This series adds lrw_crypt() and xts_crypt() functions for cipher implementations that
can benefit from parallel cipher block operations. To make interface flexible,
caller is reponsible of allocating buffer large enough to store temporary cipher
blocks. This buffer size should be as large as size of parallel blocks processed at
once. Cryption callback is called with buffer size at maximum of parallel blocks size
and at minimum size of one block.
Series adds LRW/XTS support to serpent-sse2 and twofish-x86_64-3way, and therefore
depends on those series.
Patches 1-4: include LRW fixes/cleanups, export gf128mul table and add lrw_crypt().
Patches 5-7: add LRW support to serpent-sse2, with tcrypt tests and test vectors.
Patches 8-10: add LRW support to twofish-x86_64-3way, with tcrypt tests and test vectors.
Patches 11-12: include XTS cleanup for blocksize usage and add xts_crypt().
Patches 13-15: add XTS support to serpent-sse2, with tcrypt tests and test vectors.
Patches 16-18: add XTS support to twofish-x86_64-3way, with tcrypt tests and test vectors.
---
Jussi Kivilinna (18):
crypto: lrw: fix memleak
crypto: lrw: use blocksize constant
crypto: lrw: split gf128mul table initialization from setkey
crypto: lrw: add interface for parallelized cipher implementions
crypto: testmgr: add lrw(serpent) test vectors
crypto: tcrypt: add lrw(serpent) tests
crypto: serpent-sse2: add lrw support
crypto: testmgr: add lrw(twofish) test vectors
crypto: tcrypt: add lrw(twofish) tests
crypto: twofish-x86_64-3way: add lrw support
crypto: xts: use blocksize constant
crypto: xts: add interface for parallelized cipher implementations
crypto: testmgr: add xts(serpent) test vectors
crypto: tcrypt: add xts(serpent) tests
crypto: serpent-sse2: add xts support
crypto: testmgr: add xts(twofish) test vectors
crypto: tcrypt: add xts(twofish) tests
crypto: twofish-x86_64-3way: add xts support
arch/x86/crypto/serpent_sse2_glue.c | 387 ++++++
arch/x86/crypto/twofish_glue_3way.c | 250 ++++
crypto/lrw.c | 155 ++
crypto/serpent.c | 10
crypto/tcrypt.c | 28
crypto/tcrypt.h | 2
crypto/testmgr.c | 60 +
crypto/testmgr.h | 2366 +++++++++++++++++++++++++++++++++++
crypto/twofish_common.c | 13
crypto/xts.c | 78 +
include/crypto/lrw.h | 43 +
include/crypto/serpent.h | 2
include/crypto/twofish.h | 2
include/crypto/xts.h | 27
14 files changed, 3379 insertions(+), 44 deletions(-)
create mode 100644 include/crypto/lrw.h
create mode 100644 include/crypto/xts.h
LRW module leaks child cipher memory when init_tfm() fails because of child
block size not being 16.
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/lrw.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/crypto/lrw.c b/crypto/lrw.c
index 358f80b..fca3246 100644
--- a/crypto/lrw.c
+++ b/crypto/lrw.c
@@ -220,6 +220,7 @@ static int init_tfm(struct crypto_tfm *tfm)
if (crypto_cipher_blocksize(cipher) != 16) {
*flags |= CRYPTO_TFM_RES_BAD_BLOCK_LEN;
+ crypto_free_cipher(cipher);
return -EINVAL;
}
LRW has fixed blocksize of 16. Define LRW_BLOCK_SIZE and use in place of
crypto_cipher_blocksize().
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/lrw.c | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/crypto/lrw.c b/crypto/lrw.c
index fca3246..bee6022 100644
--- a/crypto/lrw.c
+++ b/crypto/lrw.c
@@ -27,6 +27,8 @@
#include <crypto/b128ops.h>
#include <crypto/gf128mul.h>
+#define LRW_BLOCK_SIZE 16
+
struct priv {
struct crypto_cipher *child;
/* optimizes multiplying a random (non incrementing, as at the
@@ -61,7 +63,7 @@ static int setkey(struct crypto_tfm *parent, const u8 *key,
struct crypto_cipher *child = ctx->child;
int err, i;
be128 tmp = { 0 };
- int bsize = crypto_cipher_blocksize(child);
+ int bsize = LRW_BLOCK_SIZE;
crypto_cipher_clear_flags(child, CRYPTO_TFM_REQ_MASK);
crypto_cipher_set_flags(child, crypto_tfm_get_flags(parent) &
@@ -134,7 +136,7 @@ static int crypt(struct blkcipher_desc *d,
{
int err;
unsigned int avail;
- const int bs = crypto_cipher_blocksize(ctx->child);
+ const int bs = LRW_BLOCK_SIZE;
struct sinfo s = {
.tfm = crypto_cipher_tfm(ctx->child),
.fn = fn
@@ -218,7 +220,7 @@ static int init_tfm(struct crypto_tfm *tfm)
if (IS_ERR(cipher))
return PTR_ERR(cipher);
- if (crypto_cipher_blocksize(cipher) != 16) {
+ if (crypto_cipher_blocksize(cipher) != LRW_BLOCK_SIZE) {
*flags |= CRYPTO_TFM_RES_BAD_BLOCK_LEN;
crypto_free_cipher(cipher);
return -EINVAL;
Split gf128mul initialization from setkey so that it can be used outside
lrw-module.
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/lrw.c | 61 ++++++++++++++++++++++++++++++++++++++--------------------
1 files changed, 40 insertions(+), 21 deletions(-)
diff --git a/crypto/lrw.c b/crypto/lrw.c
index bee6022..91c17fa 100644
--- a/crypto/lrw.c
+++ b/crypto/lrw.c
@@ -29,8 +29,7 @@
#define LRW_BLOCK_SIZE 16
-struct priv {
- struct crypto_cipher *child;
+struct lrw_table_ctx {
/* optimizes multiplying a random (non incrementing, as at the
* start of a new sector) value with key2, we could also have
* used 4k optimization tables or no optimization at all. In the
@@ -45,6 +44,11 @@ struct priv {
be128 mulinc[128];
};
+struct priv {
+ struct crypto_cipher *child;
+ struct lrw_table_ctx table;
+};
+
static inline void setbit128_bbe(void *b, int bit)
{
__set_bit(bit ^ (0x80 -
@@ -56,28 +60,16 @@ static inline void setbit128_bbe(void *b, int bit)
), b);
}
-static int setkey(struct crypto_tfm *parent, const u8 *key,
- unsigned int keylen)
+static int lrw_init_table(struct lrw_table_ctx *ctx, const u8 *tweak)
{
- struct priv *ctx = crypto_tfm_ctx(parent);
- struct crypto_cipher *child = ctx->child;
- int err, i;
be128 tmp = { 0 };
- int bsize = LRW_BLOCK_SIZE;
-
- crypto_cipher_clear_flags(child, CRYPTO_TFM_REQ_MASK);
- crypto_cipher_set_flags(child, crypto_tfm_get_flags(parent) &
- CRYPTO_TFM_REQ_MASK);
- if ((err = crypto_cipher_setkey(child, key, keylen - bsize)))
- return err;
- crypto_tfm_set_flags(parent, crypto_cipher_get_flags(child) &
- CRYPTO_TFM_RES_MASK);
+ int i;
if (ctx->table)
gf128mul_free_64k(ctx->table);
/* initialize multiplication table for Key2 */
- ctx->table = gf128mul_init_64k_bbe((be128 *)(key + keylen - bsize));
+ ctx->table = gf128mul_init_64k_bbe((be128 *)tweak);
if (!ctx->table)
return -ENOMEM;
@@ -91,6 +83,32 @@ static int setkey(struct crypto_tfm *parent, const u8 *key,
return 0;
}
+static void lrw_free_table(struct lrw_table_ctx *ctx)
+{
+ if (ctx->table)
+ gf128mul_free_64k(ctx->table);
+}
+
+static int setkey(struct crypto_tfm *parent, const u8 *key,
+ unsigned int keylen)
+{
+ struct priv *ctx = crypto_tfm_ctx(parent);
+ struct crypto_cipher *child = ctx->child;
+ int err, bsize = LRW_BLOCK_SIZE;
+ const u8 *tweak = key + keylen - bsize;
+
+ crypto_cipher_clear_flags(child, CRYPTO_TFM_REQ_MASK);
+ crypto_cipher_set_flags(child, crypto_tfm_get_flags(parent) &
+ CRYPTO_TFM_REQ_MASK);
+ err = crypto_cipher_setkey(child, key, keylen - bsize);
+ if (err)
+ return err;
+ crypto_tfm_set_flags(parent, crypto_cipher_get_flags(child) &
+ CRYPTO_TFM_RES_MASK);
+
+ return lrw_init_table(&ctx->table, tweak);
+}
+
struct sinfo {
be128 t;
struct crypto_tfm *tfm;
@@ -157,7 +175,7 @@ static int crypt(struct blkcipher_desc *d,
s.t = *iv;
/* T <- I*Key2 */
- gf128mul_64k_bbe(&s.t, ctx->table);
+ gf128mul_64k_bbe(&s.t, ctx->table.table);
goto first;
@@ -165,7 +183,8 @@ static int crypt(struct blkcipher_desc *d,
do {
/* T <- I*Key2, using the optimization
* discussed in the specification */
- be128_xor(&s.t, &s.t, &ctx->mulinc[get_index128(iv)]);
+ be128_xor(&s.t, &s.t,
+ &ctx->table.mulinc[get_index128(iv)]);
inc(iv);
first:
@@ -233,8 +252,8 @@ static int init_tfm(struct crypto_tfm *tfm)
static void exit_tfm(struct crypto_tfm *tfm)
{
struct priv *ctx = crypto_tfm_ctx(tfm);
- if (ctx->table)
- gf128mul_free_64k(ctx->table);
+
+ lrw_free_table(&ctx->table);
crypto_free_cipher(ctx->child);
}
Export gf128mul table initialization routines and add lrw_crypt() function
that can be used by cipher implementations that can benefit from parallelized
cipher operations.
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/lrw.c | 105 ++++++++++++++++++++++++++++++++++++++++----------
include/crypto/lrw.h | 43 ++++++++++++++++++++
2 files changed, 128 insertions(+), 20 deletions(-)
create mode 100644 include/crypto/lrw.h
diff --git a/crypto/lrw.c b/crypto/lrw.c
index 91c17fa..66c4d22 100644
--- a/crypto/lrw.c
+++ b/crypto/lrw.c
@@ -3,7 +3,7 @@
*
* Copyright (c) 2006 Rik Snel <[email protected]>
*
- * Based om ecb.c
+ * Based on ecb.c
* Copyright (c) 2006 Herbert Xu <[email protected]>
*
* This program is free software; you can redistribute it and/or modify it
@@ -16,6 +16,7 @@
* http://www.mail-archive.com/[email protected]/msg00173.html
*
* The test vectors are included in the testing module tcrypt.[ch] */
+
#include <crypto/algapi.h>
#include <linux/err.h>
#include <linux/init.h>
@@ -26,23 +27,7 @@
#include <crypto/b128ops.h>
#include <crypto/gf128mul.h>
-
-#define LRW_BLOCK_SIZE 16
-
-struct lrw_table_ctx {
- /* optimizes multiplying a random (non incrementing, as at the
- * start of a new sector) value with key2, we could also have
- * used 4k optimization tables or no optimization at all. In the
- * latter case we would have to store key2 here */
- struct gf128mul_64k *table;
- /* stores:
- * key2*{ 0,0,...0,0,0,0,1 }, key2*{ 0,0,...0,0,0,1,1 },
- * key2*{ 0,0,...0,0,1,1,1 }, key2*{ 0,0,...0,1,1,1,1 }
- * key2*{ 0,0,...1,1,1,1,1 }, etc
- * needed for optimized multiplication of incrementing values
- * with key2 */
- be128 mulinc[128];
-};
+#include <crypto/lrw.h>
struct priv {
struct crypto_cipher *child;
@@ -60,7 +45,7 @@ static inline void setbit128_bbe(void *b, int bit)
), b);
}
-static int lrw_init_table(struct lrw_table_ctx *ctx, const u8 *tweak)
+int lrw_init_table(struct lrw_table_ctx *ctx, const u8 *tweak)
{
be128 tmp = { 0 };
int i;
@@ -82,12 +67,14 @@ static int lrw_init_table(struct lrw_table_ctx *ctx, const u8 *tweak)
return 0;
}
+EXPORT_SYMBOL_GPL(lrw_init_table);
-static void lrw_free_table(struct lrw_table_ctx *ctx)
+void lrw_free_table(struct lrw_table_ctx *ctx)
{
if (ctx->table)
gf128mul_free_64k(ctx->table);
}
+EXPORT_SYMBOL_GPL(lrw_free_table);
static int setkey(struct crypto_tfm *parent, const u8 *key,
unsigned int keylen)
@@ -227,6 +214,84 @@ static int decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
crypto_cipher_alg(ctx->child)->cia_decrypt);
}
+int lrw_crypt(struct blkcipher_desc *desc, struct scatterlist *sdst,
+ struct scatterlist *ssrc, unsigned int nbytes,
+ struct lrw_crypt_req *req)
+{
+ const unsigned int bsize = LRW_BLOCK_SIZE;
+ const unsigned int max_blks = req->tbuflen / bsize;
+ struct lrw_table_ctx *ctx = req->table_ctx;
+ struct blkcipher_walk walk;
+ unsigned int nblocks;
+ be128 *iv, *src, *dst, *t;
+ be128 *t_buf = req->tbuf;
+ int err, i;
+
+ BUG_ON(max_blks < 1);
+
+ blkcipher_walk_init(&walk, sdst, ssrc, nbytes);
+
+ err = blkcipher_walk_virt(desc, &walk);
+ nbytes = walk.nbytes;
+ if (!nbytes)
+ return err;
+
+ nblocks = min(walk.nbytes / bsize, max_blks);
+ src = (be128 *)walk.src.virt.addr;
+ dst = (be128 *)walk.dst.virt.addr;
+
+ /* calculate first value of T */
+ iv = (be128 *)walk.iv;
+ t_buf[0] = *iv;
+
+ /* T <- I*Key2 */
+ gf128mul_64k_bbe(&t_buf[0], ctx->table);
+
+ i = 0;
+ goto first;
+
+ for (;;) {
+ do {
+ for (i = 0; i < nblocks; i++) {
+ /* T <- I*Key2, using the optimization
+ * discussed in the specification */
+ be128_xor(&t_buf[i], t,
+ &ctx->mulinc[get_index128(iv)]);
+ inc(iv);
+first:
+ t = &t_buf[i];
+
+ /* PP <- T xor P */
+ be128_xor(dst + i, t, src + i);
+ }
+
+ /* CC <- E(Key2,PP) */
+ req->crypt_fn(req->crypt_ctx, (u8 *)dst,
+ nblocks * bsize);
+
+ /* C <- T xor CC */
+ for (i = 0; i < nblocks; i++)
+ be128_xor(dst + i, dst + i, &t_buf[i]);
+
+ src += nblocks;
+ dst += nblocks;
+ nbytes -= nblocks * bsize;
+ nblocks = min(nbytes / bsize, max_blks);
+ } while (nblocks > 0);
+
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ nbytes = walk.nbytes;
+ if (!nbytes)
+ break;
+
+ src = (be128 *)walk.src.virt.addr;
+ dst = (be128 *)walk.dst.virt.addr;
+ }
+
+ return err;
+}
+EXPORT_SYMBOL_GPL(lrw_crypt);
+
static int init_tfm(struct crypto_tfm *tfm)
{
struct crypto_cipher *cipher;
diff --git a/include/crypto/lrw.h b/include/crypto/lrw.h
new file mode 100644
index 0000000..25a2c87
--- /dev/null
+++ b/include/crypto/lrw.h
@@ -0,0 +1,43 @@
+#ifndef _CRYPTO_LRW_H
+#define _CRYPTO_LRW_H
+
+#include <crypto/b128ops.h>
+
+struct scatterlist;
+struct gf128mul_64k;
+struct blkcipher_desc;
+
+#define LRW_BLOCK_SIZE 16
+
+struct lrw_table_ctx {
+ /* optimizes multiplying a random (non incrementing, as at the
+ * start of a new sector) value with key2, we could also have
+ * used 4k optimization tables or no optimization at all. In the
+ * latter case we would have to store key2 here */
+ struct gf128mul_64k *table;
+ /* stores:
+ * key2*{ 0,0,...0,0,0,0,1 }, key2*{ 0,0,...0,0,0,1,1 },
+ * key2*{ 0,0,...0,0,1,1,1 }, key2*{ 0,0,...0,1,1,1,1 }
+ * key2*{ 0,0,...1,1,1,1,1 }, etc
+ * needed for optimized multiplication of incrementing values
+ * with key2 */
+ be128 mulinc[128];
+};
+
+int lrw_init_table(struct lrw_table_ctx *ctx, const u8 *tweak);
+void lrw_free_table(struct lrw_table_ctx *ctx);
+
+struct lrw_crypt_req {
+ be128 *tbuf;
+ unsigned int tbuflen;
+
+ struct lrw_table_ctx *table_ctx;
+ void *crypt_ctx;
+ void (*crypt_fn)(void *ctx, u8 *blks, unsigned int nbytes);
+};
+
+int lrw_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes,
+ struct lrw_crypt_req *req);
+
+#endif /* _CRYPTO_LRW_H */
Add test vectors for lrw(serpent). These are generated from lrw(aes) test vectors.
