summaryrefslogtreecommitdiffstats
path: root/crypto/rsa-pkcs1pad.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/rsa-pkcs1pad.c')
-rw-r--r--crypto/rsa-pkcs1pad.c327
1 files changed, 132 insertions, 195 deletions
diff --git a/crypto/rsa-pkcs1pad.c b/crypto/rsa-pkcs1pad.c
index ead8dc0d084e..877019a6d3ea 100644
--- a/crypto/rsa-pkcs1pad.c
+++ b/crypto/rsa-pkcs1pad.c
@@ -92,60 +92,66 @@ static const struct rsa_asn1_template *rsa_lookup_asn1(const char *name)
92 92
93struct pkcs1pad_ctx { 93struct pkcs1pad_ctx {
94 struct crypto_akcipher *child; 94 struct crypto_akcipher *child;
95 const char *hash_name;
96 unsigned int key_size; 95 unsigned int key_size;
97}; 96};
98 97
99struct pkcs1pad_inst_ctx { 98struct pkcs1pad_inst_ctx {
100 struct crypto_akcipher_spawn spawn; 99 struct crypto_akcipher_spawn spawn;
101 const char *hash_name; 100 const struct rsa_asn1_template *digest_info;
102}; 101};
103 102
104struct pkcs1pad_request { 103struct pkcs1pad_request {
105 struct akcipher_request child_req; 104 struct scatterlist in_sg[2], out_sg[1];
106
107 struct scatterlist in_sg[3], out_sg[2];
108 uint8_t *in_buf, *out_buf; 105 uint8_t *in_buf, *out_buf;
106 struct akcipher_request child_req;
109}; 107};
110 108
111static int pkcs1pad_set_pub_key(struct crypto_akcipher *tfm, const void *key, 109static int pkcs1pad_set_pub_key(struct crypto_akcipher *tfm, const void *key,
112 unsigned int keylen) 110 unsigned int keylen)
113{ 111{
114 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); 112 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm);
115 int err, size; 113 int err;
114
115 ctx->key_size = 0;
116 116
117 err = crypto_akcipher_set_pub_key(ctx->child, key, keylen); 117 err = crypto_akcipher_set_pub_key(ctx->child, key, keylen);
118 if (err)
119 return err;
118 120
119 if (!err) { 121 /* Find out new modulus size from rsa implementation */
120 /* Find out new modulus size from rsa implementation */ 122 err = crypto_akcipher_maxsize(ctx->child);
121 size = crypto_akcipher_maxsize(ctx->child); 123 if (err < 0)
124 return err;
122 125
123 ctx->key_size = size > 0 ? size : 0; 126 if (err > PAGE_SIZE)
124 if (size <= 0) 127 return -ENOTSUPP;
125 err = size;
126 }
127 128
128 return err; 129 ctx->key_size = err;
130 return 0;
129} 131}
130 132
131static int pkcs1pad_set_priv_key(struct crypto_akcipher *tfm, const void *key, 133static int pkcs1pad_set_priv_key(struct crypto_akcipher *tfm, const void *key,
132 unsigned int keylen) 134 unsigned int keylen)
133{ 135{
134 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); 136 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm);
135 int err, size; 137 int err;
138
139 ctx->key_size = 0;
136 140
137 err = crypto_akcipher_set_priv_key(ctx->child, key, keylen); 141 err = crypto_akcipher_set_priv_key(ctx->child, key, keylen);
142 if (err)
143 return err;
138 144
139 if (!err) { 145 /* Find out new modulus size from rsa implementation */
140 /* Find out new modulus size from rsa implementation */ 146 err = crypto_akcipher_maxsize(ctx->child);
141 size = crypto_akcipher_maxsize(ctx->child); 147 if (err < 0)
148 return err;
142 149
143 ctx->key_size = size > 0 ? size : 0; 150 if (err > PAGE_SIZE)
144 if (size <= 0) 151 return -ENOTSUPP;
145 err = size;
146 }
147 152
148 return err; 153 ctx->key_size = err;
154 return 0;
149} 155}
