Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/arch/x86 padlock(4): Remove legacy rijndael API use.
details: https://anonhg.NetBSD.org/src/rev/cc5301e54a6a
branches: trunk
changeset: 935310:cc5301e54a6a
user: riastradh <riastradh%NetBSD.org@localhost>
date: Mon Jun 29 23:38:02 2020 +0000
description:
padlock(4): Remove legacy rijndael API use.
This doesn't actually need to compute AES -- it just needs the
standard AES key schedule, so use the BearSSL constant-time key
schedule implementation.
XXX Compile-tested only.
XXX The byte-order business here seems highly questionable.
diffstat:
sys/arch/x86/conf/files.x86 | 4 ++--
sys/arch/x86/include/via_padlock.h | 10 +++++-----
sys/arch/x86/x86/via_padlock.c | 31 +++++++++++++++++++++----------
3 files changed, 28 insertions(+), 17 deletions(-)
diffs (130 lines):
diff -r 029ba5b3e0c6 -r cc5301e54a6a sys/arch/x86/conf/files.x86
--- a/sys/arch/x86/conf/files.x86 Mon Jun 29 23:36:59 2020 +0000
+++ b/sys/arch/x86/conf/files.x86 Mon Jun 29 23:38:02 2020 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: files.x86,v 1.112 2020/06/29 23:29:39 riastradh Exp $
+# $NetBSD: files.x86,v 1.113 2020/06/29 23:38:02 riastradh Exp $
# options for MP configuration through the MP spec
defflag opt_mpbios.h MPBIOS MPDEBUG MPBIOS_SCANPCI
@@ -59,7 +59,7 @@
attach odcm at cpufeaturebus
file arch/x86/x86/odcm.c odcm
-device padlock: opencrypto, rijndael
+device padlock: opencrypto, aes
attach padlock at cpufeaturebus
file arch/x86/x86/via_padlock.c padlock
diff -r 029ba5b3e0c6 -r cc5301e54a6a sys/arch/x86/include/via_padlock.h
--- a/sys/arch/x86/include/via_padlock.h Mon Jun 29 23:36:59 2020 +0000
+++ b/sys/arch/x86/include/via_padlock.h Mon Jun 29 23:38:02 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: via_padlock.h,v 1.9 2016/02/27 00:54:59 tls Exp $ */
+/* $NetBSD: via_padlock.h,v 1.10 2020/06/29 23:38:02 riastradh Exp $ */
/*-
* Copyright (c) 2003 Jason Wright
@@ -25,7 +25,8 @@
#include <sys/rndsource.h>
#include <sys/callout.h>
-#include <crypto/rijndael/rijndael.h>
+
+#include <crypto/aes/aes.h>
/* VIA C3 xcrypt-* instruction context control options */
#define C3_CRYPT_CWLO_ROUND_M 0x0000000f
@@ -43,9 +44,8 @@
#define C3_CRYPT_CWLO_KEY256 0x0000080e /* 256bit, 15 rds */
struct via_padlock_session {
- uint32_t ses_ekey[4 * (RIJNDAEL_MAXNR + 1) + 4]; /* 128 bit aligned */
- uint32_t ses_dkey[4 * (RIJNDAEL_MAXNR + 1) + 4]; /* 128 bit aligned */
- uint8_t ses_iv[16]; /* 128 bit aligned */
+ uint32_t ses_ekey[4*(AES_256_NROUNDS + 1)];
+ uint32_t ses_dkey[4*(AES_256_NROUNDS + 1)];
uint32_t ses_cw0;
struct swcr_data *swd;
int ses_klen;
diff -r 029ba5b3e0c6 -r cc5301e54a6a sys/arch/x86/x86/via_padlock.c
--- a/sys/arch/x86/x86/via_padlock.c Mon Jun 29 23:36:59 2020 +0000
+++ b/sys/arch/x86/x86/via_padlock.c Mon Jun 29 23:38:02 2020 +0000
@@ -1,5 +1,5 @@
/* $OpenBSD: via.c,v 1.8 2006/11/17 07:47:56 tom Exp $ */
-/* $NetBSD: via_padlock.c,v 1.29 2020/06/14 23:20:15 riastradh Exp $ */
+/* $NetBSD: via_padlock.c,v 1.30 2020/06/29 23:38:02 riastradh Exp $ */
/*-
* Copyright (c) 2003 Jason Wright
@@ -20,7 +20,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: via_padlock.c,v 1.29 2020/06/14 23:20:15 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: via_padlock.c,v 1.30 2020/06/29 23:38:02 riastradh Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -37,10 +37,11 @@
#include <machine/cpufunc.h>
#include <machine/cpuvar.h>
+#include <crypto/aes/aes_bear.h>
+
#include <opencrypto/cryptodev.h>
#include <opencrypto/cryptosoft.h>
#include <opencrypto/xform.h>
-#include <crypto/rijndael/rijndael.h>
#include <opencrypto/cryptosoft_xform.c>
@@ -174,14 +175,29 @@
for (c = cri; c != NULL; c = c->cri_next) {
switch (c->cri_alg) {
case CRYPTO_AES_CBC:
+ memset(ses->ses_ekey, 0, sizeof(ses->ses_ekey));
+ memset(ses->ses_dkey, 0, sizeof(ses->ses_dkey));
+
switch (c->cri_klen) {
case 128:
+ br_aes_ct_keysched_stdenc(ses->ses_ekey,
+ c->cri_key, 16);
+ br_aes_ct_keysched_stddec(ses->ses_dkey,
+ c->cri_key, 16);
cw0 = C3_CRYPT_CWLO_KEY128;
break;
case 192:
+ br_aes_ct_keysched_stdenc(ses->ses_ekey,
+ c->cri_key, 24);
+ br_aes_ct_keysched_stddec(ses->ses_dkey,
+ c->cri_key, 24);
cw0 = C3_CRYPT_CWLO_KEY192;
break;
case 256:
+ br_aes_ct_keysched_stdenc(ses->ses_ekey,
+ c->cri_key, 32);
+ br_aes_ct_keysched_stddec(ses->ses_dkey,
+ c->cri_key, 32);
cw0 = C3_CRYPT_CWLO_KEY256;
break;
default:
@@ -194,16 +210,11 @@
ses->ses_klen = c->cri_klen;
ses->ses_cw0 = cw0;
- /* Build expanded keys for both directions */
- rijndaelKeySetupEnc(ses->ses_ekey, c->cri_key,
- c->cri_klen);
- rijndaelKeySetupDec(ses->ses_dkey, c->cri_key,
- c->cri_klen);
- for (i = 0; i < 4 * (RIJNDAEL_MAXNR + 1); i++) {
+ /* Convert words to host byte order (???) */
+ for (i = 0; i < 4*(AES_256_NROUNDS + 1); i++) {
ses->ses_ekey[i] = ntohl(ses->ses_ekey[i]);
ses->ses_dkey[i] = ntohl(ses->ses_dkey[i]);
}
-
break;
/* Use hashing implementations from the cryptosoft code. */
Home |
Main Index |
Thread Index |
Old Index