Commit 86aa9fc2 authored by Jan Glauber's avatar Jan Glauber Committed by Martin Schwidefsky

[S390] move crypto options and some cleanup.

This patch moves the config options for the s390 crypto instructions
to the standard "Hardware crypto devices" menu. In addition some
cleanup has been done: use a flag for supported keylengths, add a
warning about machien limitation, return ENOTSUPP in case the
hardware has no support, remove superfluous printks and update
email addresses.
Signed-off-by: default avatarJan Glauber <jan.glauber@de.ibm.com>
Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
parent 347d59d7
config CRYPTO_SHA1_S390
tristate "SHA1 digest algorithm"
depends on S390
select CRYPTO_ALGAPI
help
This is the s390 hardware accelerated implementation of the
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
config CRYPTO_SHA256_S390
tristate "SHA256 digest algorithm"
depends on S390
select CRYPTO_ALGAPI
help
This is the s390 hardware accelerated implementation of the
SHA256 secure hash standard (DFIPS 180-2).
This version of SHA implements a 256 bit hash with 128 bits of
security against collision attacks.
config CRYPTO_DES_S390
tristate "DES and Triple DES cipher algorithms"
depends on S390
select CRYPTO_ALGAPI
select CRYPTO_BLKCIPHER
help
This us the s390 hardware accelerated implementation of the
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
config CRYPTO_AES_S390
tristate "AES cipher algorithms"
depends on S390
select CRYPTO_ALGAPI
select CRYPTO_BLKCIPHER
help
This is the s390 hardware accelerated implementation of the
AES cipher algorithms (FIPS-197). AES uses the Rijndael
algorithm.
Rijndael appears to be consistently a very good performer in
both hardware and software across a wide range of computing
environments regardless of its use in feedback or non-feedback
modes. Its key setup time is excellent, and its key agility is
good. Rijndael's very low memory requirements make it very well
suited for restricted-space environments, in which it also
demonstrates excellent performance. Rijndael's operations are
among the easiest to defend against power and timing attacks.
On s390 the System z9-109 currently only supports the key size
of 128 bit.
config S390_PRNG
tristate "Pseudo random number generator device driver"
depends on S390
default "m"
help
Select this option if you want to use the s390 pseudo random number
generator. The PRNG is part of the cryptograhic processor functions
and uses triple-DES to generate secure random numbers like the
ANSI X9.17 standard. The PRNG is usable via the char device
/dev/prandom.
...@@ -6,5 +6,3 @@ obj-$(CONFIG_CRYPTO_SHA1_S390) += sha1_s390.o ...@@ -6,5 +6,3 @@ obj-$(CONFIG_CRYPTO_SHA1_S390) += sha1_s390.o
obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o obj-$(CONFIG_CRYPTO_SHA256_S390) += sha256_s390.o
obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o des_check_key.o obj-$(CONFIG_CRYPTO_DES_S390) += des_s390.o des_check_key.o
obj-$(CONFIG_CRYPTO_AES_S390) += aes_s390.o obj-$(CONFIG_CRYPTO_AES_S390) += aes_s390.o
obj-$(CONFIG_CRYPTO_TEST) += crypt_s390_query.o
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
* s390 implementation of the AES Cipher Algorithm. * s390 implementation of the AES Cipher Algorithm.
* *
* s390 Version: * s390 Version:
* Copyright (C) 2005 IBM Deutschland GmbH, IBM Corporation * Copyright IBM Corp. 2005,2007
* Author(s): Jan Glauber (jang@de.ibm.com) * Author(s): Jan Glauber (jang@de.ibm.com)
* *
* Derived from "crypto/aes.c" * Derived from "crypto/aes.c"
...@@ -27,9 +27,11 @@ ...@@ -27,9 +27,11 @@
/* data block size for all key lengths */ /* data block size for all key lengths */
#define AES_BLOCK_SIZE 16 #define AES_BLOCK_SIZE 16
static int has_aes_128 = 0; #define AES_KEYLEN_128 1
static int has_aes_192 = 0; #define AES_KEYLEN_192 2
static int has_aes_256 = 0; #define AES_KEYLEN_256 4
static char keylen_flag = 0;
struct s390_aes_ctx { struct s390_aes_ctx {
u8 iv[AES_BLOCK_SIZE]; u8 iv[AES_BLOCK_SIZE];
...@@ -47,20 +49,19 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, ...@@ -47,20 +49,19 @@ static int aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
switch (key_len) { switch (key_len) {
case 16: case 16:
if (!has_aes_128) if (!(keylen_flag & AES_KEYLEN_128))
goto fail; goto fail;
break; break;
case 24: case 24:
if (!has_aes_192) if (!(keylen_flag & AES_KEYLEN_192))
goto fail; goto fail;
break; break;
case 32: case 32:
if (!has_aes_256) if (!(keylen_flag & AES_KEYLEN_256))
goto fail; goto fail;
break; break;
default: default:
/* invalid key length */
goto fail; goto fail;
break; break;
} }
...@@ -322,34 +323,32 @@ static int __init aes_init(void) ...@@ -322,34 +323,32 @@ static int __init aes_init(void)
int ret; int ret;
if (crypt_s390_func_available(KM_AES_128_ENCRYPT)) if (crypt_s390_func_available(KM_AES_128_ENCRYPT))
has_aes_128 = 1; keylen_flag |= AES_KEYLEN_128;
if (crypt_s390_func_available(KM_AES_192_ENCRYPT)) if (crypt_s390_func_available(KM_AES_192_ENCRYPT))
has_aes_192 = 1; keylen_flag |= AES_KEYLEN_192;
if (crypt_s390_func_available(KM_AES_256_ENCRYPT)) if (crypt_s390_func_available(KM_AES_256_ENCRYPT))
has_aes_256 = 1; keylen_flag |= AES_KEYLEN_256;
if (!keylen_flag)
return -EOPNOTSUPP;
if (!has_aes_128 && !has_aes_192 && !has_aes_256) /* z9 109 and z9 BC/EC only support 128 bit key length */
return -ENOSYS; if (keylen_flag == AES_KEYLEN_128)
printk(KERN_INFO
"aes_s390: hardware acceleration only available for"
"128 bit keys\n");
ret = crypto_register_alg(&aes_alg); ret = crypto_register_alg(&aes_alg);
if (ret != 0) { if (ret)
printk(KERN_INFO "crypt_s390: aes-s390 couldn't be loaded.\n");
goto aes_err; goto aes_err;
}
ret = crypto_register_alg(&ecb_aes_alg); ret = crypto_register_alg(&ecb_aes_alg);
if (ret != 0) { if (ret)
printk(KERN_INFO
"crypt_s390: ecb-aes-s390 couldn't be loaded.\n");
goto ecb_aes_err; goto ecb_aes_err;
}
ret = crypto_register_alg(&cbc_aes_alg); ret = crypto_register_alg(&cbc_aes_alg);
if (ret != 0) { if (ret)
printk(KERN_INFO
"crypt_s390: cbc-aes-s390 couldn't be loaded.\n");
goto cbc_aes_err; goto cbc_aes_err;
}
out: out:
return ret; return ret;
......
