diff options
| author | Jeff Garzik <jeff@garzik.org> | 2006-09-22 20:10:23 -0400 |
|---|---|---|
| committer | Jeff Garzik <jeff@garzik.org> | 2006-09-22 20:10:23 -0400 |
| commit | 28eb177dfa5982d132edceed891cb3885df258bb (patch) | |
| tree | 5f8fdc37ad1d8d0793e9c47da7d908b97c814ffb /net/sunrpc/auth_gss/gss_krb5_crypto.c | |
| parent | fd8ae94eea9bb4269d6dff1b47b9dc741bd70d0b (diff) | |
| parent | db392219c5f572610645696e3672f6ea38783a65 (diff) | |
Merge branch 'master' into upstream
Conflicts:
net/ieee80211/ieee80211_crypt_tkip.c
net/ieee80211/ieee80211_crypt_wep.c
Diffstat (limited to 'net/sunrpc/auth_gss/gss_krb5_crypto.c')
| -rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_crypto.c | 95 |
1 files changed, 56 insertions, 39 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c index 76b969e6904f..e11a40b25cce 100644 --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c | |||
| @@ -34,6 +34,7 @@ | |||
| 34 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | 34 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
| 35 | */ | 35 | */ |
| 36 | 36 | ||
| 37 | #include <linux/err.h> | ||
| 37 | #include <linux/types.h> | 38 | #include <linux/types.h> |
| 38 | #include <linux/mm.h> | 39 | #include <linux/mm.h> |
| 39 | #include <linux/slab.h> | 40 | #include <linux/slab.h> |
| @@ -49,7 +50,7 @@ | |||
| 49 | 50 | ||
| 50 | u32 | 51 | u32 |
| 51 | krb5_encrypt( | 52 | krb5_encrypt( |
| 52 | struct crypto_tfm *tfm, | 53 | struct crypto_blkcipher *tfm, |
| 53 | void * iv, | 54 | void * iv, |
| 54 | void * in, | 55 | void * in, |
| 55 | void * out, | 56 | void * out, |
| @@ -58,26 +59,27 @@ krb5_encrypt( | |||
| 58 | u32 ret = -EINVAL; | 59 | u32 ret = -EINVAL; |
| 59 | struct scatterlist sg[1]; | 60 | struct scatterlist sg[1]; |
| 60 | u8 local_iv[16] = {0}; | 61 | u8 local_iv[16] = {0}; |
| 62 | struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv }; | ||
| 61 | 63 | ||
| 62 | dprintk("RPC: krb5_encrypt: input data:\n"); | 64 | dprintk("RPC: krb5_encrypt: input data:\n"); |
| 63 | print_hexl((u32 *)in, length, 0); | 65 | print_hexl((u32 *)in, length, 0); |
| 64 | 66 | ||
| 65 | if (length % crypto_tfm_alg_blocksize(tfm) != 0) | 67 | if (length % crypto_blkcipher_blocksize(tfm) != 0) |
| 66 | goto out; | 68 | goto out; |
| 67 | 69 | ||
| 68 | if (crypto_tfm_alg_ivsize(tfm) > 16) { | 70 | if (crypto_blkcipher_ivsize(tfm) > 16) { |
| 69 | dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", | 71 | dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", |
| 70 | crypto_tfm_alg_ivsize(tfm)); | 72 | crypto_blkcipher_ivsize(tfm)); |
| 71 | goto out; | 73 | goto out; |
| 72 | } | 74 | } |
| 73 | 75 | ||
| 74 | if (iv) | 76 | if (iv) |
| 75 | memcpy(local_iv, iv, crypto_tfm_alg_ivsize(tfm)); | 77 | memcpy(local_iv, iv, crypto_blkcipher_ivsize(tfm)); |
| 76 | 78 | ||
| 77 | memcpy(out, in, length); | 79 | memcpy(out, in, length); |
| 78 | sg_set_buf(sg, out, length); | 80 | sg_set_buf(sg, out, length); |
| 79 | 81 | ||
| 80 | ret = crypto_cipher_encrypt_iv(tfm, sg, sg, length, local_iv); | 82 | ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length); |