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/testmgr.c | 15 ++
crypto/testmgr.h | 502 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 517 insertions(+), 0 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 2018379..8c8ad61 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2297,6 +2297,21 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+ .alg = "lrw(serpent)",
+ .test = alg_test_skcipher,
+ .suite = {
+ .cipher = {
+ .enc = {
+ .vecs = serpent_lrw_enc_tv_template,
+ .count = SERPENT_LRW_ENC_TEST_VECTORS
+ },
+ .dec = {
+ .vecs = serpent_lrw_dec_tv_template,
+ .count = SERPENT_LRW_DEC_TEST_VECTORS
+ }
+ }
+ }
+ }, {
.alg = "lzo",
.test = alg_test_comp,
.suite = {
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index ed4aec9..1f7c3fd 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -3108,6 +3108,9 @@ static struct cipher_testvec tf_ctr_dec_tv_template[] = {
#define SERPENT_CTR_ENC_TEST_VECTORS 2
#define SERPENT_CTR_DEC_TEST_VECTORS 2
+#define SERPENT_LRW_ENC_TEST_VECTORS 8
+#define SERPENT_LRW_DEC_TEST_VECTORS 8
+
static struct cipher_testvec serpent_enc_tv_template[] = {
{
.input = "\x00\x01\x02\x03\x04\x05\x06\x07"
@@ -3665,6 +3668,505 @@ static struct cipher_testvec serpent_ctr_dec_tv_template[] = {
},
};
+static struct cipher_testvec serpent_lrw_enc_tv_template[] = {
+ /* Generated from AES-LRW test vectors */
+ {
+ .key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
+ "\x4c\x26\x84\x14\xb5\x68\x01\x85"
+ "\x25\x8e\x2a\x05\xe7\x3e\x9d\x03"
+ "\xee\x5a\x83\x0c\xcc\x09\x4c\x87",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\x6f\xbf\xd4\xa4\x5d\x71\x16\x79"
+ "\x63\x9c\xa6\x8e\x40\xbe\x0d\x8a",
+ .rlen = 16,
+ }, {
+ .key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
+ "\xd7\x79\xe8\x0f\x54\x88\x79\x44"
+ "\x0d\x48\xf0\xb7\xb1\x5a\x53\xea"
+ "\x1c\xaa\x6b\x29\xc2\xca\xfb\xaf",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x02",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\xfd\xb2\x66\x98\x80\x96\x55\xad"
+ "\x08\x94\x54\x9c\x21\x7c\x69\xe3",
+ .rlen = 16,
+ }, {
+ .key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
+ "\x30\xfe\x69\xe2\x37\x7f\x98\x47"
+ "\xcd\xf9\x0b\x16\x0c\x64\x8f\xb6"
+ "\xb0\x0d\x0d\x1b\xae\x85\x87\x1f",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\x14\x5e\x3d\x70\xc0\x6e\x9c\x34"
+ "\x5b\x5e\xcf\x0f\xe4\x8c\x21\x5c",
+ .rlen = 16,
+ }, {
+ .key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
+ "\x25\x83\xf7\x3c\x1f\x01\x28\x74"
+ "\xca\xc6\xbc\x35\x4d\x4a\x65\x54"
+ "\x90\xae\x61\xcf\x7b\xae\xbd\xcc"
+ "\xad\xe4\x94\xc5\x4a\x29\xae\x70",
+ .klen = 40,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\x25\x39\xaa\xa5\xf0\x65\xc8\xdc"
+ "\x5d\x45\x95\x30\x8f\xff\x2f\x1b",
+ .rlen = 16,
+ }, {
+ .key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
+ "\xf8\x86\xce\xac\x93\xc5\xad\xc6"
+ "\xa0\x19\x07\xc0\x9d\xf7\xbb\xdd"
+ "\x52\x13\xb2\xb7\xf0\xff\x11\xd8"
+ "\xd6\x08\xd0\xcd\x2e\xb1\x17\x6f",
+ .klen = 40,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\x0c\x20\x20\x63\xd6\x8b\xfc\x8f"
+ "\xc0\xe2\x17\xbb\xd2\x59\x6f\x26",
+ .rlen = 16,
+ }, {
+ .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
+ "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
+ "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
+ "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
+ "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
+ "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\xc1\x35\x2e\x53\xf0\x96\x4d\x9c"
+ "\x2e\x18\xe6\x99\xcd\xd3\x15\x68",
+ .rlen = 16,
+ }, {
+ .key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
+ "\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
+ "\xb2\xfb\x64\xce\x60\x97\x87\x8d"
+ "\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"
+ "\x6e\x78\x17\xe7\x2d\x5e\x12\xd4"
+ "\x60\x64\x04\x7a\xf1\x2f\x9e\x0c",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\x86\x0a\xc6\xa9\x1a\x9f\xe7\xe6"
+ "\x64\x3b\x33\xd6\xd5\x84\xd6\xdf",
+ .rlen = 16,
+ }, {
+ .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
+ "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
+ "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
+ "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
+ "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
+ "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
+ "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
+ "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
+ "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
+ "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
+ "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
+ "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
+ "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
+ "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
+ "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
+ "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
+ "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
+ "\x4c\x96\x12\xed\x7c\x92\x03\x01"
+ "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
+ "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
+ "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
+ "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
+ "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
+ "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
+ "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
+ "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
+ "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
+ "\x76\x12\x73\x44\x1a\x56\xd7\x72"
+ "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
+ "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
+ "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
+ "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
+ "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
+ "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
+ "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
+ "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
+ "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
+ "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
+ "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
+ "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
+ "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
+ "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
+ "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
+ "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
+ "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
+ "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
+ "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
+ "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
+ "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
+ "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
+ "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
+ "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
+ "\x62\x73\x65\xfd\x46\x63\x25\x3d"
+ "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
+ "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
+ "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
+ "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
+ "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
+ "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
+ "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
+ "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
+ "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
+ "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
+ "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
+ "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
+ "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
+ "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
+ "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
+ .ilen = 512,
+ .result = "\xe3\x5a\x38\x0f\x4d\x92\x3a\x74"
+ "\x15\xb1\x50\x8c\x9a\xd8\x99\x1d"
+ "\x82\xec\xf1\x5f\x03\x6d\x02\x58"
+ "\x90\x67\xfc\xdd\x8d\xe1\x38\x08"
+ "\x7b\xc9\x9b\x4b\x04\x09\x50\x15"
+ "\xce\xab\xda\x33\x30\x20\x12\xfa"
+ "\x83\xc4\xa6\x9a\x2e\x7d\x90\xd9"
+ "\xa6\xa6\x67\x43\xb4\xa7\xa8\x5c"
+ "\xbb\x6a\x49\x2b\x8b\xf8\xd0\x22"
+ "\xe5\x9e\xba\xe8\x8c\x67\xb8\x5b"
+ "\x60\xbc\xf5\xa4\x95\x4e\x66\xe5"
+ "\x6d\x8e\xa9\xf6\x65\x2e\x04\xf5"
+ "\xba\xb5\xdb\x88\xc2\xf6\x7a\x4b"
+ "\x89\x58\x7c\x9a\xae\x26\xe8\xb7"
+ "\xb7\x28\xcc\xd6\xcc\xa5\x98\x4d"
+ "\xb9\x91\xcb\xb4\xe4\x8b\x96\x47"
+ "\x5f\x03\x8b\xdd\x94\xd1\xee\x12"
+ "\xa7\x83\x80\xf2\xc1\x15\x74\x4f"
+ "\x49\xf9\xb0\x7e\x6f\xdc\x73\x2f"
+ "\xe2\xcf\xe0\x1b\x34\xa5\xa0\x52"
+ "\xfb\x3c\x5d\x85\x91\xe6\x6d\x98"
+ "\x04\xd6\xdd\x4c\x00\x64\xd9\x54"
+ "\x5c\x3c\x08\x1d\x4c\x06\x9f\xb8"
+ "\x1c\x4d\x8d\xdc\xa4\x3c\xb9\x3b"
+ "\x9e\x85\xce\xc3\xa8\x4a\x0c\xd9"
+ "\x04\xc3\x6f\x17\x66\xa9\x1f\x59"
+ "\xd9\xe2\x19\x36\xa3\x88\xb8\x0b"
+ "\x0f\x4a\x4d\xf8\xc8\x6f\xd5\x43"
+ "\xeb\xa0\xab\x1f\x61\xc0\x06\xeb"
+ "\x93\xb7\xb8\x6f\x0d\xbd\x07\x49"
+ "\xb3\xac\x5d\xcf\x31\xa0\x27\x26"
+ "\x21\xbe\x94\x2e\x19\xea\xf4\xee"
+ "\xb5\x13\x89\xf7\x94\x0b\xef\x59"
+ "\x44\xc5\x78\x8b\x3c\x3b\x71\x20"
+ "\xf9\x35\x0c\x70\x74\xdc\x5b\xc2"
+ "\xb4\x11\x0e\x2c\x61\xa1\x52\x46"
+ "\x18\x11\x16\xc6\x86\x44\xa7\xaf"
+ "\xd5\x0c\x7d\xa6\x9e\x25\x2d\x1b"
+ "\x9a\x8f\x0f\xf8\x6a\x61\xa0\xea"
+ "\x3f\x0e\x90\xd6\x8f\x83\x30\x64"
+ "\xb5\x51\x2d\x08\x3c\xcd\x99\x36"
+ "\x96\xd4\xb1\xb5\x48\x30\xca\x48"
+ "\xf7\x11\xa8\xf5\x97\x8a\x6a\x6d"
+ "\x12\x33\x2f\xc0\xe8\xda\xec\x8a"
+ "\xe1\x88\x72\x63\xde\x20\xa3\xe1"
+ "\x8e\xac\x84\x37\x35\xf5\xf7\x3f"
+ "\x00\x02\x0e\xe4\xc1\x53\x68\x3f"
+ "\xaa\xd5\xac\x52\x3d\x20\x2f\x4d"
+ "\x7c\x83\xd0\xbd\xaa\x97\x35\x36"
+ "\x98\x88\x59\x5d\xe7\x24\xe3\x90"
+ "\x9d\x30\x47\xa7\xc3\x60\x35\xf4"
+ "\xd5\xdb\x0e\x4d\x44\xc1\x81\x8b"
+ "\xfd\xbd\xc3\x2b\xba\x68\xfe\x8d"
+ "\x49\x5a\x3c\x8a\xa3\x01\xae\x25"
+ "\x42\xab\xd2\x87\x1b\x35\xd6\xd2"
+ "\xd7\x70\x1c\x1f\x72\xd1\xe1\x39"
+ "\x1c\x58\xa2\xb4\xd0\x78\x55\x72"
+ "\x76\x59\xea\xd9\xd7\x6e\x63\x8b"
+ "\xcc\x9b\xa7\x74\x89\xfc\xa3\x68"
+ "\x86\x28\xd1\xbb\x54\x8d\x66\xad"
+ "\x2a\x92\xf9\x4e\x04\x3d\xae\xfd"
+ "\x1b\x2b\x7f\xc3\x2f\x1a\x78\x0a"
+ "\x5c\xc6\x84\xfe\x7c\xcb\x26\xfd"
+ "\xd9\x51\x0f\xd7\x94\x2f\xc5\xa7",
+ .rlen = 512,
+ },
+};
+
+static struct cipher_testvec serpent_lrw_dec_tv_template[] = {
+ /* Generated from AES-LRW test vectors */
+ /* same as enc vectors with input and result reversed */
+ {
+ .key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
+ "\x4c\x26\x84\x14\xb5\x68\x01\x85"
+ "\x25\x8e\x2a\x05\xe7\x3e\x9d\x03"
+ "\xee\x5a\x83\x0c\xcc\x09\x4c\x87",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x6f\xbf\xd4\xa4\x5d\x71\x16\x79"
+ "\x63\x9c\xa6\x8e\x40\xbe\x0d\x8a",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
+ "\xd7\x79\xe8\x0f\x54\x88\x79\x44"
+ "\x0d\x48\xf0\xb7\xb1\x5a\x53\xea"
+ "\x1c\xaa\x6b\x29\xc2\xca\xfb\xaf",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x02",
+ .input = "\xfd\xb2\x66\x98\x80\x96\x55\xad"
+ "\x08\x94\x54\x9c\x21\x7c\x69\xe3",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
+ "\x30\xfe\x69\xe2\x37\x7f\x98\x47"
+ "\xcd\xf9\x0b\x16\x0c\x64\x8f\xb6"
+ "\xb0\x0d\x0d\x1b\xae\x85\x87\x1f",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x14\x5e\x3d\x70\xc0\x6e\x9c\x34"
+ "\x5b\x5e\xcf\x0f\xe4\x8c\x21\x5c",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
+ "\x25\x83\xf7\x3c\x1f\x01\x28\x74"
+ "\xca\xc6\xbc\x35\x4d\x4a\x65\x54"
+ "\x90\xae\x61\xcf\x7b\xae\xbd\xcc"
+ "\xad\xe4\x94\xc5\x4a\x29\xae\x70",
+ .klen = 40,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x25\x39\xaa\xa5\xf0\x65\xc8\xdc"
+ "\x5d\x45\x95\x30\x8f\xff\x2f\x1b",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
+ "\xf8\x86\xce\xac\x93\xc5\xad\xc6"
+ "\xa0\x19\x07\xc0\x9d\xf7\xbb\xdd"
+ "\x52\x13\xb2\xb7\xf0\xff\x11\xd8"
+ "\xd6\x08\xd0\xcd\x2e\xb1\x17\x6f",
+ .klen = 40,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x0c\x20\x20\x63\xd6\x8b\xfc\x8f"
+ "\xc0\xe2\x17\xbb\xd2\x59\x6f\x26",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
+ "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
+ "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
+ "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
+ "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
+ "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\xc1\x35\x2e\x53\xf0\x96\x4d\x9c"
+ "\x2e\x18\xe6\x99\xcd\xd3\x15\x68",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
+ "\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
+ "\xb2\xfb\x64\xce\x60\x97\x87\x8d"
+ "\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"
+ "\x6e\x78\x17\xe7\x2d\x5e\x12\xd4"
+ "\x60\x64\x04\x7a\xf1\x2f\x9e\x0c",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x86\x0a\xc6\xa9\x1a\x9f\xe7\xe6"
+ "\x64\x3b\x33\xd6\xd5\x84\xd6\xdf",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
+ "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
+ "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
+ "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
+ "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
+ "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\xe3\x5a\x38\x0f\x4d\x92\x3a\x74"
+ "\x15\xb1\x50\x8c\x9a\xd8\x99\x1d"
+ "\x82\xec\xf1\x5f\x03\x6d\x02\x58"
+ "\x90\x67\xfc\xdd\x8d\xe1\x38\x08"
+ "\x7b\xc9\x9b\x4b\x04\x09\x50\x15"
+ "\xce\xab\xda\x33\x30\x20\x12\xfa"
+ "\x83\xc4\xa6\x9a\x2e\x7d\x90\xd9"
+ "\xa6\xa6\x67\x43\xb4\xa7\xa8\x5c"
+ "\xbb\x6a\x49\x2b\x8b\xf8\xd0\x22"
+ "\xe5\x9e\xba\xe8\x8c\x67\xb8\x5b"
+ "\x60\xbc\xf5\xa4\x95\x4e\x66\xe5"
+ "\x6d\x8e\xa9\xf6\x65\x2e\x04\xf5"
+ "\xba\xb5\xdb\x88\xc2\xf6\x7a\x4b"
+ "\x89\x58\x7c\x9a\xae\x26\xe8\xb7"
+ "\xb7\x28\xcc\xd6\xcc\xa5\x98\x4d"
+ "\xb9\x91\xcb\xb4\xe4\x8b\x96\x47"
+ "\x5f\x03\x8b\xdd\x94\xd1\xee\x12"
+ "\xa7\x83\x80\xf2\xc1\x15\x74\x4f"
+ "\x49\xf9\xb0\x7e\x6f\xdc\x73\x2f"
+ "\xe2\xcf\xe0\x1b\x34\xa5\xa0\x52"
+ "\xfb\x3c\x5d\x85\x91\xe6\x6d\x98"
+ "\x04\xd6\xdd\x4c\x00\x64\xd9\x54"
+ "\x5c\x3c\x08\x1d\x4c\x06\x9f\xb8"
+ "\x1c\x4d\x8d\xdc\xa4\x3c\xb9\x3b"
+ "\x9e\x85\xce\xc3\xa8\x4a\x0c\xd9"
+ "\x04\xc3\x6f\x17\x66\xa9\x1f\x59"
+ "\xd9\xe2\x19\x36\xa3\x88\xb8\x0b"
+ "\x0f\x4a\x4d\xf8\xc8\x6f\xd5\x43"
+ "\xeb\xa0\xab\x1f\x61\xc0\x06\xeb"
+ "\x93\xb7\xb8\x6f\x0d\xbd\x07\x49"
+ "\xb3\xac\x5d\xcf\x31\xa0\x27\x26"
+ "\x21\xbe\x94\x2e\x19\xea\xf4\xee"
+ "\xb5\x13\x89\xf7\x94\x0b\xef\x59"
+ "\x44\xc5\x78\x8b\x3c\x3b\x71\x20"
+ "\xf9\x35\x0c\x70\x74\xdc\x5b\xc2"
+ "\xb4\x11\x0e\x2c\x61\xa1\x52\x46"
+ "\x18\x11\x16\xc6\x86\x44\xa7\xaf"
+ "\xd5\x0c\x7d\xa6\x9e\x25\x2d\x1b"
+ "\x9a\x8f\x0f\xf8\x6a\x61\xa0\xea"
+ "\x3f\x0e\x90\xd6\x8f\x83\x30\x64"
+ "\xb5\x51\x2d\x08\x3c\xcd\x99\x36"
+ "\x96\xd4\xb1\xb5\x48\x30\xca\x48"
+ "\xf7\x11\xa8\xf5\x97\x8a\x6a\x6d"
+ "\x12\x33\x2f\xc0\xe8\xda\xec\x8a"
+ "\xe1\x88\x72\x63\xde\x20\xa3\xe1"
+ "\x8e\xac\x84\x37\x35\xf5\xf7\x3f"
+ "\x00\x02\x0e\xe4\xc1\x53\x68\x3f"
+ "\xaa\xd5\xac\x52\x3d\x20\x2f\x4d"
+ "\x7c\x83\xd0\xbd\xaa\x97\x35\x36"
+ "\x98\x88\x59\x5d\xe7\x24\xe3\x90"
+ "\x9d\x30\x47\xa7\xc3\x60\x35\xf4"
+ "\xd5\xdb\x0e\x4d\x44\xc1\x81\x8b"
+ "\xfd\xbd\xc3\x2b\xba\x68\xfe\x8d"
+ "\x49\x5a\x3c\x8a\xa3\x01\xae\x25"
+ "\x42\xab\xd2\x87\x1b\x35\xd6\xd2"
+ "\xd7\x70\x1c\x1f\x72\xd1\xe1\x39"
+ "\x1c\x58\xa2\xb4\xd0\x78\x55\x72"
+ "\x76\x59\xea\xd9\xd7\x6e\x63\x8b"
+ "\xcc\x9b\xa7\x74\x89\xfc\xa3\x68"
+ "\x86\x28\xd1\xbb\x54\x8d\x66\xad"
+ "\x2a\x92\xf9\x4e\x04\x3d\xae\xfd"
+ "\x1b\x2b\x7f\xc3\x2f\x1a\x78\x0a"
+ "\x5c\xc6\x84\xfe\x7c\xcb\x26\xfd"
+ "\xd9\x51\x0f\xd7\x94\x2f\xc5\xa7",
+ .ilen = 512,
+ .result = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
+ "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
+ "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
+ "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
+ "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
+ "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
+ "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
+ "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
+ "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
+ "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
+ "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
+ "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
+ "\x4c\x96\x12\xed\x7c\x92\x03\x01"
+ "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
+ "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
+ "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
+ "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
+ "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
+ "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
+ "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
+ "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
+ "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
+ "\x76\x12\x73\x44\x1a\x56\xd7\x72"
+ "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
+ "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
+ "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
+ "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
+ "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
+ "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
+ "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
+ "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
+ "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
+ "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
+ "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
+ "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
+ "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
+ "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
+ "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
+ "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
+ "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
+ "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
+ "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
+ "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
+ "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
+ "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
+ "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
+ "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
+ "\x62\x73\x65\xfd\x46\x63\x25\x3d"
+ "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
+ "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
+ "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
+ "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
+ "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
+ "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
+ "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
+ "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
+ "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
+ "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
+ "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
+ "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
+ "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
+ "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
+ "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
+ .rlen = 512,
+ },
+};
+
/* Cast6 test vectors from RFC 2612 */
#define CAST6_ENC_TEST_VECTORS 3
#define CAST6_DEC_TEST_VECTORS 3
Patch adds LRW support for serpent-sse2 by using lrw_crypt(). Patch has been
tested with tcrypt and automated filesystem tests.
