aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2008-08-14 08:21:31 -0400
committerHerbert Xu <herbert@gondor.apana.org.au>2008-08-29 01:50:06 -0400
commita0f000ec9b61b99111757df138b11144236fc59b (patch)
treebd698163c48b5cd6d6a3c05c8d34d862ebcd86ed /crypto
parent17f0f4a47df9aea9ee26c939f8057c35e0be1847 (diff)
crypto: skcipher - Use RNG interface instead of get_random_bytes
This patch makes the IV generators use the new RNG interface so that the user can pick an RNG other than the default get_random_bytes. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/Kconfig2
-rw-r--r--crypto/chainiv.c34
-rw-r--r--crypto/eseqiv.c25
-rw-r--r--crypto/seqiv.c27
4 files changed, 75 insertions, 13 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 2274293e71e..39dbd8e4dde 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -41,6 +41,7 @@ config CRYPTO_AEAD
41config CRYPTO_BLKCIPHER 41config CRYPTO_BLKCIPHER
42 tristate 42 tristate
43 select CRYPTO_ALGAPI 43 select CRYPTO_ALGAPI
44 select CRYPTO_RNG
44 45
45config CRYPTO_HASH 46config CRYPTO_HASH
46 tristate 47 tristate
@@ -125,6 +126,7 @@ config CRYPTO_SEQIV
125 tristate "Sequence Number IV Generator" 126 tristate "Sequence Number IV Generator"
126 select CRYPTO_AEAD 127 select CRYPTO_AEAD
127 select CRYPTO_BLKCIPHER 128 select CRYPTO_BLKCIPHER
129 select CRYPTO_RNG
128 help 130 help
129 This IV generator generates an IV based on a sequence number by 131 This IV generator generates an IV based on a sequence number by
130 xoring it with a salt. This algorithm is mainly useful for CTR 132 xoring it with a salt. This algorithm is mainly useful for CTR
diff --git a/crypto/chainiv.c b/crypto/chainiv.c
index cf68d436534..7c37a497b86 100644
--- a/crypto/chainiv.c
+++ b/crypto/chainiv.c
@@ -14,11 +14,11 @@
14 */ 14 */
15 15
16#include <crypto/internal/skcipher.h> 16#include <crypto/internal/skcipher.h>
17#include <crypto/rng.h>
17#include <linux/err.h> 18#include <linux/err.h>
18#include <linux/init.h> 19#include <linux/init.h>
19#include <linux/kernel.h> 20#include <linux/kernel.h>
20#include <linux/module.h> 21#include <linux/module.h>
21#include <linux/random.h>
22#include <linux/spinlock.h> 22#include <linux/spinlock.h>
23#include <linux/string.h> 23#include <linux/string.h>
24#include <linux/workqueue.h> 24#include <linux/workqueue.h>
@@ -83,6 +83,7 @@ static int chainiv_givencrypt_first(struct skcipher_givcrypt_request *req)
83{ 83{
84 struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); 84 struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req);
85 struct chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); 85 struct chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv);
86 int err = 0;
86 87
87 spin_lock_bh(&ctx->lock); 88 spin_lock_bh(&ctx->lock);
88 if (crypto_ablkcipher_crt(geniv)->givencrypt != 89 if (crypto_ablkcipher_crt(geniv)->givencrypt !=
@@ -90,11 +91,15 @@ static int chainiv_givencrypt_first(struct skcipher_givcrypt_request *req)
90 goto unlock; 91 goto unlock;
91 92
92 crypto_ablkcipher_crt(geniv)->givencrypt = chainiv_givencrypt; 93 crypto_ablkcipher_crt(geniv)->givencrypt = chainiv_givencrypt;
93 get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv)); 94 err = crypto_rng_get_bytes(crypto_default_rng, ctx->iv,
95 crypto_ablkcipher_ivsize(geniv));
94 96
95unlock: 97unlock:
96 spin_unlock_bh(&ctx->lock); 98 spin_unlock_bh(&ctx->lock);
97 99
100 if (err)
101 return err;
102
98 return chainiv_givencrypt(req); 103 return chainiv_givencrypt(req);
99} 104}
100 105
@@ -203,6 +208,7 @@ static int async_chainiv_givencrypt_first(struct skcipher_givcrypt_request *req)
203{ 208{
204 struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); 209 struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req);
205 struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); 210 struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv);
211 int err = 0;
206 212
207 if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state)) 213 if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state))
208 goto out; 214 goto out;
@@ -212,11 +218,15 @@ static int async_chainiv_givencrypt_first(struct skcipher_givcrypt_request *req)
212 goto unlock; 218 goto unlock;
213 219
214 crypto_ablkcipher_crt(geniv)->givencrypt = async_chainiv_givencrypt; 220 crypto_ablkcipher_crt(geniv)->givencrypt = async_chainiv_givencrypt;
215 get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv)); 221 err = crypto_rng_get_bytes(crypto_default_rng, ctx->iv,
222 crypto_ablkcipher_ivsize(geniv));
216 223
217unlock: 224unlock:
218 clear_bit(CHAINIV_STATE_INUSE, &ctx->state); 225 clear_bit(CHAINIV_STATE_INUSE, &ctx->state);
219 226
227 if (err)
228 return err;
229
220out: 230out:
221 return async_chainiv_givencrypt(req); 231 return async_chainiv_givencrypt(req);
222} 232}
@@ -284,9 +294,13 @@ static struct crypto_instance *chainiv_alloc(struct rtattr **tb)
284 if (IS_ERR(algt)) 294 if (IS_ERR(algt))
285 return ERR_PTR(err); 295 return ERR_PTR(err);
286 296
297 err = crypto_get_default_rng();
298 if (err)
299 return ERR_PTR(err);
300
287 inst = skcipher_geniv_alloc(&chainiv_tmpl, tb, 0, 0); 301 inst = skcipher_geniv_alloc(&chainiv_tmpl, tb, 0, 0);
288 if (IS_ERR(inst)) 302 if (IS_ERR(inst))
289 goto out; 303 goto put_rng;
290 304
291 inst->alg.cra_ablkcipher.givencrypt = chainiv_givencrypt_first; 305 inst->alg.cra_ablkcipher.givencrypt = chainiv_givencrypt_first;
292 306
@@ -311,12 +325,22 @@ static struct crypto_instance *chainiv_alloc(struct rtattr **tb)
311 325
312out: 326out:
313 return inst; 327 return inst;
328
329put_rng:
330 crypto_put_default_rng();
331 goto out;
332}
333
334static void chainiv_free(struct crypto_instance *inst)
335{
336 skcipher_geniv_free(inst);
337 crypto_put_default_rng();
314} 338}
315 339
316static struct crypto_template chainiv_tmpl = { 340static struct crypto_template chainiv_tmpl = {
317 .name = "chainiv", 341 .name = "chainiv",
318 .alloc = chainiv_alloc, 342 .alloc = chainiv_alloc,
319 .free = skcipher_geniv_free, 343 .free = chainiv_free,
320 .module = THIS_MODULE, 344 .module = THIS_MODULE,
321}; 345};
322 346
diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c
index f5def217a8f..2a342c8e52b 100644
--- a/crypto/eseqiv.c
+++ b/crypto/eseqiv.c
@@ -16,13 +16,13 @@
16 */ 16 */
17 17
18#include <crypto/internal/skcipher.h> 18#include <crypto/internal/skcipher.h>
19#include <crypto/rng.h>
19#include <crypto/scatterwalk.h> 20#include <crypto/scatterwalk.h>
20#include <linux/err.h> 21#include <linux/err.h>
21#include <linux/init.h> 22#include <linux/init.h>
22#include <linux/kernel.h> 23#include <linux/kernel.h>
23#include <linux/mm.h> 24#include <linux/mm.h>
24#include <linux/module.h> 25#include <linux/module.h>
25#include <linux/random.h>
26#include <linux/scatterlist.h> 26#include <linux/scatterlist.h>
27#include <linux/spinlock.h> 27#include <linux/spinlock.h>
28#include <linux/string.h> 28#include <linux/string.h>
@@ -163,17 +163,22 @@ static int eseqiv_givencrypt_first(struct skcipher_givcrypt_request *req)
163{ 163{
164 struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); 164 struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req);
165 struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); 165 struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv);
166 int err = 0;
166 167
167 spin_lock_bh(&ctx->lock); 168 spin_lock_bh(&ctx->lock);
168 if (crypto_ablkcipher_crt(geniv)->givencrypt != eseqiv_givencrypt_first) 169 if (crypto_ablkcipher_crt(geniv)->givencrypt != eseqiv_givencrypt_first)
169 goto unlock; 170 goto unlock;
170 171
171 crypto_ablkcipher_crt(geniv)->givencrypt = eseqiv_givencrypt; 172 crypto_ablkcipher_crt(geniv)->givencrypt = eseqiv_givencrypt;
172 get_random_bytes(ctx->salt, crypto_ablkcipher_ivsize(geniv)); 173 err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt,
174 crypto_ablkcipher_ivsize(geniv));
173 175
174unlock: 176unlock:
175 spin_unlock_bh(&ctx->lock); 177 spin_unlock_bh(&ctx->lock);
176 178
179 if (err)
180 return err;
181
177 return eseqiv_givencrypt(req); 182 return eseqiv_givencrypt(req);
178} 183}
179 184
@@ -216,9 +221,13 @@ static struct crypto_instance *eseqiv_alloc(struct rtattr **tb)
216 struct crypto_instance *inst; 221 struct crypto_instance *inst;
217 int err; 222 int err;
218 223
224 err = crypto_get_default_rng();
225 if (err)
226 return ERR_PTR(err);
227
219 inst = skcipher_geniv_alloc(&eseqiv_tmpl, tb, 0, 0); 228 inst = skcipher_geniv_alloc(&eseqiv_tmpl, tb, 0, 0);
220 if (IS_ERR(inst)) 229 if (IS_ERR(inst))
221 goto out; 230 goto put_rng;
222 231
223 err = -EINVAL; 232 err = -EINVAL;
224 if (inst->alg.cra_ablkcipher.ivsize != inst->alg.cra_blocksize) 233 if (inst->alg.cra_ablkcipher.ivsize != inst->alg.cra_blocksize)
@@ -238,13 +247,21 @@ out:
238free_inst: 247free_inst:
239 skcipher_geniv_free(inst); 248 skcipher_geniv_free(inst);
240 inst = ERR_PTR(err); 249 inst = ERR_PTR(err);
250put_rng:
251 crypto_put_default_rng();
241 goto out; 252 goto out;
242} 253}
243 254
255static void eseqiv_free(struct crypto_instance *inst)
256{
257 skcipher_geniv_free(inst);
258 crypto_put_default_rng();
259}
260
244static struct crypto_template eseqiv_tmpl = { 261static struct crypto_template eseqiv_tmpl = {
245 .name = "eseqiv", 262 .name = "eseqiv",
246 .alloc = eseqiv_alloc, 263 .alloc = eseqiv_alloc,
247 .free = skcipher_geniv_free, 264 .free = eseqiv_free,
248 .module = THIS_MODULE, 265 .module = THIS_MODULE,
249}; 266};
250 267
diff --git a/crypto/seqiv.c b/crypto/seqiv.c
index b903aab3157..5a013a8bf87 100644
--- a/crypto/seqiv.c
+++ b/crypto/seqiv.c
@@ -15,11 +15,11 @@
15 15
16#include <crypto/internal/aead.h> 16#include <crypto/internal/aead.h>
17#include <crypto/internal/skcipher.h> 17#include <crypto/internal/skcipher.h>
18#include <crypto/rng.h>
18#include <linux/err.h> 19#include <linux/err.h>
19#include <linux/init.h> 20#include <linux/init.h>
20#include <linux/kernel.h> 21#include <linux/kernel.h>
21#include <linux/module.h> 22#include <linux/module.h>
22#include <linux/random.h>
23#include <linux/spinlock.h> 23#include <linux/spinlock.h>
24#include <linux/string.h> 24#include <linux/string.h>
25 25
@@ -189,17 +189,22 @@ static int seqiv_givencrypt_first(struct skcipher_givcrypt_request *req)
189{ 189{
190 struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); 190 struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req);
191 struct seqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); 191 struct seqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv);
192 int err = 0;
192 193
193 spin_lock_bh(&ctx->lock); 194 spin_lock_bh(&ctx->lock);
194 if (crypto_ablkcipher_crt(geniv)->givencrypt != seqiv_givencrypt_first) 195 if (crypto_ablkcipher_crt(geniv)->givencrypt != seqiv_givencrypt_first)
195 goto unlock; 196 goto unlock;
196 197
197 crypto_ablkcipher_crt(geniv)->givencrypt = seqiv_givencrypt; 198 crypto_ablkcipher_crt(geniv)->givencrypt = seqiv_givencrypt;
198 get_random_bytes(ctx->salt, crypto_ablkcipher_ivsize(geniv)); 199 err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt,
200 crypto_ablkcipher_ivsize(geniv));
199 201
200unlock: 202unlock:
201 spin_unlock_bh(&ctx->lock); 203 spin_unlock_bh(&ctx->lock);
202 204
205 if (err)
206 return err;
207
203 return seqiv_givencrypt(req); 208 return seqiv_givencrypt(req);
204} 209}
205 210
@@ -207,17 +212,22 @@ static int seqiv_aead_givencrypt_first(struct aead_givcrypt_request *req)
207{ 212{
208 struct crypto_aead *geniv = aead_givcrypt_reqtfm(req); 213 struct crypto_aead *geniv = aead_givcrypt_reqtfm(req);
209 struct seqiv_ctx *ctx = crypto_aead_ctx(geniv); 214 struct seqiv_ctx *ctx = crypto_aead_ctx(geniv);
215 int err = 0;
210 216
211 spin_lock_bh(&ctx->lock); 217 spin_lock_bh(&ctx->lock);
212 if (crypto_aead_crt(geniv)->givencrypt != seqiv_aead_givencrypt_first) 218 if (crypto_aead_crt(geniv)->givencrypt != seqiv_aead_givencrypt_first)
213 goto unlock; 219 goto unlock;
214 220
215 crypto_aead_crt(geniv)->givencrypt = seqiv_aead_givencrypt; 221 crypto_aead_crt(geniv)->givencrypt = seqiv_aead_givencrypt;
216 get_random_bytes(ctx->salt, crypto_aead_ivsize(geniv)); 222 err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt,
223 crypto_aead_ivsize(geniv));
217 224
218unlock: 225unlock:
219 spin_unlock_bh(&ctx->lock); 226 spin_unlock_bh(&ctx->lock);
220 227
228 if (err)
229 return err;
230
221 return seqiv_aead_givencrypt(req); 231 return seqiv_aead_givencrypt(req);
222} 232}
223 233
@@ -298,19 +308,27 @@ static struct crypto_instance *seqiv_alloc(struct rtattr **tb)
298 if (IS_ERR(algt)) 308 if (IS_ERR(algt))
299 return ERR_PTR(err); 309 return ERR_PTR(err);
300 310
311 err = crypto_get_default_rng();
312 if (err)
313 return ERR_PTR(err);
314
301 if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & CRYPTO_ALG_TYPE_MASK) 315 if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & CRYPTO_ALG_TYPE_MASK)
302 inst = seqiv_ablkcipher_alloc(tb); 316 inst = seqiv_ablkcipher_alloc(tb);
303 else 317 else
304 inst = seqiv_aead_alloc(tb); 318 inst = seqiv_aead_alloc(tb);
305 319
306 if (IS_ERR(inst)) 320 if (IS_ERR(inst))
307 goto out; 321 goto put_rng;
308 322
309 inst->alg.cra_alignmask |= __alignof__(u32) - 1; 323 inst->alg.cra_alignmask |= __alignof__(u32) - 1;
310 inst->alg.cra_ctxsize += sizeof(struct seqiv_ctx); 324 inst->alg.cra_ctxsize += sizeof(struct seqiv_ctx);
311 325
312out: 326out:
313 return inst; 327 return inst;
328
329put_rng:
330 crypto_put_default_rng();
331 goto out;
314} 332}
315 333
316static void seqiv_free(struct crypto_instance *inst) 334static void seqiv_free(struct crypto_instance *inst)
@@ -319,6 +337,7 @@ static void seqiv_free(struct crypto_instance *inst)
319 skcipher_geniv_free(inst); 337 skcipher_geniv_free(inst);
320 else 338 else
321 aead_geniv_free(inst); 339 aead_geniv_free(inst);
340 crypto_put_default_rng();
322} 341}
323 342
324static struct crypto_template seqiv_tmpl = { 343static struct crypto_template seqiv_tmpl = {