| 81 | 83 | ||
| 82 | dprintk("RPC: krb5_encrypt: output data:\n"); | 84 | dprintk("RPC: krb5_encrypt: output data:\n"); |
| 83 | print_hexl((u32 *)out, length, 0); | 85 | print_hexl((u32 *)out, length, 0); |
| @@ -90,7 +92,7 @@ EXPORT_SYMBOL(krb5_encrypt); | |||
| 90 | 92 | ||
| 91 | u32 | 93 | u32 |
| 92 | krb5_decrypt( | 94 | krb5_decrypt( |
| 93 | struct crypto_tfm *tfm, | 95 | struct crypto_blkcipher *tfm, |
| 94 | void * iv, | 96 | void * iv, |
| 95 | void * in, | 97 | void * in, |
| 96 | void * out, | 98 | void * out, |
| @@ -99,25 +101,26 @@ krb5_decrypt( | |||
| 99 | u32 ret = -EINVAL; | 101 | u32 ret = -EINVAL; |
| 100 | struct scatterlist sg[1]; | 102 | struct scatterlist sg[1]; |
| 101 | u8 local_iv[16] = {0}; | 103 | u8 local_iv[16] = {0}; |
| 104 | struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv }; | ||
| 102 | 105 | ||
| 103 | dprintk("RPC: krb5_decrypt: input data:\n"); | 106 | dprintk("RPC: krb5_decrypt: input data:\n"); |
| 104 | print_hexl((u32 *)in, length, 0); | 107 | print_hexl((u32 *)in, length, 0); |
| 105 | 108 | ||
| 106 | if (length % crypto_tfm_alg_blocksize(tfm) != 0) | 109 | if (length % crypto_blkcipher_blocksize(tfm) != 0) |
| 107 | goto out; | 110 | goto out; |
| 108 | 111 | ||
| 109 | if (crypto_tfm_alg_ivsize(tfm) > 16) { | 112 | if (crypto_blkcipher_ivsize(tfm) > 16) { |
| 110 | dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", | 113 | dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", |
| 111 | crypto_tfm_alg_ivsize(tfm)); | 114 | crypto_blkcipher_ivsize(tfm)); |
| 112 | goto out; | 115 | goto out; |
| 113 | } | 116 | } |
| 114 | if (iv) | 117 | if (iv) |
| 115 | memcpy(local_iv,iv, crypto_tfm_alg_ivsize(tfm)); | 118 | memcpy(local_iv,iv, crypto_blkcipher_ivsize(tfm)); |
| 116 | 119 | ||
| 117 | memcpy(out, in, length); | 120 | memcpy(out, in, length); |
| 118 | sg_set_buf(sg, out, length); | 121 | sg_set_buf(sg, out, length); |
| 119 | 122 | ||
| 120 | ret = crypto_cipher_decrypt_iv(tfm, sg, sg, length, local_iv); | 123 | ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length); |
| 121 | 124 | ||
| 122 | dprintk("RPC: krb5_decrypt: output_data:\n"); | 125 | dprintk("RPC: krb5_decrypt: output_data:\n"); |
| 123 | print_hexl((u32 *)out, length, 0); | 126 | print_hexl((u32 *)out, length, 0); |
| @@ -197,11 +200,9 @@ out: | |||
| 197 | static int | 200 | static int |
| 198 | checksummer(struct scatterlist *sg, void *data) | 201 | checksummer(struct scatterlist *sg, void *data) |
| 199 | { | 202 | { |
| 200 | struct crypto_tfm *tfm = (struct crypto_tfm *)data; | 203 | struct hash_desc *desc = data; |
| 201 | 204 | ||
| 202 | crypto_digest_update(tfm, sg, 1); | 205 | return crypto_hash_update(desc, sg, sg->length); |
| 203 | |||
| 204 | return 0; | ||
| 205 | } | 206 | } |
| 206 | 207 | ||
| 207 | /* checksum the plaintext data and hdrlen bytes of the token header */ | 208 | /* checksum the plaintext data and hdrlen bytes of the token header */ |
| @@ -210,8 +211,9 @@ make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body, | |||
| 210 | int body_offset, struct xdr_netobj *cksum) | 211 | int body_offset, struct xdr_netobj *cksum) |
| 211 | { | 212 | { |
| 212 | char *cksumname; | 213 | char *cksumname; |
| 213 | struct crypto_tfm *tfm = NULL; /* XXX add to ctx? */ | 214 | struct hash_desc desc; /* XXX add to ctx? */ |
| 214 | struct scatterlist sg[1]; | 215 | struct scatterlist sg[1]; |
| 216 | int err; | ||
| 215 | 217 | ||
| 216 | switch (cksumtype) { | 218 | switch (cksumtype) { |
| 217 | case CKSUMTYPE_RSA_MD5: | 219 | case CKSUMTYPE_RSA_MD5: |
| @@ -222,25 +224,35 @@ make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body, | |||
| 222 | " unsupported checksum %d", cksumtype); | 224 | " unsupported checksum %d", cksumtype); |
| 223 | return GSS_S_FAILURE; | 225 | return GSS_S_FAILURE; |
| 224 | } | 226 | } |
| 225 | if (!(tfm = crypto_alloc_tfm(cksumname, CRYPTO_TFM_REQ_MAY_SLEEP))) | 227 | desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC); |
| 228 | if (IS_ERR(desc.tfm)) | ||
| 226 | return GSS_S_FAILURE; | 229 | return GSS_S_FAILURE; |
| 227 | cksum->len = crypto_tfm_alg_digestsize(tfm); | 230 | cksum->len = crypto_hash_digestsize(desc.tfm); |
| 231 | desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; | ||
| 228 | 232 | ||
| 229 | crypto_digest_init(tfm); | 233 | err = crypto_hash_init(&desc); |
| 234 | if (err) | ||
| 235 | goto out; | ||
| 230 | sg_set_buf(sg, header, hdrlen); | 236 | sg_set_buf(sg, header, hdrlen); |
| 231 | crypto_digest_update(tfm, sg, 1); | 237 | err = crypto_hash_update(&desc, sg, hdrlen); |
| 232 | process_xdr_buf(body, body_offset, body->len - body_offset, | 238 | if (err) |
| 233 | checksummer, tfm); | 239 | goto out; |
| 234 | crypto_digest_final(tfm, cksum->data); | 240 | err = process_xdr_buf(body, body_offset, body->len - body_offset, |
| 235 | crypto_free_tfm(tfm); | 241 | checksummer, &desc); |
| 236 | return 0; | 242 | if (err) |
| 243 | goto out; | ||
| 244 | err = crypto_hash_final(&desc, cksum->data); | ||
| 245 | |||
| 246 | out: | ||
| 247 | crypto_free_hash(desc.tfm); | ||
| 248 | return err ? GSS_S_FAILURE : 0; | ||
| 237 | } | 249 | } |
| 238 | 250 | ||
| 239 | EXPORT_SYMBOL(make_checksum); | 251 | EXPORT_SYMBOL(make_checksum); |
| 240 | 252 | ||
| 241 | struct encryptor_desc { | 253 | struct encryptor_desc { |
| 242 | u8 iv[8]; /* XXX hard-coded blocksize */ | 254 | u8 iv[8]; /* XXX hard-coded blocksize */ |
| 243 | struct crypto_tfm *tfm; | 255 | struct blkcipher_desc desc; |
| 244 | int pos; | 256 | int pos; |
| 245 | struct xdr_buf *outbuf; | 257 | struct xdr_buf *outbuf; |
| 246 | struct page **pages; | 258 | struct page **pages; |
| @@ -285,8 +297,8 @@ encryptor(struct scatterlist *sg, void *data) | |||
| 285 | if (thislen == 0) | 297 | if (thislen == 0) |
| 286 | return 0; | 298 | return 0; |
| 287 | 299 | ||
| 288 | ret = crypto_cipher_encrypt_iv(desc->tfm, desc->outfrags, desc->infrags, | 300 | ret = crypto_blkcipher_encrypt_iv(&desc->desc, desc->outfrags, |
| 289 | thislen, desc->iv); | 301 | desc->infrags, thislen); |
| 290 | if (ret) | 302 | if (ret) |
| 291 | return ret; | 303 | return ret; |
| 292 | if (fraglen) { | 304 | if (fraglen) { |
| @@ -305,16 +317,18 @@ encryptor(struct scatterlist *sg, void *data) | |||
