1 | /* |
2 | * This file is part of the Chelsio T6 Crypto driver for Linux. |
3 | * |
4 | * Copyright (c) 2003-2016 Chelsio Communications, Inc. All rights reserved. |
5 | * |
6 | * This software is available to you under a choice of one of two |
7 | * licenses. You may choose to be licensed under the terms of the GNU |
8 | * General Public License (GPL) Version 2, available from the file |
9 | * COPYING in the main directory of this source tree, or the |
10 | * OpenIB.org BSD license below: |
11 | * |
12 | * Redistribution and use in source and binary forms, with or |
13 | * without modification, are permitted provided that the following |
14 | * conditions are met: |
15 | * |
16 | * - Redistributions of source code must retain the above |
17 | * copyright notice, this list of conditions and the following |
18 | * disclaimer. |
19 | * |
20 | * - Redistributions in binary form must reproduce the above |
21 | * copyright notice, this list of conditions and the following |
22 | * disclaimer in the documentation and/or other materials |
23 | * provided with the distribution. |
24 | * |
25 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, |
26 | * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
27 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND |
28 | * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS |
29 | * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
30 | * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN |
31 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
32 | * SOFTWARE. |
33 | * |
34 | */ |
35 | |
36 | #ifndef __CHCR_ALGO_H__ |
37 | #define __CHCR_ALGO_H__ |
38 | |
39 | /* Crypto key context */ |
40 | #define KEY_CONTEXT_CTX_LEN_S 24 |
41 | #define KEY_CONTEXT_CTX_LEN_M 0xff |
42 | #define KEY_CONTEXT_CTX_LEN_V(x) ((x) << KEY_CONTEXT_CTX_LEN_S) |
43 | #define KEY_CONTEXT_CTX_LEN_G(x) \ |
44 | (((x) >> KEY_CONTEXT_CTX_LEN_S) & KEY_CONTEXT_CTX_LEN_M) |
45 | |
46 | #define KEY_CONTEXT_DUAL_CK_S 12 |
47 | #define KEY_CONTEXT_DUAL_CK_M 0x1 |
48 | #define KEY_CONTEXT_DUAL_CK_V(x) ((x) << KEY_CONTEXT_DUAL_CK_S) |
49 | #define KEY_CONTEXT_DUAL_CK_G(x) \ |
50 | (((x) >> KEY_CONTEXT_DUAL_CK_S) & KEY_CONTEXT_DUAL_CK_M) |
51 | #define KEY_CONTEXT_DUAL_CK_F KEY_CONTEXT_DUAL_CK_V(1U) |
52 | |
53 | #define KEY_CONTEXT_SALT_PRESENT_S 10 |
54 | #define KEY_CONTEXT_SALT_PRESENT_M 0x1 |
55 | #define KEY_CONTEXT_SALT_PRESENT_V(x) ((x) << KEY_CONTEXT_SALT_PRESENT_S) |
56 | #define KEY_CONTEXT_SALT_PRESENT_G(x) \ |
57 | (((x) >> KEY_CONTEXT_SALT_PRESENT_S) & \ |
58 | KEY_CONTEXT_SALT_PRESENT_M) |
