diff options
Diffstat (limited to 'crypto/authenc.c')
| -rw-r--r-- | crypto/authenc.c | 358 |
1 files changed, 285 insertions, 73 deletions
diff --git a/crypto/authenc.c b/crypto/authenc.c index 5793b64c81a8..4d6f49a5daeb 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c | |||
| @@ -23,24 +23,36 @@ | |||
| 23 | #include <linux/slab.h> | 23 | #include <linux/slab.h> |
| 24 | #include <linux/spinlock.h> | 24 | #include <linux/spinlock.h> |
| 25 | 25 | ||
| 26 | typedef u8 *(*authenc_ahash_t)(struct aead_request *req, unsigned int flags); | ||
| 27 | |||
| 26 | struct authenc_instance_ctx { | 28 | struct authenc_instance_ctx { |
| 27 | struct crypto_spawn auth; | 29 | struct crypto_ahash_spawn auth; |
| 28 | struct crypto_skcipher_spawn enc; | 30 | struct crypto_skcipher_spawn enc; |
| 29 | }; | 31 | }; |
| 30 | 32 | ||
| 31 | struct crypto_authenc_ctx { | 33 | struct crypto_authenc_ctx { |
| 32 | spinlock_t auth_lock; | 34 | unsigned int reqoff; |
| 33 | struct crypto_hash *auth; | 35 | struct crypto_ahash *auth; |
| 34 | struct crypto_ablkcipher *enc; | 36 | struct crypto_ablkcipher *enc; |
| 35 | }; | 37 | }; |
| 36 | 38 | ||
| 39 | struct authenc_request_ctx { | ||
| 40 | unsigned int cryptlen; | ||
| 41 | struct scatterlist *sg; | ||
| 42 | struct scatterlist asg[2]; | ||
| 43 | struct scatterlist cipher[2]; | ||
| 44 | crypto_completion_t complete; | ||
| 45 | crypto_completion_t update_complete; | ||
| 46 | char tail[]; | ||
| 47 | }; | ||
| 48 | |||
| 37 | static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, | 49 | static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, |
| 38 | unsigned int keylen) | 50 | unsigned int keylen) |
| 39 | { | 51 | { |
| 40 | unsigned int authkeylen; | 52 | unsigned int authkeylen; |
| 41 | unsigned int enckeylen; | 53 | unsigned int enckeylen; |
| 42 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 54 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
| 43 | struct crypto_hash *auth = ctx->auth; | 55 | struct crypto_ahash *auth = ctx->auth; |
| 44 | struct crypto_ablkcipher *enc = ctx->enc; | 56 | struct crypto_ablkcipher *enc = ctx->enc; |
| 45 | struct rtattr *rta = (void *)key; | 57 | struct rtattr *rta = (void *)key; |
| 46 | struct crypto_authenc_key_param *param; | 58 | struct crypto_authenc_key_param *param; |
| @@ -64,11 +76,11 @@ static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key, | |||
| 64 | 76 | ||
| 65 | authkeylen = keylen - enckeylen; | 77 | authkeylen = keylen - enckeylen; |
| 66 | 78 | ||
| 67 | crypto_hash_clear_flags(auth, CRYPTO_TFM_REQ_MASK); | 79 | crypto_ahash_clear_flags(auth, CRYPTO_TFM_REQ_MASK); |
| 68 | crypto_hash_set_flags(auth, crypto_aead_get_flags(authenc) & | 80 | crypto_ahash_set_flags(auth, crypto_aead_get_flags(authenc) & |
| 69 | CRYPTO_TFM_REQ_MASK); | 81 | CRYPTO_TFM_REQ_MASK); |
| 70 | err = crypto_hash_setkey(auth, key, authkeylen); | 82 | err = crypto_ahash_setkey(auth, key, authkeylen); |
| 71 | crypto_aead_set_flags(authenc, crypto_hash_get_flags(auth) & | 83 | crypto_aead_set_flags(authenc, crypto_ahash_get_flags(auth) & |
| 72 | CRYPTO_TFM_RES_MASK); | 84 | CRYPTO_TFM_RES_MASK); |
| 73 | 85 | ||
| 74 | if (err) | 86 | if (err) |
| @@ -103,40 +115,198 @@ static void authenc_chain(struct scatterlist *head, struct scatterlist *sg, | |||
| 103 | sg_mark_end(head); | 115 | sg_mark_end(head); |
| 104 | } | 116 | } |
| 105 | 117 | ||
