git/linux-cryptodev-2.6
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git synced 2026-04-14 09:37:46 -04:00
Code Issues Packages Projects Releases Wiki Activity

crypto: lib/chacha - strongly type the ChaCha state

Browse Source 
The ChaCha state matrix is 16 32-bit words.  Currently it is represented
in the code as a raw u32 array, or even just a pointer to u32.  This
weak typing is error-prone.  Instead, introduce struct chacha_state:

    struct chacha_state {
            u32 x[16];
    };

Convert all ChaCha and HChaCha functions to use struct chacha_state.
No functional changes.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Acked-by: Kent Overstreet <kent.overstreet@linux.dev>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Eric Biggers
2025-05-05 11:18:21 -07:00
committed by Herbert Xu
parent 97855e7f1c
commit 98066f2f89
19 changed files with 228 additions and 190 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crypto/chacha.c
View File

@@ -50,12 +50,12 @@ static int chacha_stream_xor(struct skcipher_request *req,
bool arch)
{
struct skcipher_walk walk;
u32 state[16];
struct chacha_state state;
int err;
err = skcipher_walk_virt(&walk, req, false);
chacha_init(state, ctx->key, iv);
chacha_init(&state, ctx->key, iv);
while (walk.nbytes > 0) {
unsigned int nbytes = walk.nbytes;
@@ -64,10 +64,10 @@ static int chacha_stream_xor(struct skcipher_request *req,
nbytes = round_down(nbytes, CHACHA_BLOCK_SIZE);
if (arch)
chacha_crypt(state, walk.dst.virt.addr,
chacha_crypt(&state, walk.dst.virt.addr,
walk.src.virt.addr, nbytes, ctx->nrounds);
else
chacha_crypt_generic(state, walk.dst.virt.addr,
chacha_crypt_generic(&state, walk.dst.virt.addr,
walk.src.virt.addr, nbytes,
ctx->nrounds);
err = skcipher_walk_done(&walk, walk.nbytes - nbytes);
@@ -97,15 +97,15 @@ static int crypto_xchacha_crypt(struct skcipher_request *req, bool arch)
struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
const struct chacha_ctx *ctx = crypto_skcipher_ctx(tfm);
struct chacha_ctx subctx;
u32 state[16];
struct chacha_state state;
u8 real_iv[16];
/* Compute the subkey given the original key and first 128 nonce bits */
chacha_init(state, ctx->key, req->iv);
chacha_init(&state, ctx->key, req->iv);
if (arch)
hchacha_block(state, subctx.key, ctx->nrounds);
hchacha_block(&state, subctx.key, ctx->nrounds);
else
hchacha_block_generic(state, subctx.key, ctx->nrounds);
hchacha_block_generic(&state, subctx.key, ctx->nrounds);
subctx.nrounds = ctx->nrounds;
/* Build the real IV */