diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2006-08-22 06:33:54 -0400 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2006-09-20 21:46:15 -0400 |
commit | 378c6697a282c383d89428380a3405bf95189347 (patch) | |
tree | 3127c641dd07694199cd4e89c9cd5c155c4eb560 /net/sunrpc | |
parent | 6b7326c8497f954c2cfcb4c49fe42be5b80887bc (diff) |
[SUNRPC] GSS: Use block ciphers where applicable
This patch converts SUNRPC/GSS to use the new block cipher type where
applicable.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'net/sunrpc')
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_crypto.c | 57 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_mech.c | 24 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_seqnum.c | 4 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_wrap.c | 4 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_spkm3_mech.c | 29 |
5 files changed, 64 insertions, 54 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c index 76b969e6904f..57192dfe3065 100644 --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c | |||
@@ -49,7 +49,7 @@ | |||
49 | 49 | ||
50 | u32 | 50 | u32 |
51 | krb5_encrypt( | 51 | krb5_encrypt( |
52 | struct crypto_tfm *tfm, | 52 | struct crypto_blkcipher *tfm, |
53 | void * iv, | 53 | void * iv, |
54 | void * in, | 54 | void * in, |
55 | void * out, | 55 | void * out, |
@@ -58,26 +58,27 @@ krb5_encrypt( | |||
58 | u32 ret = -EINVAL; | 58 | u32 ret = -EINVAL; |
59 | struct scatterlist sg[1]; | 59 | struct scatterlist sg[1]; |
60 | u8 local_iv[16] = {0}; | 60 | u8 local_iv[16] = {0}; |
61 | struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv }; | ||
61 | 62 | ||
62 | dprintk("RPC: krb5_encrypt: input data:\n"); | 63 | dprintk("RPC: krb5_encrypt: input data:\n"); |
63 | print_hexl((u32 *)in, length, 0); | 64 | print_hexl((u32 *)in, length, 0); |
64 | 65 | ||
65 | if (length % crypto_tfm_alg_blocksize(tfm) != 0) | 66 | if (length % crypto_blkcipher_blocksize(tfm) != 0) |
66 | goto out; | 67 | goto out; |
67 | 68 | ||
68 | if (crypto_tfm_alg_ivsize(tfm) > 16) { | 69 | if (crypto_blkcipher_ivsize(tfm) > 16) { |
69 | dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", | 70 | dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", |
70 | crypto_tfm_alg_ivsize(tfm)); | 71 | crypto_blkcipher_ivsize(tfm)); |
71 | goto out; | 72 | goto out; |
72 | } | 73 | } |
73 | 74 | ||
74 | if (iv) | 75 | if (iv) |
75 | memcpy(local_iv, iv, crypto_tfm_alg_ivsize(tfm)); | 76 | memcpy(local_iv, iv, crypto_blkcipher_ivsize(tfm)); |
76 | 77 | ||
77 | memcpy(out, in, length); | 78 | memcpy(out, in, length); |
78 | sg_set_buf(sg, out, length); | 79 | sg_set_buf(sg, out, length); |
79 | 80 | ||
80 | ret = crypto_cipher_encrypt_iv(tfm, sg, sg, length, local_iv); | 81 | ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length); |
81 | 82 | ||
82 | dprintk("RPC: krb5_encrypt: output data:\n"); | 83 | dprintk("RPC: krb5_encrypt: output data:\n"); |
83 | print_hexl((u32 *)out, length, 0); | 84 | print_hexl((u32 *)out, length, 0); |
@@ -90,7 +91,7 @@ EXPORT_SYMBOL(krb5_encrypt); | |||
90 | 91 | ||
91 | u32 | 92 | u32 |
92 | krb5_decrypt( | 93 | krb5_decrypt( |
93 | struct crypto_tfm *tfm, | 94 | struct crypto_blkcipher *tfm, |
94 | void * iv, | 95 | void * iv, |
95 | void * in, | 96 | void * in, |
96 | void * out, | 97 | void * out, |
@@ -99,25 +100,26 @@ krb5_decrypt( | |||
99 | u32 ret = -EINVAL; | 100 | u32 ret = -EINVAL; |
100 | struct scatterlist sg[1]; | 101 | struct scatterlist sg[1]; |
