1 // SPDX-License-Identifier: GPL-2.0-or-later
34  * See http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
91 	hexdump("Input DT: ", ctx->DT, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
92 	hexdump("Input I: ", ctx->I, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
93 	hexdump("Input V: ", ctx->V, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
106 			memcpy(tmp, ctx->DT, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
107 			output = ctx->I;  in _get_more_prng_bytes()
117 			xor_vectors(ctx->I, ctx->V, tmp, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
119 			output = ctx->rand_data;  in _get_more_prng_bytes()
126 			if (!memcmp(ctx->rand_data, ctx->last_rand_data,  in _get_more_prng_bytes()
137 				ctx->flags |= PRNG_NEED_RESET;  in _get_more_prng_bytes()
138 				return -EINVAL;  in _get_more_prng_bytes()
140 			memcpy(ctx->last_rand_data, ctx->rand_data,  in _get_more_prng_bytes()
147 			xor_vectors(ctx->rand_data, ctx->I, tmp,  in _get_more_prng_bytes()
149 			output = ctx->V;  in _get_more_prng_bytes()
156 		crypto_cipher_encrypt_one(ctx->tfm, output, tmp);  in _get_more_prng_bytes()
163 	for (i = DEFAULT_BLK_SZ - 1; i >= 0; i--) {  in _get_more_prng_bytes()
164 		ctx->DT[i] += 1;  in _get_more_prng_bytes()
165 		if (ctx->DT[i] != 0)  in _get_more_prng_bytes()
170 	ctx->rand_data_valid = 0;  in _get_more_prng_bytes()
172 	hexdump("Output DT: ", ctx->DT, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
173 	hexdump("Output I: ", ctx->I, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
174 	hexdump("Output V: ", ctx->V, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
175 	hexdump("New Random Data: ", ctx->rand_data, DEFAULT_BLK_SZ);  in _get_more_prng_bytes()
189 	spin_lock_bh(&ctx->prng_lock);  in get_prng_bytes()
191 	err = -EINVAL;  in get_prng_bytes()
192 	if (ctx->flags & PRNG_NEED_RESET)  in get_prng_bytes()
199 	err = -EINVAL;  in get_prng_bytes()
200 	if (ctx->flags & PRNG_FIXED_SIZE) {  in get_prng_bytes()
217 	if (ctx->rand_data_valid == DEFAULT_BLK_SZ) {  in get_prng_bytes()
220 			err = -EINVAL;  in get_prng_bytes()
230 		while (ctx->rand_data_valid < DEFAULT_BLK_SZ) {  in get_prng_bytes()
231 			*ptr = ctx->rand_data[ctx->rand_data_valid];  in get_prng_bytes()
233 			byte_count--;  in get_prng_bytes()
234 			ctx->rand_data_valid++;  in get_prng_bytes()
243 	for (; byte_count >= DEFAULT_BLK_SZ; byte_count -= DEFAULT_BLK_SZ) {  in get_prng_bytes()
244 		if (ctx->rand_data_valid == DEFAULT_BLK_SZ) {  in get_prng_bytes()
247 				err = -EINVAL;  in get_prng_bytes()
251 		if (ctx->rand_data_valid > 0)  in get_prng_bytes()
253 		memcpy(ptr, ctx->rand_data, DEFAULT_BLK_SZ);  in get_prng_bytes()
254 		ctx->rand_data_valid += DEFAULT_BLK_SZ;  in get_prng_bytes()
265 	spin_unlock_bh(&ctx->prng_lock);  in get_prng_bytes()
273 	crypto_free_cipher(ctx->tfm);  in free_prng_context()
283 	spin_lock_bh(&ctx->prng_lock);  in reset_prng_context()
284 	ctx->flags |= PRNG_NEED_RESET;  in reset_prng_context()
292 		memcpy(ctx->V, V, DEFAULT_BLK_SZ);  in reset_prng_context()
294 		memcpy(ctx->V, DEFAULT_V_SEED, DEFAULT_BLK_SZ);  in reset_prng_context()
297 		memcpy(ctx->DT, DT, DEFAULT_BLK_SZ);  in reset_prng_context()
299 		memset(ctx->DT, 0, DEFAULT_BLK_SZ);  in reset_prng_context()
301 	memset(ctx->rand_data, 0, DEFAULT_BLK_SZ);  in reset_prng_context()
302 	memset(ctx->last_rand_data, 0, DEFAULT_BLK_SZ);  in reset_prng_context()
304 	ctx->rand_data_valid = DEFAULT_BLK_SZ;  in reset_prng_context()
306 	ret = crypto_cipher_setkey(ctx->tfm, prng_key, klen);  in reset_prng_context()
309 			crypto_cipher_get_flags(ctx->tfm));  in reset_prng_context()
314 	ctx->flags &= ~PRNG_NEED_RESET;  in reset_prng_context()
316 	spin_unlock_bh(&ctx->prng_lock);  in reset_prng_context()
324 	spin_lock_init(&ctx->prng_lock);  in cprng_init()
325 	ctx->tfm = crypto_alloc_cipher("aes", 0, 0);  in cprng_init()
326 	if (IS_ERR(ctx->tfm)) {  in cprng_init()
329 		return PTR_ERR(ctx->tfm);  in cprng_init()
333 		return -EINVAL;  in cprng_init()
340 	ctx->flags |= PRNG_NEED_RESET;  in cprng_init()
372 		return -EINVAL;  in cprng_reset()
379 	if (prng->flags & PRNG_NEED_RESET)  in cprng_reset()
380 		return -EINVAL;  in cprng_reset()
404 		return -EINVAL;  in fips_cprng_reset()
408 		return -EINVAL;  in fips_cprng_reset()
417 	prng->rand_data_valid = DEFAULT_BLK_SZ;  in fips_cprng_reset()
428 	.base			=	{
442 	.base			=	{