| 106 | static u8 *crypto_authenc_hash(struct aead_request *req, unsigned int flags, | 118 | static void authenc_geniv_ahash_update_done(struct crypto_async_request *areq, |
| 107 | struct scatterlist *cipher, | 119 | int err) |
| 108 | unsigned int cryptlen) | 120 | { |
| 121 | struct aead_request *req = areq->data; | ||
| 122 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | ||
| 123 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | ||
| 124 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | ||
| 125 | struct ahash_request *ahreq = (void *)(areq_ctx->tail + ctx->reqoff); | ||
| 126 | |||
| 127 | if (err) | ||
| 128 | goto out; | ||
| 129 | |||
| 130 | ahash_request_set_crypt(ahreq, areq_ctx->sg, ahreq->result, | ||
| 131 | areq_ctx->cryptlen); | ||
| 132 | ahash_request_set_callback(ahreq, aead_request_flags(req) & | ||
| 133 | CRYPTO_TFM_REQ_MAY_SLEEP, | ||
| 134 | areq_ctx->complete, req); | ||
| 135 | |||
| 136 | err = crypto_ahash_finup(ahreq); | ||
| 137 | if (err) | ||
| 138 | goto out; | ||
| 139 | |||
| 140 | scatterwalk_map_and_copy(ahreq->result, areq_ctx->sg, | ||
| 141 | areq_ctx->cryptlen, | ||
| 142 | crypto_aead_authsize(authenc), 1); | ||
| 143 | |||
| 144 | out: | ||
| 145 | aead_request_complete(req, err); | ||
| 146 | } | ||
| 147 | |||
| 148 | static void authenc_geniv_ahash_done(struct crypto_async_request *areq, int err) | ||
| 149 | { | ||
| 150 | struct aead_request *req = areq->data; | ||
| 151 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | ||
| 152 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | ||
| 153 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | ||
| 154 | struct ahash_request *ahreq = (void *)(areq_ctx->tail + ctx->reqoff); | ||
| 155 | |||
| 156 | if (err) | ||
| 157 | goto out; | ||
| 158 | |||
| 159 | scatterwalk_map_and_copy(ahreq->result, areq_ctx->sg, | ||
| 160 | areq_ctx->cryptlen, | ||
| 161 | crypto_aead_authsize(authenc), 1); | ||
| 162 | |||
| 163 | out: | ||
| 164 | aead_request_complete(req, err); | ||
| 165 | } | ||
| 166 | |||
| 167 | static void authenc_verify_ahash_update_done(struct crypto_async_request *areq, | ||
| 168 | int err) | ||
| 109 | { | 169 | { |
| 170 | u8 *ihash; | ||
| 171 | unsigned int authsize; | ||
| 172 | struct ablkcipher_request *abreq; | ||
| 173 | struct aead_request *req = areq->data; | ||
| 110 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 174 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
| 111 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | 175 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); |
| 112 | struct crypto_hash *auth = ctx->auth; | 176 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); |
| 113 | struct hash_desc desc = { | 177 | struct ahash_request *ahreq = (void *)(areq_ctx->tail + ctx->reqoff); |
| 114 | .tfm = auth, | 178 | |
| 115 | .flags = aead_request_flags(req) & flags, | 179 | if (err) |
| 116 | }; | 180 | goto out; |
| 117 | u8 *hash = aead_request_ctx(req); | 181 | |
| 182 | ahash_request_set_crypt(ahreq, areq_ctx->sg, ahreq->result, | ||
| 183 | areq_ctx->cryptlen); | ||
| 184 | ahash_request_set_callback(ahreq, aead_request_flags(req) & | ||
| 185 | CRYPTO_TFM_REQ_MAY_SLEEP, | ||
| 186 | areq_ctx->complete, req); | ||
| 187 | |||
| 188 | err = crypto_ahash_finup(ahreq); | ||
| 189 | if (err) | ||
| 190 | goto out; | ||
| 191 | |||
| 192 | authsize = crypto_aead_authsize(authenc); | ||
