aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2006-08-22 06:33:54 -0400
committerHerbert Xu <herbert@gondor.apana.org.au>2006-09-20 21:46:15 -0400
commit378c6697a282c383d89428380a3405bf95189347 (patch)
tree3127c641dd07694199cd4e89c9cd5c155c4eb560 /net
parent6b7326c8497f954c2cfcb4c49fe42be5b80887bc (diff)
[SUNRPC] GSS: Use block ciphers where applicable
This patch converts SUNRPC/GSS to use the new block cipher type where applicable. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'net')
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_crypto.c57
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_mech.c24
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seqnum.c4
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_wrap.c4
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_mech.c29
5 files changed, 64 insertions, 54 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index 76b969e6904f..57192dfe3065 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -49,7 +49,7 @@
49 49
50u32 50u32
51krb5_encrypt( 51krb5_encrypt(
52 struct crypto_tfm *tfm, 52 struct crypto_blkcipher *tfm,
53 void * iv, 53 void * iv,
54 void * in, 54 void * in,
55 void * out, 55 void * out,
@@ -58,26 +58,27 @@ krb5_encrypt(
58 u32 ret = -EINVAL; 58 u32 ret = -EINVAL;
59 struct scatterlist sg[1]; 59 struct scatterlist sg[1];
60 u8 local_iv[16] = {0}; 60 u8 local_iv[16] = {0};
61 struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv };
61 62
62 dprintk("RPC: krb5_encrypt: input data:\n"); 63 dprintk("RPC: krb5_encrypt: input data:\n");
63 print_hexl((u32 *)in, length, 0); 64 print_hexl((u32 *)in, length, 0);
64 65
65 if (length % crypto_tfm_alg_blocksize(tfm) != 0) 66 if (length % crypto_blkcipher_blocksize(tfm) != 0)
66 goto out; 67 goto out;
67 68
68 if (crypto_tfm_alg_ivsize(tfm) > 16) { 69 if (crypto_blkcipher_ivsize(tfm) > 16) {
69 dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", 70 dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n",
70 crypto_tfm_alg_ivsize(tfm)); 71 crypto_blkcipher_ivsize(tfm));
71 goto out; 72 goto out;
72 } 73 }
73 74
74 if (iv) 75 if (iv)
75 memcpy(local_iv, iv, crypto_tfm_alg_ivsize(tfm)); 76 memcpy(local_iv, iv, crypto_blkcipher_ivsize(tfm));
76 77
77 memcpy(out, in, length); 78 memcpy(out, in, length);
78 sg_set_buf(sg, out, length); 79 sg_set_buf(sg, out, length);
79 80
80 ret = crypto_cipher_encrypt_iv(tfm, sg, sg, length, local_iv); 81 ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length);
81 82
82 dprintk("RPC: krb5_encrypt: output data:\n"); 83 dprintk("RPC: krb5_encrypt: output data:\n");
83 print_hexl((u32 *)out, length, 0); 84 print_hexl((u32 *)out, length, 0);
@@ -90,7 +91,7 @@ EXPORT_SYMBOL(krb5_encrypt);
90 91
91u32 92u32
92krb5_decrypt( 93krb5_decrypt(
93 struct crypto_tfm *tfm, 94 struct crypto_blkcipher *tfm,
94 void * iv, 95 void * iv,
95 void * in, 96 void * in,
96 void * out, 97 void * out,
@@ -99,25 +100,26 @@ krb5_decrypt(
99 u32 ret = -EINVAL; 100 u32 ret = -EINVAL;
100 struct scatterlist sg[1]; 101 struct scatterlist sg[1];
101 u8 local_iv[16] = {0}; 102 u8 local_iv[16] = {0};
103 struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv };
102 104
103 dprintk("RPC: krb5_decrypt: input data:\n"); 105 dprintk("RPC: krb5_decrypt: input data:\n");
104 print_hexl((u32 *)in, length, 0); 106 print_hexl((u32 *)in, length, 0);
105 107
106 if (length % crypto_tfm_alg_blocksize(tfm) != 0) 108 if (length % crypto_blkcipher_blocksize(tfm) != 0)
107 goto out; 109 goto out;
108 110
109 if (crypto_tfm_alg_ivsize(tfm) > 16) { 111 if (crypto_blkcipher_ivsize(tfm) > 16) {
