diff options
| author | Herbert Xu <herbert@gondor.apana.org.au> | 2016-07-12 01:17:34 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2016-07-18 05:35:38 -0400 |
| commit | 7217d49f1684b8cd8f6e0e9010efb49f81787cd1 (patch) | |
| tree | 92fea1a7d469d7e05e32dd1bed16355d429c62b5 | |
| parent | 7a530aa9cf3f282b6b123b9296dfce80ed8f068e (diff) | |
crypto: authenc - Use skcipher
This patch converts authenc to use the new skcipher interface as
opposed to ablkcipher.
It also fixes a little bug where if a sync version of authenc
is requested we may still end up using an async ahash. This should
have no effect as none of the authenc users can request for a
sync authenc.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
| -rw-r--r-- | crypto/authenc.c | 107 |
1 files changed, 56 insertions, 51 deletions
diff --git a/crypto/authenc.c b/crypto/authenc.c index 309fbc17222d..a7e1ac786c5d 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c | |||
| @@ -32,8 +32,8 @@ struct authenc_instance_ctx { | |||
| 32 | 32 | ||
| 33 | struct crypto_authenc_ctx { | 33 | struct crypto_authenc_ctx { |
| 34 | struct crypto_ahash *auth; | 34 | struct crypto_ahash *auth; |
| 35 | struct crypto_ablkcipher *enc; | 35 | struct crypto_skcipher *enc; |
| 36 | struct crypto_blkcipher *null; | 36 | struct crypto_skcipher *null; |
| 37 | }; | 37 | }; |
| 38 | 38 | ||
| 39 | struct authenc_request_ctx { | 39 | struct authenc_request_ctx { |
| @@ -83,7 +83,7 @@ static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, | |||
| 83 | { | 83 | { |
| 84 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 84 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
| 85 | struct crypto_ahash *auth = ctx->auth; | 85 | struct crypto_ahash *auth = ctx->auth; |
| 86 | struct crypto_ablkcipher *enc = ctx->enc; | 86 | struct crypto_skcipher *enc = ctx->enc; |
| 87 | struct crypto_authenc_keys keys; | 87 | struct crypto_authenc_keys keys; |
| 88 | int err = -EINVAL; | 88 | int err = -EINVAL; |
| 89 | 89 | ||
| @@ -100,11 +100,11 @@ static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, | |||
| 100 | if (err) | 100 | if (err) |
| 101 | goto out; | 101 | goto out; |
| 102 | 102 | ||
| 103 | crypto_ablkcipher_clear_flags(enc, CRYPTO_TFM_REQ_MASK); | 103 | crypto_skcipher_clear_flags(enc, CRYPTO_TFM_REQ_MASK); |
| 104 | crypto_ablkcipher_set_flags(enc, crypto_aead_get_flags(authenc) & | 104 | crypto_skcipher_set_flags(enc, crypto_aead_get_flags(authenc) & |
| 105 | CRYPTO_TFM_REQ_MASK); | 105 | CRYPTO_TFM_REQ_MASK); |
| 106 | err = crypto_ablkcipher_setkey(enc, keys.enckey, keys.enckeylen); | 106 | err = crypto_skcipher_setkey(enc, keys.enckey, keys.enckeylen); |
| 107 | crypto_aead_set_flags(authenc, crypto_ablkcipher_get_flags(enc) & | 107 | crypto_aead_set_flags(authenc, crypto_skcipher_get_flags(enc) & |
| 108 | CRYPTO_TFM_RES_MASK); | 108 | CRYPTO_TFM_RES_MASK); |
| 109 | 109 | ||
| 110 | out: | 110 | out: |
| @@ -184,12 +184,15 @@ static int crypto_authenc_copy_assoc(struct aead_request *req) | |||
| 184 | { | 184 | { |
| 185 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 185 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
| 186 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 186 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
| 187 | struct blkcipher_desc desc = { | 187 | SKCIPHER_REQUEST_ON_STACK(skreq, ctx->null); |
| 188 | .tfm = ctx->null, | ||
| 189 | }; | ||
| 190 | 188 | ||
| 191 | return crypto_blkcipher_encrypt(&desc, req->dst, req->src, | 189 | skcipher_request_set_tfm(skreq, ctx->null); |
| 192 | req->assoclen); | 190 | skcipher_request_set_callback(skreq, aead_request_flags(req), |
| 191 | NULL, NULL); | ||
| 192 | skcipher_request_set_crypt(skreq, req->src, req->dst, req->assoclen, | ||