150 156
151static int pkcs1pad_get_max_size(struct crypto_akcipher *tfm) 157static int pkcs1pad_get_max_size(struct crypto_akcipher *tfm)
@@ -164,19 +170,10 @@ static int pkcs1pad_get_max_size(struct crypto_akcipher *tfm)
164static void pkcs1pad_sg_set_buf(struct scatterlist *sg, void *buf, size_t len, 170static void pkcs1pad_sg_set_buf(struct scatterlist *sg, void *buf, size_t len,
165 struct scatterlist *next) 171 struct scatterlist *next)
166{ 172{
167 int nsegs = next ? 1 : 0; 173 int nsegs = next ? 2 : 1;
168 174
169 if (offset_in_page(buf) + len <= PAGE_SIZE) { 175 sg_init_table(sg, nsegs);
170 nsegs += 1; 176 sg_set_buf(sg, buf, len);
171 sg_init_table(sg, nsegs);
172 sg_set_buf(sg, buf, len);
173 } else {
174 nsegs += 2;
175 sg_init_table(sg, nsegs);
176 sg_set_buf(sg + 0, buf, PAGE_SIZE - offset_in_page(buf));
177 sg_set_buf(sg + 1, buf + PAGE_SIZE - offset_in_page(buf),
178 offset_in_page(buf) + len - PAGE_SIZE);
179 }
180 177
181 if (next) 178 if (next)
182 sg_chain(sg, nsegs, next); 179 sg_chain(sg, nsegs, next);
@@ -187,37 +184,36 @@ static int pkcs1pad_encrypt_sign_complete(struct akcipher_request *req, int err)
187 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 184 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
188 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); 185 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm);
189 struct pkcs1pad_request *req_ctx = akcipher_request_ctx(req); 186 struct pkcs1pad_request *req_ctx = akcipher_request_ctx(req);
190 size_t pad_len = ctx->key_size - req_ctx->child_req.dst_len; 187 unsigned int pad_len;
191 size_t chunk_len, pad_left; 188 unsigned int len;
192 struct sg_mapping_iter miter; 189 u8 *out_buf;
193 190
194 if (!err) { 191 if (err)
195 if (pad_len) { 192 goto out;
196 sg_miter_start(&miter, req->dst, 193
197 sg_nents_for_len(req->dst, pad_len), 194 len = req_ctx->child_req.dst_len;
198 SG_MITER_ATOMIC | SG_MITER_TO_SG); 195 pad_len = ctx->key_size - len;
199 196
200 pad_left = pad_len; 197 /* Four billion to one */
201 while (pad_left) { 198 if (likely(!pad_len))
202 sg_miter_next(&miter); 199 goto out;
203 200
204 chunk_len = min(miter.length, pad_left); 201 out_buf = kzalloc(ctx->key_size, GFP_ATOMIC);
205 memset(miter.addr, 0, chunk_len); 202 err = -ENOMEM;
206 pad_left -= chunk_len; 203 if (!out_buf)
207 } 204 goto out;
208 205
209 sg_miter_stop(&miter); 206 sg_copy_to_buffer(req->dst, sg_nents_for_len(req->dst, len),
210 } 207 out_buf + pad_len, len);
211 208 sg_copy_from_buffer(req->dst,
212 sg_pcopy_from_buffer(req->dst, 209 sg_nents_for_len(req->dst, ctx->key_size),
213 sg_nents_for_len(req->dst, ctx->key_size), 210 out_buf, ctx->key_size);
214 req_ctx->out_buf, req_ctx->child_req.dst_len, 211 kzfree(out_buf);
215 pad_len); 212
216 } 213out:
217 req->dst_len = ctx->key_size; 214 req->dst_len = ctx->key_size;
218 215
219 kfree(req_ctx->in_buf); 216 kfree(req_ctx->in_buf);
220 kzfree(req_ctx->out_buf);
221 217
222 return err; 218 return err;
223} 219}
@@ -257,21 +253,8 @@ static int pkcs1pad_encrypt(struct akcipher_request *req)
257 return -EOVERFLOW; 253 return -EOVERFLOW;
258 } 254 }
259 255
260 if (ctx->key_size > PAGE_SIZE)
261 return -ENOTSUPP;
262
263 /*
264 * Replace both input and output to add the padding in the input and
265 * the potential missing leading zeros in the output.