Tcrypt benchmarks results (serpent-sse2/serpent_generic speed ratios):
Benchmark results with tcrypt:
Intel Celeron T1600 (x86_64) (fam:6, model:15, step:13):
size lrw-enc lrw-dec
16B 1.00x 0.96x
64B 1.01x 1.01x
256B 3.01x 2.97x
1024B 3.39x 3.33x
8192B 3.35x 3.33x
AMD Phenom II 1055T (x86_64) (fam:16, model:10):
size lrw-enc lrw-dec
16B 0.98x 1.03x
64B 1.01x 1.04x
256B 2.10x 2.14x
1024B 2.28x 2.33x
8192B 2.30x 2.33x
Intel Atom N270 (i586):
size lrw-enc lrw-dec
16B 0.97x 0.97x
64B 1.47x 1.50x
256B 1.72x 1.69x
1024B 1.88x 1.81x
8192B 1.84x 1.79x
Signed-off-by: Jussi Kivilinna <[email protected]>
---
arch/x86/crypto/serpent_sse2_glue.c | 211 +++++++++++++++++++++++++++++++++++
crypto/serpent.c | 10 +-
include/crypto/serpent.h | 2
3 files changed, 221 insertions(+), 2 deletions(-)
diff --git a/arch/x86/crypto/serpent_sse2_glue.c b/arch/x86/crypto/serpent_sse2_glue.c
index 5cf17e2..97c55b6 100644
--- a/arch/x86/crypto/serpent_sse2_glue.c
+++ b/arch/x86/crypto/serpent_sse2_glue.c
@@ -38,12 +38,17 @@
#include <crypto/cryptd.h>
#include <crypto/b128ops.h>
#include <crypto/ctr.h>
+#include <crypto/lrw.h>
#include <asm/i387.h>
#include <asm/serpent.h>
#include <crypto/scatterwalk.h>
#include <linux/workqueue.h>
#include <linux/spinlock.h>
+#if defined(CONFIG_CRYPTO_LRW) || defined(CONFIG_CRYPTO_LRW_MODULE)
+#define HAS_LRW
+#endif
+
struct async_serpent_ctx {
struct cryptd_ablkcipher *cryptd_tfm;
};
@@ -459,6 +464,152 @@ static struct crypto_alg blk_ctr_alg = {
},
};
+#ifdef HAS_LRW
+
+struct crypt_priv {
+ struct serpent_ctx *ctx;
+ bool fpu_enabled;
+};
+
+static void encrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
+{
+ const unsigned int bsize = SERPENT_BLOCK_SIZE;
+ struct crypt_priv *ctx = priv;
+ int i;
+
+ ctx->fpu_enabled = serpent_fpu_begin(ctx->fpu_enabled, nbytes);
+
+ if (nbytes == bsize * SERPENT_PARALLEL_BLOCKS) {
+ serpent_enc_blk_xway(ctx->ctx, srcdst, srcdst);
+ return;
+ }
+
+ for (i = 0; i < nbytes / bsize; i++, srcdst += bsize)
+ __serpent_encrypt(ctx->ctx, srcdst, srcdst);
+}
+
+static void decrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
+{
+ const unsigned int bsize = SERPENT_BLOCK_SIZE;
+ struct crypt_priv *ctx = priv;
+ int i;
+
+ ctx->fpu_enabled = serpent_fpu_begin(ctx->fpu_enabled, nbytes);
+
+ if (nbytes == bsize * SERPENT_PARALLEL_BLOCKS) {
+ serpent_dec_blk_xway(ctx->ctx, srcdst, srcdst);
+ return;
+ }
+
+ for (i = 0; i < nbytes / bsize; i++, srcdst += bsize)
+ __serpent_decrypt(ctx->ctx, srcdst, srcdst);
+}
+
+struct serpent_lrw_ctx {
+ struct lrw_table_ctx lrw_table;
+ struct serpent_ctx serpent_ctx;
+};
+
+static int lrw_serpent_setkey(struct crypto_tfm *tfm, const u8 *key,
+ unsigned int keylen)
+{
+ struct serpent_lrw_ctx *ctx = crypto_tfm_ctx(tfm);
+ int err;
+
+ err = __serpent_setkey(&ctx->serpent_ctx, key, keylen -
+ SERPENT_BLOCK_SIZE);
+ if (err)
+ return err;
+
+ return lrw_init_table(&ctx->lrw_table, key + keylen -
+ SERPENT_BLOCK_SIZE);
+}
+
+static int lrw_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+{
+ struct serpent_lrw_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ be128 buf[SERPENT_PARALLEL_BLOCKS];
+ struct crypt_priv crypt_ctx = {
+ .ctx = &ctx->serpent_ctx,
+ .fpu_enabled = false,
+ };
+ struct lrw_crypt_req req = {
+ .tbuf = buf,
+ .tbuflen = sizeof(buf),
+
+ .table_ctx = &ctx->lrw_table,
+ .crypt_ctx = &crypt_ctx,
+ .crypt_fn = encrypt_callback,
+ };
+ int ret;
+
+ ret = lrw_crypt(desc, dst, src, nbytes, &req);
+ serpent_fpu_end(crypt_ctx.fpu_enabled);
+
+ return ret;
+}
+
+static int lrw_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+{
+ struct serpent_lrw_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ be128 buf[SERPENT_PARALLEL_BLOCKS];
+ struct crypt_priv crypt_ctx = {
+ .ctx = &ctx->serpent_ctx,
+ .fpu_enabled = false,
+ };
+ struct lrw_crypt_req req = {
+ .tbuf = buf,
+ .tbuflen = sizeof(buf),
+
+ .table_ctx = &ctx->lrw_table,
+ .crypt_ctx = &crypt_ctx,
+ .crypt_fn = decrypt_callback,
+ };
+ int ret;
+
+ ret = lrw_crypt(desc, dst, src, nbytes, &req);
+ serpent_fpu_end(crypt_ctx.fpu_enabled);
+
+ return ret;
+}
+
+static void lrw_exit_tfm(struct crypto_tfm *tfm)
+{
+ struct serpent_lrw_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ lrw_free_table(&ctx->lrw_table);
+}
+
+static struct crypto_alg blk_lrw_alg = {
+ .cra_name = "__lrw-serpent-sse2",
+ .cra_driver_name = "__driver-lrw-serpent-sse2",
+ .cra_priority = 0,
+ .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
+ .cra_blocksize = SERPENT_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct serpent_lrw_ctx),
+ .cra_alignmask = 0,
+ .cra_type = &crypto_blkcipher_type,
+ .cra_module = THIS_MODULE,
+ .cra_list = LIST_HEAD_INIT(blk_lrw_alg.cra_list),
+ .cra_exit = lrw_exit_tfm,
+ .cra_u = {
+ .blkcipher = {
+ .min_keysize = SERPENT_MIN_KEY_SIZE +
+ SERPENT_BLOCK_SIZE,
+ .max_keysize = SERPENT_MAX_KEY_SIZE +
+ SERPENT_BLOCK_SIZE,
+ .ivsize = SERPENT_BLOCK_SIZE,
+ .setkey = lrw_serpent_setkey,
+ .encrypt = lrw_encrypt,
+ .decrypt = lrw_decrypt,
+ },
+ },
+};
+
+#endif
+
static int ablk_set_key(struct crypto_ablkcipher *tfm, const u8 *key,
unsigned int key_len)
{
@@ -657,6 +808,48 @@ static struct crypto_alg ablk_ctr_alg = {
},
};
+#ifdef HAS_LRW
+
+static int ablk_lrw_init(struct crypto_tfm *tfm)
+{
+ struct cryptd_ablkcipher *cryptd_tfm;
+
+ cryptd_tfm = cryptd_alloc_ablkcipher("__driver-lrw-serpent-sse2", 0, 0);
+ if (IS_ERR(cryptd_tfm))
+ return PTR_ERR(cryptd_tfm);
+ ablk_init_common(tfm, cryptd_tfm);
+ return 0;
+}
+
+static struct crypto_alg ablk_lrw_alg = {
+ .cra_name = "lrw(serpent)",
+ .cra_driver_name = "lrw-serpent-sse2",
+ .cra_priority = 400,
+ .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
+ .cra_blocksize = SERPENT_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct async_serpent_ctx),
+ .cra_alignmask = 0,
+ .cra_type = &crypto_ablkcipher_type,
+ .cra_module = THIS_MODULE,
+ .cra_list = LIST_HEAD_INIT(ablk_lrw_alg.cra_list),
+ .cra_init = ablk_lrw_init,
+ .cra_exit = ablk_exit,
+ .cra_u = {
+ .ablkcipher = {
+ .min_keysize = SERPENT_MIN_KEY_SIZE +
+ SERPENT_BLOCK_SIZE,
+ .max_keysize = SERPENT_MAX_KEY_SIZE +
+ SERPENT_BLOCK_SIZE,
+ .ivsize = SERPENT_BLOCK_SIZE,
+ .setkey = ablk_set_key,
+ .encrypt = ablk_encrypt,
+ .decrypt = ablk_decrypt,
+ },
+ },
+};
+
+#endif
+
static int __init serpent_sse2_init(void)
{
int err;
@@ -684,8 +877,22 @@ static int __init serpent_sse2_init(void)
err = crypto_register_alg(&ablk_ctr_alg);
if (err)
goto ablk_ctr_err;
+#ifdef HAS_LRW
+ err = crypto_register_alg(&blk_lrw_alg);
+ if (err)
+ goto blk_lrw_err;
+ err = crypto_register_alg(&ablk_lrw_alg);
+ if (err)
+ goto ablk_lrw_err;
+#endif
return err;
+#ifdef HAS_LRW
+ablk_lrw_err:
+ crypto_unregister_alg(&blk_lrw_alg);
+blk_lrw_err:
+ crypto_unregister_alg(&ablk_ctr_alg);
+#endif
ablk_ctr_err:
crypto_unregister_alg(&ablk_cbc_alg);
ablk_cbc_err:
@@ -702,6 +909,10 @@ blk_ecb_err:
static void __exit serpent_sse2_exit(void)
{
+#ifdef HAS_LRW
+ crypto_unregister_alg(&ablk_lrw_alg);
+ crypto_unregister_alg(&blk_lrw_alg);
+#endif
crypto_unregister_alg(&ablk_ctr_alg);
crypto_unregister_alg(&ablk_cbc_alg);
crypto_unregister_alg(&ablk_ecb_alg);
diff --git a/crypto/serpent.c b/crypto/serpent.c
index eb61630..7cc2cae 100644
--- a/crypto/serpent.c
+++ b/crypto/serpent.c
@@ -206,9 +206,9 @@
x1 ^= x4; x3 ^= x4; x4 &= x0; \
x4 ^= x2;
-int serpent_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
+int __serpent_setkey(struct serpent_ctx *ctx, const u8 *key,
+ unsigned int keylen)
{
- struct serpent_ctx *ctx = crypto_tfm_ctx(tfm);
u32 *k = ctx->expkey;
u8 *k8 = (u8 *)k;
u32 r0,r1,r2,r3,r4;
@@ -349,6 +349,12 @@ int serpent_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
return 0;
}
+EXPORT_SYMBOL_GPL(__serpent_setkey);
+
+int serpent_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen)
+{
+ return __serpent_setkey(crypto_tfm_ctx(tfm), key, keylen);
+}
EXPORT_SYMBOL_GPL(serpent_setkey);
void __serpent_encrypt(struct serpent_ctx *ctx, u8 *dst, const u8 *src)
diff --git a/include/crypto/serpent.h b/include/crypto/serpent.h
index 40df885..b7e0941 100644
--- a/include/crypto/serpent.h
+++ b/include/crypto/serpent.h
@@ -17,6 +17,8 @@ struct serpent_ctx {
u32 expkey[SERPENT_EXPKEY_WORDS];
};
+int __serpent_setkey(struct serpent_ctx *ctx, const u8 *key,
+ unsigned int keylen);
int serpent_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen);
void __serpent_encrypt(struct serpent_ctx *ctx, u8 *dst, const u8 *src);
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/tcrypt.c | 9 +++++++++
crypto/tcrypt.h | 1 +
2 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 5526065..9a9e170 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -996,6 +996,7 @@ static int do_test(int m)
ret += tcrypt_test("ecb(serpent)");
ret += tcrypt_test("cbc(serpent)");
ret += tcrypt_test("ctr(serpent)");
+ ret += tcrypt_test("lrw(serpent)");
break;
case 10:
@@ -1305,6 +1306,10 @@ static int do_test(int m)
speed_template_16_32);
test_cipher_speed("ctr(serpent)", DECRYPT, sec, NULL, 0,
speed_template_16_32);
+ test_cipher_speed("lrw(serpent)", ENCRYPT, sec, NULL, 0,
+ speed_template_32_48);
+ test_cipher_speed("lrw(serpent)", DECRYPT, sec, NULL, 0,
+ speed_template_32_48);
break;
case 300:
@@ -1521,6 +1526,10 @@ static int do_test(int m)
speed_template_16_32);
test_acipher_speed("ctr(serpent)", DECRYPT, sec, NULL, 0,
speed_template_16_32);
+ test_acipher_speed("lrw(serpent)", ENCRYPT, sec, NULL, 0,
+ speed_template_32_48);
+ test_acipher_speed("lrw(serpent)", DECRYPT, sec, NULL, 0,
+ speed_template_32_48);
break;
case 1000:
diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h
index 10cb925..3eceaef 100644
--- a/crypto/tcrypt.h
+++ b/crypto/tcrypt.h
@@ -51,6 +51,7 @@ static u8 speed_template_8_32[] = {8, 32, 0};
static u8 speed_template_16_32[] = {16, 32, 0};
static u8 speed_template_16_24_32[] = {16, 24, 32, 0};
static u8 speed_template_32_40_48[] = {32, 40, 48, 0};
+static u8 speed_template_32_48[] = {32, 48, 0};
static u8 speed_template_32_48_64[] = {32, 48, 64, 0};
/*
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/tcrypt.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 9a9e170..0120383 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -990,6 +990,7 @@ static int do_test(int m)
ret += tcrypt_test("ecb(twofish)");
ret += tcrypt_test("cbc(twofish)");
ret += tcrypt_test("ctr(twofish)");
+ ret += tcrypt_test("lrw(twofish)");
break;
case 9:
@@ -1249,6 +1250,10 @@ static int do_test(int m)
speed_template_16_24_32);
test_cipher_speed("ctr(twofish)", DECRYPT, sec, NULL, 0,
speed_template_16_24_32);
+ test_cipher_speed("lrw(twofish)", ENCRYPT, sec, NULL, 0,
+ speed_template_32_40_48);
+ test_cipher_speed("lrw(twofish)", DECRYPT, sec, NULL, 0,
+ speed_template_32_40_48);
break;
case 203:
Add test vectors for lrw(twofish). These are generated from lrw(aes) test vectors.
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/testmgr.c | 15 ++
crypto/testmgr.h | 501 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 516 insertions(+), 0 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 8c8ad61..97fe1df 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2312,6 +2312,21 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+ .alg = "lrw(twofish)",
+ .test = alg_test_skcipher,
+ .suite = {
+ .cipher = {
+ .enc = {
+ .vecs = tf_lrw_enc_tv_template,
+ .count = TF_LRW_ENC_TEST_VECTORS
+ },
+ .dec = {
+ .vecs = tf_lrw_dec_tv_template,
+ .count = TF_LRW_DEC_TEST_VECTORS
+ }
+ }
+ }
+ }, {
.alg = "lzo",
.test = alg_test_comp,
.suite = {
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 1f7c3fd..4b88789 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -2717,6 +2717,8 @@ static struct cipher_testvec bf_ctr_dec_tv_template[] = {
#define TF_CBC_DEC_TEST_VECTORS 5
#define TF_CTR_ENC_TEST_VECTORS 2
#define TF_CTR_DEC_TEST_VECTORS 2
+#define TF_LRW_ENC_TEST_VECTORS 8
+#define TF_LRW_DEC_TEST_VECTORS 8
static struct cipher_testvec tf_enc_tv_template[] = {
{
@@ -3092,6 +3094,505 @@ static struct cipher_testvec tf_ctr_dec_tv_template[] = {
},
};
+static struct cipher_testvec tf_lrw_enc_tv_template[] = {
+ /* Generated from AES-LRW test vectors */
+ {
+ .key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
+ "\x4c\x26\x84\x14\xb5\x68\x01\x85"
+ "\x25\x8e\x2a\x05\xe7\x3e\x9d\x03"
+ "\xee\x5a\x83\x0c\xcc\x09\x4c\x87",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\xa1\x6c\x50\x69\x26\xa4\xef\x7b"
+ "\x7c\xc6\x91\xeb\x72\xdd\x9b\xee",
+ .rlen = 16,
+ }, {
+ .key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
+ "\xd7\x79\xe8\x0f\x54\x88\x79\x44"
+ "\x0d\x48\xf0\xb7\xb1\x5a\x53\xea"
+ "\x1c\xaa\x6b\x29\xc2\xca\xfb\xaf",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x02",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\xab\x72\x0a\xad\x3b\x0c\xf0\xc9"
+ "\x42\x2f\xf1\xae\xf1\x3c\xb1\xbd",
+ .rlen = 16,
+ }, {
+ .key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
+ "\x30\xfe\x69\xe2\x37\x7f\x98\x47"
+ "\xcd\xf9\x0b\x16\x0c\x64\x8f\xb6"
+ "\xb0\x0d\x0d\x1b\xae\x85\x87\x1f",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\x85\xa7\x56\x67\x08\xfa\x42\xe1"
+ "\x22\xe6\x82\xfc\xd9\xb4\xd7\xd4",
+ .rlen = 16,
+ }, {
+ .key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
+ "\x25\x83\xf7\x3c\x1f\x01\x28\x74"
+ "\xca\xc6\xbc\x35\x4d\x4a\x65\x54"
+ "\x90\xae\x61\xcf\x7b\xae\xbd\xcc"
+ "\xad\xe4\x94\xc5\x4a\x29\xae\x70",
+ .klen = 40,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\xd2\xaf\x69\x35\x24\x1d\x0e\x1c"
+ "\x84\x8b\x05\xe4\xa2\x2f\x16\xf5",
+ .rlen = 16,
+ }, {
+ .key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
+ "\xf8\x86\xce\xac\x93\xc5\xad\xc6"
+ "\xa0\x19\x07\xc0\x9d\xf7\xbb\xdd"
+ "\x52\x13\xb2\xb7\xf0\xff\x11\xd8"
+ "\xd6\x08\xd0\xcd\x2e\xb1\x17\x6f",
+ .klen = 40,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\x4a\x23\x56\xd7\xff\x90\xd0\x9a"
+ "\x0d\x7c\x26\xfc\xf0\xf0\xf6\xe4",
+ .rlen = 16,
+ }, {
+ .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
+ "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
+ "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
+ "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
+ "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
+ "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\x30\xaf\x26\x05\x9d\x5d\x0a\x58"
+ "\xe2\xe7\xce\x8a\xb2\x56\x6d\x76",
+ .rlen = 16,
+ }, {
+ .key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
+ "\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
+ "\xb2\xfb\x64\xce\x60\x97\x87\x8d"
+ "\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"
+ "\x6e\x78\x17\xe7\x2d\x5e\x12\xd4"
+ "\x60\x64\x04\x7a\xf1\x2f\x9e\x0c",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .ilen = 16,
+ .result = "\xdf\xcf\xdc\xd2\xe1\xcf\x86\x75"
+ "\x17\x66\x5e\x0c\x14\xa1\x3d\x40",
+ .rlen = 16,
+ }, {
+ .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
+ "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
+ "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
+ "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
+ "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
+ "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
+ "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
+ "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
+ "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
+ "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
+ "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
+ "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
+ "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
+ "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
+ "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
+ "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
+ "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
+ "\x4c\x96\x12\xed\x7c\x92\x03\x01"
+ "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
+ "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
+ "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
+ "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
+ "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
+ "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
+ "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
+ "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
+ "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
+ "\x76\x12\x73\x44\x1a\x56\xd7\x72"
+ "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
+ "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
+ "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
+ "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
+ "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
+ "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
+ "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
+ "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
+ "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
+ "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
+ "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
+ "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
+ "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
+ "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
+ "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
+ "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
+ "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
+ "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
+ "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
+ "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
+ "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
+ "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
+ "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