110 dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", 112 dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n",
111 crypto_tfm_alg_ivsize(tfm)); 113 crypto_blkcipher_ivsize(tfm));
112 goto out; 114 goto out;
113 } 115 }
114 if (iv) 116 if (iv)
115 memcpy(local_iv,iv, crypto_tfm_alg_ivsize(tfm)); 117 memcpy(local_iv,iv, crypto_blkcipher_ivsize(tfm));
116 118
117 memcpy(out, in, length); 119 memcpy(out, in, length);
118 sg_set_buf(sg, out, length); 120 sg_set_buf(sg, out, length);
119 121
120 ret = crypto_cipher_decrypt_iv(tfm, sg, sg, length, local_iv); 122 ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length);
121 123
122 dprintk("RPC: krb5_decrypt: output_data:\n"); 124 dprintk("RPC: krb5_decrypt: output_data:\n");
123 print_hexl((u32 *)out, length, 0); 125 print_hexl((u32 *)out, length, 0);
@@ -240,7 +242,7 @@ EXPORT_SYMBOL(make_checksum);
240 242
241struct encryptor_desc { 243struct encryptor_desc {
242 u8 iv[8]; /* XXX hard-coded blocksize */ 244 u8 iv[8]; /* XXX hard-coded blocksize */
243 struct crypto_tfm *tfm; 245 struct blkcipher_desc desc;
244 int pos; 246 int pos;
245 struct xdr_buf *outbuf; 247 struct xdr_buf *outbuf;
246 struct page **pages; 248 struct page **pages;
@@ -285,8 +287,8 @@ encryptor(struct scatterlist *sg, void *data)
285 if (thislen == 0) 287 if (thislen == 0)
286 return 0; 288 return 0;
287 289
288 ret = crypto_cipher_encrypt_iv(desc->tfm, desc->outfrags, desc->infrags, 290 ret = crypto_blkcipher_encrypt_iv(&desc->desc, desc->outfrags,
289 thislen, desc->iv); 291 desc->infrags, thislen);
290 if (ret) 292 if (ret)
291 return ret; 293 return ret;
292 if (fraglen) { 294 if (fraglen) {
@@ -305,16 +307,18 @@ encryptor(struct scatterlist *sg, void *data)
305} 307}
306 308
307int 309int
308gss_encrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *buf, int offset, 310gss_encrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf,
309 struct page **pages) 311 int offset, struct page **pages)
310{ 312{
311 int ret; 313 int ret;
312 struct encryptor_desc desc; 314 struct encryptor_desc desc;
313 315
314 BUG_ON((buf->len - offset) % crypto_tfm_alg_blocksize(tfm) != 0); 316 BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0);
315 317
316 memset(desc.iv, 0, sizeof(desc.iv)); 318 memset(desc.iv, 0, sizeof(desc.iv));
317 desc.tfm = tfm; 319 desc.desc.tfm = tfm;
320 desc.desc.info = desc.iv;
321 desc.desc.flags = 0;
318 desc.pos = offset; 322 desc.pos = offset;
319 desc.outbuf = buf; 323 desc.outbuf = buf;
320 desc.pages = pages; 324 desc.pages = pages;
@@ -329,7 +333,7 @@ EXPORT_SYMBOL(gss_encrypt_xdr_buf);
329 333
330struct decryptor_desc { 334struct decryptor_desc {
331 u8 iv[8]; /* XXX hard-coded blocksize */ 335 u8 iv[8]; /* XXX hard-coded blocksize */
332 struct crypto_tfm *tfm; 336 struct blkcipher_desc desc;
333 struct scatterlist frags[4]; 337 struct scatterlist frags[4];
334 int fragno; 338 int fragno;
335 int fraglen; 339 int fraglen;
@@ -355,8 +359,8 @@ decryptor(struct scatterlist *sg, void *data)
355 if (thislen == 0) 359 if (thislen == 0)
356 return 0; 360 return 0;
357 361
358 ret = crypto_cipher_decrypt_iv(desc->tfm, desc->frags, desc->frags, 362 ret = crypto_blkcipher_decrypt_iv(&desc->desc, desc->frags,
359 thislen, desc->iv); 363 desc->frags, thislen);
360 if (ret) 364 if (ret)
361 return ret; 365 return ret;
362 if (fraglen) { 366 if (fraglen) {
@@ -373,15 +377,18 @@ decryptor(struct scatterlist *sg, void *data)
373} 377}
374 378
375int 379int
376gss_decrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *buf, int offset) 380gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf,
381 int offset)
377{ 382{
378 struct decryptor_desc desc; 383 struct decryptor_desc desc;