266 */
267 req_ctx->child_req.src = req_ctx->in_sg;
268 req_ctx->child_req.src_len = ctx->key_size - 1;
269 req_ctx->child_req.dst = req_ctx->out_sg;
270 req_ctx->child_req.dst_len = ctx->key_size;
271
272 req_ctx->in_buf = kmalloc(ctx->key_size - 1 - req->src_len, 256 req_ctx->in_buf = kmalloc(ctx->key_size - 1 - req->src_len,
273 (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? 257 GFP_KERNEL);
274 GFP_KERNEL : GFP_ATOMIC);
275 if (!req_ctx->in_buf) 258 if (!req_ctx->in_buf)
276 return -ENOMEM; 259 return -ENOMEM;
277 260
@@ -284,9 +267,7 @@ static int pkcs1pad_encrypt(struct akcipher_request *req)
284 pkcs1pad_sg_set_buf(req_ctx->in_sg, req_ctx->in_buf, 267 pkcs1pad_sg_set_buf(req_ctx->in_sg, req_ctx->in_buf,
285 ctx->key_size - 1 - req->src_len, req->src); 268 ctx->key_size - 1 - req->src_len, req->src);
286 269
287 req_ctx->out_buf = kmalloc(ctx->key_size, 270 req_ctx->out_buf = kmalloc(ctx->key_size, GFP_KERNEL);
288 (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
289 GFP_KERNEL : GFP_ATOMIC);
290 if (!req_ctx->out_buf) { 271 if (!req_ctx->out_buf) {
291 kfree(req_ctx->in_buf); 272 kfree(req_ctx->in_buf);
292 return -ENOMEM; 273 return -ENOMEM;
@@ -299,6 +280,10 @@ static int pkcs1pad_encrypt(struct akcipher_request *req)
299 akcipher_request_set_callback(&req_ctx->child_req, req->base.flags, 280 akcipher_request_set_callback(&req_ctx->child_req, req->base.flags,
300 pkcs1pad_encrypt_sign_complete_cb, req); 281 pkcs1pad_encrypt_sign_complete_cb, req);
301 282
283 /* Reuse output buffer */
284 akcipher_request_set_crypt(&req_ctx->child_req, req_ctx->in_sg,
285 req->dst, ctx->key_size - 1, req->dst_len);
286
302 err = crypto_akcipher_encrypt(&req_ctx->child_req); 287 err = crypto_akcipher_encrypt(&req_ctx->child_req);
303 if (err != -EINPROGRESS && 288 if (err != -EINPROGRESS &&
304 (err != -EBUSY || 289 (err != -EBUSY ||
@@ -380,18 +365,7 @@ static int pkcs1pad_decrypt(struct akcipher_request *req)
380 if (!ctx->key_size || req->src_len != ctx->key_size) 365 if (!ctx->key_size || req->src_len != ctx->key_size)
381 return -EINVAL; 366 return -EINVAL;
382 367
383 if (ctx->key_size > PAGE_SIZE) 368 req_ctx->out_buf = kmalloc(ctx->key_size, GFP_KERNEL);
384 return -ENOTSUPP;
385
386 /* Reuse input buffer, output to a new buffer */
387 req_ctx->child_req.src = req->src;
388 req_ctx->child_req.src_len = req->src_len;
389 req_ctx->child_req.dst = req_ctx->out_sg;
390 req_ctx->child_req.dst_len = ctx->key_size ;
391
392 req_ctx->out_buf = kmalloc(ctx->key_size,
393 (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
394 GFP_KERNEL : GFP_ATOMIC);
395 if (!req_ctx->out_buf) 369 if (!req_ctx->out_buf)
396 return -ENOMEM; 370 return -ENOMEM;
397 371
@@ -402,6 +376,11 @@ static int pkcs1pad_decrypt(struct akcipher_request *req)
402 akcipher_request_set_callback(&req_ctx->child_req, req->base.flags, 376 akcipher_request_set_callback(&req_ctx->child_req, req->base.flags,
403 pkcs1pad_decrypt_complete_cb, req); 377 pkcs1pad_decrypt_complete_cb, req);
404 378
379 /* Reuse input buffer, output to a new buffer */
380 akcipher_request_set_crypt(&req_ctx->child_req, req->src,
381 req_ctx->out_sg, req->src_len,
382 ctx->key_size);
383
405 err = crypto_akcipher_decrypt(&req_ctx->child_req); 384 err = crypto_akcipher_decrypt(&req_ctx->child_req);
