diff options
| author | Herbert Xu <herbert@gondor.apana.org.au> | 2015-06-03 02:49:25 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2015-06-04 03:05:00 -0400 |
| commit | 4ce43ceb71cb5d5cde9f9bd4e51d17b966c462f7 (patch) | |
| tree | e1cd75434bde06edd207b743772060abdbf9025b | |
| parent | f261c5fbe7121fd88198f3ee4be4e34a5a268120 (diff) | |
crypto: eseqiv - Move IV seeding into init function
We currently do the IV seeding on the first givencrypt call in
order to conserve entropy. However, this does not work with
DRBG which cannot be called from interrupt context. In fact,
with DRBG we don't need to conserve entropy anyway. So this
patch moves the seeding into the init function.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| -rw-r--r-- | crypto/eseqiv.c | 29 |
1 files changed, 4 insertions, 25 deletions
diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c index f116fae766f8..78a72645390c 100644 --- a/crypto/eseqiv.c +++ b/crypto/eseqiv.c | |||
| @@ -146,29 +146,6 @@ out: | |||
| 146 | return err; | 146 | return err; |
| 147 | } | 147 | } |
| 148 | 148 | ||
| 149 | static int eseqiv_givencrypt_first(struct skcipher_givcrypt_request *req) | ||
| 150 | { | ||
| 151 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | ||
| 152 | struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | ||
| 153 | int err = 0; | ||
| 154 | |||
| 155 | spin_lock_bh(&ctx->lock); | ||
| 156 | if (crypto_ablkcipher_crt(geniv)->givencrypt != eseqiv_givencrypt_first) | ||
| 157 | goto unlock; | ||
| 158 | |||
| 159 | crypto_ablkcipher_crt(geniv)->givencrypt = eseqiv_givencrypt; | ||
| 160 | err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, | ||
| 161 | crypto_ablkcipher_ivsize(geniv)); | ||
| 162 | |||
| 163 | unlock: | ||
| 164 | spin_unlock_bh(&ctx->lock); | ||
| 165 | |||
| 166 | if (err) | ||
| 167 | return err; | ||
| 168 | |||
| 169 | return eseqiv_givencrypt(req); | ||
| 170 | } | ||
| 171 | |||
| 172 | static int eseqiv_init(struct crypto_tfm *tfm) | 149 | static int eseqiv_init(struct crypto_tfm *tfm) |
| 173 | { | 150 | { |
| 174 | struct crypto_ablkcipher *geniv = __crypto_ablkcipher_cast(tfm); | 151 | struct crypto_ablkcipher *geniv = __crypto_ablkcipher_cast(tfm); |
| @@ -198,7 +175,9 @@ static int eseqiv_init(struct crypto_tfm *tfm) | |||
| 198 | tfm->crt_ablkcipher.reqsize = reqsize + | 175 | tfm->crt_ablkcipher.reqsize = reqsize + |
| 199 | sizeof(struct ablkcipher_request); | 176 | sizeof(struct ablkcipher_request); |
| 200 | 177 | ||
| 201 | return skcipher_geniv_init(tfm); | 178 | return crypto_rng_get_bytes(crypto_default_rng, ctx->salt, |
| 179 | crypto_ablkcipher_ivsize(geniv)) ?: | ||
| 180 | skcipher_geniv_init(tfm); | ||
| 202 | } | 181 | } |
| 203 | 182 | ||
| 204 | static struct crypto_template eseqiv_tmpl; | 183 | static struct crypto_template eseqiv_tmpl; |
| @@ -220,7 +199,7 @@ static struct crypto_instance *eseqiv_alloc(struct rtattr **tb) | |||
| 220 | if (inst->alg.cra_ablkcipher.ivsize != inst->alg.cra_blocksize) | 199 | if (inst->alg.cra_ablkcipher.ivsize != inst->alg.cra_blocksize) |
| 221 | goto free_inst; | 200 | goto free_inst; |
| 222 | 201 | ||
| 223 | inst->alg.cra_ablkcipher.givencrypt = eseqiv_givencrypt_first; | 202 | inst->alg.cra_ablkcipher.givencrypt = eseqiv_givencrypt; |
| 224 | 203 | ||
| 225 | inst->alg.cra_init = eseqiv_init; | 204 | inst->alg.cra_init = eseqiv_init; |
| 226 | inst->alg.cra_exit = skcipher_geniv_exit; | 205 | inst->alg.cra_exit = skcipher_geniv_exit; |