diff options
| -rw-r--r-- | crypto/Kconfig | 2 | ||||
| -rw-r--r-- | crypto/chainiv.c | 34 | ||||
| -rw-r--r-- | crypto/eseqiv.c | 25 | ||||
| -rw-r--r-- | crypto/seqiv.c | 27 |
4 files changed, 75 insertions, 13 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig index 2274293e71e1..39dbd8e4dde1 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig | |||
| @@ -41,6 +41,7 @@ config CRYPTO_AEAD | |||
| 41 | config CRYPTO_BLKCIPHER | 41 | config CRYPTO_BLKCIPHER |
| 42 | tristate | 42 | tristate |
| 43 | select CRYPTO_ALGAPI | 43 | select CRYPTO_ALGAPI |
| 44 | select CRYPTO_RNG | ||
| 44 | 45 | ||
| 45 | config CRYPTO_HASH | 46 | config CRYPTO_HASH |
| 46 | tristate | 47 | tristate |
| @@ -125,6 +126,7 @@ config CRYPTO_SEQIV | |||
| 125 | tristate "Sequence Number IV Generator" | 126 | tristate "Sequence Number IV Generator" |
| 126 | select CRYPTO_AEAD | 127 | select CRYPTO_AEAD |
| 127 | select CRYPTO_BLKCIPHER | 128 | select CRYPTO_BLKCIPHER |
| 129 | select CRYPTO_RNG | ||
| 128 | help | 130 | help |
| 129 | This IV generator generates an IV based on a sequence number by | 131 | This IV generator generates an IV based on a sequence number by |
| 130 | xoring it with a salt. This algorithm is mainly useful for CTR | 132 | xoring it with a salt. This algorithm is mainly useful for CTR |
diff --git a/crypto/chainiv.c b/crypto/chainiv.c index cf68d4365347..7c37a497b860 100644 --- a/crypto/chainiv.c +++ b/crypto/chainiv.c | |||
| @@ -14,11 +14,11 @@ | |||
| 14 | */ | 14 | */ |
| 15 | 15 | ||
| 16 | #include <crypto/internal/skcipher.h> | 16 | #include <crypto/internal/skcipher.h> |
| 17 | #include <crypto/rng.h> | ||
| 17 | #include <linux/err.h> | 18 | #include <linux/err.h> |
| 18 | #include <linux/init.h> | 19 | #include <linux/init.h> |
| 19 | #include <linux/kernel.h> | 20 | #include <linux/kernel.h> |
| 20 | #include <linux/module.h> | 21 | #include <linux/module.h> |
| 21 | #include <linux/random.h> | ||
| 22 | #include <linux/spinlock.h> | 22 | #include <linux/spinlock.h> |
| 23 | #include <linux/string.h> | 23 | #include <linux/string.h> |
| 24 | #include <linux/workqueue.h> | 24 | #include <linux/workqueue.h> |
| @@ -83,6 +83,7 @@ static int chainiv_givencrypt_first(struct skcipher_givcrypt_request *req) | |||
| 83 | { | 83 | { |
| 84 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | 84 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); |
| 85 | struct chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | 85 | struct chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); |
| 86 | int err = 0; | ||
| 86 | 87 | ||
| 87 | spin_lock_bh(&ctx->lock); | 88 | spin_lock_bh(&ctx->lock); |
| 88 | if (crypto_ablkcipher_crt(geniv)->givencrypt != | 89 | if (crypto_ablkcipher_crt(geniv)->givencrypt != |
| @@ -90,11 +91,15 @@ static int chainiv_givencrypt_first(struct skcipher_givcrypt_request *req) | |||
| 90 | goto unlock; | 91 | goto unlock; |
| 91 | 92 | ||
| 92 | crypto_ablkcipher_crt(geniv)->givencrypt = chainiv_givencrypt; | 93 | crypto_ablkcipher_crt(geniv)->givencrypt = chainiv_givencrypt; |
| 93 | get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv)); | 94 | err = crypto_rng_get_bytes(crypto_default_rng, ctx->iv, |
| 95 | crypto_ablkcipher_ivsize(geniv)); | ||