406 if (err != -EINPROGRESS && 385 if (err != -EINPROGRESS &&
407 (err != -EBUSY || 386 (err != -EBUSY ||
@@ -416,20 +395,16 @@ static int pkcs1pad_sign(struct akcipher_request *req)
416 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 395 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
417 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); 396 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm);
418 struct pkcs1pad_request *req_ctx = akcipher_request_ctx(req); 397 struct pkcs1pad_request *req_ctx = akcipher_request_ctx(req);
419 const struct rsa_asn1_template *digest_info = NULL; 398 struct akcipher_instance *inst = akcipher_alg_instance(tfm);
399 struct pkcs1pad_inst_ctx *ictx = akcipher_instance_ctx(inst);
400 const struct rsa_asn1_template *digest_info = ictx->digest_info;
420 int err; 401 int err;
421 unsigned int ps_end, digest_size = 0; 402 unsigned int ps_end, digest_size = 0;
422 403
423 if (!ctx->key_size) 404 if (!ctx->key_size)
424 return -EINVAL; 405 return -EINVAL;
425 406
426 if (ctx->hash_name) { 407 digest_size = digest_info->size;
427 digest_info = rsa_lookup_asn1(ctx->hash_name);
428 if (!digest_info)
429 return -EINVAL;
430
431 digest_size = digest_info->size;
432 }
433 408
434 if (req->src_len + digest_size > ctx->key_size - 11) 409 if (req->src_len + digest_size > ctx->key_size - 11)
435 return -EOVERFLOW; 410 return -EOVERFLOW;
@@ -439,21 +414,8 @@ static int pkcs1pad_sign(struct akcipher_request *req)
439 return -EOVERFLOW; 414 return -EOVERFLOW;
440 } 415 }
441 416
442 if (ctx->key_size > PAGE_SIZE)
443 return -ENOTSUPP;
444
445 /*
446 * Replace both input and output to add the padding in the input and
447 * the potential missing leading zeros in the output.
448 */
449 req_ctx->child_req.src = req_ctx->in_sg;
450 req_ctx->child_req.src_len = ctx->key_size - 1;
451 req_ctx->child_req.dst = req_ctx->out_sg;
452 req_ctx->child_req.dst_len = ctx->key_size;
453
454 req_ctx->in_buf = kmalloc(ctx->key_size - 1 - req->src_len, 417 req_ctx->in_buf = kmalloc(ctx->key_size - 1 - req->src_len,
455 (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? 418 GFP_KERNEL);
456 GFP_KERNEL : GFP_ATOMIC);
457 if (!req_ctx->in_buf) 419 if (!req_ctx->in_buf)
458 return -ENOMEM; 420 return -ENOMEM;
459 421
@@ -462,29 +424,20 @@ static int pkcs1pad_sign(struct akcipher_request *req)
462 memset(req_ctx->in_buf + 1, 0xff, ps_end - 1); 424 memset(req_ctx->in_buf + 1, 0xff, ps_end - 1);
463 req_ctx->in_buf[ps_end] = 0x00; 425 req_ctx->in_buf[ps_end] = 0x00;
464 426
465 if (digest_info) { 427 memcpy(req_ctx->in_buf + ps_end + 1, digest_info->data,
466 memcpy(req_ctx->in_buf + ps_end + 1, digest_info->data, 428 digest_info->size);
467 digest_info->size);
468 }
469 429
470 pkcs1pad_sg_set_buf(req_ctx->in_sg, req_ctx->in_buf, 430 pkcs1pad_sg_set_buf(req_ctx->in_sg, req_ctx->in_buf,
471 ctx->key_size - 1 - req->src_len, req->src); 431 ctx->key_size - 1 - req->src_len, req->src);
472 432
473 req_ctx->out_buf = kmalloc(ctx->key_size,
474 (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
475 GFP_KERNEL : GFP_ATOMIC);
476 if (!req_ctx->out_buf) {
477 kfree(req_ctx->in_buf);
478 return -ENOMEM;
479 }
480
481 pkcs1pad_sg_set_buf(req_ctx->out_sg, req_ctx->out_buf,
482 ctx->key_size, NULL);
483