59 | #define KEY_CONTEXT_SALT_PRESENT_F KEY_CONTEXT_SALT_PRESENT_V(1U) |
60 | |
61 | #define KEY_CONTEXT_VALID_S 0 |
62 | #define KEY_CONTEXT_VALID_M 0x1 |
63 | #define KEY_CONTEXT_VALID_V(x) ((x) << KEY_CONTEXT_VALID_S) |
64 | #define KEY_CONTEXT_VALID_G(x) \ |
65 | (((x) >> KEY_CONTEXT_VALID_S) & \ |
66 | KEY_CONTEXT_VALID_M) |
67 | #define KEY_CONTEXT_VALID_F KEY_CONTEXT_VALID_V(1U) |
68 | |
69 | #define KEY_CONTEXT_CK_SIZE_S 6 |
70 | #define KEY_CONTEXT_CK_SIZE_M 0xf |
71 | #define KEY_CONTEXT_CK_SIZE_V(x) ((x) << KEY_CONTEXT_CK_SIZE_S) |
72 | #define KEY_CONTEXT_CK_SIZE_G(x) \ |
73 | (((x) >> KEY_CONTEXT_CK_SIZE_S) & KEY_CONTEXT_CK_SIZE_M) |
74 | |
75 | #define KEY_CONTEXT_MK_SIZE_S 2 |
76 | #define KEY_CONTEXT_MK_SIZE_M 0xf |
77 | #define KEY_CONTEXT_MK_SIZE_V(x) ((x) << KEY_CONTEXT_MK_SIZE_S) |
78 | #define KEY_CONTEXT_MK_SIZE_G(x) \ |
79 | (((x) >> KEY_CONTEXT_MK_SIZE_S) & KEY_CONTEXT_MK_SIZE_M) |
80 | |
81 | #define KEY_CONTEXT_OPAD_PRESENT_S 11 |
82 | #define KEY_CONTEXT_OPAD_PRESENT_M 0x1 |
83 | #define KEY_CONTEXT_OPAD_PRESENT_V(x) ((x) << KEY_CONTEXT_OPAD_PRESENT_S) |
84 | #define KEY_CONTEXT_OPAD_PRESENT_G(x) \ |
85 | (((x) >> KEY_CONTEXT_OPAD_PRESENT_S) & \ |
86 | KEY_CONTEXT_OPAD_PRESENT_M) |
87 | #define KEY_CONTEXT_OPAD_PRESENT_F KEY_CONTEXT_OPAD_PRESENT_V(1U) |
88 | |
89 | #define CHCR_HASH_MAX_DIGEST_SIZE 64 |
90 | #define CHCR_MAX_SHA_DIGEST_SIZE 64 |
91 | |
92 | #define IPSEC_TRUNCATED_ICV_SIZE 12 |
93 | #define TLS_TRUNCATED_HMAC_SIZE 10 |
94 | #define CBCMAC_DIGEST_SIZE 16 |
95 | #define MAX_HASH_NAME 20 |
96 | |
97 | #define SHA1_INIT_STATE_5X4B 5 |
98 | #define SHA256_INIT_STATE_8X4B 8 |
99 | #define SHA512_INIT_STATE_8X8B 8 |
100 | #define SHA1_INIT_STATE SHA1_INIT_STATE_5X4B |
101 | #define SHA224_INIT_STATE SHA256_INIT_STATE_8X4B |
102 | #define SHA256_INIT_STATE SHA256_INIT_STATE_8X4B |
103 | #define SHA384_INIT_STATE SHA512_INIT_STATE_8X8B |
104 | #define SHA512_INIT_STATE SHA512_INIT_STATE_8X8B |
105 | |
106 | #define DUMMY_BYTES 16 |
107 | |
108 | #define IPAD_DATA 0x36363636 |
109 | #define OPAD_DATA 0x5c5c5c5c |
110 | |
111 | #define TRANSHDR_SIZE(kctx_len)\ |
112 | (sizeof(struct chcr_wr) +\ |
113 | kctx_len) |
114 | #define CIPHER_TRANSHDR_SIZE(kctx_len, sge_pairs) \ |
115 | (TRANSHDR_SIZE((kctx_len)) + (sge_pairs) +\ |
116 | sizeof(struct cpl_rx_phys_dsgl) + AES_BLOCK_SIZE) |
117 | #define HASH_TRANSHDR_SIZE(kctx_len)\ |
118 | (TRANSHDR_SIZE(kctx_len) + DUMMY_BYTES) |
119 | |
120 | |
121 | #define FILL_SEC_CPL_OP_IVINSR(id, len, ofst) \ |
122 | htonl( \ |
123 | CPL_TX_SEC_PDU_OPCODE_V(CPL_TX_SEC_PDU) | \ |