...@@ -3,8 +3,9 @@ ...@@ -3,8 +3,9 @@
* *
* Support for s390 cryptographic instructions. * Support for s390 cryptographic instructions.
* *
* Copyright (C) 2003 IBM Deutschland GmbH, IBM Corporation * Copyright IBM Corp. 2003,2007
* Author(s): Thomas Spatzier (tspat@de.ibm.com) * Author(s): Thomas Spatzier
* Jan Glauber (jan.glauber@de.ibm.com)
* *
* This program is free software; you can redistribute it and/or modify it * This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free * under the terms of the GNU General Public License as published by the Free
...@@ -32,7 +33,8 @@ enum crypt_s390_operations { ...@@ -32,7 +33,8 @@ enum crypt_s390_operations {
CRYPT_S390_KMAC = 0x0500 CRYPT_S390_KMAC = 0x0500
}; };
/* function codes for KM (CIPHER MESSAGE) instruction /*
* function codes for KM (CIPHER MESSAGE) instruction
* 0x80 is the decipher modifier bit * 0x80 is the decipher modifier bit
*/ */
enum crypt_s390_km_func { enum crypt_s390_km_func {
...@@ -51,7 +53,8 @@ enum crypt_s390_km_func { ...@@ -51,7 +53,8 @@ enum crypt_s390_km_func {
KM_AES_256_DECRYPT = CRYPT_S390_KM | 0x14 | 0x80, KM_AES_256_DECRYPT = CRYPT_S390_KM | 0x14 | 0x80,
}; };
/* function codes for KMC (CIPHER MESSAGE WITH CHAINING) /*
* function codes for KMC (CIPHER MESSAGE WITH CHAINING)
* instruction * instruction
*/ */
enum crypt_s390_kmc_func { enum crypt_s390_kmc_func {
...@@ -70,7 +73,8 @@ enum crypt_s390_kmc_func { ...@@ -70,7 +73,8 @@ enum crypt_s390_kmc_func {
KMC_AES_256_DECRYPT = CRYPT_S390_KMC | 0x14 | 0x80, KMC_AES_256_DECRYPT = CRYPT_S390_KMC | 0x14 | 0x80,
}; };
/* function codes for KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) /*
* function codes for KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST)
* instruction * instruction
*/ */
enum crypt_s390_kimd_func { enum crypt_s390_kimd_func {
...@@ -79,7 +83,8 @@ enum crypt_s390_kimd_func { ...@@ -79,7 +83,8 @@ enum crypt_s390_kimd_func {
KIMD_SHA_256 = CRYPT_S390_KIMD | 2, KIMD_SHA_256 = CRYPT_S390_KIMD | 2,
}; };
/* function codes for KLMD (COMPUTE LAST MESSAGE DIGEST) /*
* function codes for KLMD (COMPUTE LAST MESSAGE DIGEST)
* instruction * instruction
*/ */
enum crypt_s390_klmd_func { enum crypt_s390_klmd_func {
...@@ -88,7 +93,8 @@ enum crypt_s390_klmd_func { ...@@ -88,7 +93,8 @@ enum crypt_s390_klmd_func {
KLMD_SHA_256 = CRYPT_S390_KLMD | 2, KLMD_SHA_256 = CRYPT_S390_KLMD | 2,
}; };
/* function codes for KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) /*
* function codes for KMAC (COMPUTE MESSAGE AUTHENTICATION CODE)
* instruction * instruction
*/ */
enum crypt_s390_kmac_func { enum crypt_s390_kmac_func {
...@@ -98,229 +104,219 @@ enum crypt_s390_kmac_func { ...@@ -98,229 +104,219 @@ enum crypt_s390_kmac_func {
KMAC_TDEA_192 = CRYPT_S390_KMAC | 3 KMAC_TDEA_192 = CRYPT_S390_KMAC | 3
}; };
/* status word for s390 crypto instructions' QUERY functions */ /**
struct crypt_s390_query_status { * crypt_s390_km:
u64 high; * @func: the function code passed to KM; see crypt_s390_km_func
u64 low; * @param: address of parameter block; see POP for details on each func
}; * @dest: address of destination memory area
* @src: address of source memory area
/* * @src_len: length of src operand in bytes
*
* Executes the KM (CIPHER MESSAGE) operation of the CPU. * Executes the KM (CIPHER MESSAGE) operation of the CPU.
* @param func: the function code passed to KM; see crypt_s390_km_func *
* @param param: address of parameter block; see POP for details on each func * Returns -1 for failure, 0 for the query func, number of processed
* @param dest: address of destination memory area * bytes for encryption/decryption funcs
* @param src: address of source memory area
* @param src_len: length of src operand in bytes
* @returns < zero for failure, 0 for the query func, number of processed bytes
* for encryption/decryption funcs
*/ */
static inline int static inline int crypt_s390_km(long func, void *param,
crypt_s390_km(long func, void* param, u8* dest, const u8* src, long src_len) u8 *dest, const u8 *src, long src_len)
{ {
register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; register long __func asm("0") = func & CRYPT_S390_FUNC_MASK;
register void* __param asm("1") = param; register void *__param asm("1") = param;
register const u8* __src asm("2") = src; register const u8 *__src asm("2") = src;
register long __src_len asm("3") = src_len; register long __src_len asm("3") = src_len;
register u8* __dest asm("4") = dest; register u8 *__dest asm("4") = dest;
int ret; int ret;
asm volatile( asm volatile(
"0: .insn rre,0xb92e0000,%3,%1 \n" /* KM opcode */ "0: .insn rre,0xb92e0000,%3,%1 \n" /* KM opcode */
"1: brc 1,0b \n" /* handle partial completion */ "1: brc 1,0b \n" /* handle partial completion */
" ahi %0,%h7\n" " la %0,0\n"
"2: ahi %0,%h8\n" "2:\n"
"3:\n" EX_TABLE(0b,2b) EX_TABLE(1b,2b)
EX_TABLE(0b,3b) EX_TABLE(1b,2b)
: "=d" (ret), "+a" (__src), "+d" (__src_len), "+a" (__dest) : "=d" (ret), "+a" (__src), "+d" (__src_len), "+a" (__dest)
: "d" (__func), "a" (__param), "0" (-EFAULT), : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory");
"K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory");
if (ret < 0) if (ret < 0)
return ret; return ret;
return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len;
} }
/* /**
* crypt_s390_kmc:
* @func: the function code passed to KM; see crypt_s390_kmc_func
* @param: address of parameter block; see POP for details on each func
* @dest: address of destination memory area
* @src: address of source memory area
* @src_len: length of src operand in bytes
*
* Executes the KMC (CIPHER MESSAGE WITH CHAINING) operation of the CPU. * Executes the KMC (CIPHER MESSAGE WITH CHAINING) operation of the CPU.
* @param func: the function code passed to KM; see crypt_s390_kmc_func *
* @param param: address of parameter block; see POP for details on each func * Returns -1 for failure, 0 for the query func, number of processed
* @param dest: address of destination memory area * bytes for encryption/decryption funcs
* @param src: address of source memory area
* @param src_len: length of src operand in bytes
* @returns < zero for failure, 0 for the query func, number of processed bytes
* for encryption/decryption funcs
*/ */
static inline int static inline int crypt_s390_kmc(long func, void *param,
crypt_s390_kmc(long func, void* param, u8* dest, const u8* src, long src_len) u8 *dest, const u8 *src, long src_len)
{ {
register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; register long __func asm("0") = func & CRYPT_S390_FUNC_MASK;
register void* __param asm("1") = param; register void *__param asm("1") = param;
register const u8* __src asm("2") = src; register const u8 *__src asm("2") = src;
register long __src_len asm("3") = src_len; register long __src_len asm("3") = src_len;
register u8* __dest asm("4") = dest; register u8 *__dest asm("4") = dest;
int ret; int ret;
asm volatile( asm volatile(
"0: .insn rre,0xb92f0000,%3,%1 \n" /* KMC opcode */ "0: .insn rre,0xb92f0000,%3,%1 \n" /* KMC opcode */
"1: brc 1,0b \n" /* handle partial completion */ "1: brc 1,0b \n" /* handle partial completion */
" ahi %0,%h7\n" " la %0,0\n"
"2: ahi %0,%h8\n" "2:\n"
"3:\n" EX_TABLE(0b,2b) EX_TABLE(1b,2b)
EX_TABLE(0b,3b) EX_TABLE(1b,2b)
: "=d" (ret), "+a" (__src), "+d" (__src_len), "+a" (__dest) : "=d" (ret), "+a" (__src), "+d" (__src_len), "+a" (__dest)
: "d" (__func), "a" (__param), "0" (-EFAULT), : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory");
"K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory");
if (ret < 0) if (ret < 0)
return ret; return ret;
return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len;
} }
/* /**
* crypt_s390_kimd:
* @func: the function code passed to KM; see crypt_s390_kimd_func
* @param: address of parameter block; see POP for details on each func
* @src: address of source memory area
* @src_len: length of src operand in bytes
*
* Executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) operation * Executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST) operation
* of the CPU. * of the CPU.
* @param func: the function code passed to KM; see crypt_s390_kimd_func *
* @param param: address of parameter block; see POP for details on each func * Returns -1 for failure, 0 for the query func, number of processed
* @param src: address of source memory area * bytes for digest funcs
* @param src_len: length of src operand in bytes
* @returns < zero for failure, 0 for the query func, number of processed bytes
* for digest funcs
*/ */
static inline int static inline int crypt_s390_kimd(long func, void *param,
crypt_s390_kimd(long func, void* param, const u8* src, long src_len) const u8 *src, long src_len)
{ {
register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; register long __func asm("0") = func & CRYPT_S390_FUNC_MASK;
register void* __param asm("1") = param; register void *__param asm("1") = param;
register const u8* __src asm("2") = src; register const u8 *__src asm("2") = src;
register long __src_len asm("3") = src_len; register long __src_len asm("3") = src_len;
int ret; int ret;
asm volatile( asm volatile(
"0: .insn rre,0xb93e0000,%1,%1 \n" /* KIMD opcode */ "0: .insn rre,0xb93e0000,%1,%1 \n" /* KIMD opcode */
"1: brc 1,0b \n" /* handle partial completion */ "1: brc 1,0b \n" /* handle partial completion */
" ahi %0,%h6\n" " la %0,0\n"
"2: ahi %0,%h7\n" "2:\n"
"3:\n" EX_TABLE(0b,2b) EX_TABLE(1b,2b)
EX_TABLE(0b,3b) EX_TABLE(1b,2b)
: "=d" (ret), "+a" (__src), "+d" (__src_len) : "=d" (ret), "+a" (__src), "+d" (__src_len)
: "d" (__func), "a" (__param), "0" (-EFAULT), : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory");
"K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory");
if (ret < 0) if (ret < 0)
return ret; return ret;
return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len;
} }
/* /**
* crypt_s390_klmd:
* @func: the function code passed to KM; see crypt_s390_klmd_func
* @param: address of parameter block; see POP for details on each func
* @src: address of source memory area
* @src_len: length of src operand in bytes
*
* Executes the KLMD (COMPUTE LAST MESSAGE DIGEST) operation of the CPU. * Executes the KLMD (COMPUTE LAST MESSAGE DIGEST) operation of the CPU.
