162306a36Sopenharmony_ci/* SPDX-License-Identifier: GPL-2.0 */
262306a36Sopenharmony_ci/*
362306a36Sopenharmony_ci * Common values for AES algorithms
462306a36Sopenharmony_ci */
562306a36Sopenharmony_ci
662306a36Sopenharmony_ci#ifndef _CRYPTO_AES_H
762306a36Sopenharmony_ci#define _CRYPTO_AES_H
862306a36Sopenharmony_ci
962306a36Sopenharmony_ci#include <linux/types.h>
1062306a36Sopenharmony_ci#include <linux/crypto.h>
1162306a36Sopenharmony_ci
1262306a36Sopenharmony_ci#define AES_MIN_KEY_SIZE	16
1362306a36Sopenharmony_ci#define AES_MAX_KEY_SIZE	32
1462306a36Sopenharmony_ci#define AES_KEYSIZE_128		16
1562306a36Sopenharmony_ci#define AES_KEYSIZE_192		24
1662306a36Sopenharmony_ci#define AES_KEYSIZE_256		32
1762306a36Sopenharmony_ci#define AES_BLOCK_SIZE		16
1862306a36Sopenharmony_ci#define AES_MAX_KEYLENGTH	(15 * 16)
1962306a36Sopenharmony_ci#define AES_MAX_KEYLENGTH_U32	(AES_MAX_KEYLENGTH / sizeof(u32))
2062306a36Sopenharmony_ci
2162306a36Sopenharmony_ci/*
2262306a36Sopenharmony_ci * Please ensure that the first two fields are 16-byte aligned
2362306a36Sopenharmony_ci * relative to the start of the structure, i.e., don't move them!
2462306a36Sopenharmony_ci */
2562306a36Sopenharmony_cistruct crypto_aes_ctx {
2662306a36Sopenharmony_ci	u32 key_enc[AES_MAX_KEYLENGTH_U32];
2762306a36Sopenharmony_ci	u32 key_dec[AES_MAX_KEYLENGTH_U32];
2862306a36Sopenharmony_ci	u32 key_length;
2962306a36Sopenharmony_ci};
3062306a36Sopenharmony_ci
3162306a36Sopenharmony_ciextern const u32 crypto_ft_tab[4][256] ____cacheline_aligned;
3262306a36Sopenharmony_ciextern const u32 crypto_it_tab[4][256] ____cacheline_aligned;
3362306a36Sopenharmony_ci
3462306a36Sopenharmony_ci/*
3562306a36Sopenharmony_ci * validate key length for AES algorithms
3662306a36Sopenharmony_ci */
3762306a36Sopenharmony_cistatic inline int aes_check_keylen(unsigned int keylen)
3862306a36Sopenharmony_ci{
3962306a36Sopenharmony_ci	switch (keylen) {
4062306a36Sopenharmony_ci	case AES_KEYSIZE_128:
4162306a36Sopenharmony_ci	case AES_KEYSIZE_192:
4262306a36Sopenharmony_ci	case AES_KEYSIZE_256:
4362306a36Sopenharmony_ci		break;
4462306a36Sopenharmony_ci	default:
4562306a36Sopenharmony_ci		return -EINVAL;
4662306a36Sopenharmony_ci	}
4762306a36Sopenharmony_ci
4862306a36Sopenharmony_ci	return 0;
4962306a36Sopenharmony_ci}
5062306a36Sopenharmony_ci
5162306a36Sopenharmony_ciint crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
5262306a36Sopenharmony_ci		unsigned int key_len);
5362306a36Sopenharmony_ci
5462306a36Sopenharmony_ci/**
5562306a36Sopenharmony_ci * aes_expandkey - Expands the AES key as described in FIPS-197
5662306a36Sopenharmony_ci * @ctx:	The location where the computed key will be stored.
5762306a36Sopenharmony_ci * @in_key:	The supplied key.
5862306a36Sopenharmony_ci * @key_len:	The length of the supplied key.
5962306a36Sopenharmony_ci *
6062306a36Sopenharmony_ci * Returns 0 on success. The function fails only if an invalid key size (or
6162306a36Sopenharmony_ci * pointer) is supplied.
6262306a36Sopenharmony_ci * The expanded key size is 240 bytes (max of 14 rounds with a unique 16 bytes
6362306a36Sopenharmony_ci * key schedule plus a 16 bytes key which is used before the first round).
6462306a36Sopenharmony_ci * The decryption key is prepared for the "Equivalent Inverse Cipher" as
6562306a36Sopenharmony_ci * described in FIPS-197. The first slot (16 bytes) of each key (enc or dec) is
6662306a36Sopenharmony_ci * for the initial combination, the second slot for the first round and so on.
6762306a36Sopenharmony_ci */
6862306a36Sopenharmony_ciint aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
6962306a36Sopenharmony_ci		  unsigned int key_len);
7062306a36Sopenharmony_ci
7162306a36Sopenharmony_ci/**
7262306a36Sopenharmony_ci * aes_encrypt - Encrypt a single AES block
7362306a36Sopenharmony_ci * @ctx:	Context struct containing the key schedule
7462306a36Sopenharmony_ci * @out:	Buffer to store the ciphertext
7562306a36Sopenharmony_ci * @in:		Buffer containing the plaintext
7662306a36Sopenharmony_ci */
7762306a36Sopenharmony_civoid aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in);
7862306a36Sopenharmony_ci
7962306a36Sopenharmony_ci/**
8062306a36Sopenharmony_ci * aes_decrypt - Decrypt a single AES block
8162306a36Sopenharmony_ci * @ctx:	Context struct containing the key schedule
8262306a36Sopenharmony_ci * @out:	Buffer to store the plaintext
8362306a36Sopenharmony_ci * @in:		Buffer containing the ciphertext
8462306a36Sopenharmony_ci */
8562306a36Sopenharmony_civoid aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in);
8662306a36Sopenharmony_ci
8762306a36Sopenharmony_ciextern const u8 crypto_aes_sbox[];
8862306a36Sopenharmony_ciextern const u8 crypto_aes_inv_sbox[];
8962306a36Sopenharmony_ci
9062306a36Sopenharmony_ci#endif
91