| 193 | ihash = ahreq->result + authsize; | ||
| 194 | scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, | ||
| 195 | authsize, 0); | ||
| 196 | |||
| 197 | err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG: 0; | ||
| 198 | if (err) | ||
| 199 | goto out; | ||
| 200 | |||
| 201 | abreq = aead_request_ctx(req); | ||
| 202 | ablkcipher_request_set_tfm(abreq, ctx->enc); | ||
| 203 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), | ||
| 204 | req->base.complete, req->base.data); | ||
| 205 | ablkcipher_request_set_crypt(abreq, req->src, req->dst, | ||
| 206 | req->cryptlen, req->iv); | ||
| 207 | |||
| 208 | err = crypto_ablkcipher_decrypt(abreq); | ||
| 209 | |||
| 210 | out: | ||
| 211 | aead_request_complete(req, err); | ||
| 212 | } | ||
| 213 | |||
| 214 | static void authenc_verify_ahash_done(struct crypto_async_request *areq, | ||
| 215 | int err) | ||
| 216 | { | ||
| 217 | u8 *ihash; | ||
| 218 | unsigned int authsize; | ||
| 219 | struct ablkcipher_request *abreq; | ||
| 220 | struct aead_request *req = areq->data; | ||
| 221 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | ||
| 222 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | ||
| 223 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | ||
| 224 | struct ahash_request *ahreq = (void *)(areq_ctx->tail + ctx->reqoff); | ||
| 225 | |||
| 226 | if (err) | ||
| 227 | goto out; | ||
| 228 | |||
| 229 | authsize = crypto_aead_authsize(authenc); | ||
| 230 | ihash = ahreq->result + authsize; | ||
| 231 | scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, | ||
| 232 | authsize, 0); | ||
| 233 | |||
| 234 | err = memcmp(ihash, ahreq->result, authsize) ? -EBADMSG: 0; | ||
| 235 | if (err) | ||
| 236 | goto out; | ||
| 237 | |||
| 238 | abreq = aead_request_ctx(req); | ||
| 239 | ablkcipher_request_set_tfm(abreq, ctx->enc); | ||
| 240 | ablkcipher_request_set_callback(abreq, aead_request_flags(req), | ||
| 241 | req->base.complete, req->base.data); | ||
| 242 | ablkcipher_request_set_crypt(abreq, req->src, req->dst, | ||
| 243 | req->cryptlen, req->iv); | ||
| 244 | |||
| 245 | err = crypto_ablkcipher_decrypt(abreq); | ||
| 246 | |||
| 247 | out: | ||
| 248 | aead_request_complete(req, err); | ||
| 249 | } | ||
| 250 | |||
| 251 | static u8 *crypto_authenc_ahash_fb(struct aead_request *req, unsigned int flags) | ||
| 252 | { | ||
| 253 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | ||
| 254 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | ||
| 255 | struct crypto_ahash *auth = ctx->auth; | ||
| 256 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | ||
| 257 | struct ahash_request *ahreq = (void *)(areq_ctx->tail + ctx->reqoff); | ||
| 258 | u8 *hash = areq_ctx->tail; | ||
| 118 | int err; | 259 | int err; |
| 119 | 260 | ||
| 120 | hash = (u8 *)ALIGN((unsigned long)hash + crypto_hash_alignmask(auth), | 261 | hash = (u8 *)ALIGN((unsigned long)hash + crypto_ahash_alignmask(auth), |
| 121 | crypto_hash_alignmask(auth) + 1); | 262 | crypto_ahash_alignmask(auth) + 1); |
| 263 | |||
| 264 | ahash_request_set_tfm(ahreq, auth); | ||
| 122 | 265 | ||
| 123 | spin_lock_bh(&ctx->auth_lock); | 266 | err = crypto_ahash_init(ahreq); |
| 124 | err = crypto_hash_init(&desc); | ||
| 125 | if (err) | 267 | if (err) |
| 126 | goto auth_unlock; | 268 | return ERR_PTR(err); |
| 269 | |||
| 270 | ahash_request_set_crypt(ahreq, req->assoc, hash, req->assoclen); | ||