* @param func: the function code passed to KM; see crypt_s390_klmd_func *
* @param param: address of parameter block; see POP for details on each func * Returns -1 for failure, 0 for the query func, number of processed
* @param src: address of source memory area * bytes for digest funcs
* @param src_len: length of src operand in bytes
* @returns < zero for failure, 0 for the query func, number of processed bytes
* for digest funcs
*/ */
static inline int static inline int crypt_s390_klmd(long func, void *param,
crypt_s390_klmd(long func, void* param, const u8* src, long src_len) const u8 *src, long src_len)
{ {
register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; register long __func asm("0") = func & CRYPT_S390_FUNC_MASK;
register void* __param asm("1") = param; register void *__param asm("1") = param;
register const u8* __src asm("2") = src; register const u8 *__src asm("2") = src;
register long __src_len asm("3") = src_len; register long __src_len asm("3") = src_len;
int ret; int ret;
asm volatile( asm volatile(
"0: .insn rre,0xb93f0000,%1,%1 \n" /* KLMD opcode */ "0: .insn rre,0xb93f0000,%1,%1 \n" /* KLMD opcode */
"1: brc 1,0b \n" /* handle partial completion */ "1: brc 1,0b \n" /* handle partial completion */
" ahi %0,%h6\n" " la %0,0\n"
"2: ahi %0,%h7\n" "2:\n"
"3:\n" EX_TABLE(0b,2b) EX_TABLE(1b,2b)
EX_TABLE(0b,3b) EX_TABLE(1b,2b)
: "=d" (ret), "+a" (__src), "+d" (__src_len) : "=d" (ret), "+a" (__src), "+d" (__src_len)
: "d" (__func), "a" (__param), "0" (-EFAULT), : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory");
"K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory");
if (ret < 0) if (ret < 0)
return ret; return ret;
return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len;
} }
/* /**
* crypt_s390_kmac:
* @func: the function code passed to KM; see crypt_s390_klmd_func
* @param: address of parameter block; see POP for details on each func
* @src: address of source memory area
* @src_len: length of src operand in bytes
*
* Executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) operation * Executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE) operation
* of the CPU. * of the CPU.
* @param func: the function code passed to KM; see crypt_s390_klmd_func *
* @param param: address of parameter block; see POP for details on each func * Returns -1 for failure, 0 for the query func, number of processed
* @param src: address of source memory area * bytes for digest funcs
* @param src_len: length of src operand in bytes
* @returns < zero for failure, 0 for the query func, number of processed bytes
* for digest funcs
*/ */
static inline int static inline int crypt_s390_kmac(long func, void *param,
crypt_s390_kmac(long func, void* param, const u8* src, long src_len) const u8 *src, long src_len)
{ {
register long __func asm("0") = func & CRYPT_S390_FUNC_MASK; register long __func asm("0") = func & CRYPT_S390_FUNC_MASK;
register void* __param asm("1") = param; register void *__param asm("1") = param;
register const u8* __src asm("2") = src; register const u8 *__src asm("2") = src;
register long __src_len asm("3") = src_len; register long __src_len asm("3") = src_len;
int ret; int ret;
asm volatile( asm volatile(
"0: .insn rre,0xb91e0000,%1,%1 \n" /* KLAC opcode */ "0: .insn rre,0xb91e0000,%1,%1 \n" /* KLAC opcode */
"1: brc 1,0b \n" /* handle partial completion */ "1: brc 1,0b \n" /* handle partial completion */
" ahi %0,%h6\n" " la %0,0\n"
"2: ahi %0,%h7\n" "2:\n"
"3:\n" EX_TABLE(0b,2b) EX_TABLE(1b,2b)
EX_TABLE(0b,3b) EX_TABLE(1b,2b)
: "=d" (ret), "+a" (__src), "+d" (__src_len) : "=d" (ret), "+a" (__src), "+d" (__src_len)
: "d" (__func), "a" (__param), "0" (-EFAULT), : "d" (__func), "a" (__param), "0" (-1) : "cc", "memory");
"K" (ENOSYS), "K" (-ENOSYS + EFAULT) : "cc", "memory");
if (ret < 0) if (ret < 0)
return ret; return ret;
return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len; return (func & CRYPT_S390_FUNC_MASK) ? src_len - __src_len : __src_len;
} }
/** /**
* crypt_s390_func_available:
* @func: the function code of the specific function; 0 if op in general
*
* Tests if a specific crypto function is implemented on the machine. * Tests if a specific crypto function is implemented on the machine.