| 305 | } | 317 | } |
| 306 | 318 | ||
| 307 | int | 319 | int |
| 308 | gss_encrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *buf, int offset, | 320 | gss_encrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf, |
| 309 | struct page **pages) | 321 | int offset, struct page **pages) |
| 310 | { | 322 | { |
| 311 | int ret; | 323 | int ret; |
| 312 | struct encryptor_desc desc; | 324 | struct encryptor_desc desc; |
| 313 | 325 | ||
| 314 | BUG_ON((buf->len - offset) % crypto_tfm_alg_blocksize(tfm) != 0); | 326 | BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0); |
| 315 | 327 | ||
| 316 | memset(desc.iv, 0, sizeof(desc.iv)); | 328 | memset(desc.iv, 0, sizeof(desc.iv)); |
| 317 | desc.tfm = tfm; | 329 | desc.desc.tfm = tfm; |
| 330 | desc.desc.info = desc.iv; | ||
| 331 | desc.desc.flags = 0; | ||
| 318 | desc.pos = offset; | 332 | desc.pos = offset; |
| 319 | desc.outbuf = buf; | 333 | desc.outbuf = buf; |
| 320 | desc.pages = pages; | 334 | desc.pages = pages; |
| @@ -329,7 +343,7 @@ EXPORT_SYMBOL(gss_encrypt_xdr_buf); | |||
| 329 | 343 | ||
| 330 | struct decryptor_desc { | 344 | struct decryptor_desc { |
| 331 | u8 iv[8]; /* XXX hard-coded blocksize */ | 345 | u8 iv[8]; /* XXX hard-coded blocksize */ |
| 332 | struct crypto_tfm *tfm; | 346 | struct blkcipher_desc desc; |
| 333 | struct scatterlist frags[4]; | 347 | struct scatterlist frags[4]; |
| 334 | int fragno; | 348 | int fragno; |
| 335 | int fraglen; | 349 | int fraglen; |
| @@ -355,8 +369,8 @@ decryptor(struct scatterlist *sg, void *data) | |||
| 355 | if (thislen == 0) | 369 | if (thislen == 0) |
| 356 | return 0; | 370 | return 0; |
| 357 | 371 | ||
| 358 | ret = crypto_cipher_decrypt_iv(desc->tfm, desc->frags, desc->frags, | 372 | ret = crypto_blkcipher_decrypt_iv(&desc->desc, desc->frags, |
| 359 | thislen, desc->iv); | 373 | desc->frags, thislen); |
| 360 | if (ret) | 374 | if (ret) |
| 361 | return ret; | 375 | return ret; |
| 362 | if (fraglen) { | 376 | if (fraglen) { |
| @@ -373,15 +387,18 @@ decryptor(struct scatterlist *sg, void *data) | |||
| 373 | } | 387 | } |
| 374 | 388 | ||
| 375 | int | 389 | int |
| 376 | gss_decrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *buf, int offset) | 390 | gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf, |
| 391 | int offset) | ||
| 377 | { | 392 | { |
| 378 | struct decryptor_desc desc; | 393 | struct decryptor_desc desc; |
| 379 | 394 | ||
| 380 | /* XXXJBF: */ | 395 | /* XXXJBF: */ |
| 381 | BUG_ON((buf->len - offset) % crypto_tfm_alg_blocksize(tfm) != 0); | 396 | BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0); |
| 382 | 397 | ||
| 383 | memset(desc.iv, 0, sizeof(desc.iv)); | 398 | memset(desc.iv, 0, sizeof(desc.iv)); |
| 384 | desc.tfm = tfm; | 399 | desc.desc.tfm = tfm; |
| 400 | desc.desc.info = desc.iv; | ||
| 401 | desc.desc.flags = 0; | ||
| 385 | desc.fragno = 0; | 402 | desc.fragno = 0; |
| 386 | desc.fraglen = 0; | 403 | desc.fraglen = 0; |
| 387 | return process_xdr_buf(buf, offset, buf->len - offset, decryptor, &desc); | 404 | return process_xdr_buf(buf, offset, buf->len - offset, decryptor, &desc); |