| 271 | ahash_request_set_callback(ahreq, aead_request_flags(req) & flags, | ||
| 272 | areq_ctx->update_complete, req); | ||
| 127 | 273 | ||
| 128 | err = crypto_hash_update(&desc, req->assoc, req->assoclen); | 274 | err = crypto_ahash_update(ahreq); |
| 129 | if (err) | 275 | if (err) |
| 130 | goto auth_unlock; | 276 | return ERR_PTR(err); |
| 277 | |||
| 278 | ahash_request_set_crypt(ahreq, areq_ctx->sg, hash, | ||
| 279 | areq_ctx->cryptlen); | ||
| 280 | ahash_request_set_callback(ahreq, aead_request_flags(req) & flags, | ||
| 281 | areq_ctx->complete, req); | ||
| 131 | 282 | ||
| 132 | err = crypto_hash_update(&desc, cipher, cryptlen); | 283 | err = crypto_ahash_finup(ahreq); |
| 133 | if (err) | 284 | if (err) |
| 134 | goto auth_unlock; | 285 | return ERR_PTR(err); |
| 135 | 286 | ||
| 136 | err = crypto_hash_final(&desc, hash); | 287 | return hash; |
| 137 | auth_unlock: | 288 | } |
| 138 | spin_unlock_bh(&ctx->auth_lock); | 289 | |
| 290 | static u8 *crypto_authenc_ahash(struct aead_request *req, unsigned int flags) | ||
| 291 | { | ||
| 292 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | ||
| 293 | struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); | ||
| 294 | struct crypto_ahash *auth = ctx->auth; | ||
| 295 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | ||
| 296 | struct ahash_request *ahreq = (void *)(areq_ctx->tail + ctx->reqoff); | ||
| 297 | u8 *hash = areq_ctx->tail; | ||
| 298 | int err; | ||
| 139 | 299 | ||
| 300 | hash = (u8 *)ALIGN((unsigned long)hash + crypto_ahash_alignmask(auth), | ||
| 301 | crypto_ahash_alignmask(auth) + 1); | ||
| 302 | |||
| 303 | ahash_request_set_tfm(ahreq, auth); | ||
| 304 | ahash_request_set_crypt(ahreq, areq_ctx->sg, hash, | ||
| 305 | areq_ctx->cryptlen); | ||
| 306 | ahash_request_set_callback(ahreq, aead_request_flags(req) & flags, | ||
| 307 | areq_ctx->complete, req); | ||
| 308 | |||
| 309 | err = crypto_ahash_digest(ahreq); | ||
| 140 | if (err) | 310 | if (err) |
| 141 | return ERR_PTR(err); | 311 | return ERR_PTR(err); |
| 142 | 312 | ||
| @@ -147,11 +317,15 @@ static int crypto_authenc_genicv(struct aead_request *req, u8 *iv, | |||
| 147 | unsigned int flags) | 317 | unsigned int flags) |
| 148 | { | 318 | { |
| 149 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 319 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
| 320 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | ||
| 150 | struct scatterlist *dst = req->dst; | 321 | struct scatterlist *dst = req->dst; |
| 151 | struct scatterlist cipher[2]; | 322 | struct scatterlist *assoc = req->assoc; |
| 152 | struct page *dstp; | 323 | struct scatterlist *cipher = areq_ctx->cipher; |
| 324 | struct scatterlist *asg = areq_ctx->asg; | ||
| 153 | unsigned int ivsize = crypto_aead_ivsize(authenc); | 325 | unsigned int ivsize = crypto_aead_ivsize(authenc); |
| 154 | unsigned int cryptlen; | 326 | unsigned int cryptlen = req->cryptlen; |
| 327 | authenc_ahash_t authenc_ahash_fn = crypto_authenc_ahash_fb; | ||
| 328 | struct page *dstp; | ||
| 155 | u8 *vdst; | 329 | u8 *vdst; |
| 156 | u8 *hash; | 330 | u8 *hash; |
| 157 | 331 | ||
| @@ -163,10 +337,25 @@ static int crypto_authenc_genicv(struct aead_request *req, u8 *iv, | |||
| 163 | sg_set_buf(cipher, iv, ivsize); | 337 | sg_set_buf(cipher, iv, ivsize); |
| 164 | authenc_chain(cipher, dst, vdst == iv + ivsize); | 338 | authenc_chain(cipher, dst, vdst == iv + ivsize); |