* @param func: the function code of the specific function; 0 if op in general *
* @return 1 if func available; 0 if func or op in general not available * Returns 1 if func available; 0 if func or op in general not available
*/ */
static inline int static inline int crypt_s390_func_available(int func)
crypt_s390_func_available(int func)
{ {
unsigned char status[16];
int ret; int ret;
struct crypt_s390_query_status status = { switch (func & CRYPT_S390_OP_MASK) {
.high = 0, case CRYPT_S390_KM:
.low = 0 ret = crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0);
}; break;
switch (func & CRYPT_S390_OP_MASK){ case CRYPT_S390_KMC:
case CRYPT_S390_KM: ret = crypt_s390_kmc(KMC_QUERY, &status, NULL, NULL, 0);
ret = crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0); break;
break; case CRYPT_S390_KIMD:
case CRYPT_S390_KMC: ret = crypt_s390_kimd(KIMD_QUERY, &status, NULL, 0);
ret = crypt_s390_kmc(KMC_QUERY, &status, NULL, NULL, 0); break;
break; case CRYPT_S390_KLMD:
case CRYPT_S390_KIMD: ret = crypt_s390_klmd(KLMD_QUERY, &status, NULL, 0);
ret = crypt_s390_kimd(KIMD_QUERY, &status, NULL, 0); break;
break; case CRYPT_S390_KMAC:
case CRYPT_S390_KLMD: ret = crypt_s390_kmac(KMAC_QUERY, &status, NULL, 0);
ret = crypt_s390_klmd(KLMD_QUERY, &status, NULL, 0); break;
break; default:
case CRYPT_S390_KMAC: return 0;
ret = crypt_s390_kmac(KMAC_QUERY, &status, NULL, 0);
break;
default:
ret = 0;
return ret;
}
if (ret >= 0){
func &= CRYPT_S390_FUNC_MASK;
func &= 0x7f; //mask modifier bit
if (func < 64){
ret = (status.high >> (64 - func - 1)) & 0x1;
} else {
ret = (status.low >> (128 - func - 1)) & 0x1;
}
} else {
ret = 0;
} }
return ret; if (ret < 0)
return 0;
func &= CRYPT_S390_FUNC_MASK;
func &= 0x7f; /* mask modifier bit */
return (status[func >> 3] & (0x80 >> (func & 7))) != 0;
} }
#endif // _CRYPTO_ARCH_S390_CRYPT_S390_H #endif /* _CRYPTO_ARCH_S390_CRYPT_S390_H */
/*
* Cryptographic API.
*
* Support for s390 cryptographic instructions.
* Testing module for querying processor crypto capabilities.
*
* Copyright (c) 2003 IBM Deutschland Entwicklung GmbH, IBM Corporation
* Author(s): Thomas Spatzier (tspat@de.ibm.com)
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
*/
#include <linux/module.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <asm/errno.h>
#include "crypt_s390.h"
static void query_available_functions(void)
{
printk(KERN_INFO "#####################\n");
/* query available KM functions */
printk(KERN_INFO "KM_QUERY: %d\n",
crypt_s390_func_available(KM_QUERY));
printk(KERN_INFO "KM_DEA: %d\n",
crypt_s390_func_available(KM_DEA_ENCRYPT));
printk(KERN_INFO "KM_TDEA_128: %d\n",
crypt_s390_func_available(KM_TDEA_128_ENCRYPT));
printk(KERN_INFO "KM_TDEA_192: %d\n",
crypt_s390_func_available(KM_TDEA_192_ENCRYPT));
printk(KERN_INFO "KM_AES_128: %d\n",
crypt_s390_func_available(KM_AES_128_ENCRYPT));
printk(KERN_INFO "KM_AES_192: %d\n",
crypt_s390_func_available(KM_AES_192_ENCRYPT));
printk(KERN_INFO "KM_AES_256: %d\n",
crypt_s390_func_available(KM_AES_256_ENCRYPT));
/* query available KMC functions */
printk(KERN_INFO "KMC_QUERY: %d\n",
crypt_s390_func_available(KMC_QUERY));
printk(KERN_INFO "KMC_DEA: %d\n",
crypt_s390_func_available(KMC_DEA_ENCRYPT));
printk(KERN_INFO "KMC_TDEA_128: %d\n",
crypt_s390_func_available(KMC_TDEA_128_ENCRYPT));
printk(KERN_INFO "KMC_TDEA_192: %d\n",
crypt_s390_func_available(KMC_TDEA_192_ENCRYPT));
printk(KERN_INFO "KMC_AES_128: %d\n",
crypt_s390_func_available(KMC_AES_128_ENCRYPT));
printk(KERN_INFO "KMC_AES_192: %d\n",
crypt_s390_func_available(KMC_AES_192_ENCRYPT));
printk(KERN_INFO "KMC_AES_256: %d\n",
crypt_s390_func_available(KMC_AES_256_ENCRYPT));
/* query available KIMD functions */
printk(KERN_INFO "KIMD_QUERY: %d\n",
crypt_s390_func_available(KIMD_QUERY));
printk(KERN_INFO "KIMD_SHA_1: %d\n",
crypt_s390_func_available(KIMD_SHA_1));
printk(KERN_INFO "KIMD_SHA_256: %d\n",
crypt_s390_func_available(KIMD_SHA_256));
/* query available KLMD functions */
printk(KERN_INFO "KLMD_QUERY: %d\n",
crypt_s390_func_available(KLMD_QUERY));
printk(KERN_INFO "KLMD_SHA_1: %d\n",
crypt_s390_func_available(KLMD_SHA_1));
printk(KERN_INFO "KLMD_SHA_256: %d\n",
crypt_s390_func_available(KLMD_SHA_256));
/* query available KMAC functions */
printk(KERN_INFO "KMAC_QUERY: %d\n",
crypt_s390_func_available(KMAC_QUERY));
printk(KERN_INFO "KMAC_DEA: %d\n",
crypt_s390_func_available(KMAC_DEA));
printk(KERN_INFO "KMAC_TDEA_128: %d\n",
crypt_s390_func_available(KMAC_TDEA_128));
printk(KERN_INFO "KMAC_TDEA_192: %d\n",
crypt_s390_func_available(KMAC_TDEA_192));
}
static int init(void)
{
struct crypt_s390_query_status status = {
.high = 0,
.low = 0
};
printk(KERN_INFO "crypt_s390: querying available crypto functions\n");
crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0);
printk(KERN_INFO "KM:\t%016llx %016llx\n",
(unsigned long long) status.high,
(unsigned long long) status.low);
status.high = status.low = 0;
crypt_s390_kmc(KMC_QUERY, &status, NULL, NULL, 0);
printk(KERN_INFO "KMC:\t%016llx %016llx\n",
(unsigned long long) status.high,
(unsigned long long) status.low);
status.high = status.low = 0;
crypt_s390_kimd(KIMD_QUERY, &status, NULL, 0);
printk(KERN_INFO "KIMD:\t%016llx %016llx\n",
(unsigned long long) status.high,
(unsigned long long) status.low);
status.high = status.low = 0;
crypt_s390_klmd(KLMD_QUERY, &status, NULL, 0);
printk(KERN_INFO "KLMD:\t%016llx %016llx\n",
(unsigned long long) status.high,
(unsigned long long) status.low);
status.high = status.low = 0;
crypt_s390_kmac(KMAC_QUERY, &status, NULL, 0);
printk(KERN_INFO "KMAC:\t%016llx %016llx\n",
(unsigned long long) status.high,
(unsigned long long) status.low);
query_available_functions();
return -ECANCELED;
}
static void __exit cleanup(void)
{
}
module_init(init);
module_exit(cleanup);
MODULE_LICENSE("GPL");
...@@ -10,8 +10,9 @@ ...@@ -10,8 +10,9 @@
* scatterlist interface. Changed LGPL to GPL per section 3 of the LGPL. * scatterlist interface. Changed LGPL to GPL per section 3 of the LGPL.