| 94 | 96 | ||
| 95 | unlock: | 97 | unlock: |
| 96 | spin_unlock_bh(&ctx->lock); | 98 | spin_unlock_bh(&ctx->lock); |
| 97 | 99 | ||
| 100 | if (err) | ||
| 101 | return err; | ||
| 102 | |||
| 98 | return chainiv_givencrypt(req); | 103 | return chainiv_givencrypt(req); |
| 99 | } | 104 | } |
| 100 | 105 | ||
| @@ -203,6 +208,7 @@ static int async_chainiv_givencrypt_first(struct skcipher_givcrypt_request *req) | |||
| 203 | { | 208 | { |
| 204 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | 209 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); |
| 205 | struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | 210 | struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); |
| 211 | int err = 0; | ||
| 206 | 212 | ||
| 207 | if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state)) | 213 | if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state)) |
| 208 | goto out; | 214 | goto out; |
| @@ -212,11 +218,15 @@ static int async_chainiv_givencrypt_first(struct skcipher_givcrypt_request *req) | |||
| 212 | goto unlock; | 218 | goto unlock; |
| 213 | 219 | ||
| 214 | crypto_ablkcipher_crt(geniv)->givencrypt = async_chainiv_givencrypt; | 220 | crypto_ablkcipher_crt(geniv)->givencrypt = async_chainiv_givencrypt; |
| 215 | get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv)); | 221 | err = crypto_rng_get_bytes(crypto_default_rng, ctx->iv, |
| 222 | crypto_ablkcipher_ivsize(geniv)); | ||
| 216 | 223 | ||
| 217 | unlock: | 224 | unlock: |
| 218 | clear_bit(CHAINIV_STATE_INUSE, &ctx->state); | 225 | clear_bit(CHAINIV_STATE_INUSE, &ctx->state); |
| 219 | 226 | ||
| 227 | if (err) | ||
| 228 | return err; | ||
| 229 | |||
| 220 | out: | 230 | out: |
| 221 | return async_chainiv_givencrypt(req); | 231 | return async_chainiv_givencrypt(req); |
| 222 | } | 232 | } |
| @@ -284,9 +294,13 @@ static struct crypto_instance *chainiv_alloc(struct rtattr **tb) | |||
| 284 | if (IS_ERR(algt)) | 294 | if (IS_ERR(algt)) |
| 285 | return ERR_PTR(err); | 295 | return ERR_PTR(err); |
| 286 | 296 | ||
| 297 | err = crypto_get_default_rng(); | ||
| 298 | if (err) | ||
| 299 | return ERR_PTR(err); | ||
| 300 | |||
| 287 | inst = skcipher_geniv_alloc(&chainiv_tmpl, tb, 0, 0); | 301 | inst = skcipher_geniv_alloc(&chainiv_tmpl, tb, 0, 0); |
| 288 | if (IS_ERR(inst)) | 302 | if (IS_ERR(inst)) |
| 289 | goto out; | 303 | goto put_rng; |
| 290 | 304 | ||
| 291 | inst->alg.cra_ablkcipher.givencrypt = chainiv_givencrypt_first; | 305 | inst->alg.cra_ablkcipher.givencrypt = chainiv_givencrypt_first; |
| 292 | 306 | ||
| @@ -311,12 +325,22 @@ static struct crypto_instance *chainiv_alloc(struct rtattr **tb) | |||
| 311 | 325 | ||
| 312 | out: | 326 | out: |
| 313 | return inst; | 327 | return inst; |
| 328 | |||
| 329 | put_rng: | ||
| 330 | crypto_put_default_rng(); | ||
| 331 | goto out; | ||
| 332 | } | ||
| 333 | |||
| 334 | static void chainiv_free(struct crypto_instance *inst) | ||
| 335 | { | ||
| 336 | skcipher_geniv_free(inst); | ||
| 337 | crypto_put_default_rng(); | ||
| 314 | } | 338 | } |
| 315 | 339 | ||
| 316 | static struct crypto_template chainiv_tmpl = { | 340 | static struct crypto_template chainiv_tmpl = { |
| 317 | .name = "chainiv", | 341 | .name = "chainiv", |