| 165 | dst = cipher; | 339 | dst = cipher; |
| 340 | cryptlen += ivsize; | ||
| 166 | } | 341 | } |
| 167 | 342 | ||
| 168 | cryptlen = req->cryptlen + ivsize; | 343 | if (sg_is_last(assoc)) { |
| 169 | hash = crypto_authenc_hash(req, flags, dst, cryptlen); | 344 | authenc_ahash_fn = crypto_authenc_ahash; |
| 345 | sg_init_table(asg, 2); | ||
| 346 | sg_set_page(asg, sg_page(assoc), assoc->length, assoc->offset); | ||
| 347 | authenc_chain(asg, dst, 0); | ||
| 348 | dst = asg; | ||
| 349 | cryptlen += req->assoclen; | ||
| 350 | } | ||
| 351 | |||
| 352 | areq_ctx->cryptlen = cryptlen; | ||
| 353 | areq_ctx->sg = dst; | ||
| 354 | |||
| 355 | areq_ctx->complete = authenc_geniv_ahash_done; | ||
| 356 | areq_ctx->update_complete = authenc_geniv_ahash_update_done; | ||
| 357 | |||
| 358 | hash = authenc_ahash_fn(req, flags); | ||
| 170 | if (IS_ERR(hash)) | 359 | if (IS_ERR(hash)) |
| 171 | return PTR_ERR(hash); | 360 | return PTR_ERR(hash); |
| 172 | 361 | ||
| @@ -256,22 +445,25 @@ static int crypto_authenc_givencrypt(struct aead_givcrypt_request *req) | |||
| 256 | } | 445 | } |
| 257 | 446 | ||
| 258 | static int crypto_authenc_verify(struct aead_request *req, | 447 | static int crypto_authenc_verify(struct aead_request *req, |
| 259 | struct scatterlist *cipher, | 448 | authenc_ahash_t authenc_ahash_fn) |
| 260 | unsigned int cryptlen) | ||
| 261 | { | 449 | { |
| 262 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 450 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
| 451 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | ||
| 263 | u8 *ohash; | 452 | u8 *ohash; |
| 264 | u8 *ihash; | 453 | u8 *ihash; |
| 265 | unsigned int authsize; | 454 | unsigned int authsize; |
| 266 | 455 | ||
| 267 | ohash = crypto_authenc_hash(req, CRYPTO_TFM_REQ_MAY_SLEEP, cipher, | 456 | areq_ctx->complete = authenc_verify_ahash_done; |
| 268 | cryptlen); | 457 | areq_ctx->complete = authenc_verify_ahash_update_done; |
| 458 | |||
| 459 | ohash = authenc_ahash_fn(req, CRYPTO_TFM_REQ_MAY_SLEEP); | ||
| 269 | if (IS_ERR(ohash)) | 460 | if (IS_ERR(ohash)) |
| 270 | return PTR_ERR(ohash); | 461 | return PTR_ERR(ohash); |
| 271 | 462 | ||
| 272 | authsize = crypto_aead_authsize(authenc); | 463 | authsize = crypto_aead_authsize(authenc); |
| 273 | ihash = ohash + authsize; | 464 | ihash = ohash + authsize; |
| 274 | scatterwalk_map_and_copy(ihash, cipher, cryptlen, authsize, 0); | 465 | scatterwalk_map_and_copy(ihash, areq_ctx->sg, areq_ctx->cryptlen, |
| 466 | authsize, 0); | ||
| 275 | return memcmp(ihash, ohash, authsize) ? -EBADMSG: 0; | 467 | return memcmp(ihash, ohash, authsize) ? -EBADMSG: 0; |
| 276 | } | 468 | } |
| 277 | 469 | ||
| @@ -279,10 +471,14 @@ static int crypto_authenc_iverify(struct aead_request *req, u8 *iv, | |||
| 279 | unsigned int cryptlen) | 471 | unsigned int cryptlen) |
| 280 | { | 472 | { |
| 281 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); | 473 | struct crypto_aead *authenc = crypto_aead_reqtfm(req); |
| 474 | struct authenc_request_ctx *areq_ctx = aead_request_ctx(req); | ||
| 282 | struct scatterlist *src = req->src; | 475 | struct scatterlist *src = req->src; |
| 283 | struct scatterlist cipher[2]; | 476 | struct scatterlist *assoc = req->assoc; |
| 284 | struct page *srcp; | 477 | struct scatterlist *cipher = areq_ctx->cipher; |
| 478 | struct scatterlist *asg = areq_ctx->asg; | ||