124 | CPL_TX_SEC_PDU_RXCHID_V((id)) | \ |
125 | CPL_TX_SEC_PDU_ACKFOLLOWS_V(0) | \ |
126 | CPL_TX_SEC_PDU_ULPTXLPBK_V(1) | \ |
127 | CPL_TX_SEC_PDU_CPLLEN_V((len)) | \ |
128 | CPL_TX_SEC_PDU_PLACEHOLDER_V(0) | \ |
129 | CPL_TX_SEC_PDU_IVINSRTOFST_V((ofst))) |
130 | |
131 | #define FILL_SEC_CPL_CIPHERSTOP_HI(a_start, a_stop, c_start, c_stop_hi) \ |
132 | htonl( \ |
133 | CPL_TX_SEC_PDU_AADSTART_V((a_start)) | \ |
134 | CPL_TX_SEC_PDU_AADSTOP_V((a_stop)) | \ |
135 | CPL_TX_SEC_PDU_CIPHERSTART_V((c_start)) | \ |
136 | CPL_TX_SEC_PDU_CIPHERSTOP_HI_V((c_stop_hi))) |
137 | |
138 | #define FILL_SEC_CPL_AUTHINSERT(c_stop_lo, a_start, a_stop, a_inst) \ |
139 | htonl( \ |
140 | CPL_TX_SEC_PDU_CIPHERSTOP_LO_V((c_stop_lo)) | \ |
141 | CPL_TX_SEC_PDU_AUTHSTART_V((a_start)) | \ |
142 | CPL_TX_SEC_PDU_AUTHSTOP_V((a_stop)) | \ |
143 | CPL_TX_SEC_PDU_AUTHINSERT_V((a_inst))) |
144 | |
145 | #define FILL_SEC_CPL_SCMD0_SEQNO(ctrl, seq, cmode, amode, opad, size) \ |
146 | htonl( \ |
147 | SCMD_SEQ_NO_CTRL_V(0) | \ |
148 | SCMD_STATUS_PRESENT_V(0) | \ |
149 | SCMD_PROTO_VERSION_V(CHCR_SCMD_PROTO_VERSION_GENERIC) | \ |
150 | SCMD_ENC_DEC_CTRL_V((ctrl)) | \ |
151 | SCMD_CIPH_AUTH_SEQ_CTRL_V((seq)) | \ |
152 | SCMD_CIPH_MODE_V((cmode)) | \ |
153 | SCMD_AUTH_MODE_V((amode)) | \ |
154 | SCMD_HMAC_CTRL_V((opad)) | \ |
155 | SCMD_IV_SIZE_V((size)) | \ |
156 | SCMD_NUM_IVS_V(0)) |
157 | |
158 | #define FILL_SEC_CPL_IVGEN_HDRLEN(last, more, ctx_in, mac, ivdrop, len) htonl( \ |
159 | SCMD_ENB_DBGID_V(0) | \ |
160 | SCMD_IV_GEN_CTRL_V(0) | \ |
161 | SCMD_LAST_FRAG_V((last)) | \ |
162 | SCMD_MORE_FRAGS_V((more)) | \ |
163 | SCMD_TLS_COMPPDU_V(0) | \ |
164 | SCMD_KEY_CTX_INLINE_V((ctx_in)) | \ |
165 | SCMD_TLS_FRAG_ENABLE_V(0) | \ |
166 | SCMD_MAC_ONLY_V((mac)) | \ |
167 | SCMD_AADIVDROP_V((ivdrop)) | \ |
168 | SCMD_HDR_LEN_V((len))) |
169 | |
170 | #define FILL_KEY_CTX_HDR(ck_size, mk_size, d_ck, opad, ctx_len) \ |
171 | htonl(KEY_CONTEXT_VALID_V(1) | \ |
172 | KEY_CONTEXT_CK_SIZE_V((ck_size)) | \ |
173 | KEY_CONTEXT_MK_SIZE_V(mk_size) | \ |
174 | KEY_CONTEXT_DUAL_CK_V((d_ck)) | \ |
175 | KEY_CONTEXT_OPAD_PRESENT_V((opad)) | \ |
176 | KEY_CONTEXT_SALT_PRESENT_V(1) | \ |
177 | KEY_CONTEXT_CTX_LEN_V((ctx_len))) |
178 | |
179 | #define FILL_KEY_CRX_HDR(ck_size, mk_size, d_ck, opad, ctx_len) \ |
180 | htonl(TLS_KEYCTX_RXMK_SIZE_V(mk_size) | \ |
181 | TLS_KEYCTX_RXCK_SIZE_V(ck_size) | \ |
182 | TLS_KEYCTX_RX_VALID_V(1) | \ |
183 | TLS_KEYCTX_RX_SEQCTR_V(3) | \ |
184 | TLS_KEYCTX_RXAUTH_MODE_V(4) | \ |
185 | TLS_KEYCTX_RXCIPH_MODE_V(2) | \ |