+ "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
+ "\x62\x73\x65\xfd\x46\x63\x25\x3d"
+ "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
+ "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
+ "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
+ "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
+ "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
+ "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
+ "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
+ "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
+ "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
+ "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
+ "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
+ "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
+ "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
+ "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
+ "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
+ .ilen = 512,
+ .result = "\x30\x38\xeb\xaf\x12\x43\x1a\x89"
+ "\x62\xa2\x36\xe5\xcf\x77\x1e\xd9"
+ "\x08\xc3\x0d\xdd\x95\xab\x19\x96"
+ "\x27\x52\x41\xc3\xca\xfb\xf6\xee"
+ "\x40\x2d\xdf\xdd\x00\x0c\xb9\x0a"
+ "\x3a\xf0\xc0\xd1\xda\x63\x9e\x45"
+ "\x42\xe9\x29\xc0\xb4\x07\xb4\x31"
+ "\x66\x77\x72\xb5\xb6\xb3\x57\x46"
+ "\x34\x9a\xfe\x03\xaf\x6b\x36\x07"
+ "\x63\x8e\xc2\x5d\xa6\x0f\xb6\x7d"
+ "\xfb\x6d\x82\x51\xb6\x98\xd0\x71"
+ "\xe7\x10\x7a\xdf\xb2\xbd\xf1\x1d"
+ "\x72\x2b\x54\x13\xe3\x6d\x79\x37"
+ "\xa9\x39\x2c\xdf\x21\xab\x87\xd5"
+ "\xee\xef\x9a\x12\x50\x39\x2e\x1b"
+ "\x7d\xe6\x6a\x27\x48\xb9\xe7\xac"
+ "\xaa\xcd\x79\x5f\xf2\xf3\xa0\x08"
+ "\x6f\x2c\xf4\x0e\xd1\xb8\x89\x25"
+ "\x31\x9d\xef\xb1\x1d\x27\x55\x04"
+ "\xc9\x8c\xb7\x68\xdc\xb6\x67\x8a"
+ "\xdb\xcf\x22\xf2\x3b\x6f\xce\xbb"
+ "\x26\xbe\x4f\x27\x04\x42\xd1\x44"
+ "\x4c\x08\xa3\x95\x4c\x7f\x1a\xaf"
+ "\x1d\x28\x14\xfd\xb1\x1a\x34\x18"
+ "\xf5\x1e\x28\x69\x95\x6a\x5a\xba"
+ "\x8e\xb2\x58\x1d\x28\x17\x13\x3d"
+ "\x38\x7d\x14\x8d\xab\x5d\xf9\xe8"
+ "\x3c\x0f\x2b\x0d\x2b\x08\xb4\x4b"
+ "\x6b\x0d\xc8\xa7\x84\xc2\x3a\x1a"
+ "\xb7\xbd\xda\x92\x29\xb8\x5b\x5a"
+ "\x63\xa5\x99\x82\x09\x72\x8f\xc6"
+ "\xa4\x62\x24\x69\x8c\x2d\x26\x00"
+ "\x99\x83\x91\xd6\xc6\xcf\x57\x67"
+ "\x38\xea\xf2\xfc\x29\xe0\x73\x39"
+ "\xf9\x13\x94\x6d\xe2\x58\x28\x75"
+ "\x3e\xae\x71\x90\x07\x70\x1c\x38"
+ "\x5b\x4c\x1e\xb5\xa5\x3b\x20\xef"
+ "\xb1\x4c\x3e\x1a\x72\x62\xbb\x22"
+ "\x82\x09\xe3\x18\x3f\x4f\x48\xfc"
+ "\xdd\xac\xfc\xb6\x09\xdb\xd2\x7b"
+ "\xd6\xb7\x7e\x41\x2f\x14\xf5\x0e"
+ "\xc3\xac\x4a\xed\xe7\x82\xef\x31"
+ "\x1f\x1a\x51\x1e\x29\x60\xc8\x98"
+ "\x93\x51\x1d\x3d\x62\x59\x83\x82"
+ "\x0c\xf1\xd7\x8d\xac\x33\x44\x81"
+ "\x3c\x59\xb7\xd4\x5b\x65\x82\xc4"
+ "\xec\xdc\x24\xfd\x0e\x1a\x79\x94"
+ "\x34\xb0\x62\xfa\x98\x49\x26\x1f"
+ "\xf4\x9e\x40\x44\x5b\x1f\xf8\xbe"
+ "\x36\xff\xc6\xc6\x9d\xf2\xd6\xcc"
+ "\x63\x93\x29\xb9\x0b\x6d\xd7\x6c"
+ "\xdb\xf6\x21\x80\xf7\x5a\x37\x15"
+ "\x0c\xe3\x36\xc8\x74\x75\x20\x91"
+ "\xdf\x52\x2d\x0c\xe7\x45\xff\x46"
+ "\xb3\xf4\xec\xc2\xbd\xd3\x37\xb6"
+ "\x26\xa2\x5d\x7d\x61\xbf\x10\x46"
+ "\x57\x8d\x05\x96\x70\x0b\xd6\x41"
+ "\x5c\xe9\xd3\x54\x81\x39\x3a\xdd"
+ "\x5f\x92\x81\x6e\x35\x03\xd4\x72"
+ "\x3d\x5a\xe7\xb9\x3b\x0c\x84\x23"
+ "\x45\x5d\xec\x72\xc1\x52\xef\x2e"
+ "\x81\x00\xd3\xfe\x4c\x3c\x05\x61"
+ "\x80\x18\xc4\x6c\x03\xd3\xb7\xba"
+ "\x11\xd7\xb8\x6e\xea\xe1\x80\x30",
+ .rlen = 512,
+ },
+};
+
+static struct cipher_testvec tf_lrw_dec_tv_template[] = {
+ /* Generated from AES-LRW test vectors */
+ /* same as enc vectors with input and result reversed */
+ {
+ .key = "\x45\x62\xac\x25\xf8\x28\x17\x6d"
+ "\x4c\x26\x84\x14\xb5\x68\x01\x85"
+ "\x25\x8e\x2a\x05\xe7\x3e\x9d\x03"
+ "\xee\x5a\x83\x0c\xcc\x09\x4c\x87",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\xa1\x6c\x50\x69\x26\xa4\xef\x7b"
+ "\x7c\xc6\x91\xeb\x72\xdd\x9b\xee",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\x59\x70\x47\x14\xf5\x57\x47\x8c"
+ "\xd7\x79\xe8\x0f\x54\x88\x79\x44"
+ "\x0d\x48\xf0\xb7\xb1\x5a\x53\xea"
+ "\x1c\xaa\x6b\x29\xc2\xca\xfb\xaf",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x02",
+ .input = "\xab\x72\x0a\xad\x3b\x0c\xf0\xc9"
+ "\x42\x2f\xf1\xae\xf1\x3c\xb1\xbd",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xd8\x2a\x91\x34\xb2\x6a\x56\x50"
+ "\x30\xfe\x69\xe2\x37\x7f\x98\x47"
+ "\xcd\xf9\x0b\x16\x0c\x64\x8f\xb6"
+ "\xb0\x0d\x0d\x1b\xae\x85\x87\x1f",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x85\xa7\x56\x67\x08\xfa\x42\xe1"
+ "\x22\xe6\x82\xfc\xd9\xb4\xd7\xd4",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\x0f\x6a\xef\xf8\xd3\xd2\xbb\x15"
+ "\x25\x83\xf7\x3c\x1f\x01\x28\x74"
+ "\xca\xc6\xbc\x35\x4d\x4a\x65\x54"
+ "\x90\xae\x61\xcf\x7b\xae\xbd\xcc"
+ "\xad\xe4\x94\xc5\x4a\x29\xae\x70",
+ .klen = 40,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\xd2\xaf\x69\x35\x24\x1d\x0e\x1c"
+ "\x84\x8b\x05\xe4\xa2\x2f\x16\xf5",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\x8a\xd4\xee\x10\x2f\xbd\x81\xff"
+ "\xf8\x86\xce\xac\x93\xc5\xad\xc6"
+ "\xa0\x19\x07\xc0\x9d\xf7\xbb\xdd"
+ "\x52\x13\xb2\xb7\xf0\xff\x11\xd8"
+ "\xd6\x08\xd0\xcd\x2e\xb1\x17\x6f",
+ .klen = 40,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\x4a\x23\x56\xd7\xff\x90\xd0\x9a"
+ "\x0d\x7c\x26\xfc\xf0\xf0\xf6\xe4",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
+ "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
+ "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
+ "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
+ "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
+ "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x30\xaf\x26\x05\x9d\x5d\x0a\x58"
+ "\xe2\xe7\xce\x8a\xb2\x56\x6d\x76",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xfb\x76\x15\xb2\x3d\x80\x89\x1d"
+ "\xd4\x70\x98\x0b\xc7\x95\x84\xc8"
+ "\xb2\xfb\x64\xce\x60\x97\x87\x8d"
+ "\x17\xfc\xe4\x5a\x49\xe8\x30\xb7"
+ "\x6e\x78\x17\xe7\x2d\x5e\x12\xd4"
+ "\x60\x64\x04\x7a\xf1\x2f\x9e\x0c",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x02\x00\x00\x00\x00",
+ .input = "\xdf\xcf\xdc\xd2\xe1\xcf\x86\x75"
+ "\x17\x66\x5e\x0c\x14\xa1\x3d\x40",
+ .ilen = 16,
+ .result = "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x41\x42\x43\x44\x45\x46",
+ .rlen = 16,
+ }, {
+ .key = "\xf8\xd4\x76\xff\xd6\x46\xee\x6c"
+ "\x23\x84\xcb\x1c\x77\xd6\x19\x5d"
+ "\xfe\xf1\xa9\xf3\x7b\xbc\x8d\x21"
+ "\xa7\x9c\x21\xf8\xcb\x90\x02\x89"
+ "\xa8\x45\x34\x8e\xc8\xc5\xb5\xf1"
+ "\x26\xf5\x0e\x76\xfe\xfd\x1b\x1e",
+ .klen = 48,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x01",
+ .input = "\x30\x38\xeb\xaf\x12\x43\x1a\x89"
+ "\x62\xa2\x36\xe5\xcf\x77\x1e\xd9"
+ "\x08\xc3\x0d\xdd\x95\xab\x19\x96"
+ "\x27\x52\x41\xc3\xca\xfb\xf6\xee"
+ "\x40\x2d\xdf\xdd\x00\x0c\xb9\x0a"
+ "\x3a\xf0\xc0\xd1\xda\x63\x9e\x45"
+ "\x42\xe9\x29\xc0\xb4\x07\xb4\x31"
+ "\x66\x77\x72\xb5\xb6\xb3\x57\x46"
+ "\x34\x9a\xfe\x03\xaf\x6b\x36\x07"
+ "\x63\x8e\xc2\x5d\xa6\x0f\xb6\x7d"
+ "\xfb\x6d\x82\x51\xb6\x98\xd0\x71"
+ "\xe7\x10\x7a\xdf\xb2\xbd\xf1\x1d"
+ "\x72\x2b\x54\x13\xe3\x6d\x79\x37"
+ "\xa9\x39\x2c\xdf\x21\xab\x87\xd5"
+ "\xee\xef\x9a\x12\x50\x39\x2e\x1b"
+ "\x7d\xe6\x6a\x27\x48\xb9\xe7\xac"
+ "\xaa\xcd\x79\x5f\xf2\xf3\xa0\x08"
+ "\x6f\x2c\xf4\x0e\xd1\xb8\x89\x25"
+ "\x31\x9d\xef\xb1\x1d\x27\x55\x04"
+ "\xc9\x8c\xb7\x68\xdc\xb6\x67\x8a"
+ "\xdb\xcf\x22\xf2\x3b\x6f\xce\xbb"
+ "\x26\xbe\x4f\x27\x04\x42\xd1\x44"
+ "\x4c\x08\xa3\x95\x4c\x7f\x1a\xaf"
+ "\x1d\x28\x14\xfd\xb1\x1a\x34\x18"
+ "\xf5\x1e\x28\x69\x95\x6a\x5a\xba"
+ "\x8e\xb2\x58\x1d\x28\x17\x13\x3d"
+ "\x38\x7d\x14\x8d\xab\x5d\xf9\xe8"
+ "\x3c\x0f\x2b\x0d\x2b\x08\xb4\x4b"
+ "\x6b\x0d\xc8\xa7\x84\xc2\x3a\x1a"
+ "\xb7\xbd\xda\x92\x29\xb8\x5b\x5a"
+ "\x63\xa5\x99\x82\x09\x72\x8f\xc6"
+ "\xa4\x62\x24\x69\x8c\x2d\x26\x00"
+ "\x99\x83\x91\xd6\xc6\xcf\x57\x67"
+ "\x38\xea\xf2\xfc\x29\xe0\x73\x39"
+ "\xf9\x13\x94\x6d\xe2\x58\x28\x75"
+ "\x3e\xae\x71\x90\x07\x70\x1c\x38"
+ "\x5b\x4c\x1e\xb5\xa5\x3b\x20\xef"
+ "\xb1\x4c\x3e\x1a\x72\x62\xbb\x22"
+ "\x82\x09\xe3\x18\x3f\x4f\x48\xfc"
+ "\xdd\xac\xfc\xb6\x09\xdb\xd2\x7b"
+ "\xd6\xb7\x7e\x41\x2f\x14\xf5\x0e"
+ "\xc3\xac\x4a\xed\xe7\x82\xef\x31"
+ "\x1f\x1a\x51\x1e\x29\x60\xc8\x98"
+ "\x93\x51\x1d\x3d\x62\x59\x83\x82"
+ "\x0c\xf1\xd7\x8d\xac\x33\x44\x81"
+ "\x3c\x59\xb7\xd4\x5b\x65\x82\xc4"
+ "\xec\xdc\x24\xfd\x0e\x1a\x79\x94"
+ "\x34\xb0\x62\xfa\x98\x49\x26\x1f"
+ "\xf4\x9e\x40\x44\x5b\x1f\xf8\xbe"
+ "\x36\xff\xc6\xc6\x9d\xf2\xd6\xcc"
+ "\x63\x93\x29\xb9\x0b\x6d\xd7\x6c"
+ "\xdb\xf6\x21\x80\xf7\x5a\x37\x15"
+ "\x0c\xe3\x36\xc8\x74\x75\x20\x91"
+ "\xdf\x52\x2d\x0c\xe7\x45\xff\x46"
+ "\xb3\xf4\xec\xc2\xbd\xd3\x37\xb6"
+ "\x26\xa2\x5d\x7d\x61\xbf\x10\x46"
+ "\x57\x8d\x05\x96\x70\x0b\xd6\x41"
+ "\x5c\xe9\xd3\x54\x81\x39\x3a\xdd"
+ "\x5f\x92\x81\x6e\x35\x03\xd4\x72"
+ "\x3d\x5a\xe7\xb9\x3b\x0c\x84\x23"
+ "\x45\x5d\xec\x72\xc1\x52\xef\x2e"
+ "\x81\x00\xd3\xfe\x4c\x3c\x05\x61"
+ "\x80\x18\xc4\x6c\x03\xd3\xb7\xba"
+ "\x11\xd7\xb8\x6e\xea\xe1\x80\x30",
+ .ilen = 512,
+ .result = "\x05\x11\xb7\x18\xab\xc6\x2d\xac"
+ "\x70\x5d\xf6\x22\x94\xcd\xe5\x6c"
+ "\x17\x6b\xf6\x1c\xf0\xf3\x6e\xf8"
+ "\x50\x38\x1f\x71\x49\xb6\x57\xd6"
+ "\x8f\xcb\x8d\x6b\xe3\xa6\x29\x90"
+ "\xfe\x2a\x62\x82\xae\x6d\x8b\xf6"
+ "\xad\x1e\x9e\x20\x5f\x38\xbe\x04"
+ "\xda\x10\x8e\xed\xa2\xa4\x87\xab"
+ "\xda\x6b\xb4\x0c\x75\xba\xd3\x7c"
+ "\xc9\xac\x42\x31\x95\x7c\xc9\x04"
+ "\xeb\xd5\x6e\x32\x69\x8a\xdb\xa6"
+ "\x15\xd7\x3f\x4f\x2f\x66\x69\x03"
+ "\x9c\x1f\x54\x0f\xde\x1f\xf3\x65"
+ "\x4c\x96\x12\xed\x7c\x92\x03\x01"
+ "\x6f\xbc\x35\x93\xac\xf1\x27\xf1"
+ "\xb4\x96\x82\x5a\x5f\xb0\xa0\x50"
+ "\x89\xa4\x8e\x66\x44\x85\xcc\xfd"
+ "\x33\x14\x70\xe3\x96\xb2\xc3\xd3"
+ "\xbb\x54\x5a\x1a\xf9\x74\xa2\xc5"
+ "\x2d\x64\x75\xdd\xb4\x54\xe6\x74"
+ "\x8c\xd3\x9d\x9e\x86\xab\x51\x53"
+ "\xb7\x93\x3e\x6f\xd0\x4e\x2c\x40"
+ "\xf6\xa8\x2e\x3e\x9d\xf4\x66\xa5"
+ "\x76\x12\x73\x44\x1a\x56\xd7\x72"
+ "\x88\xcd\x21\x8c\x4c\x0f\xfe\xda"
+ "\x95\xe0\x3a\xa6\xa5\x84\x46\xcd"
+ "\xd5\x3e\x9d\x3a\xe2\x67\xe6\x60"
+ "\x1a\xe2\x70\x85\x58\xc2\x1b\x09"
+ "\xe1\xd7\x2c\xca\xad\xa8\x8f\xf9"
+ "\xac\xb3\x0e\xdb\xca\x2e\xe2\xb8"
+ "\x51\x71\xd9\x3c\x6c\xf1\x56\xf8"
+ "\xea\x9c\xf1\xfb\x0c\xe6\xb7\x10"
+ "\x1c\xf8\xa9\x7c\xe8\x53\x35\xc1"
+ "\x90\x3e\x76\x4a\x74\xa4\x21\x2c"
+ "\xf6\x2c\x4e\x0f\x94\x3a\x88\x2e"
+ "\x41\x09\x6a\x33\x7d\xf6\xdd\x3f"
+ "\x8d\x23\x31\x74\x84\xeb\x88\x6e"
+ "\xcc\xb9\xbc\x22\x83\x19\x07\x22"
+ "\xa5\x2d\xdf\xa5\xf3\x80\x85\x78"
+ "\x84\x39\x6a\x6d\x6a\x99\x4f\xa5"
+ "\x15\xfe\x46\xb0\xe4\x6c\xa5\x41"
+ "\x3c\xce\x8f\x42\x60\x71\xa7\x75"
+ "\x08\x40\x65\x8a\x82\xbf\xf5\x43"
+ "\x71\x96\xa9\x4d\x44\x8a\x20\xbe"
+ "\xfa\x4d\xbb\xc0\x7d\x31\x96\x65"
+ "\xe7\x75\xe5\x3e\xfd\x92\x3b\xc9"
+ "\x55\xbb\x16\x7e\xf7\xc2\x8c\xa4"
+ "\x40\x1d\xe5\xef\x0e\xdf\xe4\x9a"
+ "\x62\x73\x65\xfd\x46\x63\x25\x3d"
+ "\x2b\xaf\xe5\x64\xfe\xa5\x5c\xcf"
+ "\x24\xf3\xb4\xac\x64\xba\xdf\x4b"
+ "\xc6\x96\x7d\x81\x2d\x8d\x97\xf7"
+ "\xc5\x68\x77\x84\x32\x2b\xcc\x85"
+ "\x74\x96\xf0\x12\x77\x61\xb9\xeb"
+ "\x71\xaa\x82\xcb\x1c\xdb\x89\xc8"
+ "\xc6\xb5\xe3\x5c\x7d\x39\x07\x24"
+ "\xda\x39\x87\x45\xc0\x2b\xbb\x01"
+ "\xac\xbc\x2a\x5c\x7f\xfc\xe8\xce"
+ "\x6d\x9c\x6f\xed\xd3\xc1\xa1\xd6"
+ "\xc5\x55\xa9\x66\x2f\xe1\xc8\x32"
+ "\xa6\x5d\xa4\x3a\x98\x73\xe8\x45"
+ "\xa4\xc7\xa8\xb4\xf6\x13\x03\xf6"
+ "\xe9\x2e\xc4\x29\x0f\x84\xdb\xc4"
+ "\x21\xc4\xc2\x75\x67\x89\x37\x0a",
+ .rlen = 512,
+ },
+};
+
/*
* Serpent test vectors. These are backwards because Serpent writes
* octet sequences in right-to-left mode.
Patch adds LRW support for twofish-x86_64-3way by using lrw_crypt(). Patch has
been tested with tcrypt and automated filesystem tests.
Tcrypt benchmarks results (twofish-3way/twofish-asm speed ratios):
Intel Celeron T1600 (fam:6, model:15, step:13):
size lrw-enc lrw-dec
16B 0.99x 1.00x
64B 1.17x 1.17x
256B 1.26x 1.27x
1024B 1.30x 1.31x
8192B 1.31x 1.32x
AMD Phenom II 1055T (fam:16, model:10):
size lrw-enc lrw-dec
16B 1.06x 1.01x
64B 1.08x 1.14x
256B 1.19x 1.20x
1024B 1.21x 1.22x
8192B 1.23x 1.24x
Signed-off-by: Jussi Kivilinna <[email protected]>
---
arch/x86/crypto/twofish_glue_3way.c | 135 +++++++++++++++++++++++++++++++++++
crypto/twofish_common.c | 13 ++-
include/crypto/twofish.h | 2 +
3 files changed, 145 insertions(+), 5 deletions(-)
diff --git a/arch/x86/crypto/twofish_glue_3way.c b/arch/x86/crypto/twofish_glue_3way.c
index 5ede9c4..fa9151d 100644
--- a/arch/x86/crypto/twofish_glue_3way.c
+++ b/arch/x86/crypto/twofish_glue_3way.c
@@ -32,6 +32,11 @@
#include <crypto/algapi.h>
#include <crypto/twofish.h>
#include <crypto/b128ops.h>
+#include <crypto/lrw.h>
+
+#if defined(CONFIG_CRYPTO_LRW) || defined(CONFIG_CRYPTO_LRW_MODULE)
+#define HAS_LRW
+#endif
/* regular block cipher functions from twofish_x86_64 module */
asmlinkage void twofish_enc_blk(struct twofish_ctx *ctx, u8 *dst,
@@ -432,6 +437,124 @@ static struct crypto_alg blk_ctr_alg = {
},
};
+#ifdef HAS_LRW
+
+static void encrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
+{
+ const unsigned int bsize = TF_BLOCK_SIZE;
+ struct twofish_ctx *ctx = priv;
+ int i;
+
+ if (nbytes == 3 * bsize) {
+ twofish_enc_blk_3way(ctx, srcdst, srcdst);
+ return;
+ }
+
+ for (i = 0; i < nbytes / bsize; i++, srcdst += bsize)
+ twofish_enc_blk(ctx, srcdst, srcdst);
+}
+
+static void decrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
+{
+ const unsigned int bsize = TF_BLOCK_SIZE;
+ struct twofish_ctx *ctx = priv;
+ int i;
+
+ if (nbytes == 3 * bsize) {
+ twofish_dec_blk_3way(ctx, srcdst, srcdst);
+ return;
+ }
+
+ for (i = 0; i < nbytes / bsize; i++, srcdst += bsize)
+ twofish_dec_blk(ctx, srcdst, srcdst);
+}
+
+struct twofish_lrw_ctx {
+ struct lrw_table_ctx lrw_table;
+ struct twofish_ctx twofish_ctx;
+};
+
+static int lrw_twofish_setkey(struct crypto_tfm *tfm, const u8 *key,
+ unsigned int keylen)
+{
+ struct twofish_lrw_ctx *ctx = crypto_tfm_ctx(tfm);
+ int err;
+
+ err = __twofish_setkey(&ctx->twofish_ctx, key, keylen - TF_BLOCK_SIZE,
+ &tfm->crt_flags);
+ if (err)
+ return err;
+
+ return lrw_init_table(&ctx->lrw_table, key + keylen - TF_BLOCK_SIZE);
+}
+
+static int lrw_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+{
+ struct twofish_lrw_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ be128 buf[3];
+ struct lrw_crypt_req req = {
+ .tbuf = buf,
+ .tbuflen = sizeof(buf),
+
+ .table_ctx = &ctx->lrw_table,
+ .crypt_ctx = &ctx->twofish_ctx,
+ .crypt_fn = encrypt_callback,
+ };
+
+ return lrw_crypt(desc, dst, src, nbytes, &req);
+}
+
+static int lrw_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+{
+ struct twofish_lrw_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ be128 buf[3];
+ struct lrw_crypt_req req = {
+ .tbuf = buf,
+ .tbuflen = sizeof(buf),
+
+ .table_ctx = &ctx->lrw_table,
+ .crypt_ctx = &ctx->twofish_ctx,
+ .crypt_fn = decrypt_callback,
+ };
+
+ return lrw_crypt(desc, dst, src, nbytes, &req);
+}
+
+static void lrw_exit_tfm(struct crypto_tfm *tfm)
+{
+ struct twofish_lrw_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ lrw_free_table(&ctx->lrw_table);
+}
+
+static struct crypto_alg blk_lrw_alg = {
+ .cra_name = "lrw(twofish)",
+ .cra_driver_name = "lrw-twofish-3way",
+ .cra_priority = 300,
+ .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
+ .cra_blocksize = TF_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct twofish_lrw_ctx),
+ .cra_alignmask = 0,
+ .cra_type = &crypto_blkcipher_type,
+ .cra_module = THIS_MODULE,
+ .cra_list = LIST_HEAD_INIT(blk_lrw_alg.cra_list),
+ .cra_exit = lrw_exit_tfm,
+ .cra_u = {
+ .blkcipher = {
+ .min_keysize = TF_MIN_KEY_SIZE + TF_BLOCK_SIZE,
+ .max_keysize = TF_MAX_KEY_SIZE + TF_BLOCK_SIZE,
+ .ivsize = TF_BLOCK_SIZE,
+ .setkey = lrw_twofish_setkey,
+ .encrypt = lrw_encrypt,
+ .decrypt = lrw_decrypt,
+ },
+ },
+};
+
+#endif
+
int __init init(void)
{
int err;
@@ -445,9 +568,18 @@ int __init init(void)
err = crypto_register_alg(&blk_ctr_alg);
if (err)
goto ctr_err;
+#ifdef HAS_LRW
+ err = crypto_register_alg(&blk_lrw_alg);
+ if (err)
+ goto blk_lrw_err;
+#endif
return 0;
+#ifdef HAS_LRW
+blk_lrw_err:
+ crypto_unregister_alg(&blk_ctr_alg);
+#endif
ctr_err:
crypto_unregister_alg(&blk_cbc_alg);
cbc_err:
@@ -458,6 +590,9 @@ ecb_err:
void __exit fini(void)
{
+#ifdef HAS_LRW
+ crypto_unregister_alg(&blk_lrw_alg);
+#endif
crypto_unregister_alg(&blk_ctr_alg);
crypto_unregister_alg(&blk_cbc_alg);
crypto_unregister_alg(&blk_ecb_alg);
diff --git a/crypto/twofish_common.c b/crypto/twofish_common.c
index 0af216c..5f62c4f 100644
--- a/crypto/twofish_common.c
+++ b/crypto/twofish_common.c
@@ -580,12 +580,9 @@ static const u8 calc_sb_tbl[512] = {
ctx->a[(j) + 1] = rol32(y, 9)
/* Perform the key setup. */
-int twofish_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len)
+int __twofish_setkey(struct twofish_ctx *ctx, const u8 *key,
+ unsigned int key_len, u32 *flags)
{
-
- struct twofish_ctx *ctx = crypto_tfm_ctx(tfm);
- u32 *flags = &tfm->crt_flags;
-
int i, j, k;
/* Temporaries for CALC_K. */
@@ -701,7 +698,13 @@ int twofish_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len)
return 0;
}
+EXPORT_SYMBOL_GPL(__twofish_setkey);
+int twofish_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len)
+{
+ return __twofish_setkey(crypto_tfm_ctx(tfm), key, key_len,
+ &tfm->crt_flags);
+}
EXPORT_SYMBOL_GPL(twofish_setkey);
MODULE_LICENSE("GPL");
diff --git a/include/crypto/twofish.h b/include/crypto/twofish.h
index c408522..095c901 100644
--- a/include/crypto/twofish.h
+++ b/include/crypto/twofish.h
@@ -17,6 +17,8 @@ struct twofish_ctx {
u32 s[4][256], w[8], k[32];
};
+int __twofish_setkey(struct twofish_ctx *ctx, const u8 *key,
+ unsigned int key_len, u32 *flags);
int twofish_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len);
#endif
XTS has fixed blocksize of 16. Define XTS_BLOCK_SIZE and use in place of
crypto_cipher_blocksize().