| 285 | unsigned int ivsize = crypto_aead_ivsize(authenc); | 479 | unsigned int ivsize = crypto_aead_ivsize(authenc); |
| 480 | authenc_ahash_t authenc_ahash_fn = crypto_authenc_ahash_fb; | ||
| 481 | struct page *srcp; | ||
| 286 | u8 *vsrc; | 482 | u8 *vsrc; |
| 287 | 483 | ||
| 288 | srcp = sg_page(src); | 484 | srcp = sg_page(src); |
| @@ -293,9 +489,22 @@ static int crypto_authenc_iverify(struct aead_request *req, u8 *iv, | |||
| 293 | sg_set_buf(cipher, iv, ivsize); | 489 | sg_set_buf(cipher, iv, ivsize); |
| 294 | authenc_chain(cipher, src, vsrc == iv + ivsize); | 490 | authenc_chain(cipher, src, vsrc == iv + ivsize); |
| 295 | src = cipher; | 491 | src = cipher; |
| 492 | cryptlen += ivsize; | ||
| 493 | } | ||
| 494 | |||
| 495 | if (sg_is_last(assoc)) { | ||
| 496 | authenc_ahash_fn = crypto_authenc_ahash; | ||
| 497 | sg_init_table(asg, 2); | ||
| 498 | sg_set_page(asg, sg_page(assoc), assoc->length, assoc->offset); | ||
| 499 | authenc_chain(asg, src, 0); | ||
| 500 | src = asg; | ||
| 501 | cryptlen += req->assoclen; | ||
| 296 | } | 502 | } |
| 297 | 503 | ||
| 298 | return crypto_authenc_verify(req, src, cryptlen + ivsize); | 504 | areq_ctx->cryptlen = cryptlen; |
| 505 | areq_ctx->sg = src; | ||
| 506 | |||
| 507 | return crypto_authenc_verify(req, authenc_ahash_fn); | ||
| 299 | } | 508 | } |
| 300 | 509 | ||
| 301 | static int crypto_authenc_decrypt(struct aead_request *req) | 510 | static int crypto_authenc_decrypt(struct aead_request *req) |
| @@ -326,38 +535,41 @@ static int crypto_authenc_decrypt(struct aead_request *req) | |||
| 326 | 535 | ||
| 327 | static int crypto_authenc_init_tfm(struct crypto_tfm *tfm) | 536 | static int crypto_authenc_init_tfm(struct crypto_tfm *tfm) |
| 328 | { | 537 | { |
| 329 | struct crypto_instance *inst = (void *)tfm->__crt_alg; | 538 | struct crypto_instance *inst = crypto_tfm_alg_instance(tfm); |
| 330 | struct authenc_instance_ctx *ictx = crypto_instance_ctx(inst); | 539 | struct authenc_instance_ctx *ictx = crypto_instance_ctx(inst); |
| 331 | struct crypto_authenc_ctx *ctx = crypto_tfm_ctx(tfm); | 540 | struct crypto_authenc_ctx *ctx = crypto_tfm_ctx(tfm); |
| 332 | struct crypto_hash *auth; | 541 | struct crypto_ahash *auth; |
| 333 | struct crypto_ablkcipher *enc; | 542 | struct crypto_ablkcipher *enc; |
| 334 | int err; | 543 | int err; |
| 335 | 544 | ||
| 336 | auth = crypto_spawn_hash(&ictx->auth); | 545 | auth = crypto_spawn_ahash(&ictx->auth); |
| 337 | if (IS_ERR(auth)) | 546 | if (IS_ERR(auth)) |
| 338 | return PTR_ERR(auth); | 547 | return PTR_ERR(auth); |
| 339 | 548 | ||
| 549 | ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) + | ||
| 550 | crypto_ahash_alignmask(auth), | ||
| 551 | crypto_ahash_alignmask(auth) + 1); | ||
| 552 | |||
| 340 | enc = crypto_spawn_skcipher(&ictx->enc); | 553 | enc = crypto_spawn_skcipher(&ictx->enc); |
| 341 | err = PTR_ERR(enc); | 554 | err = PTR_ERR(enc); |
| 342 | if (IS_ERR(enc)) | 555 | if (IS_ERR(enc)) |
| 343 | goto err_free_hash; | 556 | goto err_free_ahash; |
| 344 | 557 | ||
| 345 | ctx->auth = auth; | 558 | ctx->auth = auth; |
| 346 | ctx->enc = enc; | 559 | ctx->enc = enc; |
| 560 | |||
| 347 | tfm->crt_aead.reqsize = max_t(unsigned int, | 561 | tfm->crt_aead.reqsize = max_t(unsigned int, |
| 348 | (crypto_hash_alignmask(auth) & | 562 | crypto_ahash_reqsize(auth) + ctx->reqoff + |
| 349 | ~(crypto_tfm_ctx_alignment() - 1)) + | 563 | sizeof(struct authenc_request_ctx) + |
