LinuxLists.cc - Re: [patch 0/2] remove setkey function in VIA's padlock

2007-11-05 00:26:14

Subject: Re: [patch 0/2] remove setkey function in VIA's padlock

Sebastian Siewior wrote:
> Hello Michal,
>
> you wrote the padlock-aes driver so you probably have the hardware for
> testing :) The setkey function in the driver's code looks like it
> expands the key the same way like the new crypto_aes_set_key() I've
> posted earlier [1], [2]. Could you please test this patch and see if it is
> working correct?

I'll test and get back to you.

> I have one question regarding the size of the expanded key: You reserve
> 64 * 4 bytes for each key but it seems that you use only 60 * 4 bytes.
> Are the other bytes used by the hardware or did you allocate it by
> accident?

The hardware needs it. From the VIA Padlock Programming Guide:

| For the application-loaded keys option, the hardware always
| loads sixteen 128-bit values from memory regardless of the
| specified key size. Any values beyond the normal extended key
| size are ignored and have no effect on the results, but that
| memory area must be accessible (within the segment limit, etc.)

Michal
--
* http://www.logix.cz/michal

2007-11-10 21:23:58

by Sebastian Andrzej Siewior

[permalink] [raw]

Subject: Re: [patch 0/2] remove setkey function in VIA's padlock

* Michal Ludvig | 2007-11-05 12:54:50 [+1300]:

> I'll test and get back to you.
thx.

>
>> I have one question regarding the size of the expanded key: You reserve
>> 64 * 4 bytes for each key but it seems that you use only 60 * 4 bytes.
>> Are the other bytes used by the hardware or did you allocate it by
>> accident?
>
> The hardware needs it. From the VIA Padlock Programming Guide:
>
> | For the application-loaded keys option, the hardware always
> | loads sixteen 128-bit values from memory regardless of the
> | specified key size. Any values beyond the normal extended key
> | size are ignored and have no effect on the results, but that
> | memory area must be accessible (within the segment limit, etc.)

Since we only have to make sure that we can access the memory, what
about:

struct aes_ctx {
u32 E[15 * 16]
__attribute__ ((__aligned__(PADLOCK_ALIGNMENT)));
u32 d_data[15 * 16]
__attribute__ ((__aligned__(PADLOCK_ALIGNMENT)));
struct {
struct cword encrypt;
struct cword decrypt;
} cword;
u32 *D;
int key_length;
};

> Michal

Sebastian