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/xts.c | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/crypto/xts.c b/crypto/xts.c
index 8517054..96f3f88 100644
--- a/crypto/xts.c
+++ b/crypto/xts.c
@@ -24,6 +24,8 @@
#include <crypto/b128ops.h>
#include <crypto/gf128mul.h>
+#define XTS_BLOCK_SIZE 16
+
struct priv {
struct crypto_cipher *child;
struct crypto_cipher *tweak;
@@ -96,7 +98,7 @@ static int crypt(struct blkcipher_desc *d,
{
int err;
unsigned int avail;
- const int bs = crypto_cipher_blocksize(ctx->child);
+ const int bs = XTS_BLOCK_SIZE;
struct sinfo s = {
.tfm = crypto_cipher_tfm(ctx->child),
.fn = fn
@@ -177,7 +179,7 @@ static int init_tfm(struct crypto_tfm *tfm)
if (IS_ERR(cipher))
return PTR_ERR(cipher);
- if (crypto_cipher_blocksize(cipher) != 16) {
+ if (crypto_cipher_blocksize(cipher) != XTS_BLOCK_SIZE) {
*flags |= CRYPTO_TFM_RES_BAD_BLOCK_LEN;
crypto_free_cipher(cipher);
return -EINVAL;
@@ -192,7 +194,7 @@ static int init_tfm(struct crypto_tfm *tfm)
}
/* this check isn't really needed, leave it here just in case */
- if (crypto_cipher_blocksize(cipher) != 16) {
+ if (crypto_cipher_blocksize(cipher) != XTS_BLOCK_SIZE) {
crypto_free_cipher(cipher);
crypto_free_cipher(ctx->child);
*flags |= CRYPTO_TFM_RES_BAD_BLOCK_LEN;
Add xts_crypt() function that can be used by cipher implementations that can
benefit from parallelized cipher operations.
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/xts.c | 74 +++++++++++++++++++++++++++++++++++++++++++++++++-
include/crypto/xts.h | 27 ++++++++++++++++++
2 files changed, 99 insertions(+), 2 deletions(-)
create mode 100644 include/crypto/xts.h
diff --git a/crypto/xts.c b/crypto/xts.c
index 96f3f88..5681d66 100644
--- a/crypto/xts.c
+++ b/crypto/xts.c
@@ -21,11 +21,10 @@
#include <linux/scatterlist.h>
#include <linux/slab.h>
+#include <crypto/xts.h>
#include <crypto/b128ops.h>
#include <crypto/gf128mul.h>
-#define XTS_BLOCK_SIZE 16
-
struct priv {
struct crypto_cipher *child;
struct crypto_cipher *tweak;
@@ -167,6 +166,77 @@ static int decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
crypto_cipher_alg(ctx->child)->cia_decrypt);
}
+int xts_crypt(struct blkcipher_desc *desc, struct scatterlist *sdst,
+ struct scatterlist *ssrc, unsigned int nbytes,
+ struct xts_crypt_req *req)
+{
+ const unsigned int bsize = XTS_BLOCK_SIZE;
+ const unsigned int max_blks = req->tbuflen / bsize;
+ struct blkcipher_walk walk;
+ unsigned int nblocks;
+ be128 *src, *dst, *t;
+ be128 *t_buf = req->tbuf;
+ int err, i;
+
+ BUG_ON(max_blks < 1);
+
+ blkcipher_walk_init(&walk, sdst, ssrc, nbytes);
+
+ err = blkcipher_walk_virt(desc, &walk);
+ nbytes = walk.nbytes;
+ if (!nbytes)
+ return err;
+
+ nblocks = min(nbytes / bsize, max_blks);
+ src = (be128 *)walk.src.virt.addr;
+ dst = (be128 *)walk.dst.virt.addr;
+
+ /* calculate first value of T */
+ req->tweak_fn(req->tweak_ctx, (u8 *)&t_buf[0], walk.iv);
+
+ i = 0;
+ goto first;
+
+ for (;;) {
+ do {
+ for (i = 0; i < nblocks; i++) {
+ gf128mul_x_ble(&t_buf[i], t);
+first:
+ t = &t_buf[i];
+
+ /* PP <- T xor P */
+ be128_xor(dst + i, t, src + i);
+ }
+
+ /* CC <- E(Key2,PP) */
+ req->crypt_fn(req->crypt_ctx, (u8 *)dst,
+ nblocks * bsize);
+
+ /* C <- T xor CC */
+ for (i = 0; i < nblocks; i++)
+ be128_xor(dst + i, dst + i, &t_buf[i]);
+
+ src += nblocks;
+ dst += nblocks;
+ nbytes -= nblocks * bsize;
+ nblocks = min(nbytes / bsize, max_blks);
+ } while (nblocks > 0);
+
+ *(be128 *)walk.iv = *t;
+
+ err = blkcipher_walk_done(desc, &walk, nbytes);
+ nbytes = walk.nbytes;
+ if (!nbytes)
+ break;
+
+ src = (be128 *)walk.src.virt.addr;
+ dst = (be128 *)walk.dst.virt.addr;
+ }
+
+ return err;
+}
+EXPORT_SYMBOL_GPL(xts_crypt);
+
static int init_tfm(struct crypto_tfm *tfm)
{
struct crypto_cipher *cipher;
diff --git a/include/crypto/xts.h b/include/crypto/xts.h
new file mode 100644
index 0000000..72c09eb
--- /dev/null
+++ b/include/crypto/xts.h
@@ -0,0 +1,27 @@
+#ifndef _CRYPTO_XTS_H
+#define _CRYPTO_XTS_H
+
+#include <crypto/b128ops.h>
+
+struct scatterlist;
+struct blkcipher_desc;
+
+#define XTS_BLOCK_SIZE 16
+
+struct xts_crypt_req {
+ be128 *tbuf;
+ unsigned int tbuflen;
+
+ void *tweak_ctx;
+ void (*tweak_fn)(void *ctx, u8* dst, const u8* src);
+ void *crypt_ctx;
+ void (*crypt_fn)(void *ctx, u8 *blks, unsigned int nbytes);
+};
+
+#define XTS_TWEAK_CAST(x) ((void (*)(void *, u8*, const u8*))(x))
+
+int xts_crypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes,
+ struct xts_crypt_req *req);
+
+#endif /* _CRYPTO_XTS_H */
Add test vectors for xts(serpent). These are generated from xts(aes) test vectors.
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/testmgr.c | 15 +
crypto/testmgr.h | 682 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 697 insertions(+), 0 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 97fe1df..8187405 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2634,6 +2634,21 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+ .alg = "xts(serpent)",
+ .test = alg_test_skcipher,
+ .suite = {
+ .cipher = {
+ .enc = {
+ .vecs = serpent_xts_enc_tv_template,
+ .count = SERPENT_XTS_ENC_TEST_VECTORS
+ },
+ .dec = {
+ .vecs = serpent_xts_dec_tv_template,
+ .count = SERPENT_XTS_DEC_TEST_VECTORS
+ }
+ }
+ }
+ }, {
.alg = "zlib",
.test = alg_test_pcomp,
.suite = {
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 4b88789..9158a92 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -3612,6 +3612,9 @@ static struct cipher_testvec tf_lrw_dec_tv_template[] = {
#define SERPENT_LRW_ENC_TEST_VECTORS 8
#define SERPENT_LRW_DEC_TEST_VECTORS 8
+#define SERPENT_XTS_ENC_TEST_VECTORS 5
+#define SERPENT_XTS_DEC_TEST_VECTORS 5
+
static struct cipher_testvec serpent_enc_tv_template[] = {
{
.input = "\x00\x01\x02\x03\x04\x05\x06\x07"
@@ -4668,6 +4671,685 @@ static struct cipher_testvec serpent_lrw_dec_tv_template[] = {
},
};
+static struct cipher_testvec serpent_xts_enc_tv_template[] = {
+ /* Generated from AES-XTS test vectors */
+ {
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ilen = 32,
+ .result = "\xe1\x08\xb8\x1d\x2c\xf5\x33\x64"
+ "\xc8\x12\x04\xc7\xb3\x70\xe8\xc4"
+ "\x6a\x31\xc5\xf3\x00\xca\xb9\x16"
+ "\xde\xe2\x77\x66\xf7\xfe\x62\x08",
+ .rlen = 32,
+ }, {
+ .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
+ "\x11\x11\x11\x11\x11\x11\x11\x11"
+ "\x22\x22\x22\x22\x22\x22\x22\x22"
+ "\x22\x22\x22\x22\x22\x22\x22\x22",
+ .klen = 32,
+ .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44",
+ .ilen = 32,
+ .result = "\x1a\x0a\x09\x5f\xcd\x07\x07\x98"
+ "\x41\x86\x12\xaf\xb3\xd7\x68\x13"
+ "\xed\x81\xcd\x06\x87\x43\x1a\xbb"
+ "\x13\x3d\xd6\x1e\x2b\xe1\x77\xbe",
+ .rlen = 32,
+ }, {
+ .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
+ "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
+ "\x22\x22\x22\x22\x22\x22\x22\x22"
+ "\x22\x22\x22\x22\x22\x22\x22\x22",
+ .klen = 32,
+ .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44",
+ .ilen = 32,
+ .result = "\xf9\x9b\x28\xb8\x5c\xaf\x8c\x61"
+ "\xb6\x1c\x81\x8f\x2c\x87\x60\x89"
+ "\x0d\x8d\x7a\xe8\x60\x48\xcc\x86"
+ "\xc1\x68\x45\xaa\x00\xe9\x24\xc5",
+ .rlen = 32,
+ }, {
+ .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
+ "\x23\x53\x60\x28\x74\x71\x35\x26"
+ "\x31\x41\x59\x26\x53\x58\x97\x93"
+ "\x23\x84\x62\x64\x33\x83\x27\x95",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
+ "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .ilen = 512,
+ .result = "\xfe\x47\x4a\xc8\x60\x7e\xb4\x8b"
+ "\x0d\x10\xf4\xb0\x0d\xba\xf8\x53"
+ "\x65\x6e\x38\x4b\xdb\xaa\xb1\x9e"
+ "\x28\xca\xb0\x22\xb3\x85\x75\xf4"
+ "\x00\x5c\x75\x14\x06\xd6\x25\x82"
+ "\xe6\xcb\x08\xf7\x29\x90\x23\x8e"
+ "\xa4\x68\x57\xe4\xf0\xd8\x32\xf3"
+ "\x80\x51\x67\xb5\x0b\x85\x69\xe8"
+ "\x19\xfe\xc4\xc7\x3e\xea\x90\xd3"
+ "\x8f\xa3\xf2\x0a\xac\x17\x4b\xa0"
+ "\x63\x5a\x16\x0f\xf0\xce\x66\x1f"
+ "\x2c\x21\x07\xf1\xa4\x03\xa3\x44"
+ "\x41\x61\x87\x5d\x6b\xb3\xef\xd4"
+ "\xfc\xaa\x32\x7e\x55\x58\x04\x41"
+ "\xc9\x07\x33\xc6\xa2\x68\xd6\x5a"
+ "\x55\x79\x4b\x6f\xcf\x89\xb9\x19"
+ "\xe5\x54\x13\x15\xb2\x1a\xfa\x15"
+ "\xc2\xf0\x06\x59\xfa\xa0\x25\x05"
+ "\x58\xfa\x43\x91\x16\x85\x40\xbb"
+ "\x0d\x34\x4d\xc5\x1e\x20\xd5\x08"
+ "\xcd\x22\x22\x41\x11\x9f\x6c\x7c"
+ "\x8d\x57\xc9\xba\x57\xe8\x2c\xf7"
+ "\xa0\x42\xa8\xde\xfc\xa3\xca\x98"
+ "\x4b\x43\xb1\xce\x4b\xbf\x01\x67"
+ "\x6e\x29\x60\xbd\x10\x14\x84\x82"
+ "\x83\x82\x0c\x63\x73\x92\x02\x7c"
+ "\x55\x37\x20\x80\x17\x51\xc8\xbc"
+ "\x46\x02\xcb\x38\x07\x6d\xe2\x85"
+ "\xaa\x29\xaf\x24\x58\x0d\xf0\x75"
+ "\x08\x0a\xa5\x34\x25\x16\xf3\x74"
+ "\xa7\x0b\x97\xbe\xc1\xa9\xdc\x29"
+ "\x1a\x0a\x56\xc1\x1a\x91\x97\x8c"
+ "\x0b\xc7\x16\xed\x5a\x22\xa6\x2e"
+ "\x8c\x2b\x4f\x54\x76\x47\x53\x8e"
+ "\xe8\x00\xec\x92\xb9\x55\xe6\xa2"
+ "\xf3\xe2\x4f\x6a\x66\x60\xd0\x87"
+ "\xe6\xd1\xcc\xe3\x6a\xc5\x2d\x21"
+ "\xcc\x9d\x6a\xb6\x75\xaa\xe2\x19"
+ "\x21\x9f\xa1\x5e\x4c\xfd\x72\xf9"
+ "\x94\x4e\x63\xc7\xae\xfc\xed\x47"
+ "\xe2\xfe\x7a\x63\x77\xfe\x97\x82"
+ "\xb1\x10\x6e\x36\x1d\xe1\xc4\x80"
+ "\xec\x69\x41\xec\xa7\x8a\xe0\x2f"
+ "\xe3\x49\x26\xa2\x41\xb2\x08\x0f"
+ "\x28\xb4\xa7\x39\xa1\x99\x2d\x1e"
+ "\x43\x42\x35\xd0\xcf\xec\x77\x67"
+ "\xb2\x3b\x9e\x1c\x35\xde\x4f\x5e"
+ "\x73\x3f\x5d\x6f\x07\x4b\x2e\x50"
+ "\xab\x6c\x6b\xff\xea\x00\x67\xaa"
+ "\x0e\x82\x32\xdd\x3d\xb5\xe5\x76"
+ "\x2b\x77\x3f\xbe\x12\x75\xfb\x92"
+ "\xc6\x89\x67\x4d\xca\xf7\xd4\x50"
+ "\xc0\x74\x47\xcc\xd9\x0a\xd4\xc6"
+ "\x3b\x17\x2e\xe3\x35\xbb\x53\xb5"
+ "\x86\xad\x51\xcc\xd5\x96\xb8\xdc"
+ "\x03\x57\xe6\x98\x52\x2f\x61\x62"
+ "\xc4\x5c\x9c\x36\x71\x07\xfb\x94"
+ "\xe3\x02\xc4\x2b\x08\x75\xc7\x35"
+ "\xfb\x2e\x88\x7b\xbb\x67\x00\xe1"
+ "\xc9\xdd\x99\xb2\x13\x53\x1a\x4e"
+ "\x76\x87\x19\x04\x1a\x2f\x38\x3e"
+ "\xef\x91\x64\x1d\x18\x07\x4e\x31"
+ "\x88\x21\x7c\xb0\xa5\x12\x4c\x3c"
+ "\xb0\x20\xbd\xda\xdf\xf9\x7c\xdd",
+ .rlen = 512,
+ }, {
+ .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
+ "\x23\x53\x60\x28\x74\x71\x35\x26"
+ "\x62\x49\x77\x57\x24\x70\x93\x69"
+ "\x99\x59\x57\x49\x66\x96\x76\x27"
+ "\x31\x41\x59\x26\x53\x58\x97\x93"
+ "\x23\x84\x62\x64\x33\x83\x27\x95"
+ "\x02\x88\x41\x97\x16\x93\x99\x37"
+ "\x51\x05\x82\x09\x74\x94\x45\x92",
+ .klen = 64,
+ .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
+ "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .ilen = 512,
+ .result = "\x2b\xc9\xb4\x6b\x10\x94\xa9\x32"
+ "\xaa\xb0\x20\xc6\x44\x3d\x74\x1f"
+ "\x75\x01\xa7\xf6\xf5\xf7\x62\x1b"
+ "\x80\x1b\x82\xcb\x01\x59\x91\x7f"
+ "\x80\x3a\x98\xf0\xd2\xca\xc4\xc3"
+ "\x34\xfd\xe6\x11\xf9\x33\x45\x12"
+ "\x48\xc5\x8c\x25\xf1\xc5\xc5\x23"
+ "\xd3\x44\xb4\x73\xd5\x04\xc0\xb7"
+ "\xca\x2f\xf5\xcd\xc5\xb4\xdd\xb0"
+ "\xf4\x60\xe8\xfb\xc6\x9c\xc5\x78"
+ "\xcd\xec\x7d\xdc\x19\x9c\x72\x64"
+ "\x63\x0b\x38\x2e\x76\xdd\x2d\x36"
+ "\x49\xb0\x1d\xea\x78\x9e\x00\xca"
+ "\x20\xcc\x1b\x1e\x98\x74\xab\xed"
+ "\x79\xf7\xd0\x6c\xd8\x93\x80\x29"
+ "\xac\xa5\x5e\x34\xa9\xab\xa0\x55"
+ "\x9a\xea\xaa\x95\x4d\x7b\xfe\x46"
+ "\x26\x8a\xfd\x88\xa2\xa8\xa6\xae"
+ "\x25\x42\x17\xbf\x76\x8f\x1c\x3d"
+ "\xec\x9a\xda\x64\x96\xb5\x61\xff"
+ "\x99\xeb\x12\x96\x85\x82\x9d\xd5"
+ "\x81\x85\x14\xa8\x59\xac\x8c\x94"
+ "\xbb\x3b\x85\x2b\xdf\xb3\x0c\xba"
+ "\x82\xc6\x4d\xca\x86\xea\x53\x28"
+ "\x4c\xe0\x4e\x31\xe3\x73\x2f\x79"
+ "\x9d\x42\xe1\x03\xe3\x8b\xc4\xff"
+ "\x05\xca\x81\x7b\xda\xa2\xde\x63"
+ "\x3a\x10\xbe\xc2\xac\x32\xc4\x05"
+ "\x47\x7e\xef\x67\xe2\x5f\x5b\xae"
+ "\xed\xf1\x70\x34\x16\x9a\x07\x7b"
+ "\xf2\x25\x2b\xb0\xf8\x3c\x15\x9a"
+ "\xa6\x59\x55\x5f\xc1\xf4\x1e\xcd"
+ "\x93\x1f\x06\xba\xd4\x9a\x22\x69"
+ "\xfa\x8e\x95\x0d\xf3\x23\x59\x2c"
+ "\xfe\x00\xba\xf0\x0e\xbc\x6d\xd6"
+ "\x62\xf0\x7a\x0e\x83\x3e\xdb\x32"
+ "\xfd\x43\x7d\xda\x42\x51\x87\x43"
+ "\x9d\xf9\xef\xf4\x30\x97\xf8\x09"
+ "\x88\xfc\x3f\x93\x70\xc1\x4a\xec"
+ "\x27\x5f\x11\xac\x71\xc7\x48\x46"
+ "\x2f\xf9\xdf\x8d\x9f\xf7\x2e\x56"
+ "\x0d\x4e\xb0\x32\x76\xce\x86\x81"
+ "\xcd\xdf\xe4\x00\xbf\xfd\x5f\x24"
+ "\xaf\xf7\x9a\xde\xff\x18\xac\x14"
+ "\x90\xc5\x01\x39\x34\x0f\x24\xf3"
+ "\x13\x2f\x5e\x4f\x30\x9a\x36\x40"
+ "\xec\xea\xbc\xcd\x9e\x0e\x5b\x23"
+ "\x50\x88\x97\x40\x69\xb1\x37\xf5"
+ "\xc3\x15\xf9\x3f\xb7\x79\x64\xe8"
+ "\x7b\x10\x20\xb9\x2b\x46\x83\x5b"
+ "\xd8\x39\xfc\xe4\xfa\x88\x52\xf2"
+ "\x72\xb0\x97\x4e\x89\xb3\x48\x00"
+ "\xc1\x16\x73\x50\x77\xba\xa6\x65"
+ "\x20\x2d\xb0\x02\x27\x89\xda\x99"
+ "\x45\xfb\xe9\xd3\x1d\x39\x2f\xd6"
+ "\x2a\xda\x09\x12\x11\xaf\xe6\x57"
+ "\x01\x04\x8a\xff\x86\x8b\xac\xf8"
+ "\xee\xe4\x1c\x98\x5b\xcf\x6b\x76"
+ "\xa3\x0e\x33\x74\x40\x18\x39\x72"
+ "\x66\x50\x31\xfd\x70\xdf\xe8\x51"
+ "\x96\x21\x36\xb2\x9b\xfa\x85\xd1"
+ "\x30\x05\xc8\x92\x98\x80\xff\x7a"
+ "\xaf\x43\x0b\xc5\x20\x41\x92\x20"
+ "\xd4\xa0\x91\x98\x11\x5f\x4d\xb1",
+ .rlen = 512,
+ },
+};
+
+static struct cipher_testvec serpent_xts_dec_tv_template[] = {
+ /* Generated from AES-XTS test vectors */
+ /* same as enc vectors with input and result reversed */
+ {
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\xe1\x08\xb8\x1d\x2c\xf5\x33\x64"
+ "\xc8\x12\x04\xc7\xb3\x70\xe8\xc4"
+ "\x6a\x31\xc5\xf3\x00\xca\xb9\x16"
+ "\xde\xe2\x77\x66\xf7\xfe\x62\x08",
+ .ilen = 32,
+ .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .rlen = 32,
+ }, {
+ .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
+ "\x11\x11\x11\x11\x11\x11\x11\x11"
+ "\x22\x22\x22\x22\x22\x22\x22\x22"
+ "\x22\x22\x22\x22\x22\x22\x22\x22",
+ .klen = 32,
+ .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x1a\x0a\x09\x5f\xcd\x07\x07\x98"
+ "\x41\x86\x12\xaf\xb3\xd7\x68\x13"
+ "\xed\x81\xcd\x06\x87\x43\x1a\xbb"
+ "\x13\x3d\xd6\x1e\x2b\xe1\x77\xbe",
+ .ilen = 32,
+ .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44",
+ .rlen = 32,
+ }, {
+ .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
+ "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
+ "\x22\x22\x22\x22\x22\x22\x22\x22"
+ "\x22\x22\x22\x22\x22\x22\x22\x22",
+ .klen = 32,
+ .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\xf9\x9b\x28\xb8\x5c\xaf\x8c\x61"
+ "\xb6\x1c\x81\x8f\x2c\x87\x60\x89"
+ "\x0d\x8d\x7a\xe8\x60\x48\xcc\x86"
+ "\xc1\x68\x45\xaa\x00\xe9\x24\xc5",
+ .ilen = 32,
+ .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44",
+ .rlen = 32,
+ }, {
+ .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
+ "\x23\x53\x60\x28\x74\x71\x35\x26"
+ "\x31\x41\x59\x26\x53\x58\x97\x93"
+ "\x23\x84\x62\x64\x33\x83\x27\x95",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\xfe\x47\x4a\xc8\x60\x7e\xb4\x8b"
+ "\x0d\x10\xf4\xb0\x0d\xba\xf8\x53"
+ "\x65\x6e\x38\x4b\xdb\xaa\xb1\x9e"
+ "\x28\xca\xb0\x22\xb3\x85\x75\xf4"
+ "\x00\x5c\x75\x14\x06\xd6\x25\x82"
+ "\xe6\xcb\x08\xf7\x29\x90\x23\x8e"