186 | TLS_KEYCTX_RXFLIT_CNT_V((ctx_len))) |
187 | |
188 | #define FILL_WR_OP_CCTX_SIZE \ |
189 | htonl( \ |
190 | FW_CRYPTO_LOOKASIDE_WR_OPCODE_V( \ |
191 | FW_CRYPTO_LOOKASIDE_WR) | \ |
192 | FW_CRYPTO_LOOKASIDE_WR_COMPL_V(0) | \ |
193 | FW_CRYPTO_LOOKASIDE_WR_IMM_LEN_V((0)) | \ |
194 | FW_CRYPTO_LOOKASIDE_WR_CCTX_LOC_V(0) | \ |
195 | FW_CRYPTO_LOOKASIDE_WR_CCTX_SIZE_V(0)) |
196 | |
197 | #define FILL_WR_RX_Q_ID(cid, qid, lcb, fid) \ |
198 | htonl( \ |
199 | FW_CRYPTO_LOOKASIDE_WR_RX_CHID_V((cid)) | \ |
200 | FW_CRYPTO_LOOKASIDE_WR_RX_Q_ID_V((qid)) | \ |
201 | FW_CRYPTO_LOOKASIDE_WR_LCB_V((lcb)) | \ |
202 | FW_CRYPTO_LOOKASIDE_WR_IV_V((IV_NOP)) | \ |
203 | FW_CRYPTO_LOOKASIDE_WR_FQIDX_V(fid)) |
204 | |
205 | #define FILL_ULPTX_CMD_DEST(cid, qid) \ |
206 | htonl(ULPTX_CMD_V(ULP_TX_PKT) | \ |
207 | ULP_TXPKT_DEST_V(0) | \ |
208 | ULP_TXPKT_DATAMODIFY_V(0) | \ |
209 | ULP_TXPKT_CHANNELID_V((cid)) | \ |
210 | ULP_TXPKT_RO_V(1) | \ |
211 | ULP_TXPKT_FID_V(qid)) |
212 | |
213 | #define KEYCTX_ALIGN_PAD(bs) ({unsigned int _bs = (bs);\ |
214 | _bs == SHA1_DIGEST_SIZE ? 12 : 0; }) |
215 | |
216 | #define FILL_PLD_SIZE_HASH_SIZE(payload_sgl_len, sgl_lengths, total_frags) \ |
217 | htonl(FW_CRYPTO_LOOKASIDE_WR_PLD_SIZE_V(payload_sgl_len ? \ |
218 | sgl_lengths[total_frags] : 0) |\ |
219 | FW_CRYPTO_LOOKASIDE_WR_HASH_SIZE_V(0)) |
220 | |
221 | #define FILL_LEN_PKD(calc_tx_flits_ofld, skb) \ |
222 | htonl(FW_CRYPTO_LOOKASIDE_WR_LEN16_V(DIV_ROUND_UP((\ |
223 | calc_tx_flits_ofld(skb) * 8), 16))) |
224 | |
225 | #define FILL_CMD_MORE(immdatalen) htonl(ULPTX_CMD_V(ULP_TX_SC_IMM) |\ |
226 | ULP_TX_SC_MORE_V((immdatalen))) |
227 | #define MAX_NK 8 |
228 | #define MAX_DSGL_ENT 32 |
229 | #define MIN_AUTH_SG 1 /* IV */ |
230 | #define MIN_GCM_SG 1 /* IV */ |
231 | #define MIN_DIGEST_SG 1 /*Partial Buffer*/ |
232 | #define MIN_CCM_SG 1 /*IV+B0*/ |
233 | #define CIP_SPACE_LEFT(len) \ |
234 | ((SGE_MAX_WR_LEN - CIP_WR_MIN_LEN - (len))) |
235 | #define HASH_SPACE_LEFT(len) \ |
236 | ((SGE_MAX_WR_LEN - HASH_WR_MIN_LEN - (len))) |
237 | |
238 | struct algo_param { |
239 | unsigned int auth_mode; |
240 | unsigned int mk_size; |
241 | unsigned int result_size; |
242 | }; |
243 | |
244 | struct hash_wr_param { |
245 | struct algo_param alg_prm; |
246 | unsigned int opad_needed; |
247 | unsigned int more; |
248 | unsigned int last; |
249 | unsigned int kctx_len; |
250 | unsigned int sg_len; |
251 | unsigned int bfr_len; |
252 | unsigned int hash_size; |
253 | u64 scmd1; |
254 | }; |
255 | |
256 | struct cipher_wr_param { |
257 | struct skcipher_request *req; |
258 | char *iv; |