101 | u8 local_iv[16] = {0}; | 102 | u8 local_iv[16] = {0}; |
103 | struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv }; | ||
102 | 104 | ||
103 | dprintk("RPC: krb5_decrypt: input data:\n"); | 105 | dprintk("RPC: krb5_decrypt: input data:\n"); |
104 | print_hexl((u32 *)in, length, 0); | 106 | print_hexl((u32 *)in, length, 0); |
105 | 107 | ||
106 | if (length % crypto_tfm_alg_blocksize(tfm) != 0) | 108 | if (length % crypto_blkcipher_blocksize(tfm) != 0) |
107 | goto out; | 109 | goto out; |
108 | 110 | ||
109 | if (crypto_tfm_alg_ivsize(tfm) > 16) { | 111 | if (crypto_blkcipher_ivsize(tfm) > 16) { |
110 | dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", | 112 | dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", |
111 | crypto_tfm_alg_ivsize(tfm)); | 113 | crypto_blkcipher_ivsize(tfm)); |
112 | goto out; | 114 | goto out; |
113 | } | 115 | } |
114 | if (iv) | 116 | if (iv) |
115 | memcpy(local_iv,iv, crypto_tfm_alg_ivsize(tfm)); | 117 | memcpy(local_iv,iv, crypto_blkcipher_ivsize(tfm)); |
116 | 118 | ||
117 | memcpy(out, in, length); | 119 | memcpy(out, in, length); |
118 | sg_set_buf(sg, out, length); | 120 | sg_set_buf(sg, out, length); |
119 | 121 | ||
120 | ret = crypto_cipher_decrypt_iv(tfm, sg, sg, length, local_iv); | 122 | ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length); |
121 | 123 | ||
122 | dprintk("RPC: krb5_decrypt: output_data:\n"); | 124 | dprintk("RPC: krb5_decrypt: output_data:\n"); |
123 | print_hexl((u32 *)out, length, 0); | 125 | print_hexl((u32 *)out, length, 0); |
@@ -240,7 +242,7 @@ EXPORT_SYMBOL(make_checksum); | |||
240 | 242 | ||
241 | struct encryptor_desc { | 243 | struct encryptor_desc { |
242 | u8 iv[8]; /* XXX hard-coded blocksize */ | 244 | u8 iv[8]; /* XXX hard-coded blocksize */ |
243 | struct crypto_tfm *tfm; | 245 | struct blkcipher_desc desc; |
244 | int pos; | 246 | int pos; |
245 | struct xdr_buf *outbuf; | 247 | struct xdr_buf *outbuf; |
246 | struct page **pages; | 248 | struct page **pages; |
@@ -285,8 +287,8 @@ encryptor(struct scatterlist *sg, void *data) | |||
285 | if (thislen == 0) | 287 | if (thislen == 0) |
286 | return 0; | 288 | return 0; |
287 | 289 | ||
288 | ret = crypto_cipher_encrypt_iv(desc->tfm, desc->outfrags, desc->infrags, | 290 | ret = crypto_blkcipher_encrypt_iv(&desc->desc, desc->outfrags, |
289 | thislen, desc->iv); | 291 | desc->infrags, thislen); |
290 | if (ret) | 292 | if (ret) |
291 | return ret; | 293 | return ret; |
292 | if (fraglen) { | 294 | if (fraglen) { |
@@ -305,16 +307,18 @@ encryptor(struct scatterlist *sg, void *data) | |||
305 | } | 307 | } |
306 | 308 | ||
307 | int | 309 | int |
308 | gss_encrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *buf, int offset, | 310 | gss_encrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf, |
309 | struct page **pages) | 311 | int offset, struct page **pages) |
310 | { | 312 | { |
311 | int ret; | 313 | int ret; |
312 | struct encryptor_desc desc; | 314 | struct encryptor_desc desc; |
313 | 315 | ||
314 | BUG_ON((buf->len - offset) % crypto_tfm_alg_blocksize(tfm) != 0); | 316 | BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0); |
315 | 317 | ||
316 | memset(desc.iv, 0, sizeof(desc.iv)); | 318 | memset(desc.iv, 0, sizeof(desc.iv)); |
317 | desc.tfm = tfm; | 319 | desc.desc.tfm = tfm; |
320 | desc.desc.info = desc.iv; | ||
321 | desc.desc.flags = 0; | ||
318 | desc.pos = offset; | 322 | desc.pos = offset; |
319 | desc.outbuf = buf; | 323 | desc.outbuf = buf; |
320 | desc.pages = pages; | 324 | desc.pages = pages; |
@@ -329,7 +333,7 @@ EXPORT_SYMBOL(gss_encrypt_xdr_buf); | |||
329 | 333 | ||
330 | struct decryptor_desc { | 334 | struct decryptor_desc { |
331 | u8 iv[8]; /* XXX hard-coded blocksize */ | 335 | u8 iv[8]; /* XXX hard-coded blocksize */ |
332 | struct crypto_tfm *tfm; | 336 | struct blkcipher_desc desc; |
333 | struct scatterlist frags[4]; | 337 | struct scatterlist frags[4]; |
334 | int fragno; | 338 | int fragno; |
335 | int fraglen; | 339 | int fraglen; |
@@ -355,8 +359,8 @@ decryptor(struct scatterlist *sg, void *data) | |||
355 | if (thislen == 0) | 359 | if (thislen == 0) |
356 | return 0; | 360 | return 0; |
357 | 361 | ||
358 | ret = crypto_cipher_decrypt_iv(desc->tfm, desc->frags, desc->frags, | 362 | ret = crypto_blkcipher_decrypt_iv(&desc->desc, desc->frags, |
359 | thislen, desc->iv); | 363 | desc->frags, thislen); |
360 | if (ret) | 364 | if (ret) |
361 | return ret; | 365 | return ret; |
362 | if (fraglen) { | 366 | if (fraglen) { |
@@ -373,15 +377,18 @@ decryptor(struct scatterlist *sg, void *data) | |||
373 | } | 377 | } |
374 | 378 | ||
375 | int | 379 | int |
376 | gss_decrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *buf, int offset) | 380 | gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf, |
381 | int offset) | ||
377 | { | 382 | { |
378 | struct decryptor_desc desc; | 383 | struct decryptor_desc desc; |
379 | 384 | ||
380 | /* XXXJBF: */ | 385 | /* XXXJBF: */ |
381 | BUG_ON((buf->len - offset) % crypto_tfm_alg_blocksize(tfm) != 0); | 386 | BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0); |
382 | 387 | ||
383 | memset(desc.iv, 0, sizeof(desc.iv)); | 388 | memset(desc.iv, 0, sizeof(desc.iv)); |
384 | desc.tfm = tfm; | 389 | desc.desc.tfm = tfm; |
390 | desc.desc.info = desc.iv; | ||
391 | desc.desc.flags = 0; | ||
385 | desc.fragno = 0; | 392 | desc.fragno = 0; |
386 | desc.fraglen = 0; | 393 | desc.fraglen = 0; |
387 | return process_xdr_buf(buf, offset, buf->len - offset, decryptor, &desc); | 394 | return process_xdr_buf(buf, offset, buf->len - offset, decryptor, &desc); |
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index 70e1e53a632b..325e72e4fd31 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c | |||
@@ -34,6 +34,7 @@ | |||
34 | * | 34 | * |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include <linux/err.h> | ||
37 | #include <linux/module.h> | 38 | #include <linux/module.h> |
38 | #include <linux/init.h> | 39 | #include <linux/init.h> |
39 | #include <linux/types.h> | 40 | #include <linux/types.h> |
@@ -78,10 +79,10 @@ simple_get_netobj(const void *p, const void *end, struct xdr_netobj *res) | |||
78 | } | 79 | } |
79 | 80 | ||
80 | static inline const void * | 81 | static inline const void * |
81 | get_key(const void *p, const void *end, struct crypto_tfm **res) | 82 | get_key(const void *p, const void *end, struct crypto_blkcipher **res) |
82 | { | 83 | { |
83 | struct xdr_netobj key; | 84 | struct xdr_netobj key; |
84 | int alg, alg_mode; | 85 | int alg; |
85 | char *alg_name; | 86 | char *alg_name; |
86 | 87 | ||
87 | p = simple_get_bytes(p, end, &alg, sizeof(alg)); | 88 | p = simple_get_bytes(p, end, &alg, sizeof(alg)); |
@@ -93,18 +94,19 @@ get_key(const void *p, const void *end, struct crypto_tfm **res) | |||
93 | 94 | ||
94 | switch (alg) { | 95 | switch (alg) { |
95 | case ENCTYPE_DES_CBC_RAW: | 96 | case ENCTYPE_DES_CBC_RAW: |
96 | alg_name = "des"; | 97 | alg_name = "cbc(des)"; |
97 | alg_mode = CRYPTO_TFM_MODE_CBC; | ||
