aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2007-12-02 02:49:21 -0500
committerHerbert Xu <herbert@gondor.apana.org.au>2008-01-10 16:16:29 -0500
commit7ba683a6deba70251756aa5a021cdaa5c875a7a2 (patch)
tree80f63039b56bef0287fdf878163a5fe109821e58 /crypto
parente29bc6ad0e84e3157e0f49130a15b278cb232c72 (diff)
[CRYPTO] aead: Make authsize a run-time parameter
As it is authsize is an algorithm paramter which cannot be changed at run-time. This is inconvenient because hardware that implements such algorithms would have to register each authsize that they support separately. Since authsize is a property common to all AEAD algorithms, we can add a function setauthsize that sets it at run-time, just like setkey. This patch does exactly that and also changes authenc so that authsize is no longer a parameter of its template. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/aead.c24
-rw-r--r--crypto/authenc.c39
-rw-r--r--crypto/gcm.c2
3 files changed, 34 insertions, 31 deletions
diff --git a/crypto/aead.c b/crypto/aead.c
index 84a3501fb478..f23c2b0ee009 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -53,6 +53,24 @@ static int setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen)
53 return aead->setkey(tfm, key, keylen); 53 return aead->setkey(tfm, key, keylen);
54} 54}
55 55
56int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)
57{
58 int err;
59
60 if (authsize > crypto_aead_alg(tfm)->maxauthsize)
61 return -EINVAL;
62
63 if (crypto_aead_alg(tfm)->setauthsize) {
64 err = crypto_aead_alg(tfm)->setauthsize(tfm, authsize);
65 if (err)
66 return err;
67 }
68
69 crypto_aead_crt(tfm)->authsize = authsize;
70 return 0;
71}
72EXPORT_SYMBOL_GPL(crypto_aead_setauthsize);
73
56static unsigned int crypto_aead_ctxsize(struct crypto_alg *alg, u32 type, 74static unsigned int crypto_aead_ctxsize(struct crypto_alg *alg, u32 type,
57 u32 mask) 75 u32 mask)
58{ 76{
@@ -64,14 +82,14 @@ static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
64 struct aead_alg *alg = &tfm->__crt_alg->cra_aead; 82 struct aead_alg *alg = &tfm->__crt_alg->cra_aead;
65 struct aead_tfm *crt = &tfm->crt_aead; 83 struct aead_tfm *crt = &tfm->crt_aead;
66 84
67 if (max(alg->authsize, alg->ivsize) > PAGE_SIZE / 8) 85 if (max(alg->maxauthsize, alg->ivsize) > PAGE_SIZE / 8)
68 return -EINVAL; 86 return -EINVAL;
69 87
70 crt->setkey = setkey; 88 crt->setkey = setkey;
71 crt->encrypt = alg->encrypt; 89 crt->encrypt = alg->encrypt;
72 crt->decrypt = alg->decrypt; 90 crt->decrypt = alg->decrypt;
73 crt->ivsize = alg->ivsize; 91 crt->ivsize = alg->ivsize;
74 crt->authsize = alg->authsize; 92 crt->authsize = alg->maxauthsize;
75 93
76 return 0; 94 return 0;
77} 95}
@@ -85,7 +103,7 @@ static void crypto_aead_show(struct seq_file *m, struct crypto_alg *alg)
85 seq_printf(m, "type : aead\n"); 103 seq_printf(m, "type : aead\n");
86 seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); 104 seq_printf(m, "blocksize : %u\n", alg->cra_blocksize);
87 seq_printf(m, "ivsize : %u\n", aead->ivsize); 105 seq_printf(m, "ivsize : %u\n", aead->ivsize);
88 seq_printf(m, "authsize : %u\n", aead->authsize); 106 seq_printf(m, "maxauthsize : %u\n", aead->maxauthsize);
89} 107}
90 108
91const struct crypto_type crypto_aead_type = { 109const struct crypto_type crypto_aead_type = {
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 66fb2aa5c325..5df5fb169cbe 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -24,7 +24,6 @@ struct authenc_instance_ctx {
24 struct crypto_spawn auth; 24 struct crypto_spawn auth;
25 struct crypto_spawn enc; 25 struct crypto_spawn enc;
26 26
27 unsigned int authsize;
28 unsigned int enckeylen; 27 unsigned int enckeylen;
29}; 28};
30 29
@@ -76,8 +75,6 @@ out:
76static int crypto_authenc_hash(struct aead_request *req) 75static int crypto_authenc_hash(struct aead_request *req)
77{ 76{
78 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 77 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
79 struct authenc_instance_ctx *ictx =
80 crypto_instance_ctx(crypto_aead_alg_instance(authenc));
81 struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); 78 struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
82 struct crypto_hash *auth = ctx->auth; 79 struct crypto_hash *auth = ctx->auth;
83 struct hash_desc desc = { 80 struct hash_desc desc = {
@@ -111,7 +108,8 @@ auth_unlock:
111 if (err) 108 if (err)
112 return err; 109 return err;
113 110
114 scatterwalk_map_and_copy(hash, dst, cryptlen, ictx->authsize, 1); 111 scatterwalk_map_and_copy(hash, dst, cryptlen,
112 crypto_aead_authsize(authenc), 1);
115 return 0; 113 return 0;
116} 114}
117 115
@@ -147,8 +145,6 @@ static int crypto_authenc_encrypt(struct aead_request *req)
147static int crypto_authenc_verify(struct aead_request *req) 145static int crypto_authenc_verify(struct aead_request *req)
148{ 146{
149 struct crypto_aead *authenc = crypto_aead_reqtfm(req); 147 struct crypto_aead *authenc = crypto_aead_reqtfm(req);
150 struct authenc_instance_ctx *ictx =
151 crypto_instance_ctx(crypto_aead_alg_instance(authenc));
152 struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); 148 struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
153 struct crypto_hash *auth = ctx->auth; 149 struct crypto_hash *auth = ctx->auth;
154 struct hash_desc desc = { 150 struct hash_desc desc = {
@@ -186,7 +182,7 @@ auth_unlock:
186 if (err) 182 if (err)
187 return err; 183 return err;
188 184
189 authsize = ictx->authsize; 185 authsize = crypto_aead_authsize(authenc);
190 scatterwalk_map_and_copy(ihash, src, cryptlen, authsize, 0); 186 scatterwalk_map_and_copy(ihash, src, cryptlen, authsize, 0);
191 return memcmp(ihash, ohash, authsize) ? -EINVAL : 0; 187 return memcmp(ihash, ohash, authsize) ? -EINVAL : 0;
192} 188}
@@ -224,18 +220,12 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
224 struct crypto_authenc_ctx *ctx = crypto_tfm_ctx(tfm); 220 struct crypto_authenc_ctx *ctx = crypto_tfm_ctx(tfm);
225 struct crypto_hash *auth; 221 struct crypto_hash *auth;
226 struct crypto_ablkcipher *enc; 222 struct crypto_ablkcipher *enc;
227 unsigned int digestsize;
228 int err; 223 int err;
229 224
230 auth = crypto_spawn_hash(&ictx->auth); 225 auth = crypto_spawn_hash(&ictx->auth);
231 if (IS_ERR(auth)) 226 if (IS_ERR(auth))
232 return PTR_ERR(auth); 227 return PTR_ERR(auth);
233 228
234 err = -EINVAL;
235 digestsize = crypto_hash_digestsize(auth);
236 if (ictx->authsize > digestsize)
237 goto err_free_hash;
238
239 enc = crypto_spawn_ablkcipher(&ictx->enc); 229 enc = crypto_spawn_ablkcipher(&ictx->enc);
240 err = PTR_ERR(enc); 230 err = PTR_ERR(enc);
241 if (IS_ERR(enc)) 231 if (IS_ERR(enc))
@@ -246,7 +236,7 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
246 tfm->crt_aead.reqsize = max_t(unsigned int, 236 tfm->crt_aead.reqsize = max_t(unsigned int,
247 (crypto_hash_alignmask(auth) & 237 (crypto_hash_alignmask(auth) &
248 ~(crypto_tfm_ctx_alignment() - 1)) + 238 ~(crypto_tfm_ctx_alignment() - 1)) +
249 digestsize * 2, 239 crypto_hash_digestsize(auth) * 2,
250 sizeof(struct ablkcipher_request) + 240 sizeof(struct ablkcipher_request) +
251 crypto_ablkcipher_reqsize(enc)); 241 crypto_ablkcipher_reqsize(enc));
252 242
@@ -273,7 +263,6 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb)
273 struct crypto_alg *auth; 263 struct crypto_alg *auth;
274 struct crypto_alg *enc; 264 struct crypto_alg *enc;
275 struct authenc_instance_ctx *ctx; 265 struct authenc_instance_ctx *ctx;
276 unsigned int authsize;
277 unsigned int enckeylen; 266 unsigned int enckeylen;
278 int err; 267 int err;
279 268
@@ -286,18 +275,13 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb)
286 if (IS_ERR(auth)) 275 if (IS_ERR(auth))
287 return ERR_PTR(PTR_ERR(auth)); 276 return ERR_PTR(PTR_ERR(auth));
288 277
289 err = crypto_attr_u32(tb[2], &authsize); 278 enc = crypto_attr_alg(tb[2], CRYPTO_ALG_TYPE_BLKCIPHER,
290 inst = ERR_PTR(err);
291 if (err)
292 goto out_put_auth;
293
294 enc = crypto_attr_alg(tb[3], CRYPTO_ALG_TYPE_BLKCIPHER,
295 CRYPTO_ALG_TYPE_BLKCIPHER_MASK); 279 CRYPTO_ALG_TYPE_BLKCIPHER_MASK);
296 inst = ERR_PTR(PTR_ERR(enc)); 280 inst = ERR_PTR(PTR_ERR(enc));
297 if (IS_ERR(enc)) 281 if (IS_ERR(enc))
298 goto out_put_auth; 282 goto out_put_auth;
299 283
300 err = crypto_attr_u32(tb[4], &enckeylen); 284 err = crypto_attr_u32(tb[3], &enckeylen);
301 if (err) 285 if (err)
302 goto out_put_enc; 286 goto out_put_enc;
303 287
@@ -308,18 +292,17 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb)
308 292
309 err = -ENAMETOOLONG; 293 err = -ENAMETOOLONG;
310 if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, 294 if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME,
311 "authenc(%s,%u,%s,%u)", auth->cra_name, authsize, 295 "authenc(%s,%s,%u)", auth->cra_name,
312 enc->cra_name, enckeylen) >= CRYPTO_MAX_ALG_NAME) 296 enc->cra_name, enckeylen) >= CRYPTO_MAX_ALG_NAME)
313 goto err_free_inst; 297 goto err_free_inst;
314 298
315 if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, 299 if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME,
316 "authenc(%s,%u,%s,%u)", auth->cra_driver_name, 300 "authenc(%s,%s,%u)", auth->cra_driver_name,
317 authsize, enc->cra_driver_name, enckeylen) >= 301 enc->cra_driver_name, enckeylen) >=
318 CRYPTO_MAX_ALG_NAME) 302 CRYPTO_MAX_ALG_NAME)
319 goto err_free_inst; 303 goto err_free_inst;
320 304
321 ctx = crypto_instance_ctx(inst); 305 ctx = crypto_instance_ctx(inst);
322 ctx->authsize = authsize;
323 ctx->enckeylen = enckeylen; 306 ctx->enckeylen = enckeylen;
324 307
325 err = crypto_init_spawn(&ctx->auth, auth, inst, CRYPTO_ALG_TYPE_MASK); 308 err = crypto_init_spawn(&ctx->auth, auth, inst, CRYPTO_ALG_TYPE_MASK);
@@ -337,7 +320,9 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb)
337 inst->alg.cra_type = &crypto_aead_type; 320 inst->alg.cra_type = &crypto_aead_type;
338 321
339 inst->alg.cra_aead.ivsize = enc->cra_blkcipher.ivsize; 322 inst->alg.cra_aead.ivsize = enc->cra_blkcipher.ivsize;
340 inst->alg.cra_aead.authsize = authsize; 323 inst->alg.cra_aead.maxauthsize = auth->cra_type == &crypto_hash_type ?
324 auth->cra_hash.digestsize :
325 auth->cra_digest.dia_digestsize;
341 326
342 inst->alg.cra_ctxsize = sizeof(struct crypto_authenc_ctx); 327 inst->alg.cra_ctxsize = sizeof(struct crypto_authenc_ctx);
343 328
diff --git a/crypto/gcm.c b/crypto/gcm.c
index ad8b8b9aeef2..5681c7957b88 100644
--- a/crypto/gcm.c
+++ b/crypto/gcm.c
@@ -414,7 +414,7 @@ static struct crypto_instance *crypto_gcm_alloc(struct rtattr **tb)
414 inst->alg.cra_alignmask = __alignof__(u32) - 1; 414 inst->alg.cra_alignmask = __alignof__(u32) - 1;
415 inst->alg.cra_type = &crypto_aead_type; 415 inst->alg.cra_type = &crypto_aead_type;
416 inst->alg.cra_aead.ivsize = 12; 416 inst->alg.cra_aead.ivsize = 12;
417 inst->alg.cra_aead.authsize = 16; 417 inst->alg.cra_aead.maxauthsize = 16;
418 inst->alg.cra_ctxsize = sizeof(struct crypto_gcm_ctx); 418 inst->alg.cra_ctxsize = sizeof(struct crypto_gcm_ctx);
419 inst->alg.cra_init = crypto_gcm_init_tfm; 419 inst->alg.cra_init = crypto_gcm_init_tfm;
420 inst->alg.cra_exit = crypto_gcm_exit_tfm; 420 inst->alg.cra_exit = crypto_gcm_exit_tfm;