259 | int bytes; |
260 | unsigned short qid; |
261 | }; |
262 | enum { |
263 | AES_KEYLENGTH_128BIT = 128, |
264 | AES_KEYLENGTH_192BIT = 192, |
265 | AES_KEYLENGTH_256BIT = 256 |
266 | }; |
267 | |
268 | enum { |
269 | KEYLENGTH_3BYTES = 3, |
270 | KEYLENGTH_4BYTES = 4, |
271 | KEYLENGTH_6BYTES = 6, |
272 | KEYLENGTH_8BYTES = 8 |
273 | }; |
274 | |
275 | enum { |
276 | NUMBER_OF_ROUNDS_10 = 10, |
277 | NUMBER_OF_ROUNDS_12 = 12, |
278 | NUMBER_OF_ROUNDS_14 = 14, |
279 | }; |
280 | |
281 | /* |
282 | * CCM defines values of 4, 6, 8, 10, 12, 14, and 16 octets, |
283 | * where they indicate the size of the integrity check value (ICV) |
284 | */ |
285 | enum { |
286 | ICV_4 = 4, |
287 | ICV_6 = 6, |
288 | ICV_8 = 8, |
289 | ICV_10 = 10, |
290 | ICV_12 = 12, |
291 | ICV_13 = 13, |
292 | ICV_14 = 14, |
293 | ICV_15 = 15, |
294 | ICV_16 = 16 |
295 | }; |
296 | |
297 | struct phys_sge_pairs { |
298 | __be16 len[8]; |
299 | __be64 addr[8]; |
300 | }; |
301 | |
302 | |
303 | static const u32 chcr_sha1_init[SHA1_DIGEST_SIZE / 4] = { |
304 | SHA1_H0, SHA1_H1, SHA1_H2, SHA1_H3, SHA1_H4, |
305 | }; |
306 | |
307 | static const u32 chcr_sha224_init[SHA256_DIGEST_SIZE / 4] = { |
308 | SHA224_H0, SHA224_H1, SHA224_H2, SHA224_H3, |
309 | SHA224_H4, SHA224_H5, SHA224_H6, SHA224_H7, |
310 | }; |
311 | |
312 | static const u32 chcr_sha256_init[SHA256_DIGEST_SIZE / 4] = { |
313 | SHA256_H0, SHA256_H1, SHA256_H2, SHA256_H3, |
314 | SHA256_H4, SHA256_H5, SHA256_H6, SHA256_H7, |
315 | }; |
316 | |
317 | static const u64 chcr_sha384_init[SHA512_DIGEST_SIZE / 8] = { |
318 | SHA384_H0, SHA384_H1, SHA384_H2, SHA384_H3, |
319 | SHA384_H4, SHA384_H5, SHA384_H6, SHA384_H7, |
320 | }; |
321 | |
322 | static const u64 chcr_sha512_init[SHA512_DIGEST_SIZE / 8] = { |
323 | SHA512_H0, SHA512_H1, SHA512_H2, SHA512_H3, |
324 | SHA512_H4, SHA512_H5, SHA512_H6, SHA512_H7, |
325 | }; |
326 | |
327 | static inline void copy_hash_init_values(char *key, int digestsize) |
328 | { |
329 | u8 i; |
330 | __be32 *dkey = (__be32 *)key; |
331 | u64 *ldkey = (u64 *)key; |
332 | __be64 *sha384 = (__be64 *)chcr_sha384_init; |
333 | __be64 *sha512 = (__be64 *)chcr_sha512_init; |
334 | |
335 | switch (digestsize) { |
336 | case SHA1_DIGEST_SIZE: |
337 | for (i = 0; i < SHA1_INIT_STATE; i++) |
338 | dkey[i] = cpu_to_be32(chcr_sha1_init[i]); |
339 | break; |
340 | case SHA224_DIGEST_SIZE: |
341 | for (i = 0; i < SHA224_INIT_STATE; i++) |
342 | dkey[i] = cpu_to_be32(chcr_sha224_init[i]); |
343 | break; |
344 | case SHA256_DIGEST_SIZE: |
345 | for (i = 0; i < SHA256_INIT_STATE; i++) |