484 akcipher_request_set_tfm(&req_ctx->child_req, ctx->child); 433 akcipher_request_set_tfm(&req_ctx->child_req, ctx->child);
485 akcipher_request_set_callback(&req_ctx->child_req, req->base.flags, 434 akcipher_request_set_callback(&req_ctx->child_req, req->base.flags,
486 pkcs1pad_encrypt_sign_complete_cb, req); 435 pkcs1pad_encrypt_sign_complete_cb, req);
487 436
437 /* Reuse output buffer */
438 akcipher_request_set_crypt(&req_ctx->child_req, req_ctx->in_sg,
439 req->dst, ctx->key_size - 1, req->dst_len);
440
488 err = crypto_akcipher_sign(&req_ctx->child_req); 441 err = crypto_akcipher_sign(&req_ctx->child_req);
489 if (err != -EINPROGRESS && 442 if (err != -EINPROGRESS &&
490 (err != -EBUSY || 443 (err != -EBUSY ||
@@ -499,56 +452,58 @@ static int pkcs1pad_verify_complete(struct akcipher_request *req, int err)
499 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 452 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
500 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); 453 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm);
501 struct pkcs1pad_request *req_ctx = akcipher_request_ctx(req); 454 struct pkcs1pad_request *req_ctx = akcipher_request_ctx(req);
502 const struct rsa_asn1_template *digest_info; 455 struct akcipher_instance *inst = akcipher_alg_instance(tfm);
456 struct pkcs1pad_inst_ctx *ictx = akcipher_instance_ctx(inst);
457 const struct rsa_asn1_template *digest_info = ictx->digest_info;
458 unsigned int dst_len;
503 unsigned int pos; 459 unsigned int pos;
504 460 u8 *out_buf;
505 if (err == -EOVERFLOW)
506 /* Decrypted value had no leading 0 byte */
507 err = -EINVAL;
508 461
509 if (err) 462 if (err)
510 goto done; 463 goto done;
511 464
512 if (req_ctx->child_req.dst_len != ctx->key_size - 1) { 465 err = -EINVAL;
513 err = -EINVAL; 466 dst_len = req_ctx->child_req.dst_len;
467 if (dst_len < ctx->key_size - 1)
514 goto done; 468 goto done;
469
470 out_buf = req_ctx->out_buf;
471 if (dst_len == ctx->key_size) {
472 if (out_buf[0] != 0x00)
473 /* Decrypted value had no leading 0 byte */
474 goto done;
475
476 dst_len--;
477 out_buf++;
515 } 478 }
516 479
517 err = -EBADMSG; 480 err = -EBADMSG;
518 if (req_ctx->out_buf[0] != 0x01) 481 if (out_buf[0] != 0x01)
519 goto done; 482 goto done;
520 483
521 for (pos = 1; pos < req_ctx->child_req.dst_len; pos++) 484 for (pos = 1; pos < dst_len; pos++)
522 if (req_ctx->out_buf[pos] != 0xff) 485 if (out_buf[pos] != 0xff)
523 break; 486 break;
524 487
525 if (pos < 9 || pos == req_ctx->child_req.dst_len || 488 if (pos < 9 || pos == dst_len || out_buf[pos] != 0x00)
526 req_ctx->out_buf[pos] != 0x00)
527 goto done; 489 goto done;
528 pos++; 490 pos++;
529 491
530 if (ctx->hash_name) { 492 if (memcmp(out_buf + pos, digest_info->data, digest_info->size))
531 digest_info = rsa_lookup_asn1(ctx->hash_name); 493 goto done;
532 if (!digest_info)
533 goto done;
534
535 if (memcmp(req_ctx->out_buf + pos, digest_info->data,
536 digest_info->size))
537 goto done;
538 494
539 pos += digest_info->size; 495 pos += digest_info->size;
540 }
541 496
542 err = 0; 497 err = 0;
543 498
544 if (req->dst_len < req_ctx->child_req.dst_len - pos) 499 if (req->dst_len < dst_len - pos)
545 err = -EOVERFLOW; 500 err = -EOVERFLOW;
546 req->dst_len = req_ctx->child_req.dst_len - pos; 501 req->dst_len = dst_len - pos;
