[PATCH RFC 022/104] crypto: fips140: convert lib/crypto/aes.c to using crypto API wrappers

Vegard Nossum <vegard.nossum@xxxxxxxxxx> · Thu, 4 Sep 2025 17:50:54 +0200

Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.

Generated using:

  ./fipsify.py --config CONFIG_CRYPTO_LIB_AES --source lib/crypto/aes.c --header include/crypto/aes.h --vars crypto_aes_sbox crypto_aes_inv_sbox

Signed-off-by: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
---
 crypto/fips140-api.c | 21 +++++++++++++++++++++
 include/crypto/aes.h | 14 ++++++++++----
 lib/crypto/aes.c     | 12 ++++++------
 3 files changed, 37 insertions(+), 10 deletions(-)
 create mode 100644 crypto/fips140-api.c

diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
new file mode 100644
index 000000000000..029d06763f5a
--- /dev/null
+++ b/crypto/fips140-api.c
@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+
+/*
+ * Define static call keys for any functions which are part of the crypto
+ * API and used by the standalone FIPS module but which are not built into
+ * vmlinux.
+ */
+
+/*
+ * lib/crypto/aes.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_AES)
+
+#include <crypto/aes.h>
+
+DEFINE_CRYPTO_API_STUB(aes_expandkey);
+DEFINE_CRYPTO_API_STUB(aes_encrypt);
+DEFINE_CRYPTO_API_STUB(aes_decrypt);
+
+#endif
+
diff --git a/include/crypto/aes.h b/include/crypto/aes.h
index 9339da7c20a8..a72621f552d8 100644
--- a/include/crypto/aes.h
+++ b/include/crypto/aes.h
@@ -6,6 +6,7 @@
 #ifndef _CRYPTO_AES_H
 #define _CRYPTO_AES_H
 
+#include <crypto/api.h>
 #include <linux/types.h>
 #include <linux/crypto.h>
 
@@ -65,8 +66,9 @@ int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
  * described in FIPS-197. The first slot (16 bytes) of each key (enc or dec) is
  * for the initial combination, the second slot for the first round and so on.
  */
-int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
-		  unsigned int key_len);
+DECLARE_CRYPTO_API(aes_expandkey, int,
+	(struct crypto_aes_ctx *ctx, const u8 *in_key, unsigned int key_len),
+	(ctx, in_key, key_len));
 
 /**
  * aes_encrypt - Encrypt a single AES block
@@ -74,7 +76,9 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
  * @out:	Buffer to store the ciphertext
  * @in:		Buffer containing the plaintext
  */
-void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in);
+DECLARE_CRYPTO_API(aes_encrypt, void,
+	(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in),
+	(ctx, out, in));
 
 /**
  * aes_decrypt - Decrypt a single AES block
@@ -82,7 +86,9 @@ void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in);
  * @out:	Buffer to store the plaintext
  * @in:		Buffer containing the ciphertext
  */
-void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in);
+DECLARE_CRYPTO_API(aes_decrypt, void,
+	(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in),
+	(ctx, out, in));
 
 extern const u8 crypto_aes_sbox[];
 extern const u8 crypto_aes_inv_sbox[];
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index b57fda3460f1..ece5ce36a305 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -183,7 +183,7 @@ static u32 subw(u32 in)
  * described in FIPS-197. The first slot (16 bytes) of each key (enc or dec) is
  * for the initial combination, the second slot for the first round and so on.
  */
-int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
+int CRYPTO_API(aes_expandkey)(struct crypto_aes_ctx *ctx, const u8 *in_key,
 		  unsigned int key_len)
 {
 	u32 kwords = key_len / sizeof(u32);
@@ -248,7 +248,7 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
 
 	return 0;
 }
-EXPORT_SYMBOL(aes_expandkey);
+DEFINE_CRYPTO_API(aes_expandkey);
 
 /**
  * aes_encrypt - Encrypt a single AES block
@@ -256,7 +256,7 @@ EXPORT_SYMBOL(aes_expandkey);
  * @out:	Buffer to store the ciphertext
  * @in:		Buffer containing the plaintext
  */
-void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
+void CRYPTO_API(aes_encrypt)(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
 {
 	const u32 *rkp = ctx->key_enc + 4;
 	int rounds = 6 + ctx->key_length / 4;
@@ -299,7 +299,7 @@ void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
 	put_unaligned_le32(subshift(st1, 2) ^ rkp[6], out + 8);
 	put_unaligned_le32(subshift(st1, 3) ^ rkp[7], out + 12);
 }
-EXPORT_SYMBOL(aes_encrypt);
+DEFINE_CRYPTO_API(aes_encrypt);
 
 /**
  * aes_decrypt - Decrypt a single AES block
@@ -307,7 +307,7 @@ EXPORT_SYMBOL(aes_encrypt);
  * @out:	Buffer to store the plaintext
  * @in:		Buffer containing the ciphertext
  */
-void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
+void CRYPTO_API(aes_decrypt)(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
 {
 	const u32 *rkp = ctx->key_dec + 4;
 	int rounds = 6 + ctx->key_length / 4;
@@ -350,7 +350,7 @@ void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
 	put_unaligned_le32(inv_subshift(st1, 2) ^ rkp[6], out + 8);
 	put_unaligned_le32(inv_subshift(st1, 3) ^ rkp[7], out + 12);
 }
-EXPORT_SYMBOL(aes_decrypt);
+DEFINE_CRYPTO_API(aes_decrypt);
 
 MODULE_DESCRIPTION("Generic AES library");
 MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>");
-- 
2.39.3