| 193 | NULL); | ||
| 194 | |||
| 195 | return crypto_skcipher_encrypt(skreq); | ||
| 193 | } | 196 | } |
| 194 | 197 | ||
| 195 | static int crypto_authenc_encrypt(struct aead_request *req) | 198 | static int crypto_authenc_encrypt(struct aead_request *req) |
| @@ -199,10 +202,10 @@ static int crypto_authenc_encrypt(struct aead_request *req) | |||
| 199 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 202 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
| 200 | struct authenc_instance_ctx *ictx = aead_instance_ctx(inst); | 203 | struct authenc_instance_ctx *ictx = aead_instance_ctx(inst); |
| 201 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | 204 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); |
| 202 | struct crypto_ablkcipher *enc = ctx->enc; | 205 | struct crypto_skcipher *enc = ctx->enc; |
| 203 | unsigned int cryptlen = req->cryptlen; | 206 | unsigned int cryptlen = req->cryptlen; |
| 204 | struct ablkcipher_request *abreq = (void *)(areq_ctx->tail + | 207 | struct skcipher_request *skreq = (void *)(areq_ctx->tail + |
| 205 | ictx->reqoff); | 208 | ictx->reqoff); |
| 206 | struct scatterlist *src, *dst; | 209 | struct scatterlist *src, *dst; |
| 207 | int err; | 210 | int err; |
| 208 | 211 | ||
| @@ -217,12 +220,12 @@ static int crypto_authenc_encrypt(struct aead_request *req) | |||
| 217 | dst = scatterwalk_ffwd(areq_ctx->dst, req->dst, req->assoclen); | 220 | dst = scatterwalk_ffwd(areq_ctx->dst, req->dst, req->assoclen); |
| 218 | } | 221 | } |
| 219 | 222 | ||
| 220 | ablkcipher_request_set_tfm(abreq, enc); | 223 | skcipher_request_set_tfm(skreq, enc); |
| 221 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), | 224 | skcipher_request_set_callback(skreq, aead_request_flags(req), |
| 222 | crypto_authenc_encrypt_done, req); | 225 | crypto_authenc_encrypt_done, req); |
| 223 | ablkcipher_request_set_crypt(abreq, src, dst, cryptlen, req->iv); | 226 | skcipher_request_set_crypt(skreq, src, dst, cryptlen, req->iv); |
| 224 | 227 | ||
| 225 | err = crypto_ablkcipher_encrypt(abreq); | 228 | err = crypto_skcipher_encrypt(skreq); |
| 226 | if (err) | 229 | if (err) |
| 227 | return err; | 230 | return err; |
| 228 | 231 | ||
| @@ -238,8 +241,8 @@ static int crypto_authenc_decrypt_tail(struct aead_request *req, | |||
| 238 | struct authenc_instance_ctx *ictx = aead_instance_ctx(inst); | 241 | struct authenc_instance_ctx *ictx = aead_instance_ctx(inst); |
| 239 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | 242 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); |
| 240 | struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff); | 243 | struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff); |
| 241 | struct ablkcipher_request *abreq = (void *)(areq_ctx->tail + | 244 | struct skcipher_request *skreq = (void *)(areq_ctx->tail + |
| 242 | ictx->reqoff); | 245 | ictx->reqoff); |
| 243 | unsigned int authsize = crypto_aead_authsize(authenc); | 246 | unsigned int authsize = crypto_aead_authsize(authenc); |
| 244 | u8 *ihash = ahreq->result + authsize; | 247 | u8 *ihash = ahreq->result + authsize; |
| 245 | struct scatterlist *src, *dst; | 248 | struct scatterlist *src, *dst; |
| @@ -255,13 +258,13 @@ static int crypto_authenc_decrypt_tail(struct aead_request *req, | |||
| 255 | if (req->src != req->dst) | 258 | if (req->src != req->dst) |
| 256 | dst = scatterwalk_ffwd(areq_ctx->dst, req->dst, req->assoclen); | 259 | dst = scatterwalk_ffwd(areq_ctx->dst, req->dst, req->assoclen); |
| 257 | 260 | ||
| 258 | ablkcipher_request_set_tfm(abreq, ctx->enc); | 261 | skcipher_request_set_tfm(skreq, ctx->enc); |
| 259 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), | 262 | skcipher_request_set_callback(skreq, aead_request_flags(req), |
| 260 | req->base.complete, req->base.data); | 263 | req->base.complete, req->base.data); |
| 261 | ablkcipher_request_set_crypt(abreq, src, dst, | 264 | skcipher_request_set_crypt(skreq, src, dst, |
| 262 | req->cryptlen - authsize, req->iv); | 265 | req->cryptlen - authsize, req->iv); |
| 263 | 266 | ||
| 264 | return crypto_ablkcipher_decrypt(abreq); | 267 | return crypto_skcipher_decrypt(skreq); |
| 265 | } | 268 | } |
| 266 | 269 | ||
| 267 | static void authenc_verify_ahash_done(struct crypto_async_request *areq, | 270 | static void authenc_verify_ahash_done(struct crypto_async_request *areq, |
| @@ -313,20 +316,20 @@ static int crypto_authenc_init_tfm(struct crypto_aead *tfm) | |||
| 313 | struct authenc_instance_ctx *ictx = aead_instance_ctx(inst); | 316 | struct authenc_instance_ctx *ictx = aead_instance_ctx(inst); |
| 314 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(tfm); | 317 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(tfm); |
| 315 | struct crypto_ahash *auth; | 318 | struct crypto_ahash *auth; |
| 316 | struct crypto_ablkcipher *enc; | 319 | struct crypto_skcipher *enc; |
| 317 | struct crypto_blkcipher *null; | 320 | struct crypto_skcipher *null; |
| 318 | int err; | 321 | int err; |
| 319 | 322 | ||
| 320 | auth = crypto_spawn_ahash(&ictx->auth); | 323 | auth = crypto_spawn_ahash(&ictx->auth); |
| 321 | if (IS_ERR(auth)) | 324 | if (IS_ERR(auth)) |
| 322 | return PTR_ERR(auth); | 325 | return PTR_ERR(auth); |
| 323 | 326 | ||
| 324 | enc = crypto_spawn_skcipher(&ictx->enc); | 327 | enc = crypto_spawn_skcipher2(&ictx->enc); |
| 325 | err = PTR_ERR(enc); | 328 | err = PTR_ERR(enc); |
| 326 | if (IS_ERR(enc)) | 329 | if (IS_ERR(enc)) |
| 327 | goto err_free_ahash; | 330 | goto err_free_ahash; |
| 328 | 331 | ||
| 329 | null = crypto_get_default_null_skcipher(); | 332 | null = crypto_get_default_null_skcipher2(); |
| 330 | err = PTR_ERR(null); | 333 | err = PTR_ERR(null); |
| 331 | if (IS_ERR(null)) | 334 | if (IS_ERR(null)) |
| 332 | goto err_free_skcipher; | 335 | goto err_free_skcipher; |
| @@ -342,13 +345,13 @@ static int crypto_authenc_init_tfm(struct crypto_aead *tfm) | |||
| 342 | max_t(unsigned int, | 345 | max_t(unsigned int, |
| 343 | crypto_ahash_reqsize(auth) + | 346 | crypto_ahash_reqsize(auth) + |
| 344 | sizeof(struct ahash_request), | 347 | sizeof(struct ahash_request), |
| 345 | sizeof(struct ablkcipher_request) + | 348 | sizeof(struct skcipher_request) + |
| 346 | crypto_ablkcipher_reqsize(enc))); | 349 | crypto_skcipher_reqsize(enc))); |
| 347 | 350 | ||
| 348 | return 0; | 351 | return 0; |
| 349 | 352 | ||
| 350 | err_free_skcipher: | 353 | err_free_skcipher: |
| 351 | crypto_free_ablkcipher(enc); | 354 | crypto_free_skcipher(enc); |
| 352 | err_free_ahash: | 355 | err_free_ahash: |
| 353 | crypto_free_ahash(auth); | 356 | crypto_free_ahash(auth); |
| 354 | return err; | 357 | return err; |
| @@ -359,8 +362,8 @@ static void crypto_authenc_exit_tfm(struct crypto_aead *tfm) | |||
| 359 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(tfm); | 362 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(tfm); |
| 360 | 363 | ||
| 361 | crypto_free_ahash(ctx->auth); | 364 | crypto_free_ahash(ctx->auth); |
| 362 | crypto_free_ablkcipher(ctx->enc); | 365 | crypto_free_skcipher(ctx->enc); |
| 363 | crypto_put_default_null_skcipher(); | 366 | crypto_put_default_null_skcipher2(); |
| 364 | } | 367 | } |
| 365 | 368 | ||
| 366 | static void crypto_authenc_free(struct aead_instance *inst) | 369 | static void crypto_authenc_free(struct aead_instance *inst) |
| @@ -379,7 +382,7 @@ static int crypto_authenc_create(struct crypto_template *tmpl, | |||
| 379 | struct aead_instance *inst; | 382 | struct aead_instance *inst; |
| 380 | struct hash_alg_common *auth; | 383 | struct hash_alg_common *auth; |
| 381 | struct crypto_alg *auth_base; | 384 | struct crypto_alg *auth_base; |
| 382 | struct crypto_alg *enc; | 385 | struct skcipher_alg *enc; |
| 383 | struct authenc_instance_ctx *ctx; | 386 | struct authenc_instance_ctx *ctx; |
| 384 | const char *enc_name; | 387 | const char *enc_name; |
| 385 | int err; | 388 | int err; |
| @@ -417,38 +420,40 @@ static int crypto_authenc_create(struct crypto_template *tmpl, | |||
| 417 | goto err_free_inst; | 420 | goto err_free_inst; |
| 418 | 421 | ||
| 419 | crypto_set_skcipher_spawn(&ctx->enc, aead_crypto_instance(inst)); | 422 | crypto_set_skcipher_spawn(&ctx->enc, aead_crypto_instance(inst)); |
| 420 | err = crypto_grab_skcipher(&ctx->enc, enc_name, 0, | 423 | err = crypto_grab_skcipher2(&ctx->enc, enc_name, 0, |
| 421 | crypto_requires_sync(algt->type, | 424 | crypto_requires_sync(algt->type, |
| 422 | algt->mask)); | 425 | algt->mask)); |
| 423 | if (err) | 426 | if (err) |
| 424 | goto err_drop_auth; | 427 | goto err_drop_auth; |
| 425 | 428 | ||
| 426 | enc = crypto_skcipher_spawn_alg(&ctx->enc); | 429 | enc = crypto_spawn_skcipher_alg(&ctx->enc); |
| 427 | 430 | ||
| 428 | ctx->reqoff = ALIGN(2 * auth->digestsize + auth_base->cra_alignmask, | 431 | ctx->reqoff = ALIGN(2 * auth->digestsize + auth_base->cra_alignmask, |
| 429 | auth_base->cra_alignmask + 1); | 432 | auth_base->cra_alignmask + 1); |
| 430 | 433 | ||
| 431 | err = -ENAMETOOLONG; | 434 | err = -ENAMETOOLONG; |
| 432 | if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, | 435 | if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, |
| 433 | "authenc(%s,%s)", auth_base->cra_name, enc->cra_name) >= | 436 | "authenc(%s,%s)", auth_base->cra_name, |
| 437 | enc->base.cra_name) >= | ||
| 434 | CRYPTO_MAX_ALG_NAME) | 438 | CRYPTO_MAX_ALG_NAME) |
| 435 | goto err_drop_enc; | 439 | goto err_drop_enc; |
| 436 | 440 | ||
| 437 | if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, | 441 | if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, |
| 438 | "authenc(%s,%s)", auth_base->cra_driver_name, | 442 | "authenc(%s,%s)", auth_base->cra_driver_name, |
| 439 | enc->cra_driver_name) >= CRYPTO_MAX_ALG_NAME) | 443 | enc->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME) |
| 440 | goto err_drop_enc; | 444 | goto err_drop_enc; |
| 441 | 445 | ||
| 442 | inst->alg.base.cra_flags = (auth_base->cra_flags | enc->cra_flags) & | 446 | inst->alg.base.cra_flags = (auth_base->cra_flags | |
| 443 | CRYPTO_ALG_ASYNC; | 447 | enc->base.cra_flags) & CRYPTO_ALG_ASYNC; |
| 444 | inst->alg.base.cra_priority = enc->cra_priority * 10 + | 448 | inst->alg.base.cra_priority = enc->base.cra_priority * 10 + |
| 445 | auth_base->cra_priority; | 449 | auth_base->cra_priority; |
| 446 | inst->alg.base.cra_blocksize = enc->cra_blocksize; | 450 | inst->alg.base.cra_blocksize = enc->base.cra_blocksize; |
| 447 | inst->alg.base.cra_alignmask = auth_base->cra_alignmask | | 451 | inst->alg.base.cra_alignmask = auth_base->cra_alignmask | |
| 448 | enc->cra_alignmask; | 452 | enc->base.cra_alignmask; |
| 449 | inst->alg.base.cra_ctxsize = sizeof(struct crypto_authenc_ctx); | 453 | inst->alg.base.cra_ctxsize = sizeof(struct crypto_authenc_ctx); |
| 450 | 454 | ||
| 451 | inst->alg.ivsize = enc->cra_ablkcipher.ivsize; | 455 | inst->alg.ivsize = crypto_skcipher_alg_ivsize(enc); |
| 456 | inst->alg.chunksize = crypto_skcipher_alg_chunksize(enc); | ||
| 452 | inst->alg.maxauthsize = auth->digestsize; | 457 | inst->alg.maxauthsize = auth->digestsize; |
| 453 | 458 | ||
| 454 | inst->alg.init = crypto_authenc_init_tfm; | 459 | inst->alg.init = crypto_authenc_init_tfm; |