547 502
548 if (!err) 503 if (!err)
549 sg_copy_from_buffer(req->dst, 504 sg_copy_from_buffer(req->dst,
550 sg_nents_for_len(req->dst, req->dst_len), 505 sg_nents_for_len(req->dst, req->dst_len),
551 req_ctx->out_buf + pos, req->dst_len); 506 out_buf + pos, req->dst_len);
552done: 507done:
553 kzfree(req_ctx->out_buf); 508 kzfree(req_ctx->out_buf);
554 509
@@ -588,18 +543,7 @@ static int pkcs1pad_verify(struct akcipher_request *req)
588 if (!ctx->key_size || req->src_len < ctx->key_size) 543 if (!ctx->key_size || req->src_len < ctx->key_size)
589 return -EINVAL; 544 return -EINVAL;
590 545
591 if (ctx->key_size > PAGE_SIZE) 546 req_ctx->out_buf = kmalloc(ctx->key_size, GFP_KERNEL);
592 return -ENOTSUPP;
593
594 /* Reuse input buffer, output to a new buffer */
595 req_ctx->child_req.src = req->src;
596 req_ctx->child_req.src_len = req->src_len;
597 req_ctx->child_req.dst = req_ctx->out_sg;
598 req_ctx->child_req.dst_len = ctx->key_size;
599
600 req_ctx->out_buf = kmalloc(ctx->key_size,
601 (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
602 GFP_KERNEL : GFP_ATOMIC);
603 if (!req_ctx->out_buf) 547 if (!req_ctx->out_buf)
604 return -ENOMEM; 548 return -ENOMEM;
605 549
@@ -610,6 +554,11 @@ static int pkcs1pad_verify(struct akcipher_request *req)
610 akcipher_request_set_callback(&req_ctx->child_req, req->base.flags, 554 akcipher_request_set_callback(&req_ctx->child_req, req->base.flags,
611 pkcs1pad_verify_complete_cb, req); 555 pkcs1pad_verify_complete_cb, req);
612 556
557 /* Reuse input buffer, output to a new buffer */
558 akcipher_request_set_crypt(&req_ctx->child_req, req->src,
559 req_ctx->out_sg, req->src_len,
560 ctx->key_size);
561
613 err = crypto_akcipher_verify(&req_ctx->child_req); 562 err = crypto_akcipher_verify(&req_ctx->child_req);
614 if (err != -EINPROGRESS && 563 if (err != -EINPROGRESS &&
615 (err != -EBUSY || 564 (err != -EBUSY ||
@@ -626,12 +575,11 @@ static int pkcs1pad_init_tfm(struct crypto_akcipher *tfm)
626 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); 575 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm);
627 struct crypto_akcipher *child_tfm; 576 struct crypto_akcipher *child_tfm;
628 577
629 child_tfm = crypto_spawn_akcipher(akcipher_instance_ctx(inst)); 578 child_tfm = crypto_spawn_akcipher(&ictx->spawn);
630 if (IS_ERR(child_tfm)) 579 if (IS_ERR(child_tfm))
631 return PTR_ERR(child_tfm); 580 return PTR_ERR(child_tfm);
632 581
633 ctx->child = child_tfm; 582 ctx->child = child_tfm;
634 ctx->hash_name = ictx->hash_name;
635 return 0; 583 return 0;
636} 584}
637 585
@@ -648,12 +596,12 @@ static void pkcs1pad_free(struct akcipher_instance *inst)
648 struct crypto_akcipher_spawn *spawn = &ctx->spawn; 596 struct crypto_akcipher_spawn *spawn = &ctx->spawn;
649 597
650 crypto_drop_akcipher(spawn); 598 crypto_drop_akcipher(spawn);
651 kfree(ctx->hash_name);
652 kfree(inst); 599 kfree(inst);
653} 600}
654 601
655static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb) 602static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb)
656{ 603{
604 const struct rsa_asn1_template *digest_info;
657 struct crypto_attr_type *algt; 605 struct crypto_attr_type *algt;
658 struct akcipher_instance *inst; 606 struct akcipher_instance *inst;