379 384
380 /* XXXJBF: */ 385 /* XXXJBF: */
381 BUG_ON((buf->len - offset) % crypto_tfm_alg_blocksize(tfm) != 0); 386 BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0);
382 387
383 memset(desc.iv, 0, sizeof(desc.iv)); 388 memset(desc.iv, 0, sizeof(desc.iv));
384 desc.tfm = tfm; 389 desc.desc.tfm = tfm;
390 desc.desc.info = desc.iv;
391 desc.desc.flags = 0;
385 desc.fragno = 0; 392 desc.fragno = 0;
386 desc.fraglen = 0; 393 desc.fraglen = 0;
387 return process_xdr_buf(buf, offset, buf->len - offset, decryptor, &desc); 394 return process_xdr_buf(buf, offset, buf->len - offset, decryptor, &desc);
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 70e1e53a632b..325e72e4fd31 100644
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -34,6 +34,7 @@
34 * 34 *
35 */ 35 */
36 36
37#include <linux/err.h>
37#include <linux/module.h> 38#include <linux/module.h>
38#include <linux/init.h> 39#include <linux/init.h>
39#include <linux/types.h> 40#include <linux/types.h>
@@ -78,10 +79,10 @@ simple_get_netobj(const void *p, const void *end, struct xdr_netobj *res)
78} 79}
79 80
80static inline const void * 81static inline const void *
81get_key(const void *p, const void *end, struct crypto_tfm **res) 82get_key(const void *p, const void *end, struct crypto_blkcipher **res)
82{ 83{
83 struct xdr_netobj key; 84 struct xdr_netobj key;
84 int alg, alg_mode; 85 int alg;
85 char *alg_name; 86 char *alg_name;
86 87
87 p = simple_get_bytes(p, end, &alg, sizeof(alg)); 88 p = simple_get_bytes(p, end, &alg, sizeof(alg));
@@ -93,18 +94,19 @@ get_key(const void *p, const void *end, struct crypto_tfm **res)
93 94
94 switch (alg) { 95 switch (alg) {
95 case ENCTYPE_DES_CBC_RAW: 96 case ENCTYPE_DES_CBC_RAW:
96 alg_name = "des"; 97 alg_name = "cbc(des)";
97 alg_mode = CRYPTO_TFM_MODE_CBC;
98 break; 98 break;
99 default: 99 default:
100 printk("gss_kerberos_mech: unsupported algorithm %d\n", alg); 100 printk("gss_kerberos_mech: unsupported algorithm %d\n", alg);
101 goto out_err_free_key; 101 goto out_err_free_key;
102 } 102 }
103 if (!(*res = crypto_alloc_tfm(alg_name, alg_mode))) { 103 *res = crypto_alloc_blkcipher(alg_name, 0, CRYPTO_ALG_ASYNC);
104 if (IS_ERR(*res)) {
104 printk("gss_kerberos_mech: unable to initialize crypto algorithm %s\n", alg_name); 105 printk("gss_kerberos_mech: unable to initialize crypto algorithm %s\n", alg_name);
106 *res = NULL;
105 goto out_err_free_key; 107 goto out_err_free_key;
106 } 108 }
107 if (crypto_cipher_setkey(*res, key.data, key.len)) { 109 if (crypto_blkcipher_setkey(*res, key.data, key.len)) {
108 printk("gss_kerberos_mech: error setting key for crypto algorithm %s\n", alg_name); 110 printk("gss_kerberos_mech: error setting key for crypto algorithm %s\n", alg_name);
109 goto out_err_free_tfm; 111 goto out_err_free_tfm;
110 } 112 }
@@ -113,7 +115,7 @@ get_key(const void *p, const void *end, struct crypto_tfm **res)
113 return p; 115 return p;
114 116
115out_err_free_tfm: 117out_err_free_tfm:
116 crypto_free_tfm(*res); 118 crypto_free_blkcipher(*res);
117out_err_free_key: 119out_err_free_key:
118 kfree(key.data); 120 kfree(key.data);
119 p = ERR_PTR(-EINVAL); 121 p = ERR_PTR(-EINVAL);
@@ -172,9 +174,9 @@ gss_import_sec_context_kerberos(const void *p,
172 return 0; 174 return 0;
173 175
174out_err_free_key2: 176out_err_free_key2:
175 crypto_free_tfm(ctx->seq); 177 crypto_free_blkcipher(ctx->seq);
176out_err_free_key1: 178out_err_free_key1:
177 crypto_free_tfm(ctx->enc); 179 crypto_free_blkcipher(ctx->enc);
178out_err_free_mech: 180out_err_free_mech:
179 kfree(ctx->mech_used.data); 181 kfree(ctx->mech_used.data);
180out_err_free_ctx: 182out_err_free_ctx:
@@ -187,8 +189,8 @@ static void
187gss_delete_sec_context_kerberos(void *internal_ctx) { 189gss_delete_sec_context_kerberos(void *internal_ctx) {
188 struct krb5_ctx *kctx = internal_ctx; 190 struct krb5_ctx *kctx = internal_ctx;
189 191
190 crypto_free_tfm(kctx->seq); 192 crypto_free_blkcipher(kctx->seq);
191 crypto_free_tfm(kctx->enc); 193 crypto_free_blkcipher(kctx->enc);
192 kfree(kctx->mech_used.data); 194 kfree(kctx->mech_used.data);
193 kfree(kctx); 195 kfree(kctx);
194} 196}
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
index c53ead39118d..c604baf3a5f6 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
@@ -41,7 +41,7 @@
41#endif 41#endif
42 42
43s32 43s32
44krb5_make_seq_num(struct crypto_tfm *key, 44krb5_make_seq_num(struct crypto_blkcipher *key,
45 int direction, 45 int direction,
46 s32 seqnum, 46 s32 seqnum,
47 unsigned char *cksum, unsigned char *buf) 47 unsigned char *cksum, unsigned char *buf)
@@ -62,7 +62,7 @@ krb5_make_seq_num(struct crypto_tfm *key,
62} 62}
63 63
64s32 64s32
65krb5_get_seq_num(struct crypto_tfm *key, 65krb5_get_seq_num(struct crypto_blkcipher *key,
66 unsigned char *cksum, 66 unsigned char *cksum,
67 unsigned char *buf, 67 unsigned char *buf,
68 int *direction, s32 * seqnum) 68 int *direction, s32 * seqnum)
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index 89d1f3e14128..f179415d0c38 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -149,7 +149,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
149 goto out_err; 149 goto out_err;
150 } 150 }
151 151
152 blocksize = crypto_tfm_alg_blocksize(kctx->enc); 152 blocksize = crypto_blkcipher_blocksize(kctx->enc);
153 gss_krb5_add_padding(buf, offset, blocksize); 153 gss_krb5_add_padding(buf, offset, blocksize);
154 BUG_ON((buf->len - offset) % blocksize); 154 BUG_ON((buf->len - offset) % blocksize);
155 plainlen = blocksize + buf->len - offset; 155 plainlen = blocksize + buf->len - offset;
@@ -346,7 +346,7 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf)
346 /* Copy the data back to the right position. XXX: Would probably be 346 /* Copy the data back to the right position. XXX: Would probably be
347 * better to copy and encrypt at the same time. */ 347 * better to copy and encrypt at the same time. */
348 348
349 blocksize = crypto_tfm_alg_blocksize(kctx->enc); 349 blocksize = crypto_blkcipher_blocksize(kctx->enc);
350 data_start = ptr + 22 + blocksize; 350 data_start = ptr + 22 + blocksize;
351 orig_start = buf->head[0].iov_base + offset; 351 orig_start = buf->head[0].iov_base + offset;
352 data_len = (buf->head[0].iov_base + buf->head[0].iov_len) - data_start; 352 data_len = (buf->head[0].iov_base + buf->head[0].iov_len) - data_start;
diff --git a/net/sunrpc/auth_gss/gss_spkm3_mech.c b/net/sunrpc/auth_gss/gss_spkm3_mech.c
index 88dcb52d171b..bdedf456bc17 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_mech.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_mech.c
@@ -34,6 +34,7 @@
34 * 34 *
35 */ 35 */
36 36
37#include <linux/err.h>
37#include <linux/module.h> 38#include <linux/module.h>
38#include <linux/init.h> 39#include <linux/init.h>
39#include <linux/types.h> 40#include <linux/types.h>
@@ -83,10 +84,11 @@ simple_get_netobj(const void *p, const void *end, struct xdr_netobj *res)
83} 84}
84 85
85static inline const void * 86static inline const void *
86get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg) 87get_key(const void *p, const void *end, struct crypto_blkcipher **res,
88 int *resalg)
87{ 89{
88 struct xdr_netobj key = { 0 }; 90 struct xdr_netobj key = { 0 };
89 int alg_mode,setkey = 0; 91 int setkey = 0;
90 char *alg_name; 92 char *alg_name;
91 93