+ "\xa4\x68\x57\xe4\xf0\xd8\x32\xf3"
+ "\x80\x51\x67\xb5\x0b\x85\x69\xe8"
+ "\x19\xfe\xc4\xc7\x3e\xea\x90\xd3"
+ "\x8f\xa3\xf2\x0a\xac\x17\x4b\xa0"
+ "\x63\x5a\x16\x0f\xf0\xce\x66\x1f"
+ "\x2c\x21\x07\xf1\xa4\x03\xa3\x44"
+ "\x41\x61\x87\x5d\x6b\xb3\xef\xd4"
+ "\xfc\xaa\x32\x7e\x55\x58\x04\x41"
+ "\xc9\x07\x33\xc6\xa2\x68\xd6\x5a"
+ "\x55\x79\x4b\x6f\xcf\x89\xb9\x19"
+ "\xe5\x54\x13\x15\xb2\x1a\xfa\x15"
+ "\xc2\xf0\x06\x59\xfa\xa0\x25\x05"
+ "\x58\xfa\x43\x91\x16\x85\x40\xbb"
+ "\x0d\x34\x4d\xc5\x1e\x20\xd5\x08"
+ "\xcd\x22\x22\x41\x11\x9f\x6c\x7c"
+ "\x8d\x57\xc9\xba\x57\xe8\x2c\xf7"
+ "\xa0\x42\xa8\xde\xfc\xa3\xca\x98"
+ "\x4b\x43\xb1\xce\x4b\xbf\x01\x67"
+ "\x6e\x29\x60\xbd\x10\x14\x84\x82"
+ "\x83\x82\x0c\x63\x73\x92\x02\x7c"
+ "\x55\x37\x20\x80\x17\x51\xc8\xbc"
+ "\x46\x02\xcb\x38\x07\x6d\xe2\x85"
+ "\xaa\x29\xaf\x24\x58\x0d\xf0\x75"
+ "\x08\x0a\xa5\x34\x25\x16\xf3\x74"
+ "\xa7\x0b\x97\xbe\xc1\xa9\xdc\x29"
+ "\x1a\x0a\x56\xc1\x1a\x91\x97\x8c"
+ "\x0b\xc7\x16\xed\x5a\x22\xa6\x2e"
+ "\x8c\x2b\x4f\x54\x76\x47\x53\x8e"
+ "\xe8\x00\xec\x92\xb9\x55\xe6\xa2"
+ "\xf3\xe2\x4f\x6a\x66\x60\xd0\x87"
+ "\xe6\xd1\xcc\xe3\x6a\xc5\x2d\x21"
+ "\xcc\x9d\x6a\xb6\x75\xaa\xe2\x19"
+ "\x21\x9f\xa1\x5e\x4c\xfd\x72\xf9"
+ "\x94\x4e\x63\xc7\xae\xfc\xed\x47"
+ "\xe2\xfe\x7a\x63\x77\xfe\x97\x82"
+ "\xb1\x10\x6e\x36\x1d\xe1\xc4\x80"
+ "\xec\x69\x41\xec\xa7\x8a\xe0\x2f"
+ "\xe3\x49\x26\xa2\x41\xb2\x08\x0f"
+ "\x28\xb4\xa7\x39\xa1\x99\x2d\x1e"
+ "\x43\x42\x35\xd0\xcf\xec\x77\x67"
+ "\xb2\x3b\x9e\x1c\x35\xde\x4f\x5e"
+ "\x73\x3f\x5d\x6f\x07\x4b\x2e\x50"
+ "\xab\x6c\x6b\xff\xea\x00\x67\xaa"
+ "\x0e\x82\x32\xdd\x3d\xb5\xe5\x76"
+ "\x2b\x77\x3f\xbe\x12\x75\xfb\x92"
+ "\xc6\x89\x67\x4d\xca\xf7\xd4\x50"
+ "\xc0\x74\x47\xcc\xd9\x0a\xd4\xc6"
+ "\x3b\x17\x2e\xe3\x35\xbb\x53\xb5"
+ "\x86\xad\x51\xcc\xd5\x96\xb8\xdc"
+ "\x03\x57\xe6\x98\x52\x2f\x61\x62"
+ "\xc4\x5c\x9c\x36\x71\x07\xfb\x94"
+ "\xe3\x02\xc4\x2b\x08\x75\xc7\x35"
+ "\xfb\x2e\x88\x7b\xbb\x67\x00\xe1"
+ "\xc9\xdd\x99\xb2\x13\x53\x1a\x4e"
+ "\x76\x87\x19\x04\x1a\x2f\x38\x3e"
+ "\xef\x91\x64\x1d\x18\x07\x4e\x31"
+ "\x88\x21\x7c\xb0\xa5\x12\x4c\x3c"
+ "\xb0\x20\xbd\xda\xdf\xf9\x7c\xdd",
+ .ilen = 512,
+ .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
+ "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .rlen = 512,
+ }, {
+ .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
+ "\x23\x53\x60\x28\x74\x71\x35\x26"
+ "\x62\x49\x77\x57\x24\x70\x93\x69"
+ "\x99\x59\x57\x49\x66\x96\x76\x27"
+ "\x31\x41\x59\x26\x53\x58\x97\x93"
+ "\x23\x84\x62\x64\x33\x83\x27\x95"
+ "\x02\x88\x41\x97\x16\x93\x99\x37"
+ "\x51\x05\x82\x09\x74\x94\x45\x92",
+ .klen = 64,
+ .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x2b\xc9\xb4\x6b\x10\x94\xa9\x32"
+ "\xaa\xb0\x20\xc6\x44\x3d\x74\x1f"
+ "\x75\x01\xa7\xf6\xf5\xf7\x62\x1b"
+ "\x80\x1b\x82\xcb\x01\x59\x91\x7f"
+ "\x80\x3a\x98\xf0\xd2\xca\xc4\xc3"
+ "\x34\xfd\xe6\x11\xf9\x33\x45\x12"
+ "\x48\xc5\x8c\x25\xf1\xc5\xc5\x23"
+ "\xd3\x44\xb4\x73\xd5\x04\xc0\xb7"
+ "\xca\x2f\xf5\xcd\xc5\xb4\xdd\xb0"
+ "\xf4\x60\xe8\xfb\xc6\x9c\xc5\x78"
+ "\xcd\xec\x7d\xdc\x19\x9c\x72\x64"
+ "\x63\x0b\x38\x2e\x76\xdd\x2d\x36"
+ "\x49\xb0\x1d\xea\x78\x9e\x00\xca"
+ "\x20\xcc\x1b\x1e\x98\x74\xab\xed"
+ "\x79\xf7\xd0\x6c\xd8\x93\x80\x29"
+ "\xac\xa5\x5e\x34\xa9\xab\xa0\x55"
+ "\x9a\xea\xaa\x95\x4d\x7b\xfe\x46"
+ "\x26\x8a\xfd\x88\xa2\xa8\xa6\xae"
+ "\x25\x42\x17\xbf\x76\x8f\x1c\x3d"
+ "\xec\x9a\xda\x64\x96\xb5\x61\xff"
+ "\x99\xeb\x12\x96\x85\x82\x9d\xd5"
+ "\x81\x85\x14\xa8\x59\xac\x8c\x94"
+ "\xbb\x3b\x85\x2b\xdf\xb3\x0c\xba"
+ "\x82\xc6\x4d\xca\x86\xea\x53\x28"
+ "\x4c\xe0\x4e\x31\xe3\x73\x2f\x79"
+ "\x9d\x42\xe1\x03\xe3\x8b\xc4\xff"
+ "\x05\xca\x81\x7b\xda\xa2\xde\x63"
+ "\x3a\x10\xbe\xc2\xac\x32\xc4\x05"
+ "\x47\x7e\xef\x67\xe2\x5f\x5b\xae"
+ "\xed\xf1\x70\x34\x16\x9a\x07\x7b"
+ "\xf2\x25\x2b\xb0\xf8\x3c\x15\x9a"
+ "\xa6\x59\x55\x5f\xc1\xf4\x1e\xcd"
+ "\x93\x1f\x06\xba\xd4\x9a\x22\x69"
+ "\xfa\x8e\x95\x0d\xf3\x23\x59\x2c"
+ "\xfe\x00\xba\xf0\x0e\xbc\x6d\xd6"
+ "\x62\xf0\x7a\x0e\x83\x3e\xdb\x32"
+ "\xfd\x43\x7d\xda\x42\x51\x87\x43"
+ "\x9d\xf9\xef\xf4\x30\x97\xf8\x09"
+ "\x88\xfc\x3f\x93\x70\xc1\x4a\xec"
+ "\x27\x5f\x11\xac\x71\xc7\x48\x46"
+ "\x2f\xf9\xdf\x8d\x9f\xf7\x2e\x56"
+ "\x0d\x4e\xb0\x32\x76\xce\x86\x81"
+ "\xcd\xdf\xe4\x00\xbf\xfd\x5f\x24"
+ "\xaf\xf7\x9a\xde\xff\x18\xac\x14"
+ "\x90\xc5\x01\x39\x34\x0f\x24\xf3"
+ "\x13\x2f\x5e\x4f\x30\x9a\x36\x40"
+ "\xec\xea\xbc\xcd\x9e\x0e\x5b\x23"
+ "\x50\x88\x97\x40\x69\xb1\x37\xf5"
+ "\xc3\x15\xf9\x3f\xb7\x79\x64\xe8"
+ "\x7b\x10\x20\xb9\x2b\x46\x83\x5b"
+ "\xd8\x39\xfc\xe4\xfa\x88\x52\xf2"
+ "\x72\xb0\x97\x4e\x89\xb3\x48\x00"
+ "\xc1\x16\x73\x50\x77\xba\xa6\x65"
+ "\x20\x2d\xb0\x02\x27\x89\xda\x99"
+ "\x45\xfb\xe9\xd3\x1d\x39\x2f\xd6"
+ "\x2a\xda\x09\x12\x11\xaf\xe6\x57"
+ "\x01\x04\x8a\xff\x86\x8b\xac\xf8"
+ "\xee\xe4\x1c\x98\x5b\xcf\x6b\x76"
+ "\xa3\x0e\x33\x74\x40\x18\x39\x72"
+ "\x66\x50\x31\xfd\x70\xdf\xe8\x51"
+ "\x96\x21\x36\xb2\x9b\xfa\x85\xd1"
+ "\x30\x05\xc8\x92\x98\x80\xff\x7a"
+ "\xaf\x43\x0b\xc5\x20\x41\x92\x20"
+ "\xd4\xa0\x91\x98\x11\x5f\x4d\xb1",
+ .ilen = 512,
+ .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
+ "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .rlen = 512,
+ },
+};
+
/* Cast6 test vectors from RFC 2612 */
#define CAST6_ENC_TEST_VECTORS 3
#define CAST6_DEC_TEST_VECTORS 3
Patch adds XTS support for serpent-sse2 by using xts_crypt(). Patch has been
tested with tcrypt and automated filesystem tests.
Tcrypt benchmarks results (serpent-sse2/serpent_generic speed ratios):
Intel Celeron T1600 (x86_64) (fam:6, model:15, step:13):
size xts-enc xts-dec
16B 0.98x 1.00x
64B 1.00x 1.01x
256B 2.78x 2.75x
1024B 3.30x 3.26x
8192B 3.39x 3.30x
AMD Phenom II 1055T (x86_64) (fam:16, model:10):
size xts-enc xts-dec
16B 1.05x 1.02x
64B 1.04x 1.03x
256B 2.10x 2.05x
1024B 2.34x 2.35x
8192B 2.34x 2.40x
Intel Atom N270 (i586):
size xts-enc xts-dec
16B 0.95x 0.96x
64B 1.53x 1.50x
256B 1.72x 1.75x
1024B 1.88x 1.87x
8192B 1.86x 1.83x
Signed-off-by: Jussi Kivilinna <[email protected]>
---
arch/x86/crypto/serpent_sse2_glue.c | 180 +++++++++++++++++++++++++++++++++++
1 files changed, 178 insertions(+), 2 deletions(-)
diff --git a/arch/x86/crypto/serpent_sse2_glue.c b/arch/x86/crypto/serpent_sse2_glue.c
index 97c55b6..2ad7ed8 100644
--- a/arch/x86/crypto/serpent_sse2_glue.c
+++ b/arch/x86/crypto/serpent_sse2_glue.c
@@ -39,6 +39,7 @@
#include <crypto/b128ops.h>
#include <crypto/ctr.h>
#include <crypto/lrw.h>
+#include <crypto/xts.h>
#include <asm/i387.h>
#include <asm/serpent.h>
#include <crypto/scatterwalk.h>
@@ -49,6 +50,10 @@
#define HAS_LRW
#endif
+#if defined(CONFIG_CRYPTO_XTS) || defined(CONFIG_CRYPTO_XTS_MODULE)
+#define HAS_XTS
+#endif
+
struct async_serpent_ctx {
struct cryptd_ablkcipher *cryptd_tfm;
};
@@ -464,7 +469,7 @@ static struct crypto_alg blk_ctr_alg = {
},
};
-#ifdef HAS_LRW
+#if defined(HAS_LRW) || defined(HAS_XTS)
struct crypt_priv {
struct serpent_ctx *ctx;
@@ -505,6 +510,10 @@ static void decrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
__serpent_decrypt(ctx->ctx, srcdst, srcdst);
}
+#endif
+
+#ifdef HAS_LRW
+
struct serpent_lrw_ctx {
struct lrw_table_ctx lrw_table;
struct serpent_ctx serpent_ctx;
@@ -610,6 +619,114 @@ static struct crypto_alg blk_lrw_alg = {
#endif
+#ifdef HAS_XTS
+
+struct serpent_xts_ctx {
+ struct serpent_ctx tweak_ctx;
+ struct serpent_ctx crypt_ctx;
+};
+
+static int xts_serpent_setkey(struct crypto_tfm *tfm, const u8 *key,
+ unsigned int keylen)
+{
+ struct serpent_xts_ctx *ctx = crypto_tfm_ctx(tfm);
+ u32 *flags = &tfm->crt_flags;
+ int err;
+
+ /* key consists of keys of equal size concatenated, therefore
+ * the length must be even
+ */
+ if (keylen % 2) {
+ *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
+ return -EINVAL;
+ }
+
+ /* first half of xts-key is for crypt */
+ err = __serpent_setkey(&ctx->crypt_ctx, key, keylen / 2);
+ if (err)
+ return err;
+
+ /* second half of xts-key is for tweak */
+ return __serpent_setkey(&ctx->tweak_ctx, key + keylen / 2, keylen / 2);
+}
+
+static int xts_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+{
+ struct serpent_xts_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ be128 buf[SERPENT_PARALLEL_BLOCKS];
+ struct crypt_priv crypt_ctx = {
+ .ctx = &ctx->crypt_ctx,
+ .fpu_enabled = false,
+ };
+ struct xts_crypt_req req = {
+ .tbuf = buf,
+ .tbuflen = sizeof(buf),
+
+ .tweak_ctx = &ctx->tweak_ctx,
+ .tweak_fn = XTS_TWEAK_CAST(__serpent_encrypt),
+ .crypt_ctx = &crypt_ctx,
+ .crypt_fn = encrypt_callback,
+ };
+ int ret;
+
+ ret = xts_crypt(desc, dst, src, nbytes, &req);
+ serpent_fpu_end(crypt_ctx.fpu_enabled);
+
+ return ret;
+}
+
+static int xts_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+{
+ struct serpent_xts_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ be128 buf[SERPENT_PARALLEL_BLOCKS];
+ struct crypt_priv crypt_ctx = {
+ .ctx = &ctx->crypt_ctx,
+ .fpu_enabled = false,
+ };
+ struct xts_crypt_req req = {
+ .tbuf = buf,
+ .tbuflen = sizeof(buf),
+
+ .tweak_ctx = &ctx->tweak_ctx,
+ .tweak_fn = XTS_TWEAK_CAST(__serpent_encrypt),
+ .crypt_ctx = &crypt_ctx,
+ .crypt_fn = decrypt_callback,
+ };
+ int ret;
+
+ ret = xts_crypt(desc, dst, src, nbytes, &req);
+ serpent_fpu_end(crypt_ctx.fpu_enabled);
+
+ return ret;
+}
+
+static struct crypto_alg blk_xts_alg = {
+ .cra_name = "__xts-serpent-sse2",
+ .cra_driver_name = "__driver-xts-serpent-sse2",
+ .cra_priority = 0,
+ .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
+ .cra_blocksize = SERPENT_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct serpent_xts_ctx),
+ .cra_alignmask = 0,
+ .cra_type = &crypto_blkcipher_type,
+ .cra_module = THIS_MODULE,
+ .cra_list = LIST_HEAD_INIT(blk_xts_alg.cra_list),
+ .cra_u = {
+ .blkcipher = {
+ .min_keysize = SERPENT_MIN_KEY_SIZE * 2,
+ .max_keysize = SERPENT_MAX_KEY_SIZE * 2,
+ .ivsize = SERPENT_BLOCK_SIZE,
+ .setkey = xts_serpent_setkey,
+ .encrypt = xts_encrypt,
+ .decrypt = xts_decrypt,
+ },
+ },
+};
+
+#endif
+
static int ablk_set_key(struct crypto_ablkcipher *tfm, const u8 *key,
unsigned int key_len)
{
@@ -850,6 +967,46 @@ static struct crypto_alg ablk_lrw_alg = {
#endif
+#ifdef HAS_XTS
+
+static int ablk_xts_init(struct crypto_tfm *tfm)
+{
+ struct cryptd_ablkcipher *cryptd_tfm;
+
+ cryptd_tfm = cryptd_alloc_ablkcipher("__driver-xts-serpent-sse2", 0, 0);
+ if (IS_ERR(cryptd_tfm))
+ return PTR_ERR(cryptd_tfm);
+ ablk_init_common(tfm, cryptd_tfm);
+ return 0;
+}
+
+static struct crypto_alg ablk_xts_alg = {
+ .cra_name = "xts(serpent)",
+ .cra_driver_name = "xts-serpent-sse2",
+ .cra_priority = 400,
+ .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
+ .cra_blocksize = SERPENT_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct async_serpent_ctx),
+ .cra_alignmask = 0,
+ .cra_type = &crypto_ablkcipher_type,
+ .cra_module = THIS_MODULE,
+ .cra_list = LIST_HEAD_INIT(ablk_xts_alg.cra_list),
+ .cra_init = ablk_xts_init,
+ .cra_exit = ablk_exit,
+ .cra_u = {
+ .ablkcipher = {
+ .min_keysize = SERPENT_MIN_KEY_SIZE * 2,
+ .max_keysize = SERPENT_MAX_KEY_SIZE * 2,
+ .ivsize = SERPENT_BLOCK_SIZE,
+ .setkey = ablk_set_key,
+ .encrypt = ablk_encrypt,
+ .decrypt = ablk_decrypt,
+ },
+ },
+};
+
+#endif
+
static int __init serpent_sse2_init(void)
{
int err;
@@ -885,14 +1042,29 @@ static int __init serpent_sse2_init(void)
if (err)
goto ablk_lrw_err;
#endif
+#ifdef HAS_XTS
+ err = crypto_register_alg(&blk_xts_alg);
+ if (err)
+ goto blk_xts_err;
+ err = crypto_register_alg(&ablk_xts_alg);
+ if (err)
+ goto ablk_xts_err;
+#endif
return err;
+#ifdef HAS_XTS
+ crypto_unregister_alg(&ablk_xts_alg);
+ablk_xts_err:
+ crypto_unregister_alg(&blk_xts_alg);
+blk_xts_err:
+#endif
#ifdef HAS_LRW
+ crypto_unregister_alg(&ablk_lrw_alg);
ablk_lrw_err:
crypto_unregister_alg(&blk_lrw_alg);
blk_lrw_err:
- crypto_unregister_alg(&ablk_ctr_alg);
#endif
+ crypto_unregister_alg(&ablk_ctr_alg);
ablk_ctr_err:
crypto_unregister_alg(&ablk_cbc_alg);
ablk_cbc_err:
@@ -909,6 +1081,10 @@ blk_ecb_err:
static void __exit serpent_sse2_exit(void)
{
+#ifdef HAS_XTS
+ crypto_unregister_alg(&ablk_xts_alg);
+ crypto_unregister_alg(&blk_xts_alg);
+#endif
#ifdef HAS_LRW
crypto_unregister_alg(&ablk_lrw_alg);
crypto_unregister_alg(&blk_lrw_alg);
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/tcrypt.c | 9 +++++++++
crypto/tcrypt.h | 1 +
2 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index 0120383..a664595 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -998,6 +998,7 @@ static int do_test(int m)
ret += tcrypt_test("cbc(serpent)");
ret += tcrypt_test("ctr(serpent)");
ret += tcrypt_test("lrw(serpent)");
+ ret += tcrypt_test("xts(serpent)");
break;
case 10:
@@ -1315,6 +1316,10 @@ static int do_test(int m)
speed_template_32_48);
test_cipher_speed("lrw(serpent)", DECRYPT, sec, NULL, 0,
speed_template_32_48);
+ test_cipher_speed("xts(serpent)", ENCRYPT, sec, NULL, 0,
+ speed_template_32_64);
+ test_cipher_speed("xts(serpent)", DECRYPT, sec, NULL, 0,
+ speed_template_32_64);
break;
case 300:
@@ -1535,6 +1540,10 @@ static int do_test(int m)
speed_template_32_48);
test_acipher_speed("lrw(serpent)", DECRYPT, sec, NULL, 0,
speed_template_32_48);
+ test_acipher_speed("xts(serpent)", ENCRYPT, sec, NULL, 0,
+ speed_template_32_64);
+ test_acipher_speed("xts(serpent)", DECRYPT, sec, NULL, 0,
+ speed_template_32_64);
break;
case 1000:
diff --git a/crypto/tcrypt.h b/crypto/tcrypt.h
index 3eceaef..5be1fc8 100644
--- a/crypto/tcrypt.h
+++ b/crypto/tcrypt.h
@@ -53,6 +53,7 @@ static u8 speed_template_16_24_32[] = {16, 24, 32, 0};
static u8 speed_template_32_40_48[] = {32, 40, 48, 0};
static u8 speed_template_32_48[] = {32, 48, 0};
static u8 speed_template_32_48_64[] = {32, 48, 64, 0};
+static u8 speed_template_32_64[] = {32, 64, 0};
/*
* Digest speed tests
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/tcrypt.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index a664595..7736a9f 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -991,6 +991,7 @@ static int do_test(int m)
ret += tcrypt_test("cbc(twofish)");
ret += tcrypt_test("ctr(twofish)");
ret += tcrypt_test("lrw(twofish)");
+ ret += tcrypt_test("xts(twofish)");
break;
case 9:
@@ -1255,6 +1256,10 @@ static int do_test(int m)
speed_template_32_40_48);
test_cipher_speed("lrw(twofish)", DECRYPT, sec, NULL, 0,
speed_template_32_40_48);
+ test_cipher_speed("xts(twofish)", ENCRYPT, sec, NULL, 0,
+ speed_template_32_48_64);
+ test_cipher_speed("xts(twofish)", DECRYPT, sec, NULL, 0,
+ speed_template_32_48_64);
break;
case 203:
Add test vectors for xts(twofish). These are generated from xts(twofish) test vectors.
