diff options
Diffstat (limited to 'lib/accelerated/x86/aes-padlock.c')
-rw-r--r-- | lib/accelerated/x86/aes-padlock.c | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/lib/accelerated/x86/aes-padlock.c b/lib/accelerated/x86/aes-padlock.c index 018764bc67..1e9b77c215 100644 --- a/lib/accelerated/x86/aes-padlock.c +++ b/lib/accelerated/x86/aes-padlock.c @@ -41,7 +41,8 @@ aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc) { /* we use key size to distinguish */ if (algorithm != GNUTLS_CIPHER_AES_128_CBC - && algorithm != GNUTLS_CIPHER_AES_256_CBC) + && algorithm != GNUTLS_CIPHER_AES_256_CBC + && algorithm != GNUTLS_CIPHER_AES_192_CBC) return GNUTLS_E_INVALID_REQUEST; *_ctx = gnutls_calloc(1, sizeof(struct padlock_ctx)); @@ -59,7 +60,8 @@ padlock_aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize) { struct padlock_ctx *ctx = _ctx; struct padlock_cipher_data *pce; - struct aes256_ctx nc; + struct aes192_ctx nc192; + struct aes256_ctx nc256; memset(_ctx, 0, sizeof(struct padlock_cipher_data)); @@ -74,17 +76,28 @@ padlock_aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize) memcpy(pce->ks.rd_key, userkey, 16); pce->cword.b.keygen = 0; break; + case 24: + pce->cword.b.ksize = 1; + pce->cword.b.rounds = 12; + if (ctx->enc) + aes192_set_encrypt_key(&nc192, userkey); + else + aes192_set_decrypt_key(&nc192, userkey); + memcpy(pce->ks.rd_key, nc192.keys, sizeof(nc192.keys)); + pce->ks.rounds = _AES192_ROUNDS; + pce->cword.b.keygen = 1; + break; case 32: pce->cword.b.ksize = 2; pce->cword.b.rounds = 14; /* expand key using nettle */ if (ctx->enc) - aes256_set_encrypt_key(&nc, userkey); + aes256_set_encrypt_key(&nc256, userkey); else - aes256_set_decrypt_key(&nc, userkey); + aes256_set_decrypt_key(&nc256, userkey); - memcpy(pce->ks.rd_key, nc.keys, sizeof(nc.keys)); + memcpy(pce->ks.rd_key, nc256.keys, sizeof(nc256.keys)); pce->ks.rounds = _AES256_ROUNDS; pce->cword.b.keygen = 1; |