aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/drbg.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/drbg.c')
-rw-r--r--crypto/drbg.c79
1 files changed, 38 insertions, 41 deletions
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 54cfd4820abc..8c0a742b60f6 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -283,38 +283,6 @@ static inline void drbg_cpu_to_be32(__u32 val, unsigned char *buf)
283 283
284 conversion->conv = cpu_to_be32(val); 284 conversion->conv = cpu_to_be32(val);
285} 285}
286
287/*
288 * Increment buffer
289 *
290 * @dst buffer to increment
291 * @add value to add
292 */
293static inline void drbg_add_buf(unsigned char *dst, size_t dstlen,
294 const unsigned char *add, size_t addlen)
295{
296 /* implied: dstlen > addlen */
297 unsigned char *dstptr;
298 const unsigned char *addptr;
299 unsigned int remainder = 0;
300 size_t len = addlen;
301
302 dstptr = dst + (dstlen-1);
303 addptr = add + (addlen-1);
304 while (len) {
305 remainder += *dstptr + *addptr;
306 *dstptr = remainder & 0xff;
307 remainder >>= 8;
308 len--; dstptr--; addptr--;
309 }
310 len = dstlen - addlen;
311 while (len && remainder > 0) {
312 remainder = *dstptr + 1;
313 *dstptr = remainder & 0xff;
314 remainder >>= 8;
315 len--; dstptr--;
316 }
317}
318#endif /* defined(CONFIG_CRYPTO_DRBG_HASH) || defined(CONFIG_CRYPTO_DRBG_CTR) */ 286#endif /* defined(CONFIG_CRYPTO_DRBG_HASH) || defined(CONFIG_CRYPTO_DRBG_CTR) */
319 287
320/****************************************************************** 288/******************************************************************
@@ -554,7 +522,6 @@ static int drbg_ctr_update(struct drbg_state *drbg, struct list_head *seed,
554 unsigned char *temp_p, *df_data_p; /* pointer to iterate over buffers */ 522 unsigned char *temp_p, *df_data_p; /* pointer to iterate over buffers */
555 unsigned int len = 0; 523 unsigned int len = 0;
556 struct drbg_string cipherin; 524 struct drbg_string cipherin;
557 unsigned char prefix = DRBG_PREFIX1;
558 525
559 memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg)); 526 memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg));
560 if (3 > reseed) 527 if (3 > reseed)
@@ -574,7 +541,7 @@ static int drbg_ctr_update(struct drbg_state *drbg, struct list_head *seed,
574 */ 541 */
575 while (len < (drbg_statelen(drbg))) { 542 while (len < (drbg_statelen(drbg))) {
576 /* 10.2.1.2 step 2.1 */ 543 /* 10.2.1.2 step 2.1 */
577 drbg_add_buf(drbg->V, drbg_blocklen(drbg), &prefix, 1); 544 crypto_inc(drbg->V, drbg_blocklen(drbg));
578 /* 545 /*
579 * 10.2.1.2 step 2.2 */ 546 * 10.2.1.2 step 2.2 */
580 ret = drbg_kcapi_sym(drbg, drbg->C, temp + len, &cipherin); 547 ret = drbg_kcapi_sym(drbg, drbg->C, temp + len, &cipherin);
@@ -617,7 +584,6 @@ static int drbg_ctr_generate(struct drbg_state *drbg,
617 int len = 0; 584 int len = 0;
618 int ret = 0; 585 int ret = 0;
619 struct drbg_string data; 586 struct drbg_string data;
620 unsigned char prefix = DRBG_PREFIX1;
621 587
622 memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); 588 memset(drbg->scratchpad, 0, drbg_blocklen(drbg));
623 589
@@ -629,7 +595,7 @@ static int drbg_ctr_generate(struct drbg_state *drbg,
629 } 595 }
630 596
631 /* 10.2.1.5.2 step 4.1 */ 597 /* 10.2.1.5.2 step 4.1 */
632 drbg_add_buf(drbg->V, drbg_blocklen(drbg), &prefix, 1); 598 crypto_inc(drbg->V, drbg_blocklen(drbg));
633 drbg_string_fill(&data, drbg->V, drbg_blocklen(drbg)); 599 drbg_string_fill(&data, drbg->V, drbg_blocklen(drbg));
634 while (len < buflen) { 600 while (len < buflen) {
635 int outlen = 0; 601 int outlen = 0;
@@ -643,7 +609,7 @@ static int drbg_ctr_generate(struct drbg_state *drbg,