Signed-off-by: Jussi Kivilinna <[email protected]>
---
crypto/testmgr.c | 15 +
crypto/testmgr.h | 681 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 696 insertions(+), 0 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 8187405..bb54b88 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2649,6 +2649,21 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+ .alg = "xts(twofish)",
+ .test = alg_test_skcipher,
+ .suite = {
+ .cipher = {
+ .enc = {
+ .vecs = tf_xts_enc_tv_template,
+ .count = TF_XTS_ENC_TEST_VECTORS
+ },
+ .dec = {
+ .vecs = tf_xts_dec_tv_template,
+ .count = TF_XTS_DEC_TEST_VECTORS
+ }
+ }
+ }
+ }, {
.alg = "zlib",
.test = alg_test_pcomp,
.suite = {
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 9158a92..43e84d3 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -2719,6 +2719,8 @@ static struct cipher_testvec bf_ctr_dec_tv_template[] = {
#define TF_CTR_DEC_TEST_VECTORS 2
#define TF_LRW_ENC_TEST_VECTORS 8
#define TF_LRW_DEC_TEST_VECTORS 8
+#define TF_XTS_ENC_TEST_VECTORS 5
+#define TF_XTS_DEC_TEST_VECTORS 5
static struct cipher_testvec tf_enc_tv_template[] = {
{
@@ -3593,6 +3595,685 @@ static struct cipher_testvec tf_lrw_dec_tv_template[] = {
},
};
+static struct cipher_testvec tf_xts_enc_tv_template[] = {
+ /* Generated from AES-XTS test vectors */
+{
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .ilen = 32,
+ .result = "\x4b\xc9\x44\x4a\x11\xa3\xef\xac"
+ "\x30\x74\xe4\x44\x52\x77\x97\x43"
+ "\xa7\x60\xb2\x45\x2e\xf9\x00\x90"
+ "\x9f\xaa\xfd\x89\x6e\x9d\x4a\xe0",
+ .rlen = 32,
+ }, {
+ .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
+ "\x11\x11\x11\x11\x11\x11\x11\x11"
+ "\x22\x22\x22\x22\x22\x22\x22\x22"
+ "\x22\x22\x22\x22\x22\x22\x22\x22",
+ .klen = 32,
+ .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44",
+ .ilen = 32,
+ .result = "\x57\x0e\x8f\xe5\x2a\x35\x61\x4f"
+ "\x32\xd3\xbd\x36\x05\x15\x44\x2c"
+ "\x58\x06\xf7\xf8\x00\xa8\xb6\xd5"
+ "\xc6\x28\x92\xdb\xd8\x34\xa2\xe9",
+ .rlen = 32,
+ }, {
+ .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
+ "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
+ "\x22\x22\x22\x22\x22\x22\x22\x22"
+ "\x22\x22\x22\x22\x22\x22\x22\x22",
+ .klen = 32,
+ .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44",
+ .ilen = 32,
+ .result = "\x96\x45\x8f\x8d\x7a\x75\xb1\xde"
+ "\x40\x0c\x89\x56\xf6\x4d\xa7\x07"
+ "\x38\xbb\x5b\xe9\xcd\x84\xae\xb2"
+ "\x7b\x6a\x62\xf4\x8c\xb5\x37\xea",
+ .rlen = 32,
+ }, {
+ .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
+ "\x23\x53\x60\x28\x74\x71\x35\x26"
+ "\x31\x41\x59\x26\x53\x58\x97\x93"
+ "\x23\x84\x62\x64\x33\x83\x27\x95",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
+ "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .ilen = 512,
+ .result = "\xa9\x78\xae\x1e\xea\xa2\x44\x4c"
+ "\xa2\x7a\x64\x1f\xaf\x46\xc1\xe0"
+ "\x6c\xb2\xf3\x92\x9a\xd6\x7d\x58"
+ "\xb8\x2d\xb9\x5d\x58\x07\x66\x50"
+ "\xea\x35\x35\x8c\xb2\x46\x61\x06"
+ "\x5d\x65\xfc\x57\x8f\x69\x74\xab"
+ "\x8a\x06\x69\xb5\x6c\xda\x66\xc7"
+ "\x52\x90\xbb\x8e\x6d\x8b\xb5\xa2"
+ "\x78\x1d\xc2\xa9\xc2\x73\x00\xc3"
+ "\x32\x36\x7c\x97\x6b\x4e\x8a\x50"
+ "\xe4\x91\x83\x96\x8f\xf4\x94\x1a"
+ "\xa6\x27\xe1\x33\xcb\x91\xc6\x5f"
+ "\x94\x75\xbc\xd7\x3e\x3e\x6f\x9e"
+ "\xa9\x31\x80\x5e\xe5\xdb\xc8\x53"
+ "\x01\x73\x68\x32\x25\x19\xfa\xfb"
+ "\xe4\xcf\xb9\x3e\xa2\xa0\x8f\x31"
+ "\xbf\x54\x06\x93\xa8\xb1\x0f\xb6"
+ "\x7c\x3c\xde\x6f\x0f\xfb\x0c\x11"
+ "\x39\x80\x39\x09\x97\x65\xf2\x83"
+ "\xae\xe6\xa1\x6f\x47\xb8\x49\xde"
+ "\x99\x36\x20\x7d\x97\x3b\xec\xfa"
+ "\xb4\x33\x6e\x7a\xc7\x46\x84\x49"
+ "\x91\xcd\xe1\x57\x0d\xed\x40\x08"
+ "\x13\xf1\x4e\x3e\xa4\xa4\x5c\xe6"
+ "\xd2\x0c\x20\x8f\x3e\xdf\x3f\x47"
+ "\x9a\x2f\xde\x6d\x66\xc9\x99\x4a"
+ "\x2d\x9e\x9d\x4b\x1a\x27\xa2\x12"
+ "\x99\xf0\xf8\xb1\xb6\xf6\x57\xc3"
+ "\xca\x1c\xa3\x8e\xed\x39\x28\xb5"
+ "\x10\x1b\x4b\x08\x42\x00\x4a\xd3"
+ "\xad\x5a\xc6\x8e\xc8\xbb\x95\xc4"
+ "\x4b\xaa\xfe\xd5\x42\xa8\xa3\x6d"
+ "\x3c\xf3\x34\x91\x2d\xb4\xdd\x20"
+ "\x0c\x90\x6d\xa3\x9b\x66\x9d\x24"
+ "\x02\xa6\xa9\x3f\x3f\x58\x5d\x47"
+ "\x24\x65\x63\x7e\xbd\x8c\xe6\x52"
+ "\x7d\xef\x33\x53\x63\xec\xaa\x0b"
+ "\x64\x15\xa9\xa6\x1f\x10\x00\x38"
+ "\x35\xa8\xe7\xbe\x23\x70\x22\xe0"
+ "\xd3\xb9\xe6\xfd\xe6\xaa\x03\x50"
+ "\xf3\x3c\x27\x36\x8b\xcc\xfe\x9c"
+ "\x9c\xa3\xb3\xe7\x68\x9b\xa2\x71"
+ "\xe0\x07\xd9\x1f\x68\x1f\xac\x5e"
+ "\x7a\x74\x85\xa9\x6a\x90\xab\x2c"
+ "\x38\x51\xbc\x1f\x43\x4a\x56\x1c"
+ "\xf8\x47\x03\x4e\x67\xa8\x1f\x99"
+ "\x04\x39\x73\x32\xb2\x86\x79\xe7"
+ "\x14\x28\x70\xb8\xe2\x7d\x69\x85"
+ "\xb6\x0f\xc5\xd0\xd0\x01\x5c\xe6"
+ "\x09\x0f\x75\xf7\xb6\x81\xd2\x11"
+ "\x20\x9c\xa1\xee\x11\x44\x79\xd0"
+ "\xb2\x34\x77\xda\x10\x9a\x6f\x6f"
+ "\xef\x7c\xd9\xdc\x35\xb7\x61\xdd"
+ "\xf1\xa4\xc6\x1c\xbf\x05\x22\xac"
+ "\xfe\x2f\x85\x00\x44\xdf\x33\x16"
+ "\x35\xb6\xa3\xd3\x70\xdf\x69\x35"
+ "\x6a\xc7\xb4\x99\x45\x27\xc8\x8e"
+ "\x5a\x14\x30\xd0\x55\x3e\x4f\x64"
+ "\x0d\x38\xe3\xdf\x8b\xa8\x93\x26"
+ "\x75\xae\xf6\xb5\x23\x0b\x17\x31"
+ "\xbf\x27\xb8\xb5\x94\x31\xa7\x8f"
+ "\x43\xc4\x46\x24\x22\x4f\x8f\x7e"
+ "\xe5\xf4\x6d\x1e\x0e\x18\x7a\xbb"
+ "\xa6\x8f\xfb\x49\x49\xd8\x7e\x5a",
+ .rlen = 512,
+ }, {
+ .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
+ "\x23\x53\x60\x28\x74\x71\x35\x26"
+ "\x62\x49\x77\x57\x24\x70\x93\x69"
+ "\x99\x59\x57\x49\x66\x96\x76\x27"
+ "\x31\x41\x59\x26\x53\x58\x97\x93"
+ "\x23\x84\x62\x64\x33\x83\x27\x95"
+ "\x02\x88\x41\x97\x16\x93\x99\x37"
+ "\x51\x05\x82\x09\x74\x94\x45\x92",
+ .klen = 64,
+ .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
+ "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .ilen = 512,
+ .result = "\xd7\x4b\x93\x7d\x13\xa2\xa2\xe1"
+ "\x35\x39\x71\x88\x76\x1e\xc9\xea"
+ "\x86\xad\xf3\x14\x48\x3d\x5e\xe9"
+ "\xe9\x2d\xb2\x56\x59\x35\x9d\xec"
+ "\x84\xfa\x7e\x9d\x6d\x33\x36\x8f"
+ "\xce\xf4\xa9\x21\x0b\x5f\x96\xec"
+ "\xcb\xf9\x57\x68\x33\x88\x39\xbf"
+ "\x2f\xbb\x59\x03\xbd\x66\x8b\x11"
+ "\x11\x65\x51\x2e\xb8\x67\x05\xd1"
+ "\x27\x11\x5c\xd4\xcc\x97\xc2\xb3"
+ "\xa9\x55\xaf\x07\x56\xd1\xdc\xf5"
+ "\x85\xdc\x46\xe6\xf0\x24\xeb\x93"
+ "\x4d\xf0\x9b\xf5\x73\x1c\xda\x03"
+ "\x22\xc8\x3a\x4f\xb4\x19\x91\x09"
+ "\x54\x0b\xf6\xfe\x17\x3d\x1a\x53"
+ "\x72\x60\x79\xcb\x0e\x32\x8a\x77"
+ "\xd5\xed\xdb\x33\xd7\x62\x16\x69"
+ "\x63\xe0\xab\xb5\xf6\x9c\x5f\x3d"
+ "\x69\x35\x61\x86\xf8\x86\xb9\x89"
+ "\x6e\x59\x35\xac\xf6\x6b\x33\xa0"
+ "\xea\xef\x96\x62\xd8\xa9\xcf\x56"
+ "\xbf\xdb\x8a\xfd\xa1\x82\x77\x73"
+ "\x3d\x94\x4a\x49\x42\x6d\x08\x60"
+ "\xa1\xea\xab\xb6\x88\x13\x94\xb8"
+ "\x51\x98\xdb\x35\x85\xdf\xf6\xb9"
+ "\x8f\xcd\xdf\x80\xd3\x40\x2d\x72"
+ "\xb8\xb2\x6c\x02\x43\x35\x22\x2a"
+ "\x31\xed\xcd\x16\x19\xdf\x62\x0f"
+ "\x29\xcf\x87\x04\xec\x02\x4f\xe4"
+ "\xa2\xed\x73\xc6\x69\xd3\x7e\x89"
+ "\x0b\x76\x10\x7c\xd6\xf9\x6a\x25"
+ "\xed\xcc\x60\x5d\x61\x20\xc1\x97"
+ "\x56\x91\x57\x28\xbe\x71\x0d\xcd"
+ "\xde\xc4\x9e\x55\x91\xbe\xd1\x28"
+ "\x9b\x90\xeb\x73\xf3\x68\x51\xc6"
+ "\xdf\x82\xcc\xd8\x1f\xce\x5b\x27"
+ "\xc0\x60\x5e\x33\xd6\xa7\x20\xea"
+ "\xb2\x54\xc7\x5d\x6a\x3b\x67\x47"
+ "\xcf\xa0\xe3\xab\x86\xaf\xc1\x42"
+ "\xe6\xb0\x23\x4a\xaf\x53\xdf\xa0"
+ "\xad\x12\x32\x31\x03\xf7\x21\xbe"
+ "\x2d\xd5\x82\x42\xb6\x4a\x3d\xcd"
+ "\xd8\x81\x77\xa9\x49\x98\x6c\x09"
+ "\xc5\xa3\x61\x12\x62\x85\x6b\xcd"
+ "\xb3\xf4\x20\x0c\x41\xc4\x05\x37"
+ "\x46\x5f\xeb\x71\x8b\xf1\xaf\x6e"
+ "\xba\xf3\x50\x2e\xfe\xa8\x37\xeb"
+ "\xe8\x8c\x4f\xa4\x0c\xf1\x31\xc8"
+ "\x6e\x71\x4f\xa5\xd7\x97\x73\xe0"
+ "\x93\x4a\x2f\xda\x7b\xe0\x20\x54"
+ "\x1f\x8d\x85\x79\x0b\x7b\x5e\x75"
+ "\xb9\x07\x67\xcc\xc8\xe7\x21\x15"
+ "\xa7\xc8\x98\xff\x4b\x80\x1c\x12"
+ "\xa8\x54\xe1\x38\x52\xe6\x74\x81"
+ "\x97\x47\xa1\x41\x0e\xc0\x50\xe3"
+ "\x55\x0e\xc3\xa7\x70\x77\xce\x07"
+ "\xed\x8c\x88\xe6\xa1\x5b\x14\xec"
+ "\xe6\xde\x06\x6d\x74\xc5\xd9\xfa"
+ "\xe5\x2f\x5a\xff\xc8\x05\xee\x27"
+ "\x35\x61\xbf\x0b\x19\x78\x9b\xd2"
+ "\x04\xc7\x05\xb1\x79\xb4\xff\x5f"
+ "\xf3\xea\x67\x52\x78\xc2\xce\x70"
+ "\xa4\x05\x0b\xb2\xb3\xa8\x30\x97"
+ "\x37\x30\xe1\x91\x8d\xb3\x2a\xff",
+ .rlen = 512,
+ },
+};
+
+static struct cipher_testvec tf_xts_dec_tv_template[] = {
+ /* Generated from AES-XTS test vectors */
+ /* same as enc vectors with input and result reversed */
+ {
+ .key = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x4b\xc9\x44\x4a\x11\xa3\xef\xac"
+ "\x30\x74\xe4\x44\x52\x77\x97\x43"
+ "\xa7\x60\xb2\x45\x2e\xf9\x00\x90"
+ "\x9f\xaa\xfd\x89\x6e\x9d\x4a\xe0",
+ .ilen = 32,
+ .result = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .rlen = 32,
+ }, {
+ .key = "\x11\x11\x11\x11\x11\x11\x11\x11"
+ "\x11\x11\x11\x11\x11\x11\x11\x11"
+ "\x22\x22\x22\x22\x22\x22\x22\x22"
+ "\x22\x22\x22\x22\x22\x22\x22\x22",
+ .klen = 32,
+ .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x57\x0e\x8f\xe5\x2a\x35\x61\x4f"
+ "\x32\xd3\xbd\x36\x05\x15\x44\x2c"
+ "\x58\x06\xf7\xf8\x00\xa8\xb6\xd5"
+ "\xc6\x28\x92\xdb\xd8\x34\xa2\xe9",
+ .ilen = 32,
+ .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44",
+ .rlen = 32,
+ }, {
+ .key = "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8"
+ "\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
+ "\x22\x22\x22\x22\x22\x22\x22\x22"
+ "\x22\x22\x22\x22\x22\x22\x22\x22",
+ .klen = 32,
+ .iv = "\x33\x33\x33\x33\x33\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\x96\x45\x8f\x8d\x7a\x75\xb1\xde"
+ "\x40\x0c\x89\x56\xf6\x4d\xa7\x07"
+ "\x38\xbb\x5b\xe9\xcd\x84\xae\xb2"
+ "\x7b\x6a\x62\xf4\x8c\xb5\x37\xea",
+ .ilen = 32,
+ .result = "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44"
+ "\x44\x44\x44\x44\x44\x44\x44\x44",
+ .rlen = 32,
+ }, {
+ .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
+ "\x23\x53\x60\x28\x74\x71\x35\x26"
+ "\x31\x41\x59\x26\x53\x58\x97\x93"
+ "\x23\x84\x62\x64\x33\x83\x27\x95",
+ .klen = 32,
+ .iv = "\x00\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\xa9\x78\xae\x1e\xea\xa2\x44\x4c"
+ "\xa2\x7a\x64\x1f\xaf\x46\xc1\xe0"
+ "\x6c\xb2\xf3\x92\x9a\xd6\x7d\x58"
+ "\xb8\x2d\xb9\x5d\x58\x07\x66\x50"
+ "\xea\x35\x35\x8c\xb2\x46\x61\x06"
+ "\x5d\x65\xfc\x57\x8f\x69\x74\xab"
+ "\x8a\x06\x69\xb5\x6c\xda\x66\xc7"
+ "\x52\x90\xbb\x8e\x6d\x8b\xb5\xa2"
+ "\x78\x1d\xc2\xa9\xc2\x73\x00\xc3"
+ "\x32\x36\x7c\x97\x6b\x4e\x8a\x50"
+ "\xe4\x91\x83\x96\x8f\xf4\x94\x1a"
+ "\xa6\x27\xe1\x33\xcb\x91\xc6\x5f"
+ "\x94\x75\xbc\xd7\x3e\x3e\x6f\x9e"
+ "\xa9\x31\x80\x5e\xe5\xdb\xc8\x53"
+ "\x01\x73\x68\x32\x25\x19\xfa\xfb"
+ "\xe4\xcf\xb9\x3e\xa2\xa0\x8f\x31"
+ "\xbf\x54\x06\x93\xa8\xb1\x0f\xb6"
+ "\x7c\x3c\xde\x6f\x0f\xfb\x0c\x11"
+ "\x39\x80\x39\x09\x97\x65\xf2\x83"
+ "\xae\xe6\xa1\x6f\x47\xb8\x49\xde"
+ "\x99\x36\x20\x7d\x97\x3b\xec\xfa"
+ "\xb4\x33\x6e\x7a\xc7\x46\x84\x49"
+ "\x91\xcd\xe1\x57\x0d\xed\x40\x08"
+ "\x13\xf1\x4e\x3e\xa4\xa4\x5c\xe6"
+ "\xd2\x0c\x20\x8f\x3e\xdf\x3f\x47"
+ "\x9a\x2f\xde\x6d\x66\xc9\x99\x4a"
+ "\x2d\x9e\x9d\x4b\x1a\x27\xa2\x12"
+ "\x99\xf0\xf8\xb1\xb6\xf6\x57\xc3"
+ "\xca\x1c\xa3\x8e\xed\x39\x28\xb5"
+ "\x10\x1b\x4b\x08\x42\x00\x4a\xd3"
+ "\xad\x5a\xc6\x8e\xc8\xbb\x95\xc4"
+ "\x4b\xaa\xfe\xd5\x42\xa8\xa3\x6d"
+ "\x3c\xf3\x34\x91\x2d\xb4\xdd\x20"
+ "\x0c\x90\x6d\xa3\x9b\x66\x9d\x24"
+ "\x02\xa6\xa9\x3f\x3f\x58\x5d\x47"
+ "\x24\x65\x63\x7e\xbd\x8c\xe6\x52"
+ "\x7d\xef\x33\x53\x63\xec\xaa\x0b"
+ "\x64\x15\xa9\xa6\x1f\x10\x00\x38"
+ "\x35\xa8\xe7\xbe\x23\x70\x22\xe0"
+ "\xd3\xb9\xe6\xfd\xe6\xaa\x03\x50"
+ "\xf3\x3c\x27\x36\x8b\xcc\xfe\x9c"
+ "\x9c\xa3\xb3\xe7\x68\x9b\xa2\x71"
+ "\xe0\x07\xd9\x1f\x68\x1f\xac\x5e"
+ "\x7a\x74\x85\xa9\x6a\x90\xab\x2c"
+ "\x38\x51\xbc\x1f\x43\x4a\x56\x1c"
+ "\xf8\x47\x03\x4e\x67\xa8\x1f\x99"
+ "\x04\x39\x73\x32\xb2\x86\x79\xe7"
+ "\x14\x28\x70\xb8\xe2\x7d\x69\x85"
+ "\xb6\x0f\xc5\xd0\xd0\x01\x5c\xe6"