92 p = simple_get_bytes(p, end, resalg, sizeof(*resalg)); 94 p = simple_get_bytes(p, end, resalg, sizeof(*resalg));
@@ -98,14 +100,12 @@ get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg)
98 100
99 switch (*resalg) { 101 switch (*resalg) {
100 case NID_des_cbc: 102 case NID_des_cbc:
101 alg_name = "des"; 103 alg_name = "cbc(des)";
102 alg_mode = CRYPTO_TFM_MODE_CBC;
103 setkey = 1; 104 setkey = 1;
104 break; 105 break;
105 case NID_cast5_cbc: 106 case NID_cast5_cbc:
106 /* XXXX here in name only, not used */ 107 /* XXXX here in name only, not used */
107 alg_name = "cast5"; 108 alg_name = "cbc(cast5)";
108 alg_mode = CRYPTO_TFM_MODE_CBC;
109 setkey = 0; /* XXX will need to set to 1 */ 109 setkey = 0; /* XXX will need to set to 1 */
110 break; 110 break;
111 case NID_md5: 111 case NID_md5:
@@ -113,19 +113,20 @@ get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg)
113 dprintk("RPC: SPKM3 get_key: NID_md5 zero Key length\n"); 113 dprintk("RPC: SPKM3 get_key: NID_md5 zero Key length\n");
114 } 114 }
115 alg_name = "md5"; 115 alg_name = "md5";
116 alg_mode = 0;
117 setkey = 0; 116 setkey = 0;
118 break; 117 break;
119 default: 118 default:
120 dprintk("gss_spkm3_mech: unsupported algorithm %d\n", *resalg); 119 dprintk("gss_spkm3_mech: unsupported algorithm %d\n", *resalg);
121 goto out_err_free_key; 120 goto out_err_free_key;
122 } 121 }
123 if (!(*res = crypto_alloc_tfm(alg_name, alg_mode))) { 122 *res = crypto_alloc_blkcipher(alg_name, 0, CRYPTO_ALG_ASYNC);
123 if (IS_ERR(*res)) {
124 printk("gss_spkm3_mech: unable to initialize crypto algorthm %s\n", alg_name); 124 printk("gss_spkm3_mech: unable to initialize crypto algorthm %s\n", alg_name);
125 *res = NULL;
125 goto out_err_free_key; 126 goto out_err_free_key;
126 } 127 }
127 if (setkey) { 128 if (setkey) {
128 if (crypto_cipher_setkey(*res, key.data, key.len)) { 129 if (crypto_blkcipher_setkey(*res, key.data, key.len)) {
129 printk("gss_spkm3_mech: error setting key for crypto algorthm %s\n", alg_name); 130 printk("gss_spkm3_mech: error setting key for crypto algorthm %s\n", alg_name);
130 goto out_err_free_tfm; 131 goto out_err_free_tfm;
131 } 132 }
@@ -136,7 +137,7 @@ get_key(const void *p, const void *end, struct crypto_tfm **res, int *resalg)
136 return p; 137 return p;
137 138
138out_err_free_tfm: 139out_err_free_tfm:
139 crypto_free_tfm(*res); 140 crypto_free_blkcipher(*res);
140out_err_free_key: 141out_err_free_key:
141 if(key.len > 0) 142 if(key.len > 0)
142 kfree(key.data); 143 kfree(key.data);
@@ -204,9 +205,9 @@ gss_import_sec_context_spkm3(const void *p, size_t len,
204 return 0; 205 return 0;
205 206
206out_err_free_key2: 207out_err_free_key2:
207 crypto_free_tfm(ctx->derived_integ_key); 208 crypto_free_blkcipher(ctx->derived_integ_key);
208out_err_free_key1: 209out_err_free_key1:
209 crypto_free_tfm(ctx->derived_conf_key); 210 crypto_free_blkcipher(ctx->derived_conf_key);
210out_err_free_s_key: 211out_err_free_s_key:
211 kfree(ctx->share_key.data); 212 kfree(ctx->share_key.data);
212out_err_free_mech: 213out_err_free_mech:
@@ -223,8 +224,8 @@ static void
223gss_delete_sec_context_spkm3(void *internal_ctx) { 224gss_delete_sec_context_spkm3(void *internal_ctx) {
224 struct spkm3_ctx *sctx = internal_ctx; 225 struct spkm3_ctx *sctx = internal_ctx;
225 226
226 crypto_free_tfm(sctx->derived_integ_key); 227 crypto_free_blkcipher(sctx->derived_integ_key);
227 crypto_free_tfm(sctx->derived_conf_key); 228 crypto_free_blkcipher(sctx->derived_conf_key);
228 kfree(sctx->share_key.data); 229 kfree(sctx->share_key.data);
229 kfree(sctx->mech_used.data); 230 kfree(sctx->mech_used.data);
230 kfree(sctx); 231 kfree(sctx);