| 318 | .alloc = chainiv_alloc, | 342 | .alloc = chainiv_alloc, |
| 319 | .free = skcipher_geniv_free, | 343 | .free = chainiv_free, |
| 320 | .module = THIS_MODULE, | 344 | .module = THIS_MODULE, |
| 321 | }; | 345 | }; |
| 322 | 346 | ||
diff --git a/crypto/eseqiv.c b/crypto/eseqiv.c index f5def217a8f1..2a342c8e52b3 100644 --- a/crypto/eseqiv.c +++ b/crypto/eseqiv.c | |||
| @@ -16,13 +16,13 @@ | |||
| 16 | */ | 16 | */ |
| 17 | 17 | ||
| 18 | #include <crypto/internal/skcipher.h> | 18 | #include <crypto/internal/skcipher.h> |
| 19 | #include <crypto/rng.h> | ||
| 19 | #include <crypto/scatterwalk.h> | 20 | #include <crypto/scatterwalk.h> |
| 20 | #include <linux/err.h> | 21 | #include <linux/err.h> |
| 21 | #include <linux/init.h> | 22 | #include <linux/init.h> |
| 22 | #include <linux/kernel.h> | 23 | #include <linux/kernel.h> |
| 23 | #include <linux/mm.h> | 24 | #include <linux/mm.h> |
| 24 | #include <linux/module.h> | 25 | #include <linux/module.h> |
| 25 | #include <linux/random.h> | ||
| 26 | #include <linux/scatterlist.h> | 26 | #include <linux/scatterlist.h> |
| 27 | #include <linux/spinlock.h> | 27 | #include <linux/spinlock.h> |
| 28 | #include <linux/string.h> | 28 | #include <linux/string.h> |
| @@ -163,17 +163,22 @@ static int eseqiv_givencrypt_first(struct skcipher_givcrypt_request *req) | |||
| 163 | { | 163 | { |
| 164 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | 164 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); |
| 165 | struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | 165 | struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); |
| 166 | int err = 0; | ||
| 166 | 167 | ||
| 167 | spin_lock_bh(&ctx->lock); | 168 | spin_lock_bh(&ctx->lock); |
| 168 | if (crypto_ablkcipher_crt(geniv)->givencrypt != eseqiv_givencrypt_first) | 169 | if (crypto_ablkcipher_crt(geniv)->givencrypt != eseqiv_givencrypt_first) |
| 169 | goto unlock; | 170 | goto unlock; |
| 170 | 171 | ||
| 171 | crypto_ablkcipher_crt(geniv)->givencrypt = eseqiv_givencrypt; | 172 | crypto_ablkcipher_crt(geniv)->givencrypt = eseqiv_givencrypt; |
| 172 | get_random_bytes(ctx->salt, crypto_ablkcipher_ivsize(geniv)); | 173 | err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, |
| 174 | crypto_ablkcipher_ivsize(geniv)); | ||
| 173 | 175 | ||
| 174 | unlock: | 176 | unlock: |
| 175 | spin_unlock_bh(&ctx->lock); | 177 | spin_unlock_bh(&ctx->lock); |
| 176 | 178 | ||
| 179 | if (err) | ||
| 180 | return err; | ||
| 181 | |||
| 177 | return eseqiv_givencrypt(req); | 182 | return eseqiv_givencrypt(req); |
| 178 | } | 183 | } |
| 179 | 184 | ||
| @@ -216,9 +221,13 @@ static struct crypto_instance *eseqiv_alloc(struct rtattr **tb) | |||
| 216 | struct crypto_instance *inst; | 221 | struct crypto_instance *inst; |
| 217 | int err; | 222 | int err; |
| 218 | 223 | ||
| 224 | err = crypto_get_default_rng(); | ||
| 225 | if (err) | ||
| 226 | return ERR_PTR(err); | ||
| 227 | |||
| 219 | inst = skcipher_geniv_alloc(&eseqiv_tmpl, tb, 0, 0); | 228 | inst = skcipher_geniv_alloc(&eseqiv_tmpl, tb, 0, 0); |
| 220 | if (IS_ERR(inst)) | 229 | if (IS_ERR(inst)) |
| 221 | goto out; | 230 | goto put_rng; |
| 222 | 231 | ||
| 223 | err = -EINVAL; | 232 | err = -EINVAL; |