98 | break; | 98 | break; |
99 | default: | 99 | default: |
100 | printk("gss_kerberos_mech: unsupported algorithm %d\n", alg); | 100 | printk("gss_kerberos_mech: unsupported algorithm %d\n", alg); |
101 | goto out_err_free_key; | 101 | goto out_err_free_key; |
102 | } | 102 | } |
103 | if (!(*res = crypto_alloc_tfm(alg_name, alg_mode))) { | 103 | *res = crypto_alloc_blkcipher(alg_name, 0, CRYPTO_ALG_ASYNC); |
104 | if (IS_ERR(*res)) { | ||
104 | printk("gss_kerberos_mech: unable to initialize crypto algorithm %s\n", alg_name); | 105 | printk("gss_kerberos_mech: unable to initialize crypto algorithm %s\n", alg_name); |
106 | *res = NULL; | ||
105 | goto out_err_free_key; | 107 | goto out_err_free_key; |
106 | } | 108 | } |
107 | if (crypto_cipher_setkey(*res, key.data, key.len)) { | 109 | if (crypto_blkcipher_setkey(*res, key.data, key.len)) { |
108 | printk("gss_kerberos_mech: error setting key for crypto algorithm %s\n", alg_name); | 110 | printk("gss_kerberos_mech: error setting key for crypto algorithm %s\n", alg_name); |
109 | goto out_err_free_tfm; | 111 | goto out_err_free_tfm; |
110 | } | 112 | } |
@@ -113,7 +115,7 @@ get_key(const void *p, const void *end, struct crypto_tfm **res) | |||
113 | return p; | 115 | return p; |
114 | 116 | ||
115 | out_err_free_tfm: | 117 | out_err_free_tfm: |
116 | crypto_free_tfm(*res); | 118 | crypto_free_blkcipher(*res); |
117 | out_err_free_key: | 119 | out_err_free_key: |
118 | kfree(key.data); | 120 | kfree(key.data); |
119 | p = ERR_PTR(-EINVAL); | 121 | p = ERR_PTR(-EINVAL); |
@@ -172,9 +174,9 @@ gss_import_sec_context_kerberos(const void *p, | |||
172 | return 0; | 174 | return 0; |
173 | 175 | ||
174 | out_err_free_key2: | 176 | out_err_free_key2: |
175 | crypto_free_tfm(ctx->seq); | 177 | crypto_free_blkcipher(ctx->seq); |
176 | out_err_free_key1: | 178 | out_err_free_key1: |
177 | crypto_free_tfm(ctx->enc); | 179 | crypto_free_blkcipher(ctx->enc); |
178 | out_err_free_mech: | 180 | out_err_free_mech: |
179 | kfree(ctx->mech_used.data); | 181 | kfree(ctx->mech_used.data); |
180 | out_err_free_ctx: | 182 | out_err_free_ctx: |
@@ -187,8 +189,8 @@ static void | |||
187 | gss_delete_sec_context_kerberos(void *internal_ctx) { | 189 | gss_delete_sec_context_kerberos(void *internal_ctx) { |
188 | struct krb5_ctx *kctx = internal_ctx; | 190 | struct krb5_ctx *kctx = internal_ctx; |
189 | 191 | ||
190 | crypto_free_tfm(kctx->seq); | 192 | crypto_free_blkcipher(kctx->seq); |
191 | crypto_free_tfm(kctx->enc); | 193 | crypto_free_blkcipher(kctx->enc); |
192 | kfree(kctx->mech_used.data); | 194 | kfree(kctx->mech_used.data); |
193 | kfree(kctx); | 195 | kfree(kctx); |
194 | } | 196 | } |
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c index c53ead39118d..c604baf3a5f6 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c +++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c | |||
@@ -41,7 +41,7 @@ | |||
41 | #endif | 41 | #endif |
42 | 42 | ||
43 | s32 | 43 | s32 |
44 | krb5_make_seq_num(struct crypto_tfm *key, | 44 | krb5_make_seq_num(struct crypto_blkcipher *key, |
45 | int direction, | 45 | int direction, |
46 | s32 seqnum, | 46 | s32 seqnum, |
47 | unsigned char *cksum, unsigned char *buf) | 47 | unsigned char *cksum, unsigned char *buf) |
@@ -62,7 +62,7 @@ krb5_make_seq_num(struct crypto_tfm *key, | |||
62 | } | 62 | } |
63 | 63 | ||
64 | s32 | 64 | s32 |
65 | krb5_get_seq_num(struct crypto_tfm *key, | 65 | krb5_get_seq_num(struct crypto_blkcipher *key, |
66 | unsigned char *cksum, | 66 | unsigned char *cksum, |
67 | unsigned char *buf, | 67 | unsigned char *buf, |
68 | int *direction, s32 * seqnum) | 68 | int *direction, s32 * seqnum) |
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c index 89d1f3e14128..f179415d0c38 100644 --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c | |||
@@ -149,7 +149,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset, | |||
149 | goto out_err; | 149 | goto out_err; |
150 | } | 150 | } |
151 | 151 | ||
152 | blocksize = crypto_tfm_alg_blocksize(kctx->enc); | 152 | blocksize = crypto_blkcipher_blocksize(kctx->enc); |
153 | gss_krb5_add_padding(buf, offset, blocksize); | 153 | gss_krb5_add_padding(buf, offset, blocksize); |
154 | BUG_ON((buf->len - offset) % blocksize); | 154 | BUG_ON((buf->len - offset) % blocksize); |
155 | plainlen = blocksize + buf->len - offset; | 155 | plainlen = blocksize + buf->len - offset; |
@@ -346,7 +346,7 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf) | |||
346 | /* Copy the data back to the right position. XXX: Would probably be | 346 | /* Copy the data back to the right position. XXX: Would probably be |
347 | * better to copy and encrypt at the same time. */ | 347 | * better to copy and encrypt at the same time. */ |
348 | 348 | ||
349 | blocksize = crypto_tfm_alg_blocksize(kctx->enc); | 349 | blocksize = crypto_blkcipher_blocksize(kctx->enc); |
350 | data_start = ptr + 22 + blocksize; | 350 | data_start = ptr + 22 + blocksize; |
351 | orig_start = buf->head[0].iov_base + offset; | 351 | orig_start = buf->head[0].iov_base + offset; |
352 | data_len = (buf->head[0].iov_base + buf->head[0].iov_len) - data_start; | 352 | data_len = (buf->head[0].iov_base + buf->head[0].iov_len) - data_start; |
diff --git a/net/sunrpc/auth_gss/gss_spkm3_mech.c b/net/sunrpc/auth_gss/gss_spkm3_mech.c index 88dcb52d171b..bdedf456bc17 100644 --- a/net/sunrpc/auth_gss/gss_spkm3_mech.c +++ b/net/sunrpc/auth_gss/gss_spkm3_mech.c | |||
@@ -34,6 +34,7 @@ | |||
34 | * | 34 | * |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include <linux/err.h> | ||
37 | #include <linux/module.h> | 38 | #include <linux/module.h> |
38 | #include <linux/init.h> | 39 | #include <linux/init.h> |
39 | #include <linux/types.h> | 40 | #include <linux/types.h> |
@@ -83,10 +84,11 @@ simple_get_netobj(const void *p, const void *end, struct xdr_netobj *res) | |||
83 | } | 84 | } |
84 | 85 | ||
85 | static inline const void * | 86 | static inline const void * |
86 | get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg) | 87 | get_key(const void *p, const void *end, struct crypto_blkcipher **res, |
88 | int *resalg) | ||
87 | { | 89 | { |
88 | struct xdr_netobj key = { 0 }; | 90 | struct xdr_netobj key = { 0 }; |
89 | int alg_mode,setkey = 0; | 91 | int setkey = 0; |
90 | char *alg_name; | 92 | char *alg_name; |
91 | 93 | ||
92 | p = simple_get_bytes(p, end, resalg, sizeof(*resalg)); | 94 | p = simple_get_bytes(p, end, resalg, sizeof(*resalg)); |
@@ -98,14 +100,12 @@ get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg) | |||
98 | 100 | ||
99 | switch (*resalg) { | 101 | switch (*resalg) { |
100 | case NID_des_cbc: | 102 | case NID_des_cbc: |
101 | alg_name = "des"; | 103 | alg_name = "cbc(des)"; |
102 | alg_mode = CRYPTO_TFM_MODE_CBC; | ||
103 | setkey = 1; | 104 | setkey = 1; |
104 | break; | 105 | break; |
105 | case NID_cast5_cbc: | 106 | case NID_cast5_cbc: |
106 | /* XXXX here in name only, not used */ | 107 | /* XXXX here in name only, not used */ |