+ "\x09\x0f\x75\xf7\xb6\x81\xd2\x11"
+ "\x20\x9c\xa1\xee\x11\x44\x79\xd0"
+ "\xb2\x34\x77\xda\x10\x9a\x6f\x6f"
+ "\xef\x7c\xd9\xdc\x35\xb7\x61\xdd"
+ "\xf1\xa4\xc6\x1c\xbf\x05\x22\xac"
+ "\xfe\x2f\x85\x00\x44\xdf\x33\x16"
+ "\x35\xb6\xa3\xd3\x70\xdf\x69\x35"
+ "\x6a\xc7\xb4\x99\x45\x27\xc8\x8e"
+ "\x5a\x14\x30\xd0\x55\x3e\x4f\x64"
+ "\x0d\x38\xe3\xdf\x8b\xa8\x93\x26"
+ "\x75\xae\xf6\xb5\x23\x0b\x17\x31"
+ "\xbf\x27\xb8\xb5\x94\x31\xa7\x8f"
+ "\x43\xc4\x46\x24\x22\x4f\x8f\x7e"
+ "\xe5\xf4\x6d\x1e\x0e\x18\x7a\xbb"
+ "\xa6\x8f\xfb\x49\x49\xd8\x7e\x5a",
+ .ilen = 512,
+ .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
+ "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .rlen = 512,
+ }, {
+ .key = "\x27\x18\x28\x18\x28\x45\x90\x45"
+ "\x23\x53\x60\x28\x74\x71\x35\x26"
+ "\x62\x49\x77\x57\x24\x70\x93\x69"
+ "\x99\x59\x57\x49\x66\x96\x76\x27"
+ "\x31\x41\x59\x26\x53\x58\x97\x93"
+ "\x23\x84\x62\x64\x33\x83\x27\x95"
+ "\x02\x88\x41\x97\x16\x93\x99\x37"
+ "\x51\x05\x82\x09\x74\x94\x45\x92",
+ .klen = 64,
+ .iv = "\xff\x00\x00\x00\x00\x00\x00\x00"
+ "\x00\x00\x00\x00\x00\x00\x00\x00",
+ .input = "\xd7\x4b\x93\x7d\x13\xa2\xa2\xe1"
+ "\x35\x39\x71\x88\x76\x1e\xc9\xea"
+ "\x86\xad\xf3\x14\x48\x3d\x5e\xe9"
+ "\xe9\x2d\xb2\x56\x59\x35\x9d\xec"
+ "\x84\xfa\x7e\x9d\x6d\x33\x36\x8f"
+ "\xce\xf4\xa9\x21\x0b\x5f\x96\xec"
+ "\xcb\xf9\x57\x68\x33\x88\x39\xbf"
+ "\x2f\xbb\x59\x03\xbd\x66\x8b\x11"
+ "\x11\x65\x51\x2e\xb8\x67\x05\xd1"
+ "\x27\x11\x5c\xd4\xcc\x97\xc2\xb3"
+ "\xa9\x55\xaf\x07\x56\xd1\xdc\xf5"
+ "\x85\xdc\x46\xe6\xf0\x24\xeb\x93"
+ "\x4d\xf0\x9b\xf5\x73\x1c\xda\x03"
+ "\x22\xc8\x3a\x4f\xb4\x19\x91\x09"
+ "\x54\x0b\xf6\xfe\x17\x3d\x1a\x53"
+ "\x72\x60\x79\xcb\x0e\x32\x8a\x77"
+ "\xd5\xed\xdb\x33\xd7\x62\x16\x69"
+ "\x63\xe0\xab\xb5\xf6\x9c\x5f\x3d"
+ "\x69\x35\x61\x86\xf8\x86\xb9\x89"
+ "\x6e\x59\x35\xac\xf6\x6b\x33\xa0"
+ "\xea\xef\x96\x62\xd8\xa9\xcf\x56"
+ "\xbf\xdb\x8a\xfd\xa1\x82\x77\x73"
+ "\x3d\x94\x4a\x49\x42\x6d\x08\x60"
+ "\xa1\xea\xab\xb6\x88\x13\x94\xb8"
+ "\x51\x98\xdb\x35\x85\xdf\xf6\xb9"
+ "\x8f\xcd\xdf\x80\xd3\x40\x2d\x72"
+ "\xb8\xb2\x6c\x02\x43\x35\x22\x2a"
+ "\x31\xed\xcd\x16\x19\xdf\x62\x0f"
+ "\x29\xcf\x87\x04\xec\x02\x4f\xe4"
+ "\xa2\xed\x73\xc6\x69\xd3\x7e\x89"
+ "\x0b\x76\x10\x7c\xd6\xf9\x6a\x25"
+ "\xed\xcc\x60\x5d\x61\x20\xc1\x97"
+ "\x56\x91\x57\x28\xbe\x71\x0d\xcd"
+ "\xde\xc4\x9e\x55\x91\xbe\xd1\x28"
+ "\x9b\x90\xeb\x73\xf3\x68\x51\xc6"
+ "\xdf\x82\xcc\xd8\x1f\xce\x5b\x27"
+ "\xc0\x60\x5e\x33\xd6\xa7\x20\xea"
+ "\xb2\x54\xc7\x5d\x6a\x3b\x67\x47"
+ "\xcf\xa0\xe3\xab\x86\xaf\xc1\x42"
+ "\xe6\xb0\x23\x4a\xaf\x53\xdf\xa0"
+ "\xad\x12\x32\x31\x03\xf7\x21\xbe"
+ "\x2d\xd5\x82\x42\xb6\x4a\x3d\xcd"
+ "\xd8\x81\x77\xa9\x49\x98\x6c\x09"
+ "\xc5\xa3\x61\x12\x62\x85\x6b\xcd"
+ "\xb3\xf4\x20\x0c\x41\xc4\x05\x37"
+ "\x46\x5f\xeb\x71\x8b\xf1\xaf\x6e"
+ "\xba\xf3\x50\x2e\xfe\xa8\x37\xeb"
+ "\xe8\x8c\x4f\xa4\x0c\xf1\x31\xc8"
+ "\x6e\x71\x4f\xa5\xd7\x97\x73\xe0"
+ "\x93\x4a\x2f\xda\x7b\xe0\x20\x54"
+ "\x1f\x8d\x85\x79\x0b\x7b\x5e\x75"
+ "\xb9\x07\x67\xcc\xc8\xe7\x21\x15"
+ "\xa7\xc8\x98\xff\x4b\x80\x1c\x12"
+ "\xa8\x54\xe1\x38\x52\xe6\x74\x81"
+ "\x97\x47\xa1\x41\x0e\xc0\x50\xe3"
+ "\x55\x0e\xc3\xa7\x70\x77\xce\x07"
+ "\xed\x8c\x88\xe6\xa1\x5b\x14\xec"
+ "\xe6\xde\x06\x6d\x74\xc5\xd9\xfa"
+ "\xe5\x2f\x5a\xff\xc8\x05\xee\x27"
+ "\x35\x61\xbf\x0b\x19\x78\x9b\xd2"
+ "\x04\xc7\x05\xb1\x79\xb4\xff\x5f"
+ "\xf3\xea\x67\x52\x78\xc2\xce\x70"
+ "\xa4\x05\x0b\xb2\xb3\xa8\x30\x97"
+ "\x37\x30\xe1\x91\x8d\xb3\x2a\xff",
+ .ilen = 512,
+ .result = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
+ "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+ "\x10\x11\x12\x13\x14\x15\x16\x17"
+ "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"
+ "\x20\x21\x22\x23\x24\x25\x26\x27"
+ "\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f"
+ "\x30\x31\x32\x33\x34\x35\x36\x37"
+ "\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f"
+ "\x40\x41\x42\x43\x44\x45\x46\x47"
+ "\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f"
+ "\x50\x51\x52\x53\x54\x55\x56\x57"
+ "\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
+ "\x60\x61\x62\x63\x64\x65\x66\x67"
+ "\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f"
+ "\x70\x71\x72\x73\x74\x75\x76\x77"
+ "\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f"
+ "\x80\x81\x82\x83\x84\x85\x86\x87"
+ "\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f"
+ "\x90\x91\x92\x93\x94\x95\x96\x97"
+ "\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f"
+ "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7"
+ "\xa8\xa9\xaa\xab\xac\xad\xae\xaf"
+ "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7"
+ "\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf"
+ "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7"
+ "\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf"
+ "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7"
+ "\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf"
+ "\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7"
+ "\xe8\xe9\xea\xeb\xec\xed\xee\xef"
+ "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7"
+ "\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff",
+ .rlen = 512,
+ },
+};
+
/*
* Serpent test vectors. These are backwards because Serpent writes
* octet sequences in right-to-left mode.
Patch adds XTS support for twofish-x86_64-3way by using xts_crypt(). Patch has
been tested with tcrypt and automated filesystem tests.
Tcrypt benchmarks results (twofish-3way/twofish-asm speed ratios):
Intel Celeron T1600 (fam:6, model:15, step:13):
size xts-enc xts-dec
16B 0.98x 1.00x
64B 1.14x 1.15x
256B 1.23x 1.25x
1024B 1.26x 1.29x
8192B 1.28x 1.30x
AMD Phenom II 1055T (fam:16, model:10):
size xts-enc xts-dec
16B 1.03x 1.03x
64B 1.13x 1.16x
256B 1.20x 1.20x
1024B 1.22x 1.22x
8192B 1.22x 1.21x
Signed-off-by: Jussi Kivilinna <[email protected]>
---
arch/x86/crypto/twofish_glue_3way.c | 119 ++++++++++++++++++++++++++++++++++-
1 files changed, 117 insertions(+), 2 deletions(-)
diff --git a/arch/x86/crypto/twofish_glue_3way.c b/arch/x86/crypto/twofish_glue_3way.c
index fa9151d..954f59e 100644
--- a/arch/x86/crypto/twofish_glue_3way.c
+++ b/arch/x86/crypto/twofish_glue_3way.c
@@ -33,11 +33,16 @@
#include <crypto/twofish.h>
#include <crypto/b128ops.h>
#include <crypto/lrw.h>
+#include <crypto/xts.h>
#if defined(CONFIG_CRYPTO_LRW) || defined(CONFIG_CRYPTO_LRW_MODULE)
#define HAS_LRW
#endif
+#if defined(CONFIG_CRYPTO_XTS) || defined(CONFIG_CRYPTO_XTS_MODULE)
+#define HAS_XTS
+#endif
+
/* regular block cipher functions from twofish_x86_64 module */
asmlinkage void twofish_enc_blk(struct twofish_ctx *ctx, u8 *dst,
const u8 *src);
@@ -437,7 +442,7 @@ static struct crypto_alg blk_ctr_alg = {
},
};
-#ifdef HAS_LRW
+#if defined(HAS_LRW) || defined(HAS_XTS)
static void encrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
{
@@ -469,6 +474,10 @@ static void decrypt_callback(void *priv, u8 *srcdst, unsigned int nbytes)
twofish_dec_blk(ctx, srcdst, srcdst);
}
+#endif
+
+#ifdef HAS_LRW
+
struct twofish_lrw_ctx {
struct lrw_table_ctx lrw_table;
struct twofish_ctx twofish_ctx;
@@ -555,6 +564,99 @@ static struct crypto_alg blk_lrw_alg = {
#endif
+#ifdef HAS_XTS
+
+struct twofish_xts_ctx {
+ struct twofish_ctx tweak_ctx;
+ struct twofish_ctx crypt_ctx;
+};
+
+static int xts_twofish_setkey(struct crypto_tfm *tfm, const u8 *key,
+ unsigned int keylen)
+{
+ struct twofish_xts_ctx *ctx = crypto_tfm_ctx(tfm);
+ u32 *flags = &tfm->crt_flags;
+ int err;
+
+ /* key consists of keys of equal size concatenated, therefore
+ * the length must be even
+ */
+ if (keylen % 2) {
+ *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
+ return -EINVAL;
+ }
+
+ /* first half of xts-key is for crypt */
+ err = __twofish_setkey(&ctx->crypt_ctx, key, keylen / 2, flags);
+ if (err)
+ return err;
+
+ /* second half of xts-key is for tweak */
+ return __twofish_setkey(&ctx->tweak_ctx, key + keylen / 2, keylen / 2,
+ flags);
+}
+
+static int xts_encrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+{
+ struct twofish_xts_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ be128 buf[3];
+ struct xts_crypt_req req = {
+ .tbuf = buf,
+ .tbuflen = sizeof(buf),
+
+ .tweak_ctx = &ctx->tweak_ctx,
+ .tweak_fn = XTS_TWEAK_CAST(twofish_enc_blk),
+ .crypt_ctx = &ctx->crypt_ctx,
+ .crypt_fn = encrypt_callback,
+ };
+
+ return xts_crypt(desc, dst, src, nbytes, &req);
+}
+
+static int xts_decrypt(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes)
+{
+ struct twofish_xts_ctx *ctx = crypto_blkcipher_ctx(desc->tfm);
+ be128 buf[3];
+ struct xts_crypt_req req = {
+ .tbuf = buf,
+ .tbuflen = sizeof(buf),
+
+ .tweak_ctx = &ctx->tweak_ctx,
+ .tweak_fn = XTS_TWEAK_CAST(twofish_enc_blk),
+ .crypt_ctx = &ctx->crypt_ctx,
+ .crypt_fn = decrypt_callback,
+ };
+
+ return xts_crypt(desc, dst, src, nbytes, &req);
+}
+
+static struct crypto_alg blk_xts_alg = {
+ .cra_name = "xts(twofish)",
+ .cra_driver_name = "xts-twofish-3way",
+ .cra_priority = 300,
+ .cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER,
+ .cra_blocksize = TF_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct twofish_xts_ctx),
+ .cra_alignmask = 0,
+ .cra_type = &crypto_blkcipher_type,
+ .cra_module = THIS_MODULE,
+ .cra_list = LIST_HEAD_INIT(blk_xts_alg.cra_list),
+ .cra_u = {
+ .blkcipher = {
+ .min_keysize = TF_MIN_KEY_SIZE * 2,
+ .max_keysize = TF_MAX_KEY_SIZE * 2,
+ .ivsize = TF_BLOCK_SIZE,
+ .setkey = xts_twofish_setkey,
+ .encrypt = xts_encrypt,
+ .decrypt = xts_decrypt,
+ },
+ },
+};
+
+#endif
+
int __init init(void)
{
int err;
@@ -573,13 +675,23 @@ int __init init(void)
if (err)
goto blk_lrw_err;
#endif
+#ifdef HAS_XTS
+ err = crypto_register_alg(&blk_xts_alg);
+ if (err)
+ goto blk_xts_err;
+#endif
return 0;
+#ifdef HAS_XTS
+ crypto_unregister_alg(&blk_xts_alg);
+blk_xts_err:
+#endif
#ifdef HAS_LRW
+ crypto_unregister_alg(&blk_lrw_alg);
blk_lrw_err:
- crypto_unregister_alg(&blk_ctr_alg);
#endif
+ crypto_unregister_alg(&blk_ctr_alg);
ctr_err:
crypto_unregister_alg(&blk_cbc_alg);
cbc_err:
@@ -590,6 +702,9 @@ ecb_err:
void __exit fini(void)
{
+#ifdef HAS_XTS
+ crypto_unregister_alg(&blk_xts_alg);
+#endif
#ifdef HAS_LRW
crypto_unregister_alg(&blk_lrw_alg);
#endif
On Tue, Oct 18, 2011 at 01:32:08PM +0300, Jussi Kivilinna wrote:
> This series adds lrw_crypt() and xts_crypt() functions for cipher implementations that
> can benefit from parallel cipher block operations. To make interface flexible,
> caller is reponsible of allocating buffer large enough to store temporary cipher
> blocks. This buffer size should be as large as size of parallel blocks processed at
> once. Cryption callback is called with buffer size at maximum of parallel blocks size
> and at minimum size of one block.
>
> Series adds LRW/XTS support to serpent-sse2 and twofish-x86_64-3way, and therefore
> depends on those series.
>
> Patches 1-4: include LRW fixes/cleanups, export gf128mul table and add lrw_crypt().
> Patches 5-7: add LRW support to serpent-sse2, with tcrypt tests and test vectors.
> Patches 8-10: add LRW support to twofish-x86_64-3way, with tcrypt tests and test vectors.
> Patches 11-12: include XTS cleanup for blocksize usage and add xts_crypt().
> Patches 13-15: add XTS support to serpent-sse2, with tcrypt tests and test vectors.
> Patches 16-18: add XTS support to twofish-x86_64-3way, with tcrypt tests and test vectors.
All applied except for the serpent patches. Please resend those
after you've fixed up the previous serpent patches.
I've also merged your later fixes into these.
Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt