aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--fs/cifs/cifsencrypt.c32
-rw-r--r--fs/cifs/smbencrypt.c26
2 files changed, 40 insertions, 18 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index afa09fce8151..d41165433260 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -33,6 +33,7 @@
33#include <linux/ctype.h> 33#include <linux/ctype.h>
34#include <linux/random.h> 34#include <linux/random.h>
35#include <linux/highmem.h> 35#include <linux/highmem.h>
36#include <crypto/skcipher.h>
36 37
37static int 38static int
38cifs_crypto_shash_md5_allocate(struct TCP_Server_Info *server) 39cifs_crypto_shash_md5_allocate(struct TCP_Server_Info *server)
@@ -789,38 +790,46 @@ int
789calc_seckey(struct cifs_ses *ses) 790calc_seckey(struct cifs_ses *ses)
790{ 791{
791 int rc; 792 int rc;
792 struct crypto_blkcipher *tfm_arc4; 793 struct crypto_skcipher *tfm_arc4;
793 struct scatterlist sgin, sgout; 794 struct scatterlist sgin, sgout;
794 struct blkcipher_desc desc; 795 struct skcipher_request *req;
795 unsigned char sec_key[CIFS_SESS_KEY_SIZE]; /* a nonce */ 796 unsigned char sec_key[CIFS_SESS_KEY_SIZE]; /* a nonce */
796 797
797 get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE); 798 get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE);
798 799
799 tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC); 800 tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
800 if (IS_ERR(tfm_arc4)) { 801 if (IS_ERR(tfm_arc4)) {
801 rc = PTR_ERR(tfm_arc4); 802 rc = PTR_ERR(tfm_arc4);
802 cifs_dbg(VFS, "could not allocate crypto API arc4\n"); 803 cifs_dbg(VFS, "could not allocate crypto API arc4\n");
803 return rc; 804 return rc;
804 } 805 }
805 806
806 desc.tfm = tfm_arc4; 807 rc = crypto_skcipher_setkey(tfm_arc4, ses->auth_key.response,
807
808 rc = crypto_blkcipher_setkey(tfm_arc4, ses->auth_key.response,
809 CIFS_SESS_KEY_SIZE); 808 CIFS_SESS_KEY_SIZE);
810 if (rc) { 809 if (rc) {
811 cifs_dbg(VFS, "%s: Could not set response as a key\n", 810 cifs_dbg(VFS, "%s: Could not set response as a key\n",
812 __func__); 811 __func__);
813 return rc; 812 goto out_free_cipher;
813 }
814
815 req = skcipher_request_alloc(tfm_arc4, GFP_KERNEL);
816 if (!req) {
817 rc = -ENOMEM;
818 cifs_dbg(VFS, "could not allocate crypto API arc4 request\n");
819 goto out_free_cipher;
814 } 820 }
815 821
816 sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); 822 sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE);
817 sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); 823 sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE);
818 824
819 rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE); 825 skcipher_request_set_callback(req, 0, NULL, NULL);
826 skcipher_request_set_crypt(req, &sgin, &sgout, CIFS_CPHTXT_SIZE, NULL);
827
828 rc = crypto_skcipher_encrypt(req);
829 skcipher_request_free(req);
820 if (rc) { 830 if (rc) {
821 cifs_dbg(VFS, "could not encrypt session key rc: %d\n", rc); 831 cifs_dbg(VFS, "could not encrypt session key rc: %d\n", rc);
822 crypto_free_blkcipher(tfm_arc4); 832 goto out_free_cipher;
823 return rc;
824 } 833 }
825 834
826 /* make secondary_key/nonce as session key */ 835 /* make secondary_key/nonce as session key */
@@ -828,7 +837,8 @@ calc_seckey(struct cifs_ses *ses)
828 /* and make len as that of session key only */ 837 /* and make len as that of session key only */
829 ses->auth_key.len = CIFS_SESS_KEY_SIZE; 838 ses->auth_key.len = CIFS_SESS_KEY_SIZE;
830 839
831 crypto_free_blkcipher(tfm_arc4); 840out_free_cipher:
841 crypto_free_skcipher(tfm_arc4);
832 842
833 return rc; 843 return rc;
834} 844}
diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
index a4232ec4f2ba..699b7868108f 100644
--- a/fs/cifs/smbencrypt.c
+++ b/fs/cifs/smbencrypt.c
@@ -23,6 +23,7 @@
23 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 23 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24*/ 24*/
25 25
26#include <crypto/skcipher.h>
26#include <linux/module.h> 27#include <linux/module.h>
27#include <linux/slab.h> 28#include <linux/slab.h>
28#include <linux/fs.h> 29#include <linux/fs.h>
@@ -70,31 +71,42 @@ smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
70{ 71{
71 int rc; 72 int rc;
72 unsigned char key2[8]; 73 unsigned char key2[8];
73 struct crypto_blkcipher *tfm_des; 74 struct crypto_skcipher *tfm_des;
74 struct scatterlist sgin, sgout; 75 struct scatterlist sgin, sgout;
75 struct blkcipher_desc desc; 76 struct skcipher_request *req;
76 77
77 str_to_key(key, key2); 78 str_to_key(key, key2);
78 79
79 tfm_des = crypto_alloc_blkcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC); 80 tfm_des = crypto_alloc_skcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC);
80 if (IS_ERR(tfm_des)) { 81 if (IS_ERR(tfm_des)) {
81 rc = PTR_ERR(tfm_des); 82 rc = PTR_ERR(tfm_des);
82 cifs_dbg(VFS, "could not allocate des crypto API\n"); 83 cifs_dbg(VFS, "could not allocate des crypto API\n");
83 goto smbhash_err; 84 goto smbhash_err;
84 } 85 }
85 86
86 desc.tfm = tfm_des; 87 req = skcipher_request_alloc(tfm_des, GFP_KERNEL);
88 if (!req) {
89 rc = -ENOMEM;
90 cifs_dbg(VFS, "could not allocate des crypto API\n");
91 goto smbhash_free_skcipher;
92 }
87 93
88 crypto_blkcipher_setkey(tfm_des, key2, 8); 94 crypto_skcipher_setkey(tfm_des, key2, 8);
89 95
90 sg_init_one(&sgin, in, 8); 96 sg_init_one(&sgin, in, 8);
91 sg_init_one(&sgout, out, 8); 97 sg_init_one(&sgout, out, 8);
92 98
93 rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, 8); 99 skcipher_request_set_callback(req, 0, NULL, NULL);
100 skcipher_request_set_crypt(req, &sgin, &sgout, 8, NULL);
101
102 rc = crypto_skcipher_encrypt(req);
94 if (rc) 103 if (rc)
95 cifs_dbg(VFS, "could not encrypt crypt key rc: %d\n", rc); 104 cifs_dbg(VFS, "could not encrypt crypt key rc: %d\n", rc);
96 105
97 crypto_free_blkcipher(tfm_des); 106 skcipher_request_free(req);
107
108smbhash_free_skcipher:
109 crypto_free_skcipher(tfm_des);
98smbhash_err: 110smbhash_err:
99 return rc; 111 return rc;
100} 112}
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-25 04:49:49 -0400