659 struct pkcs1pad_inst_ctx *ctx; 607 struct pkcs1pad_inst_ctx *ctx;
@@ -676,7 +624,11 @@ static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb)
676 624
677 hash_name = crypto_attr_alg_name(tb[2]); 625 hash_name = crypto_attr_alg_name(tb[2]);
678 if (IS_ERR(hash_name)) 626 if (IS_ERR(hash_name))
679 hash_name = NULL; 627 return PTR_ERR(hash_name);
628
629 digest_info = rsa_lookup_asn1(hash_name);
630 if (!digest_info)
631 return -EINVAL;
680 632
681 inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); 633 inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL);
682 if (!inst) 634 if (!inst)
@@ -684,7 +636,7 @@ static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb)
684 636
685 ctx = akcipher_instance_ctx(inst); 637 ctx = akcipher_instance_ctx(inst);
686 spawn = &ctx->spawn; 638 spawn = &ctx->spawn;
687 ctx->hash_name = hash_name ? kstrdup(hash_name, GFP_KERNEL) : NULL; 639 ctx->digest_info = digest_info;
688 640
689 crypto_set_spawn(&spawn->base, akcipher_crypto_instance(inst)); 641 crypto_set_spawn(&spawn->base, akcipher_crypto_instance(inst));
690 err = crypto_grab_akcipher(spawn, rsa_alg_name, 0, 642 err = crypto_grab_akcipher(spawn, rsa_alg_name, 0,
@@ -696,27 +648,14 @@ static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb)
696 648
697 err = -ENAMETOOLONG; 649 err = -ENAMETOOLONG;
698 650
699 if (!hash_name) { 651 if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME,
700 if (snprintf(inst->alg.base.cra_name, 652 "pkcs1pad(%s,%s)", rsa_alg->base.cra_name, hash_name) >=
701 CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s)", 653 CRYPTO_MAX_ALG_NAME ||
702 rsa_alg->base.cra_name) >= 654 snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
703 CRYPTO_MAX_ALG_NAME || 655 "pkcs1pad(%s,%s)",
704 snprintf(inst->alg.base.cra_driver_name, 656 rsa_alg->base.cra_driver_name, hash_name) >=
705 CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s)", 657 CRYPTO_MAX_ALG_NAME)
706 rsa_alg->base.cra_driver_name) >=
707 CRYPTO_MAX_ALG_NAME)
708 goto out_drop_alg; 658 goto out_drop_alg;
709 } else {
710 if (snprintf(inst->alg.base.cra_name,
711 CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s,%s)",
712 rsa_alg->base.cra_name, hash_name) >=
713 CRYPTO_MAX_ALG_NAME ||
714 snprintf(inst->alg.base.cra_driver_name,
715 CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s,%s)",
716 rsa_alg->base.cra_driver_name, hash_name) >=
717 CRYPTO_MAX_ALG_NAME)
718 goto out_free_hash;
719 }
720 659
721 inst->alg.base.cra_flags = rsa_alg->base.cra_flags & CRYPTO_ALG_ASYNC; 660 inst->alg.base.cra_flags = rsa_alg->base.cra_flags & CRYPTO_ALG_ASYNC;
722 inst->alg.base.cra_priority = rsa_alg->base.cra_priority; 661 inst->alg.base.cra_priority = rsa_alg->base.cra_priority;
@@ -738,12 +677,10 @@ static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb)
738 677
739 err = akcipher_register_instance(tmpl, inst); 678 err = akcipher_register_instance(tmpl, inst);
740 if (err) 679 if (err)
741 goto out_free_hash; 680 goto out_drop_alg;
742 681
743 return 0; 682 return 0;
744 683
745out_free_hash:
746 kfree(ctx->hash_name);
747out_drop_alg: 684out_drop_alg:
748 crypto_drop_akcipher(spawn); 685 crypto_drop_akcipher(spawn);
749out_free_inst: 686out_free_inst:
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-25 12:02:02 -0500