| 350 | crypto_hash_digestsize(auth) * 2, | 564 | sizeof(struct ahash_request), |
| 351 | sizeof(struct skcipher_givcrypt_request) + | 565 | sizeof(struct skcipher_givcrypt_request) + |
| 352 | crypto_ablkcipher_reqsize(enc) + | 566 | crypto_ablkcipher_reqsize(enc) + |
| 353 | crypto_ablkcipher_ivsize(enc)); | 567 | crypto_ablkcipher_ivsize(enc)); |
| 354 | |||
| 355 | spin_lock_init(&ctx->auth_lock); | ||
| 356 | 568 | ||
| 357 | return 0; | 569 | return 0; |
| 358 | 570 | ||
| 359 | err_free_hash: | 571 | err_free_ahash: |
| 360 | crypto_free_hash(auth); | 572 | crypto_free_ahash(auth); |
| 361 | return err; | 573 | return err; |
| 362 | } | 574 | } |
| 363 | 575 | ||
| @@ -365,7 +577,7 @@ static void crypto_authenc_exit_tfm(struct crypto_tfm *tfm) | |||
| 365 | { | 577 | { |
| 366 | struct crypto_authenc_ctx *ctx = crypto_tfm_ctx(tfm); | 578 | struct crypto_authenc_ctx *ctx = crypto_tfm_ctx(tfm); |
| 367 | 579 | ||
| 368 | crypto_free_hash(ctx->auth); | 580 | crypto_free_ahash(ctx->auth); |
| 369 | crypto_free_ablkcipher(ctx->enc); | 581 | crypto_free_ablkcipher(ctx->enc); |
| 370 | } | 582 | } |
| 371 | 583 | ||
| @@ -373,7 +585,8 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) | |||
| 373 | { | 585 | { |
| 374 | struct crypto_attr_type *algt; | 586 | struct crypto_attr_type *algt; |
| 375 | struct crypto_instance *inst; | 587 | struct crypto_instance *inst; |
| 376 | struct crypto_alg *auth; | 588 | struct hash_alg_common *auth; |
| 589 | struct crypto_alg *auth_base; | ||
| 377 | struct crypto_alg *enc; | 590 | struct crypto_alg *enc; |
| 378 | struct authenc_instance_ctx *ctx; | 591 | struct authenc_instance_ctx *ctx; |
| 379 | const char *enc_name; | 592 | const char *enc_name; |
| @@ -387,11 +600,13 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) | |||
| 387 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask) | 600 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask) |
| 388 | return ERR_PTR(-EINVAL); | 601 | return ERR_PTR(-EINVAL); |
| 389 | 602 | ||
| 390 | auth = crypto_attr_alg(tb[1], CRYPTO_ALG_TYPE_HASH, | 603 | auth = ahash_attr_alg(tb[1], CRYPTO_ALG_TYPE_HASH, |
| 391 | CRYPTO_ALG_TYPE_HASH_MASK); | 604 | CRYPTO_ALG_TYPE_AHASH_MASK); |
| 392 | if (IS_ERR(auth)) | 605 | if (IS_ERR(auth)) |
| 393 | return ERR_PTR(PTR_ERR(auth)); | 606 | return ERR_PTR(PTR_ERR(auth)); |
| 394 | 607 | ||
| 608 | auth_base = &auth->base; | ||
| 609 | |||
| 395 | enc_name = crypto_attr_alg_name(tb[2]); | 610 | enc_name = crypto_attr_alg_name(tb[2]); |
| 396 | err = PTR_ERR(enc_name); | 611 | err = PTR_ERR(enc_name); |
| 397 | if (IS_ERR(enc_name)) | 612 | if (IS_ERR(enc_name)) |
| @@ -404,7 +619,7 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) | |||
| 404 | 619 | ||
| 405 | ctx = crypto_instance_ctx(inst); | 620 | ctx = crypto_instance_ctx(inst); |
| 406 | 621 | ||
| 407 | err = crypto_init_spawn(&ctx->auth, auth, inst, CRYPTO_ALG_TYPE_MASK); | 622 | err = crypto_init_ahash_spawn(&ctx->auth, auth, inst); |
| 408 | if (err) | 623 | if (err) |
| 409 | goto err_free_inst; | 624 | goto err_free_inst; |
| 410 | 625 | ||
| @@ -419,28 +634,25 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) | |||
| 419 | 634 | ||
| 420 | err = -ENAMETOOLONG; | 635 | err = -ENAMETOOLONG; |
| 421 | if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, | 636 | if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, |
