 19:51:43 2020 +0000
+++ b/sys/conf/files Sun Jun 14 19:56:07 2020 +0000
@@ -1395,7 +1395,7 @@
defpseudodev vnd: disk
defflag opt_vnd.h VND_COMPRESSION
defpseudo ccd: disk
-defpseudodev cgd: disk, des, blowfish, cast128, rijndael
+defpseudodev cgd: disk, des, blowfish, cast128, aes
defpseudodev md: disk
defpseudodev fss: disk
diff -r 0eb81d1b858c -r f2bfdffcb27b sys/dev/cgd_crypto.c
--- a/sys/dev/cgd_crypto.c Sun Jun 14 19:51:43 2020 +0000
+++ b/sys/dev/cgd_crypto.c Sun Jun 14 19:56:07 2020 +0000
@@ -45,9 +45,9 @@
#include <dev/cgd_crypto.h>
+#include <crypto/aes/aes.h>
#include <crypto/blowfish/blowfish.h>
#include <crypto/des/des.h>
-#include <crypto/rijndael/rijndael-api-fst.h>
/*
* The general framework provides only one generic function.
@@ -114,8 +114,9 @@
*/
struct aes_privdata {
- keyInstance ap_enckey;
- keyInstance ap_deckey;
+ struct aesenc ap_enckey;
+ struct aesdec ap_deckey;
+ uint32_t ap_nrounds;
};
static void *
@@ -132,8 +133,23 @@
if (*blocksize != 128)
return NULL;
ap = kmem_zalloc(sizeof(*ap), KM_SLEEP);
- rijndael_makeKey(&ap->ap_enckey, DIR_ENCRYPT, keylen, key);
- rijndael_makeKey(&ap->ap_deckey, DIR_DECRYPT, keylen, key);
+ switch (keylen) {
+ case 128:
+ aes_setenckey128(&ap->ap_enckey, key);
+ aes_setdeckey128(&ap->ap_deckey, key);
+ ap->ap_nrounds = AES_128_NROUNDS;
+ break;
+ case 192:
+ aes_setenckey192(&ap->ap_enckey, key);
+ aes_setdeckey192(&ap->ap_deckey, key);
+ ap->ap_nrounds = AES_192_NROUNDS;
+ break;
+ case 256:
+ aes_setenckey256(&ap->ap_enckey, key);
+ aes_setdeckey256(&ap->ap_deckey, key);
+ ap->ap_nrounds = AES_256_NROUNDS;
+ break;
+ }
return ap;
}
@@ -152,25 +168,18 @@
{
struct aes_privdata *apd = privdata;
uint8_t iv[CGD_AES_BLOCK_SIZE] = {0};
- cipherInstance cipher;
- int cipher_ok __diagused;
/* Compute the CBC IV as AES_k(blkno). */
- cipher_ok = rijndael_cipherInit(&cipher, MODE_ECB, NULL);
- KASSERT(cipher_ok > 0);
- rijndael_blockEncrypt(&cipher, &apd->ap_enckey, blkno, /*nbits*/128,
- iv);
+ aes_enc(&apd->ap_enckey, blkno, iv, apd->ap_nrounds);
- cipher_ok = rijndael_cipherInit(&cipher, MODE_CBC, iv);
- KASSERT(cipher_ok > 0);
switch (dir) {
case CGD_CIPHER_ENCRYPT:
- rijndael_blockEncrypt(&cipher, &apd->ap_enckey, src,
- /*nbits*/nbytes * 8, dst);
+ aes_cbc_enc(&apd->ap_enckey, src, dst, nbytes, iv,
+ apd->ap_nrounds);
break;
case CGD_CIPHER_DECRYPT:
- rijndael_blockDecrypt(&cipher, &apd->ap_deckey, src,
- /*nbits*/nbytes * 8, dst);
+ aes_cbc_dec(&apd->ap_deckey, src, dst, nbytes, iv,
+ apd->ap_nrounds);
break;
default:
panic("%s: unrecognised direction %d", __func__, dir);
@@ -182,9 +191,10 @@
*/
struct aesxts {
- keyInstance ax_enckey;
- keyInstance ax_deckey;
- keyInstance ax_tweakkey;
+ struct aesenc ax_enckey;
+ struct aesdec ax_deckey;
+ struct aesenc ax_tweakkey;
+ uint32_t ax_nrounds;
};
static void *
@@ -207,9 +217,20 @@
key = xtskey;
key2 = key + keylen / CHAR_BIT;
- rijndael_makeKey(&ax->ax_enckey, DIR_ENCRYPT, keylen, key);
- rijndael_makeKey(&ax->ax_deckey, DIR_DECRYPT, keylen, key);
- rijndael_makeKey(&ax->ax_tweakkey, DIR_ENCRYPT, keylen, key2);
+ switch (keylen) {
+ case 128:
+ aes_setenckey128(&ax->ax_enckey, key);
+ aes_setdeckey128(&ax->ax_deckey, key);
+ aes_setenckey128(&ax->ax_tweakkey, key2);
+ ax->ax_nrounds = AES_128_NROUNDS;
+ break;
+ case 256:
+ aes_setenckey256(&ax->ax_enckey, key);
+ aes_setdeckey256(&ax->ax_deckey, key);
+ aes_setenckey256(&ax->ax_tweakkey, key2);
+ ax->ax_nrounds = AES_256_NROUNDS;
+ break;
+ }
return ax;
}
@@ -229,25 +250,18 @@
{
struct aesxts *ax = cookie;
uint8_t tweak[CGD_AES_BLOCK_SIZE];
- cipherInstance cipher;
- int cipher_ok __diagused;
/* Compute the initial tweak as AES_k(blkno). */
- cipher_ok = rijndael_cipherInit(&cipher, MODE_ECB, NULL);
- KASSERT(cipher_ok > 0);
- rijndael_blockEncrypt(&cipher, &ax->ax_tweakkey, blkno, /*nbits*/128,
- tweak);
+ aes_enc(&ax->ax_tweakkey, blkno, tweak, ax->ax_nrounds);
- cipher_ok = rijndael_cipherInit(&cipher, MODE_XTS, tweak);
- KASSERT(cipher_ok > 0);
switch (dir) {
case CGD_CIPHER_ENCRYPT:
- rijndael_blockEncrypt(&cipher, &ax->ax_enckey, src,
- /*nbits*/nbytes * 8, dst);
+ aes_xts_enc(&ax->ax_enckey, src, dst, nbytes, tweak,
+ ax->ax_nrounds);
break;
case CGD_CIPHER_DECRYPT:
- rijndael_blockDecrypt(&cipher, &ax->ax_deckey, src,
- /*nbits*/nbytes * 8, dst);
+ aes_xts_dec(&ax->ax_deckey, src, dst, nbytes, tweak,
+ ax->ax_nrounds);
break;
default:
panic("%s: unrecognised direction %d", __func__, dir);
Home |
Main Index |
Thread Index |
Old Index