| 224 | if (inst->alg.cra_ablkcipher.ivsize != inst->alg.cra_blocksize) | 233 | if (inst->alg.cra_ablkcipher.ivsize != inst->alg.cra_blocksize) |
| @@ -238,13 +247,21 @@ out: | |||
| 238 | free_inst: | 247 | free_inst: |
| 239 | skcipher_geniv_free(inst); | 248 | skcipher_geniv_free(inst); |
| 240 | inst = ERR_PTR(err); | 249 | inst = ERR_PTR(err); |
| 250 | put_rng: | ||
| 251 | crypto_put_default_rng(); | ||
| 241 | goto out; | 252 | goto out; |
| 242 | } | 253 | } |
| 243 | 254 | ||
| 255 | static void eseqiv_free(struct crypto_instance *inst) | ||
| 256 | { | ||
| 257 | skcipher_geniv_free(inst); | ||
| 258 | crypto_put_default_rng(); | ||
| 259 | } | ||
| 260 | |||
| 244 | static struct crypto_template eseqiv_tmpl = { | 261 | static struct crypto_template eseqiv_tmpl = { |
| 245 | .name = "eseqiv", | 262 | .name = "eseqiv", |
| 246 | .alloc = eseqiv_alloc, | 263 | .alloc = eseqiv_alloc, |
| 247 | .free = skcipher_geniv_free, | 264 | .free = eseqiv_free, |
| 248 | .module = THIS_MODULE, | 265 | .module = THIS_MODULE, |
| 249 | }; | 266 | }; |
| 250 | 267 | ||
diff --git a/crypto/seqiv.c b/crypto/seqiv.c index b903aab31577..5a013a8bf87a 100644 --- a/crypto/seqiv.c +++ b/crypto/seqiv.c | |||
| @@ -15,11 +15,11 @@ | |||
| 15 | 15 | ||
| 16 | #include <crypto/internal/aead.h> | 16 | #include <crypto/internal/aead.h> |
| 17 | #include <crypto/internal/skcipher.h> | 17 | #include <crypto/internal/skcipher.h> |
| 18 | #include <crypto/rng.h> | ||
| 18 | #include <linux/err.h> | 19 | #include <linux/err.h> |
| 19 | #include <linux/init.h> | 20 | #include <linux/init.h> |
| 20 | #include <linux/kernel.h> | 21 | #include <linux/kernel.h> |
| 21 | #include <linux/module.h> | 22 | #include <linux/module.h> |
| 22 | #include <linux/random.h> | ||
| 23 | #include <linux/spinlock.h> | 23 | #include <linux/spinlock.h> |
| 24 | #include <linux/string.h> | 24 | #include <linux/string.h> |
| 25 | 25 | ||
| @@ -189,17 +189,22 @@ static int seqiv_givencrypt_first(struct skcipher_givcrypt_request *req) | |||
| 189 | { | 189 | { |
| 190 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); | 190 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); |
| 191 | struct seqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); | 191 | struct seqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); |
| 192 | int err = 0; | ||
| 192 | 193 | ||
| 193 | spin_lock_bh(&ctx->lock); | 194 | spin_lock_bh(&ctx->lock); |
| 194 | if (crypto_ablkcipher_crt(geniv)->givencrypt != seqiv_givencrypt_first) | 195 | if (crypto_ablkcipher_crt(geniv)->givencrypt != seqiv_givencrypt_first) |
| 195 | goto unlock; | 196 | goto unlock; |
| 196 | 197 | ||
| 197 | crypto_ablkcipher_crt(geniv)->givencrypt = seqiv_givencrypt; | 198 | crypto_ablkcipher_crt(geniv)->givencrypt = seqiv_givencrypt; |
| 198 | get_random_bytes(ctx->salt, crypto_ablkcipher_ivsize(geniv)); | 199 | err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, |
| 200 | crypto_ablkcipher_ivsize(geniv)); | ||
| 199 | 201 | ||
| 200 | unlock: | 202 | unlock: |
| 201 | spin_unlock_bh(&ctx->lock); | 203 | spin_unlock_bh(&ctx->lock); |
| 202 | 204 | ||
| 205 | if (err) | ||
| 206 | return err; | ||
| 207 | |||
| 203 | return seqiv_givencrypt(req); | 208 | return seqiv_givencrypt(req); |