| 422 | "authenc(%s,%s)", auth->cra_name, enc->cra_name) >= | 637 | "authenc(%s,%s)", auth_base->cra_name, enc->cra_name) >= |
| 423 | CRYPTO_MAX_ALG_NAME) | 638 | CRYPTO_MAX_ALG_NAME) |
| 424 | goto err_drop_enc; | 639 | goto err_drop_enc; |
| 425 | 640 | ||
| 426 | if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, | 641 | if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, |
| 427 | "authenc(%s,%s)", auth->cra_driver_name, | 642 | "authenc(%s,%s)", auth_base->cra_driver_name, |
| 428 | enc->cra_driver_name) >= CRYPTO_MAX_ALG_NAME) | 643 | enc->cra_driver_name) >= CRYPTO_MAX_ALG_NAME) |
| 429 | goto err_drop_enc; | 644 | goto err_drop_enc; |
| 430 | 645 | ||
| 431 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD; | 646 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_AEAD; |
| 432 | inst->alg.cra_flags |= enc->cra_flags & CRYPTO_ALG_ASYNC; | 647 | inst->alg.cra_flags |= enc->cra_flags & CRYPTO_ALG_ASYNC; |
| 433 | inst->alg.cra_priority = enc->cra_priority * 10 + auth->cra_priority; | 648 | inst->alg.cra_priority = enc->cra_priority * |
| 649 | 10 + auth_base->cra_priority; | ||
| 434 | inst->alg.cra_blocksize = enc->cra_blocksize; | 650 | inst->alg.cra_blocksize = enc->cra_blocksize; |
| 435 | inst->alg.cra_alignmask = auth->cra_alignmask | enc->cra_alignmask; | 651 | inst->alg.cra_alignmask = auth_base->cra_alignmask | enc->cra_alignmask; |
| 436 | inst->alg.cra_type = &crypto_aead_type; | 652 | inst->alg.cra_type = &crypto_aead_type; |
| 437 | 653 | ||
| 438 | inst->alg.cra_aead.ivsize = enc->cra_ablkcipher.ivsize; | 654 | inst->alg.cra_aead.ivsize = enc->cra_ablkcipher.ivsize; |
| 439 | inst->alg.cra_aead.maxauthsize = auth->cra_type == &crypto_hash_type ? | 655 | inst->alg.cra_aead.maxauthsize = auth->digestsize; |
| 440 | auth->cra_hash.digestsize : | ||
| 441 | auth->cra_type ? | ||
| 442 | __crypto_shash_alg(auth)->digestsize : | ||
| 443 | auth->cra_digest.dia_digestsize; | ||
| 444 | 656 | ||
| 445 | inst->alg.cra_ctxsize = sizeof(struct crypto_authenc_ctx); | 657 | inst->alg.cra_ctxsize = sizeof(struct crypto_authenc_ctx); |
| 446 | 658 | ||
| @@ -453,13 +665,13 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) | |||
| 453 | inst->alg.cra_aead.givencrypt = crypto_authenc_givencrypt; | 665 | inst->alg.cra_aead.givencrypt = crypto_authenc_givencrypt; |
| 454 | 666 | ||
| 455 | out: | 667 | out: |
| 456 | crypto_mod_put(auth); | 668 | crypto_mod_put(auth_base); |
| 457 | return inst; | 669 | return inst; |
| 458 | 670 | ||
| 459 | err_drop_enc: | 671 | err_drop_enc: |
| 460 | crypto_drop_skcipher(&ctx->enc); | 672 | crypto_drop_skcipher(&ctx->enc); |
| 461 | err_drop_auth: | 673 | err_drop_auth: |
| 462 | crypto_drop_spawn(&ctx->auth); | 674 | crypto_drop_ahash(&ctx->auth); |
| 463 | err_free_inst: | 675 | err_free_inst: |
| 464 | kfree(inst); | 676 | kfree(inst); |
| 465 | out_put_auth: | 677 | out_put_auth: |
| @@ -472,7 +684,7 @@ static void crypto_authenc_free(struct crypto_instance *inst) | |||
| 472 | struct authenc_instance_ctx *ctx = crypto_instance_ctx(inst); | 684 | struct authenc_instance_ctx *ctx = crypto_instance_ctx(inst); |
| 473 | 685 | ||
| 474 | crypto_drop_skcipher(&ctx->enc); | 686 | crypto_drop_skcipher(&ctx->enc); |
| 475 | crypto_drop_spawn(&ctx->auth); | 687 | crypto_drop_ahash(&ctx->auth); |
| 476 | kfree(inst); | 688 | kfree(inst); |
| 477 | } | 689 | } |
| 478 | 690 | ||