346 | dkey[i] = cpu_to_be32(chcr_sha256_init[i]); |
347 | break; |
348 | case SHA384_DIGEST_SIZE: |
349 | for (i = 0; i < SHA384_INIT_STATE; i++) |
350 | ldkey[i] = be64_to_cpu(sha384[i]); |
351 | break; |
352 | case SHA512_DIGEST_SIZE: |
353 | for (i = 0; i < SHA512_INIT_STATE; i++) |
354 | ldkey[i] = be64_to_cpu(sha512[i]); |
355 | break; |
356 | } |
357 | } |
358 | |
359 | /* Number of len fields(8) * size of one addr field */ |
360 | #define PHYSDSGL_MAX_LEN_SIZE 16 |
361 | |
362 | static inline u16 get_space_for_phys_dsgl(unsigned int sgl_entr) |
363 | { |
364 | /* len field size + addr field size */ |
365 | return ((sgl_entr >> 3) + ((sgl_entr % 8) ? |
366 | 1 : 0)) * PHYSDSGL_MAX_LEN_SIZE + |
367 | (sgl_entr << 3) + ((sgl_entr % 2 ? 1 : 0) << 3); |
368 | } |
369 | |
370 | /* The AES s-transform matrix (s-box). */ |
371 | static const u8 aes_sbox[256] = { |
372 | 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, |
373 | 171, 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, |
374 | 156, 164, 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, |
375 | 229, 241, 113, 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154, 7, |
376 | 18, 128, 226, 235, 39, 178, 117, 9, 131, 44, 26, 27, 110, 90, |
377 | 160, 82, 59, 214, 179, 41, 227, 47, 132, 83, 209, 0, 237, 32, |
378 | 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, 208, 239, 170, |
379 | 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, 81, |
380 | 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, |
381 | 210, 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, |
382 | 93, 25, 115, 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, |
383 | 20, 222, 94, 11, 219, 224, 50, 58, 10, 73, 6, 36, 92, 194, |
384 | 211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109, 141, 213, 78, |
385 | 169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37, 46, 28, 166, |
386 | 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62, 181, 102, |
387 | 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, 225, 248, |
388 | 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, |
389 | 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, |
390 | 187, 22 |
391 | }; |
392 | |
393 | static inline u32 aes_ks_subword(const u32 w) |
394 | { |
395 | u8 bytes[4]; |
396 | |
397 | *(u32 *)(&bytes[0]) = w; |
398 | bytes[0] = aes_sbox[bytes[0]]; |
399 | bytes[1] = aes_sbox[bytes[1]]; |
400 | bytes[2] = aes_sbox[bytes[2]]; |
401 | bytes[3] = aes_sbox[bytes[3]]; |
402 | return *(u32 *)(&bytes[0]); |
403 | } |
404 | |
405 | #endif /* __CHCR_ALGO_H__ */ |
406 | |