643 drbg_blocklen(drbg) : (buflen - len); 609 drbg_blocklen(drbg) : (buflen - len);
644 if (!drbg_fips_continuous_test(drbg, drbg->scratchpad)) { 610 if (!drbg_fips_continuous_test(drbg, drbg->scratchpad)) {
645 /* 10.2.1.5.2 step 6 */ 611 /* 10.2.1.5.2 step 6 */
646 drbg_add_buf(drbg->V, drbg_blocklen(drbg), &prefix, 1); 612 crypto_inc(drbg->V, drbg_blocklen(drbg));
647 continue; 613 continue;
648 } 614 }
649 /* 10.2.1.5.2 step 4.3 */ 615 /* 10.2.1.5.2 step 4.3 */
@@ -651,7 +617,7 @@ static int drbg_ctr_generate(struct drbg_state *drbg,
651 len += outlen; 617 len += outlen;
652 /* 10.2.1.5.2 step 6 */ 618 /* 10.2.1.5.2 step 6 */
653 if (len < buflen) 619 if (len < buflen)
654 drbg_add_buf(drbg->V, drbg_blocklen(drbg), &prefix, 1); 620 crypto_inc(drbg->V, drbg_blocklen(drbg));
655 } 621 }
656 622
657 /* 10.2.1.5.2 step 6 */ 623 /* 10.2.1.5.2 step 6 */
@@ -797,6 +763,38 @@ static struct drbg_state_ops drbg_hmac_ops = {
797#ifdef CONFIG_CRYPTO_DRBG_HASH 763#ifdef CONFIG_CRYPTO_DRBG_HASH
798#define CRYPTO_DRBG_HASH_STRING "HASH " 764#define CRYPTO_DRBG_HASH_STRING "HASH "
799/* 765/*
766 * Increment buffer
767 *
768 * @dst buffer to increment
769 * @add value to add
770 */
771static inline void drbg_add_buf(unsigned char *dst, size_t dstlen,
772 const unsigned char *add, size_t addlen)
773{
774 /* implied: dstlen > addlen */
775 unsigned char *dstptr;
776 const unsigned char *addptr;
777 unsigned int remainder = 0;
778 size_t len = addlen;
779
780 dstptr = dst + (dstlen-1);
781 addptr = add + (addlen-1);
782 while (len) {
783 remainder += *dstptr + *addptr;
784 *dstptr = remainder & 0xff;
785 remainder >>= 8;
786 len--; dstptr--; addptr--;
787 }
788 len = dstlen - addlen;
789 while (len && remainder > 0) {
790 remainder = *dstptr + 1;
791 *dstptr = remainder & 0xff;
792 remainder >>= 8;
793 len--; dstptr--;
794 }
795}
796
797/*
800 * scratchpad usage: as drbg_hash_update and drbg_hash_df are used 798 * scratchpad usage: as drbg_hash_update and drbg_hash_df are used
801 * interlinked, the scratchpad is used as follows: 799 * interlinked, the scratchpad is used as follows:
802 * drbg_hash_update 800 * drbg_hash_update
@@ -942,7 +940,6 @@ static int drbg_hash_hashgen(struct drbg_state *drbg,
942 unsigned char *dst = drbg->scratchpad + drbg_statelen(drbg); 940 unsigned char *dst = drbg->scratchpad + drbg_statelen(drbg);
943 struct drbg_string data; 941 struct drbg_string data;
944 LIST_HEAD(datalist); 942 LIST_HEAD(datalist);
945 unsigned char prefix = DRBG_PREFIX1;
946 943
947 memset(src, 0, drbg_statelen(drbg)); 944 memset(src, 0, drbg_statelen(drbg));
948 memset(dst, 0, drbg_blocklen(drbg)); 945 memset(dst, 0, drbg_blocklen(drbg));
@@ -963,7 +960,7 @@ static int drbg_hash_hashgen(struct drbg_state *drbg,
963 outlen = (drbg_blocklen(drbg) < (buflen - len)) ? 960 outlen = (drbg_blocklen(drbg) < (buflen - len)) ?
964 drbg_blocklen(drbg) : (buflen - len); 961 drbg_blocklen(drbg) : (buflen - len);
965 if (!drbg_fips_continuous_test(drbg, dst)) { 962 if (!drbg_fips_continuous_test(drbg, dst)) {
966 drbg_add_buf(src, drbg_statelen(drbg), &prefix, 1); 963 crypto_inc(src, drbg_statelen(drbg));
967 continue; 964 continue;
968 } 965 }
969 /* 10.1.1.4 step hashgen 4.2 */ 966 /* 10.1.1.4 step hashgen 4.2 */
@@ -971,7 +968,7 @@ static int drbg_hash_hashgen(struct drbg_state *drbg,
971 len += outlen; 968 len += outlen;
972 /* 10.1.1.4 hashgen step 4.3 */ 969 /* 10.1.1.4 hashgen step 4.3 */
973 if (len < buflen) 970 if (len < buflen)
974 drbg_add_buf(src, drbg_statelen(drbg), &prefix, 1); 971 crypto_inc(src, drbg_statelen(drbg));
975 } 972 }
976 973
977out: 974out: