[PATCH] eCryptfs: Clean up crypto initialization

Clean up the crypto initialization code; let the crypto API take care of the key size checks. Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
author: Michael Halcrow <mhalcrow@us.ibm.com> 2006-10-31 01:07:16 -0500
committer: Linus Torvalds <torvalds@g5.osdl.org> 2006-10-31 11:07:00 -0500
commit: e5d9cbde6ce0001e49994df5fcdcbeff8be8037b (patch)
tree: aadfbeae4d48c56a0ca6e9612e87d7340dc3b1a1 /fs/ecryptfs/crypto.c
parent: 4a279ff1ea1cf325775ada983035123fcdc8e986 (diff)
1 files changed, 12 insertions, 54 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index ed35a9712fa1..82e7d02cefae 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -1573,35 +1573,26 @@ out:
 /**
 * ecryptfs_process_cipher - Perform cipher initialization.
- * @tfm: Crypto context set by this function
 * @key_tfm: Crypto context for key material, set by this function
- * @cipher_name: Name of the cipher.
+ * @cipher_name: Name of the cipher
- * @key_size: Size of the key in bytes.
+ * @key_size: Size of the key in bytes
 *
 * Returns zero on success. Any crypto_tfm structs allocated here
 * should be released by other functions, such as on a superblock put
 * event, regardless of whether this function succeeds for fails.
 */
 int
-ecryptfs_process_cipher(struct crypto_tfm **tfm, struct crypto_tfm **key_tfm,
+ecryptfs_process_cipher(struct crypto_tfm **key_tfm, char *cipher_name,
-                        char *cipher_name, size_t key_size)
+                        size_t *key_size)
 {
        char dummy_key[ECRYPTFS_MAX_KEY_BYTES];
        int rc;
-        *tfm = *key_tfm = NULL;
+        *key_tfm = NULL;
-        if (key_size > ECRYPTFS_MAX_KEY_BYTES) {
+        if (*key_size > ECRYPTFS_MAX_KEY_BYTES) {
                rc = -EINVAL;
                printk(KERN_ERR "Requested key size is [%Zd] bytes; maximum "
-                       "allowable is [%d]\n", key_size, ECRYPTFS_MAX_KEY_BYTES);
+                      "allowable is [%d]\n", *key_size, ECRYPTFS_MAX_KEY_BYTES);
-                goto out;
-        }
-        *tfm = crypto_alloc_tfm(cipher_name, (ECRYPTFS_DEFAULT_CHAINING_MODE
-                                              | CRYPTO_TFM_REQ_WEAK_KEY));
-        if (!(*tfm)) {
-                rc = -EINVAL;
-                printk(KERN_ERR "Unable to allocate crypto cipher with name "
-                       "[%s]\n", cipher_name);
                goto out;
        }
        *key_tfm = crypto_alloc_tfm(cipher_name, CRYPTO_TFM_REQ_WEAK_KEY);
@@ -1611,46 +1602,13 @@ ecryptfs_process_cipher(struct crypto_tfm **tfm, struct crypto_tfm **key_tfm,
                       "[%s]\n", cipher_name);
                goto out;
        }
-        if (key_size < crypto_tfm_alg_min_keysize(*tfm)) {
+        if (*key_size == 0)
-                rc = -EINVAL;
+                *key_size = crypto_tfm_alg_max_keysize(*key_tfm);
-                printk(KERN_ERR "Request key size is [%Zd]; minimum key size "
+        get_random_bytes(dummy_key, *key_size);
-                       "supported by cipher [%s] is [%d]\n", key_size,
+        rc = crypto_cipher_setkey(*key_tfm, dummy_key, *key_size);
-                       cipher_name, crypto_tfm_alg_min_keysize(*tfm));
-                goto out;
-        }
-        if (key_size < crypto_tfm_alg_min_keysize(*key_tfm)) {
-                rc = -EINVAL;
-                printk(KERN_ERR "Request key size is [%Zd]; minimum key size "
-                       "supported by cipher [%s] is [%d]\n", key_size,
-                       cipher_name, crypto_tfm_alg_min_keysize(*key_tfm));
-                goto out;
-        }
-        if (key_size > crypto_tfm_alg_max_keysize(*tfm)) {
-                rc = -EINVAL;
-                printk(KERN_ERR "Request key size is [%Zd]; maximum key size "
-                       "supported by cipher [%s] is [%d]\n", key_size,
-                       cipher_name, crypto_tfm_alg_min_keysize(*tfm));
-                goto out;
-        }
-        if (key_size > crypto_tfm_alg_max_keysize(*key_tfm)) {
-                rc = -EINVAL;
-                printk(KERN_ERR "Request key size is [%Zd]; maximum key size "
-                       "supported by cipher [%s] is [%d]\n", key_size,
-                       cipher_name, crypto_tfm_alg_min_keysize(*key_tfm));
-                goto out;
-        }
-        get_random_bytes(dummy_key, key_size);
-        rc = crypto_cipher_setkey(*tfm, dummy_key, key_size);
-        if (rc) {
-                printk(KERN_ERR "Error attempting to set key of size [%Zd] for "
-                       "cipher [%s]; rc = [%d]\n", key_size, cipher_name, rc);
-                rc = -EINVAL;
-                goto out;
-        }
-        rc = crypto_cipher_setkey(*key_tfm, dummy_key, key_size);
        if (rc) {
                printk(KERN_ERR "Error attempting to set key of size [%Zd] for "
-                       "cipher [%s]; rc = [%d]\n", key_size, cipher_name, rc);
+                       "cipher [%s]; rc = [%d]\n", *key_size, cipher_name, rc);
                rc = -EINVAL;
                goto out;
        }
author	Michael Halcrow <mhalcrow@us.ibm.com>	2006-10-31 01:07:16 -0500
committer	Linus Torvalds <torvalds@g5.osdl.org>	2006-10-31 11:07:00 -0500
commit	e5d9cbde6ce0001e49994df5fcdcbeff8be8037b (patch)
tree	aadfbeae4d48c56a0ca6e9612e87d7340dc3b1a1 /fs/ecryptfs/crypto.c
parent	4a279ff1ea1cf325775ada983035123fcdc8e986 (diff)

diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index ed35a9712fa1..82e7d02cefae 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c
@@ -1573,35 +1573,26 @@ out:
1573		1573
1574	/**	1574	/**
1575	* ecryptfs_process_cipher - Perform cipher initialization.	1575	* ecryptfs_process_cipher - Perform cipher initialization.
1576	* @tfm: Crypto context set by this function
1577	* @key_tfm: Crypto context for key material, set by this function	1576	* @key_tfm: Crypto context for key material, set by this function
1578	* @cipher_name: Name of the cipher.	1577	* @cipher_name: Name of the cipher
1579	* @key_size: Size of the key in bytes.	1578	* @key_size: Size of the key in bytes
1580	*	1579	*
1581	* Returns zero on success. Any crypto_tfm structs allocated here	1580	* Returns zero on success. Any crypto_tfm structs allocated here
1582	* should be released by other functions, such as on a superblock put	1581	* should be released by other functions, such as on a superblock put
1583	* event, regardless of whether this function succeeds for fails.	1582	* event, regardless of whether this function succeeds for fails.
1584	*/	1583	*/
1585	int	1584	int
1586	ecryptfs_process_cipher(struct crypto_tfm tfm, struct crypto_tfm key_tfm,	1585	ecryptfs_process_cipher(struct crypto_tfm *key_tfm, char cipher_name,
1587	char *cipher_name, size_t key_size)	1586	size_t *key_size)
1588	{	1587	{
1589	char dummy_key[ECRYPTFS_MAX_KEY_BYTES];	1588	char dummy_key[ECRYPTFS_MAX_KEY_BYTES];
1590	int rc;	1589	int rc;
1591		1590
1592	tfm = key_tfm = NULL;	1591	*key_tfm = NULL;
1593	if (key_size > ECRYPTFS_MAX_KEY_BYTES) {	1592	if (*key_size > ECRYPTFS_MAX_KEY_BYTES) {
1594	rc = -EINVAL;	1593	rc = -EINVAL;
1595	printk(KERN_ERR "Requested key size is [%Zd] bytes; maximum "	1594	printk(KERN_ERR "Requested key size is [%Zd] bytes; maximum "
1596	"allowable is [%d]\n", key_size, ECRYPTFS_MAX_KEY_BYTES);	1595	"allowable is [%d]\n", *key_size, ECRYPTFS_MAX_KEY_BYTES);
1597	goto out;
1598	}
1599	*tfm = crypto_alloc_tfm(cipher_name, (ECRYPTFS_DEFAULT_CHAINING_MODE
1600	\| CRYPTO_TFM_REQ_WEAK_KEY));
1601	if (!(*tfm)) {
1602	rc = -EINVAL;
1603	printk(KERN_ERR "Unable to allocate crypto cipher with name "
1604	"[%s]\n", cipher_name);
1605	goto out;	1596	goto out;
1606	}	1597	}
1607	*key_tfm = crypto_alloc_tfm(cipher_name, CRYPTO_TFM_REQ_WEAK_KEY);	1598	*key_tfm = crypto_alloc_tfm(cipher_name, CRYPTO_TFM_REQ_WEAK_KEY);
@@ -1611,46 +1602,13 @@ ecryptfs_process_cipher(struct crypto_tfm tfm, struct crypto_tfm key_tfm,
1611	"[%s]\n", cipher_name);	1602	"[%s]\n", cipher_name);
1612	goto out;	1603	goto out;
1613	}	1604	}
1614	if (key_size < crypto_tfm_alg_min_keysize(*tfm)) {	1605	if (*key_size == 0)
1615	rc = -EINVAL;	1606	key_size = crypto_tfm_alg_max_keysize(key_tfm);
1616	printk(KERN_ERR "Request key size is [%Zd]; minimum key size "	1607	get_random_bytes(dummy_key, *key_size);
1617	"supported by cipher [%s] is [%d]\n", key_size,	1608	rc = crypto_cipher_setkey(key_tfm, dummy_key, key_size);
1618	cipher_name, crypto_tfm_alg_min_keysize(*tfm));
1619	goto out;
1620	}
1621	if (key_size < crypto_tfm_alg_min_keysize(*key_tfm)) {
1622	rc = -EINVAL;
1623	printk(KERN_ERR "Request key size is [%Zd]; minimum key size "
1624	"supported by cipher [%s] is [%d]\n", key_size,
1625	cipher_name, crypto_tfm_alg_min_keysize(*key_tfm));
1626	goto out;
1627	}
1628	if (key_size > crypto_tfm_alg_max_keysize(*tfm)) {
1629	rc = -EINVAL;
1630	printk(KERN_ERR "Request key size is [%Zd]; maximum key size "
1631	"supported by cipher [%s] is [%d]\n", key_size,
1632	cipher_name, crypto_tfm_alg_min_keysize(*tfm));
1633	goto out;
1634	}
1635	if (key_size > crypto_tfm_alg_max_keysize(*key_tfm)) {
1636	rc = -EINVAL;
1637	printk(KERN_ERR "Request key size is [%Zd]; maximum key size "
1638	"supported by cipher [%s] is [%d]\n", key_size,
1639	cipher_name, crypto_tfm_alg_min_keysize(*key_tfm));
1640	goto out;
1641	}
1642	get_random_bytes(dummy_key, key_size);
1643	rc = crypto_cipher_setkey(*tfm, dummy_key, key_size);
1644	if (rc) {
1645	printk(KERN_ERR "Error attempting to set key of size [%Zd] for "
1646	"cipher [%s]; rc = [%d]\n", key_size, cipher_name, rc);
1647	rc = -EINVAL;
1648	goto out;
1649	}
1650	rc = crypto_cipher_setkey(*key_tfm, dummy_key, key_size);
1651	if (rc) {	1609	if (rc) {
1652	printk(KERN_ERR "Error attempting to set key of size [%Zd] for "	1610	printk(KERN_ERR "Error attempting to set key of size [%Zd] for "
1653	"cipher [%s]; rc = [%d]\n", key_size, cipher_name, rc);	1611	"cipher [%s]; rc = [%d]\n", *key_size, cipher_name, rc);
1654	rc = -EINVAL;	1612	rc = -EINVAL;
1655	goto out;	1613	goto out;
1656	}	1614	}