* *
* s390 Version: * s390 Version:
* Copyright (C) 2003 IBM Deutschland GmbH, IBM Corporation * Copyright IBM Corp. 2003
* Author(s): Thomas Spatzier (tspat@de.ibm.com) * Author(s): Thomas Spatzier
* Jan Glauber (jan.glauber@de.ibm.com)
* *
* Derived from "crypto/des.c" * Derived from "crypto/des.c"
* Copyright (c) 1992 Dana L. How. * Copyright (c) 1992 Dana L. How.
......
...@@ -3,9 +3,9 @@ ...@@ -3,9 +3,9 @@
* *
* s390 implementation of the DES Cipher Algorithm. * s390 implementation of the DES Cipher Algorithm.
* *
* Copyright (c) 2003 IBM Deutschland Entwicklung GmbH, IBM Corporation * Copyright IBM Corp. 2003,2007
* Author(s): Thomas Spatzier (tspat@de.ibm.com) * Author(s): Thomas Spatzier
* * Jan Glauber (jan.glauber@de.ibm.com)
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
...@@ -557,7 +557,7 @@ static int init(void) ...@@ -557,7 +557,7 @@ static int init(void)
if (!crypt_s390_func_available(KM_DEA_ENCRYPT) || if (!crypt_s390_func_available(KM_DEA_ENCRYPT) ||
!crypt_s390_func_available(KM_TDEA_128_ENCRYPT) || !crypt_s390_func_available(KM_TDEA_128_ENCRYPT) ||
!crypt_s390_func_available(KM_TDEA_192_ENCRYPT)) !crypt_s390_func_available(KM_TDEA_192_ENCRYPT))
return -ENOSYS; return -EOPNOTSUPP;
ret = crypto_register_alg(&des_alg); ret = crypto_register_alg(&des_alg);
if (ret) if (ret)
......
...@@ -8,8 +8,9 @@ ...@@ -8,8 +8,9 @@
* implementation written by Steve Reid. * implementation written by Steve Reid.
* *
* s390 Version: * s390 Version:
* Copyright (C) 2003 IBM Deutschland GmbH, IBM Corporation * Copyright IBM Corp. 2003,2007
* Author(s): Thomas Spatzier (tspat@de.ibm.com) * Author(s): Thomas Spatzier
* Jan Glauber (jan.glauber@de.ibm.com)
* *
* Derived from "crypto/sha1.c" * Derived from "crypto/sha1.c"
* Copyright (c) Alan Smithee. * Copyright (c) Alan Smithee.
...@@ -43,16 +44,14 @@ struct crypt_s390_sha1_ctx { ...@@ -43,16 +44,14 @@ struct crypt_s390_sha1_ctx {
static void sha1_init(struct crypto_tfm *tfm) static void sha1_init(struct crypto_tfm *tfm)
{ {
struct crypt_s390_sha1_ctx *ctx = crypto_tfm_ctx(tfm); struct crypt_s390_sha1_ctx *ctx = crypto_tfm_ctx(tfm);
static const u32 initstate[5] = {
0x67452301, ctx->state[0] = 0x67452301;
0xEFCDAB89, ctx->state[1] = 0xEFCDAB89;
0x98BADCFE, ctx->state[2] = 0x98BADCFE;
0x10325476, ctx->state[3] = 0x10325476;
0xC3D2E1F0 ctx->state[4] = 0xC3D2E1F0;
};
ctx->count = 0; ctx->count = 0;
memcpy(ctx->state, &initstate, sizeof(initstate));
ctx->buf_len = 0; ctx->buf_len = 0;
} }
...@@ -63,13 +62,13 @@ static void sha1_update(struct crypto_tfm *tfm, const u8 *data, ...@@ -63,13 +62,13 @@ static void sha1_update(struct crypto_tfm *tfm, const u8 *data,
long imd_len; long imd_len;
sctx = crypto_tfm_ctx(tfm); sctx = crypto_tfm_ctx(tfm);
sctx->count += len * 8; //message bit length sctx->count += len * 8; /* message bit length */
//anything in buffer yet? -> must be completed /* anything in buffer yet? -> must be completed */
if (sctx->buf_len && (sctx->buf_len + len) >= SHA1_BLOCK_SIZE) { if (sctx->buf_len && (sctx->buf_len + len) >= SHA1_BLOCK_SIZE) {
//complete full block and hash /* complete full block and hash */
memcpy(sctx->buffer + sctx->buf_len, data, memcpy(sctx->buffer + sctx->buf_len, data,
SHA1_BLOCK_SIZE - sctx->buf_len); SHA1_BLOCK_SIZE - sctx->buf_len);
crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer, crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer,
SHA1_BLOCK_SIZE); SHA1_BLOCK_SIZE);
data += SHA1_BLOCK_SIZE - sctx->buf_len; data += SHA1_BLOCK_SIZE - sctx->buf_len;
...@@ -77,37 +76,36 @@ static void sha1_update(struct crypto_tfm *tfm, const u8 *data, ...@@ -77,37 +76,36 @@ static void sha1_update(struct crypto_tfm *tfm, const u8 *data,
sctx->buf_len = 0; sctx->buf_len = 0;
} }
//rest of data contains full blocks? /* rest of data contains full blocks? */
imd_len = len & ~0x3ful; imd_len = len & ~0x3ful;
if (imd_len){ if (imd_len) {
crypt_s390_kimd(KIMD_SHA_1, sctx->state, data, imd_len); crypt_s390_kimd(KIMD_SHA_1, sctx->state, data, imd_len);
data += imd_len; data += imd_len;
len -= imd_len; len -= imd_len;
} }
//anything left? store in buffer /* anything left? store in buffer */
if (len){ if (len) {
memcpy(sctx->buffer + sctx->buf_len , data, len); memcpy(sctx->buffer + sctx->buf_len , data, len);
sctx->buf_len += len; sctx->buf_len += len;
} }
} }
static void static void pad_message(struct crypt_s390_sha1_ctx* sctx)
pad_message(struct crypt_s390_sha1_ctx* sctx)
{ {
int index; int index;
index = sctx->buf_len; index = sctx->buf_len;
sctx->buf_len = (sctx->buf_len < 56)? sctx->buf_len = (sctx->buf_len < 56) ?
