linux-imx

/* XTS: as defined in IEEE1619/D16

 *  http://grouper.ieee.org/groups/1619/email/pdf00086.pdf

 *  (sector sizes which are not a multiple of 16 bytes are,

 *  however currently unsupported)

 *

 * Copyright (c) 2007 Rik Snel <rsnel@cube.dyndns.org>

 *

 * Based on ecb.c

 * Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>

 *

 * This program is free software; you can redistribute it and/or modify it

 * under the terms of the GNU General Public License as published by the Free

 * Software Foundation; either version 2 of the License, or (at your option)

 * any later version.

 */

#include <crypto/internal/skcipher.h>

#include <crypto/scatterwalk.h>

#include <linux/err.h>

#include <linux/init.h>

#include <linux/kernel.h>

#include <linux/module.h>

#include <linux/scatterlist.h>

#include <linux/slab.h>

​

#include <crypto/xts.h>

#include <crypto/b128ops.h>

#include <crypto/gf128mul.h>

​

struct priv {

    struct crypto_skcipher *child;

    struct crypto_cipher *tweak;

};

​

struct xts_instance_ctx {

    struct crypto_skcipher_spawn spawn;

    char name[CRYPTO_MAX_ALG_NAME];

};

​

struct rctx {

    le128 t;

    struct skcipher_request subreq;

};

​

static int setkey(struct crypto_skcipher *parent, const u8 *key,

          unsigned int keylen)

{

    struct priv *ctx = crypto_skcipher_ctx(parent);

    struct crypto_skcipher *child;

    struct crypto_cipher *tweak;

    int err;

​

    err = xts_verify_key(parent, key, keylen);

    if (err)

        return err;

​

    keylen /= 2;

​

    /* we need two cipher instances: one to compute the initial 'tweak'

     * by encrypting the IV (usually the 'plain' iv) and the other

     * one to encrypt and decrypt the data */

​

    /* tweak cipher, uses Key2 i.e. the second half of *key */

    tweak = ctx->tweak;