107 | alg_name = "cast5"; | 108 | alg_name = "cbc(cast5)"; |
108 | alg_mode = CRYPTO_TFM_MODE_CBC; | ||
109 | setkey = 0; /* XXX will need to set to 1 */ | 109 | setkey = 0; /* XXX will need to set to 1 */ |
110 | break; | 110 | break; |
111 | case NID_md5: | 111 | case NID_md5: |
@@ -113,19 +113,20 @@ get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg) | |||
113 | dprintk("RPC: SPKM3 get_key: NID_md5 zero Key length\n"); | 113 | dprintk("RPC: SPKM3 get_key: NID_md5 zero Key length\n"); |
114 | } | 114 | } |
115 | alg_name = "md5"; | 115 | alg_name = "md5"; |
116 | alg_mode = 0; | ||
117 | setkey = 0; | 116 | setkey = 0; |
118 | break; | 117 | break; |
119 | default: | 118 | default: |
120 | dprintk("gss_spkm3_mech: unsupported algorithm %d\n", *resalg); | 119 | dprintk("gss_spkm3_mech: unsupported algorithm %d\n", *resalg); |
121 | goto out_err_free_key; | 120 | goto out_err_free_key; |
122 | } | 121 | } |
123 | if (!(*res = crypto_alloc_tfm(alg_name, alg_mode))) { | 122 | *res = crypto_alloc_blkcipher(alg_name, 0, CRYPTO_ALG_ASYNC); |
123 | if (IS_ERR(*res)) { | ||
124 | printk("gss_spkm3_mech: unable to initialize crypto algorthm %s\n", alg_name); | 124 | printk("gss_spkm3_mech: unable to initialize crypto algorthm %s\n", alg_name); |
125 | *res = NULL; | ||
125 | goto out_err_free_key; | 126 | goto out_err_free_key; |
126 | } | 127 | } |
127 | if (setkey) { | 128 | if (setkey) { |
128 | if (crypto_cipher_setkey(*res, key.data, key.len)) { | 129 | if (crypto_blkcipher_setkey(*res, key.data, key.len)) { |
129 | printk("gss_spkm3_mech: error setting key for crypto algorthm %s\n", alg_name); | 130 | printk("gss_spkm3_mech: error setting key for crypto algorthm %s\n", alg_name); |
130 | goto out_err_free_tfm; | 131 | goto out_err_free_tfm; |
131 | } | 132 | } |
@@ -136,7 +137,7 @@ get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg) | |||
136 | return p; | 137 | return p; |
137 | 138 | ||
138 | out_err_free_tfm: | 139 | out_err_free_tfm: |
139 | crypto_free_tfm(*res); | 140 | crypto_free_blkcipher(*res); |
140 | out_err_free_key: | 141 | out_err_free_key: |
141 | if(key.len > 0) | 142 | if(key.len > 0) |
142 | kfree(key.data); | 143 | kfree(key.data); |
@@ -204,9 +205,9 @@ gss_import_sec_context_spkm3(const void *p, size_t len, | |||
204 | return 0; | 205 | return 0; |
205 | 206 | ||
206 | out_err_free_key2: | 207 | out_err_free_key2: |
207 | crypto_free_tfm(ctx->derived_integ_key); | 208 | crypto_free_blkcipher(ctx->derived_integ_key); |
208 | out_err_free_key1: | 209 | out_err_free_key1: |
209 | crypto_free_tfm(ctx->derived_conf_key); | 210 | crypto_free_blkcipher(ctx->derived_conf_key); |
210 | out_err_free_s_key: | 211 | out_err_free_s_key: |
211 | kfree(ctx->share_key.data); | 212 | kfree(ctx->share_key.data); |
212 | out_err_free_mech: | 213 | out_err_free_mech: |
@@ -223,8 +224,8 @@ static void | |||
223 | gss_delete_sec_context_spkm3(void *internal_ctx) { | 224 | gss_delete_sec_context_spkm3(void *internal_ctx) { |
224 | struct spkm3_ctx *sctx = internal_ctx; | 225 | struct spkm3_ctx *sctx = internal_ctx; |
225 | 226 | ||
226 | crypto_free_tfm(sctx->derived_integ_key); | 227 | crypto_free_blkcipher(sctx->derived_integ_key); |
227 | crypto_free_tfm(sctx->derived_conf_key); | 228 | crypto_free_blkcipher(sctx->derived_conf_key); |
228 | kfree(sctx->share_key.data); | 229 | kfree(sctx->share_key.data); |
229 | kfree(sctx->mech_used.data); | 230 | kfree(sctx->mech_used.data); |
230 | kfree(sctx); | 231 | kfree(sctx); |