SHA1_BLOCK_SIZE:2 * SHA1_BLOCK_SIZE; SHA1_BLOCK_SIZE:2 * SHA1_BLOCK_SIZE;
//start pad with 1 /* start pad with 1 */
sctx->buffer[index] = 0x80; sctx->buffer[index] = 0x80;
//pad with zeros /* pad with zeros */
index++; index++;
memset(sctx->buffer + index, 0x00, sctx->buf_len - index); memset(sctx->buffer + index, 0x00, sctx->buf_len - index);
//append length /* append length */
memcpy(sctx->buffer + sctx->buf_len - 8, &sctx->count, memcpy(sctx->buffer + sctx->buf_len - 8, &sctx->count,
sizeof sctx->count); sizeof sctx->count);
} }
/* Add padding and return the message digest. */ /* Add padding and return the message digest. */
...@@ -115,47 +113,40 @@ static void sha1_final(struct crypto_tfm *tfm, u8 *out) ...@@ -115,47 +113,40 @@ static void sha1_final(struct crypto_tfm *tfm, u8 *out)
{ {
struct crypt_s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm); struct crypt_s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);
//must perform manual padding /* must perform manual padding */
pad_message(sctx); pad_message(sctx);
crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer, sctx->buf_len); crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer, sctx->buf_len);
//copy digest to out /* copy digest to out */
memcpy(out, sctx->state, SHA1_DIGEST_SIZE); memcpy(out, sctx->state, SHA1_DIGEST_SIZE);
/* Wipe context */ /* wipe context */
memset(sctx, 0, sizeof *sctx); memset(sctx, 0, sizeof *sctx);
} }
static struct crypto_alg alg = { static struct crypto_alg alg = {
.cra_name = "sha1", .cra_name = "sha1",
.cra_driver_name = "sha1-s390", .cra_driver_name= "sha1-s390",
.cra_priority = CRYPT_S390_PRIORITY, .cra_priority = CRYPT_S390_PRIORITY,
.cra_flags = CRYPTO_ALG_TYPE_DIGEST, .cra_flags = CRYPTO_ALG_TYPE_DIGEST,
.cra_blocksize = SHA1_BLOCK_SIZE, .cra_blocksize = SHA1_BLOCK_SIZE,
.cra_ctxsize = sizeof(struct crypt_s390_sha1_ctx), .cra_ctxsize = sizeof(struct crypt_s390_sha1_ctx),
.cra_module = THIS_MODULE, .cra_module = THIS_MODULE,
.cra_list = LIST_HEAD_INIT(alg.cra_list), .cra_list = LIST_HEAD_INIT(alg.cra_list),
.cra_u = { .digest = { .cra_u = { .digest = {
.dia_digestsize = SHA1_DIGEST_SIZE, .dia_digestsize = SHA1_DIGEST_SIZE,
.dia_init = sha1_init, .dia_init = sha1_init,
.dia_update = sha1_update, .dia_update = sha1_update,
.dia_final = sha1_final } } .dia_final = sha1_final } }
}; };
static int static int __init init(void)
init(void)
{ {
int ret = -ENOSYS; if (!crypt_s390_func_available(KIMD_SHA_1))
return -EOPNOTSUPP;
if (crypt_s390_func_available(KIMD_SHA_1)){ return crypto_register_alg(&alg);
ret = crypto_register_alg(&alg);
if (ret == 0){
printk(KERN_INFO "crypt_s390: sha1_s390 loaded.\n");
}
}
return ret;
} }
static void __exit static void __exit fini(void)
fini(void)
{ {
crypto_unregister_alg(&alg); crypto_unregister_alg(&alg);
} }
......
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
* s390 implementation of the SHA256 Secure Hash Algorithm. * s390 implementation of the SHA256 Secure Hash Algorithm.