| 204 | } | 209 | } |
| 205 | 210 | ||
| @@ -207,17 +212,22 @@ static int seqiv_aead_givencrypt_first(struct aead_givcrypt_request *req) | |||
| 207 | { | 212 | { |
| 208 | struct crypto_aead *geniv = aead_givcrypt_reqtfm(req); | 213 | struct crypto_aead *geniv = aead_givcrypt_reqtfm(req); |
| 209 | struct seqiv_ctx *ctx = crypto_aead_ctx(geniv); | 214 | struct seqiv_ctx *ctx = crypto_aead_ctx(geniv); |
| 215 | int err = 0; | ||
| 210 | 216 | ||
| 211 | spin_lock_bh(&ctx->lock); | 217 | spin_lock_bh(&ctx->lock); |
| 212 | if (crypto_aead_crt(geniv)->givencrypt != seqiv_aead_givencrypt_first) | 218 | if (crypto_aead_crt(geniv)->givencrypt != seqiv_aead_givencrypt_first) |
| 213 | goto unlock; | 219 | goto unlock; |
| 214 | 220 | ||
| 215 | crypto_aead_crt(geniv)->givencrypt = seqiv_aead_givencrypt; | 221 | crypto_aead_crt(geniv)->givencrypt = seqiv_aead_givencrypt; |
| 216 | get_random_bytes(ctx->salt, crypto_aead_ivsize(geniv)); | 222 | err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, |
| 223 | crypto_aead_ivsize(geniv)); | ||
| 217 | 224 | ||
| 218 | unlock: | 225 | unlock: |
| 219 | spin_unlock_bh(&ctx->lock); | 226 | spin_unlock_bh(&ctx->lock); |
| 220 | 227 | ||
| 228 | if (err) | ||
| 229 | return err; | ||
| 230 | |||
| 221 | return seqiv_aead_givencrypt(req); | 231 | return seqiv_aead_givencrypt(req); |
| 222 | } | 232 | } |
| 223 | 233 | ||
| @@ -298,19 +308,27 @@ static struct crypto_instance *seqiv_alloc(struct rtattr **tb) | |||
| 298 | if (IS_ERR(algt)) | 308 | if (IS_ERR(algt)) |
| 299 | return ERR_PTR(err); | 309 | return ERR_PTR(err); |
| 300 | 310 | ||
| 311 | err = crypto_get_default_rng(); | ||
| 312 | if (err) | ||
| 313 | return ERR_PTR(err); | ||
| 314 | |||
| 301 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & CRYPTO_ALG_TYPE_MASK) | 315 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & CRYPTO_ALG_TYPE_MASK) |
| 302 | inst = seqiv_ablkcipher_alloc(tb); | 316 | inst = seqiv_ablkcipher_alloc(tb); |
| 303 | else | 317 | else |
| 304 | inst = seqiv_aead_alloc(tb); | 318 | inst = seqiv_aead_alloc(tb); |
| 305 | 319 | ||
| 306 | if (IS_ERR(inst)) | 320 | if (IS_ERR(inst)) |
| 307 | goto out; | 321 | goto put_rng; |
| 308 | 322 | ||
| 309 | inst->alg.cra_alignmask |= __alignof__(u32) - 1; | 323 | inst->alg.cra_alignmask |= __alignof__(u32) - 1; |
| 310 | inst->alg.cra_ctxsize += sizeof(struct seqiv_ctx); | 324 | inst->alg.cra_ctxsize += sizeof(struct seqiv_ctx); |
| 311 | 325 | ||
| 312 | out: | 326 | out: |
| 313 | return inst; | 327 | return inst; |
| 328 | |||
| 329 | put_rng: | ||
| 330 | crypto_put_default_rng(); | ||
| 331 | goto out; | ||
| 314 | } | 332 | } |
| 315 | 333 | ||
| 316 | static void seqiv_free(struct crypto_instance *inst) | 334 | static void seqiv_free(struct crypto_instance *inst) |
| @@ -319,6 +337,7 @@ static void seqiv_free(struct crypto_instance *inst) | |||
| 319 | skcipher_geniv_free(inst); | 337 | skcipher_geniv_free(inst); |
| 320 | else | 338 | else |
| 321 | aead_geniv_free(inst); | 339 | aead_geniv_free(inst); |
| 340 | crypto_put_default_rng(); | ||
| 322 | } | 341 | } |
| 323 | 342 | ||
| 324 | static struct crypto_template seqiv_tmpl = { | 343 | static struct crypto_template seqiv_tmpl = { |