File 0006-s390x-assembly-pack-add-KM-code-path-for-aes-ecb.patch of Package openssl-1_1.17561
From 55bd169fd874f65fa15b20ce4feae2e8ed5e77f1 Mon Sep 17 00:00:00 2001
From: Patrick Steuer <patrick.steuer@de.ibm.com>
Date: Wed, 28 Mar 2018 12:43:15 +0100
Subject: [PATCH] s390x assembly pack: add KM code path for aes-ecb
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5250)
---
crypto/evp/e_aes.c | 92 ++++++++++++++++++++++++++++++++++++----------
1 file changed, 72 insertions(+), 20 deletions(-)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 1d5007acf8..c595f558e0 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -956,6 +956,21 @@ const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
*/
# include "s390x_arch.h"
+typedef struct {
+ union {
+ double align;
+ /*-
+ * KM-AES parameter block - begin
+ * (see z/Architecture Principles of Operation >= SA22-7832-06)
+ */
+ struct {
+ unsigned char k[32];
+ } param;
+ /* KM-AES parameter block - end */
+ } km;
+ unsigned int fc;
+} S390X_AES_ECB_CTX;
+
typedef struct {
union {
double align;
@@ -1056,18 +1071,16 @@ typedef struct {
} aes;
} S390X_AES_CCM_CTX;
-# define S390X_aes_128_CAPABLE ((OPENSSL_s390xcap_P.km[0] & \
- S390X_CAPBIT(S390X_AES_128)) &&\
- (OPENSSL_s390xcap_P.kmc[0] & \
- S390X_CAPBIT(S390X_AES_128)))
-# define S390X_aes_192_CAPABLE ((OPENSSL_s390xcap_P.km[0] & \
- S390X_CAPBIT(S390X_AES_192)) &&\
- (OPENSSL_s390xcap_P.kmc[0] & \
- S390X_CAPBIT(S390X_AES_192)))
-# define S390X_aes_256_CAPABLE ((OPENSSL_s390xcap_P.km[0] & \
- S390X_CAPBIT(S390X_AES_256)) &&\
- (OPENSSL_s390xcap_P.kmc[0] & \
- S390X_CAPBIT(S390X_AES_256)))
+/* Convert key size to function code: [16,24,32] -> [18,19,20]. */
+# define S390X_AES_FC(keylen) (S390X_AES_128 + ((((keylen) << 3) - 128) >> 6))
+
+/* Most modes of operation need km for partial block processing. */
+# define S390X_aes_128_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
+ S390X_CAPBIT(S390X_AES_128))
+# define S390X_aes_192_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
+ S390X_CAPBIT(S390X_AES_192))
+# define S390X_aes_256_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
+ S390X_CAPBIT(S390X_AES_256))
# define s390x_aes_init_key aes_init_key
static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
@@ -1076,22 +1089,48 @@ static int s390x_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
# define S390X_aes_128_cbc_CAPABLE 1 /* checked by callee */
# define S390X_aes_192_cbc_CAPABLE 1
# define S390X_aes_256_cbc_CAPABLE 1
+# define S390X_AES_CBC_CTX EVP_AES_KEY
+
+# define s390x_aes_cbc_init_key aes_init_key
# define s390x_aes_cbc_cipher aes_cbc_cipher
static int s390x_aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len);
-# define S390X_aes_128_ecb_CAPABLE 0
-# define S390X_aes_192_ecb_CAPABLE 0
-# define S390X_aes_256_ecb_CAPABLE 0
+# define S390X_aes_128_ecb_CAPABLE S390X_aes_128_CAPABLE
+# define S390X_aes_192_ecb_CAPABLE S390X_aes_192_CAPABLE
+# define S390X_aes_256_ecb_CAPABLE S390X_aes_256_CAPABLE
+
+static int s390x_aes_ecb_init_key(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv, int enc)
+{
+ S390X_AES_ECB_CTX *cctx = EVP_C_DATA(S390X_AES_ECB_CTX, ctx);
+ const int keylen = EVP_CIPHER_CTX_key_length(ctx);
+
+ cctx->fc = S390X_AES_FC(keylen);
+ if (!enc)
+ cctx->fc |= S390X_DECRYPT;
+
+ memcpy(cctx->km.param.k, key, keylen);
+ return 1;
+}
-# define s390x_aes_ecb_cipher aes_ecb_cipher
static int s390x_aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t len);
+ const unsigned char *in, size_t len)
+{
+ S390X_AES_ECB_CTX *cctx = EVP_C_DATA(S390X_AES_ECB_CTX, ctx);
+
+ s390x_km(in, len, out, cctx->fc, &cctx->km.param);
+ return 1;
+}
# define S390X_aes_128_ofb_CAPABLE 0
# define S390X_aes_192_ofb_CAPABLE 0
# define S390X_aes_256_ofb_CAPABLE 0
+# define S390X_AES_OFB_CTX EVP_AES_KEY
+
+# define s390x_aes_ofb_init_key aes_init_key
# define s390x_aes_ofb_cipher aes_ofb_cipher
static int s390x_aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -1100,6 +1139,9 @@ static int s390x_aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
# define S390X_aes_128_cfb_CAPABLE 0
# define S390X_aes_192_cfb_CAPABLE 0
# define S390X_aes_256_cfb_CAPABLE 0
+# define S390X_AES_CFB_CTX EVP_AES_KEY
+
+# define s390x_aes_cfb_init_key aes_init_key
# define s390x_aes_cfb_cipher aes_cfb_cipher
static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -1109,6 +1151,8 @@ static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
# define S390X_aes_192_cfb8_CAPABLE 0
# define S390X_aes_256_cfb8_CAPABLE 0
+# define s390x_aes_cfb8_init_key aes_init_key
+
# define s390x_aes_cfb8_cipher aes_cfb8_cipher
static int s390x_aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len);
@@ -1117,6 +1161,8 @@ static int s390x_aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
# define S390X_aes_192_cfb1_CAPABLE 0
# define S390X_aes_256_cfb1_CAPABLE 0
+# define s390x_aes_cfb1_init_key aes_init_key
+
# define s390x_aes_cfb1_cipher aes_cfb1_cipher
static int s390x_aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len);
@@ -1124,6 +1170,9 @@ static int s390x_aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
# define S390X_aes_128_ctr_CAPABLE 1 /* checked by callee */
# define S390X_aes_192_ctr_CAPABLE 1
# define S390X_aes_256_ctr_CAPABLE 1
+# define S390X_AES_CTR_CTX EVP_AES_KEY
+
+# define s390x_aes_ctr_init_key aes_init_key
# define s390x_aes_ctr_cipher aes_ctr_cipher
static int s390x_aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -2168,10 +2217,10 @@ static const EVP_CIPHER s390x_aes_##keylen##_##mode = { \
keylen / 8, \
ivlen, \
flags | EVP_CIPH_##MODE##_MODE, \
- s390x_aes_init_key, \
+ s390x_aes_##mode##_init_key, \
s390x_aes_##mode##_cipher, \
NULL, \
- sizeof(EVP_AES_KEY), \
+ sizeof(S390X_AES_##MODE##_CTX), \
NULL, \
NULL, \
NULL, \
@@ -2187,7 +2236,10 @@ static const EVP_CIPHER aes_##keylen##_##mode = { \
aes_##mode##_cipher, \
NULL, \
sizeof(EVP_AES_KEY), \
- NULL,NULL,NULL,NULL \
+ NULL, \
+ NULL, \
+ NULL, \
+ NULL \
}; \
const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
{ \
--
2.20.1