* *
* s390 Version: * s390 Version:
* Copyright (C) 2005 IBM Deutschland GmbH, IBM Corporation * Copyright IBM Corp. 2005,2007
* Author(s): Jan Glauber (jang@de.ibm.com) * Author(s): Jan Glauber (jang@de.ibm.com)
* *
* Derived from "crypto/sha256.c" * Derived from "crypto/sha256.c"
...@@ -143,15 +143,10 @@ static struct crypto_alg alg = { ...@@ -143,15 +143,10 @@ static struct crypto_alg alg = {
static int init(void) static int init(void)
{ {
int ret;
if (!crypt_s390_func_available(KIMD_SHA_256)) if (!crypt_s390_func_available(KIMD_SHA_256))
return -ENOSYS; return -EOPNOTSUPP;
ret = crypto_register_alg(&alg); return crypto_register_alg(&alg);
if (ret != 0)
printk(KERN_INFO "crypt_s390: sha256_s390 couldn't be loaded.");
return ret;
} }
static void __exit fini(void) static void __exit fini(void)
......
...@@ -724,9 +724,7 @@ CONFIG_CRYPTO_MANAGER=y ...@@ -724,9 +724,7 @@ CONFIG_CRYPTO_MANAGER=y
# CONFIG_CRYPTO_MD4 is not set # CONFIG_CRYPTO_MD4 is not set
# CONFIG_CRYPTO_MD5 is not set # CONFIG_CRYPTO_MD5 is not set
# CONFIG_CRYPTO_SHA1 is not set # CONFIG_CRYPTO_SHA1 is not set
# CONFIG_CRYPTO_SHA1_S390 is not set
# CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA256 is not set
# CONFIG_CRYPTO_SHA256_S390 is not set
# CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_SHA512 is not set
# CONFIG_CRYPTO_WP512 is not set # CONFIG_CRYPTO_WP512 is not set
# CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_TGR192 is not set
...@@ -735,12 +733,10 @@ CONFIG_CRYPTO_ECB=m ...@@ -735,12 +733,10 @@ CONFIG_CRYPTO_ECB=m
CONFIG_CRYPTO_CBC=y CONFIG_CRYPTO_CBC=y
# CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_LRW is not set
# CONFIG_CRYPTO_DES is not set # CONFIG_CRYPTO_DES is not set
# CONFIG_CRYPTO_DES_S390 is not set
# CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_BLOWFISH is not set
# CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH is not set
# CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_SERPENT is not set
# CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES is not set
# CONFIG_CRYPTO_AES_S390 is not set
# CONFIG_CRYPTO_CAST5 is not set # CONFIG_CRYPTO_CAST5 is not set
# CONFIG_CRYPTO_CAST6 is not set # CONFIG_CRYPTO_CAST6 is not set
# CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TEA is not set
...@@ -755,6 +751,10 @@ CONFIG_CRYPTO_CBC=y ...@@ -755,6 +751,10 @@ CONFIG_CRYPTO_CBC=y
# #
# Hardware crypto devices # Hardware crypto devices
# #
# CONFIG_CRYPTO_SHA1_S390 is not set
# CONFIG_CRYPTO_SHA256_S390 is not set
# CONFIG_CRYPTO_DES_S390 is not set
# CONFIG_CRYPTO_AES_S390 is not set
# #
# Library routines # Library routines
......
...@@ -74,14 +74,6 @@ config CRYPTO_SHA1 ...@@ -74,14 +74,6 @@ config CRYPTO_SHA1
help help
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
config CRYPTO_SHA1_S390
tristate "SHA1 digest algorithm (s390)"
depends on S390
select CRYPTO_ALGAPI
help
This is the s390 hardware accelerated implementation of the
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).
config CRYPTO_SHA256 config CRYPTO_SHA256
tristate "SHA256 digest algorithm" tristate "SHA256 digest algorithm"
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
...@@ -91,17 +83,6 @@ config CRYPTO_SHA256 ...@@ -91,17 +83,6 @@ config CRYPTO_SHA256
This version of SHA implements a 256 bit hash with 128 bits of This version of SHA implements a 256 bit hash with 128 bits of
security against collision attacks. security against collision attacks.
config CRYPTO_SHA256_S390
tristate "SHA256 digest algorithm (s390)"
depends on S390
select CRYPTO_ALGAPI
help
This is the s390 hardware accelerated implementation of the
SHA256 secure hash standard (DFIPS 180-2).
This version of SHA implements a 256 bit hash with 128 bits of
security against collision attacks.
config CRYPTO_SHA512 config CRYPTO_SHA512
tristate "SHA384 and SHA512 digest algorithms" tristate "SHA384 and SHA512 digest algorithms"
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
...@@ -187,14 +168,6 @@ config CRYPTO_DES ...@@ -187,14 +168,6 @@ config CRYPTO_DES
help help
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3). DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
config CRYPTO_DES_S390
tristate "DES and Triple DES cipher algorithms (s390)"
depends on S390
select CRYPTO_ALGAPI
select CRYPTO_BLKCIPHER
help
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
config CRYPTO_BLOWFISH config CRYPTO_BLOWFISH
tristate "Blowfish cipher algorithm" tristate "Blowfish cipher algorithm"
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
...@@ -336,28 +309,6 @@ config CRYPTO_AES_X86_64 ...@@ -336,28 +309,6 @@ config CRYPTO_AES_X86_64
See <http://csrc.nist.gov/encryption/aes/> for more information. See <http://csrc.nist.gov/encryption/aes/> for more information.
config CRYPTO_AES_S390
tristate "AES cipher algorithms (s390)"
depends on S390
select CRYPTO_ALGAPI
select CRYPTO_BLKCIPHER
help
This is the s390 hardware accelerated implementation of the
AES cipher algorithms (FIPS-197). AES uses the Rijndael
algorithm.
Rijndael appears to be consistently a very good performer in
both hardware and software across a wide range of computing
environments regardless of its use in feedback or non-feedback
modes. Its key setup time is excellent, and its key agility is
good. Rijndael's very low memory requirements make it very well
suited for restricted-space environments, in which it also
demonstrates excellent performance. Rijndael's operations are
among the easiest to defend against power and timing attacks.
On s390 the System z9-109 currently only supports the key size
of 128 bit.
config CRYPTO_CAST5 config CRYPTO_CAST5
tristate "CAST5 (CAST-128) cipher algorithm" tristate "CAST5 (CAST-128) cipher algorithm"
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment