blob: de81f716cf26468bf10a696f2cfda1492c113d3e
1 | /* |
2 | * PCBC: Propagating Cipher Block Chaining mode |
3 | * |
4 | * Copyright (C) 2006 Red Hat, Inc. All Rights Reserved. |
5 | * Written by David Howells (dhowells@redhat.com) |
6 | * |
7 | * Derived from cbc.c |
8 | * - Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au> |
9 | * |
10 | * This program is free software; you can redistribute it and/or modify it |
11 | * under the terms of the GNU General Public License as published by the Free |
12 | * Software Foundation; either version 2 of the License, or (at your option) |
13 | * any later version. |
14 | * |
15 | */ |
16 | |
17 | #include <crypto/algapi.h> |
18 | #include <linux/err.h> |
19 | #include <linux/init.h> |
20 | #include <linux/kernel.h> |
21 | #include <linux/module.h> |
22 | #include <linux/scatterlist.h> |
23 | #include <linux/slab.h> |
24 | |
25 | struct crypto_pcbc_ctx { |
26 | struct crypto_cipher *child; |
27 | }; |
28 | |
29 | static int crypto_pcbc_setkey(struct crypto_tfm *parent, const u8 *key, |
30 | unsigned int keylen) |
31 | { |
32 | struct crypto_pcbc_ctx *ctx = crypto_tfm_ctx(parent); |
33 | struct crypto_cipher *child = ctx->child; |
34 | int err; |
35 | |
36 | crypto_cipher_clear_flags(child, CRYPTO_TFM_REQ_MASK); |
37 | crypto_cipher_set_flags(child, crypto_tfm_get_flags(parent) & |
38 | CRYPTO_TFM_REQ_MASK); |
39 | err = crypto_cipher_setkey(child, key, keylen); |
40 | crypto_tfm_set_flags(parent, crypto_cipher_get_flags(child) & |
41 | CRYPTO_TFM_RES_MASK); |
42 | return err; |
43 | } |
44 | |
45 | static int crypto_pcbc_encrypt_segment(struct blkcipher_desc *desc, |
46 | struct blkcipher_walk *walk, |
47 | struct crypto_cipher *tfm) |
48 | { |
49 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
50 | crypto_cipher_alg(tfm)->cia_encrypt; |
51 | int bsize = crypto_cipher_blocksize(tfm); |
52 | unsigned int nbytes = walk->nbytes; |
53 | u8 *src = walk->src.virt.addr; |
54 | u8 *dst = walk->dst.virt.addr; |
55 | u8 * const iv = walk->iv; |
56 | |
57 | do { |
58 | crypto_xor(iv, src, bsize); |
59 | fn(crypto_cipher_tfm(tfm), dst, iv); |
60 | memcpy(iv, dst, bsize); |
61 | crypto_xor(iv, src, bsize); |
62 | |
63 | src += bsize; |
64 | dst += bsize; |
65 | } while ((nbytes -= bsize) >= bsize); |
66 | |
67 | return nbytes; |
68 | } |
69 | |
70 | static int crypto_pcbc_encrypt_inplace(struct blkcipher_desc *desc, |
71 | struct blkcipher_walk *walk, |
72 | struct crypto_cipher *tfm) |
73 | { |
74 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
75 | crypto_cipher_alg(tfm)->cia_encrypt; |
76 | int bsize = crypto_cipher_blocksize(tfm); |
77 | unsigned int nbytes = walk->nbytes; |
78 | u8 *src = walk->src.virt.addr; |
79 | u8 * const iv = walk->iv; |
80 | u8 tmpbuf[bsize]; |
81 | |
82 | do { |
83 | memcpy(tmpbuf, src, bsize); |
84 | crypto_xor(iv, src, bsize); |
85 | fn(crypto_cipher_tfm(tfm), src, iv); |
86 | memcpy(iv, tmpbuf, bsize); |
87 | crypto_xor(iv, src, bsize); |
88 | |
89 | src += bsize; |
90 | } while ((nbytes -= bsize) >= bsize); |
91 | |
92 | return nbytes; |
93 | } |
94 | |
95 | static int crypto_pcbc_encrypt(struct blkcipher_desc *desc, |
96 | struct scatterlist *dst, struct scatterlist *src, |
97 | unsigned int nbytes) |
98 | { |
99 | struct blkcipher_walk walk; |
100 | struct crypto_blkcipher *tfm = desc->tfm; |
101 | struct crypto_pcbc_ctx *ctx = crypto_blkcipher_ctx(tfm); |
102 | struct crypto_cipher *child = ctx->child; |
103 | int err; |
104 | |
105 | blkcipher_walk_init(&walk, dst, src, nbytes); |
106 | err = blkcipher_walk_virt(desc, &walk); |
107 | |
108 | while ((nbytes = walk.nbytes)) { |
109 | if (walk.src.virt.addr == walk.dst.virt.addr) |
110 | nbytes = crypto_pcbc_encrypt_inplace(desc, &walk, |
111 | child); |
112 | else |
113 | nbytes = crypto_pcbc_encrypt_segment(desc, &walk, |
114 | child); |
115 | err = blkcipher_walk_done(desc, &walk, nbytes); |
116 | } |
117 | |
118 | return err; |
119 | } |
120 | |
121 | static int crypto_pcbc_decrypt_segment(struct blkcipher_desc *desc, |
122 | struct blkcipher_walk *walk, |
123 | struct crypto_cipher *tfm) |
124 | { |
125 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
126 | crypto_cipher_alg(tfm)->cia_decrypt; |
127 | int bsize = crypto_cipher_blocksize(tfm); |
128 | unsigned int nbytes = walk->nbytes; |
129 | u8 *src = walk->src.virt.addr; |
130 | u8 *dst = walk->dst.virt.addr; |
131 | u8 * const iv = walk->iv; |
132 | |
133 | do { |
134 | fn(crypto_cipher_tfm(tfm), dst, src); |
135 | crypto_xor(dst, iv, bsize); |
136 | memcpy(iv, src, bsize); |
137 | crypto_xor(iv, dst, bsize); |
138 | |
139 | src += bsize; |
140 | dst += bsize; |
141 | } while ((nbytes -= bsize) >= bsize); |
142 | |
143 | return nbytes; |
144 | } |
145 | |
146 | static int crypto_pcbc_decrypt_inplace(struct blkcipher_desc *desc, |
147 | struct blkcipher_walk *walk, |
148 | struct crypto_cipher *tfm) |
149 | { |
150 | void (*fn)(struct crypto_tfm *, u8 *, const u8 *) = |
151 | crypto_cipher_alg(tfm)->cia_decrypt; |
152 | int bsize = crypto_cipher_blocksize(tfm); |
153 | unsigned int nbytes = walk->nbytes; |
154 | u8 *src = walk->src.virt.addr; |
155 | u8 * const iv = walk->iv; |
156 | u8 tmpbuf[bsize]; |
157 | |
158 | do { |
159 | memcpy(tmpbuf, src, bsize); |
160 | fn(crypto_cipher_tfm(tfm), src, src); |
161 | crypto_xor(src, iv, bsize); |
162 | memcpy(iv, tmpbuf, bsize); |
163 | crypto_xor(iv, src, bsize); |
164 | |
165 | src += bsize; |
166 | } while ((nbytes -= bsize) >= bsize); |
167 | |
168 | return nbytes; |
169 | } |
170 | |
171 | static int crypto_pcbc_decrypt(struct blkcipher_desc *desc, |
172 | struct scatterlist *dst, struct scatterlist *src, |
173 | unsigned int nbytes) |
174 | { |
175 | struct blkcipher_walk walk; |
176 | struct crypto_blkcipher *tfm = desc->tfm; |
177 | struct crypto_pcbc_ctx *ctx = crypto_blkcipher_ctx(tfm); |
178 | struct crypto_cipher *child = ctx->child; |
179 | int err; |
180 | |
181 | blkcipher_walk_init(&walk, dst, src, nbytes); |
182 | err = blkcipher_walk_virt(desc, &walk); |
183 | |
184 | while ((nbytes = walk.nbytes)) { |
185 | if (walk.src.virt.addr == walk.dst.virt.addr) |
186 | nbytes = crypto_pcbc_decrypt_inplace(desc, &walk, |
187 | child); |
188 | else |
189 | nbytes = crypto_pcbc_decrypt_segment(desc, &walk, |
190 | child); |
191 | err = blkcipher_walk_done(desc, &walk, nbytes); |
192 | } |
193 | |
194 | return err; |
195 | } |
196 | |
197 | static int crypto_pcbc_init_tfm(struct crypto_tfm *tfm) |
198 | { |
199 | struct crypto_instance *inst = (void *)tfm->__crt_alg; |
200 | struct crypto_spawn *spawn = crypto_instance_ctx(inst); |
201 | struct crypto_pcbc_ctx *ctx = crypto_tfm_ctx(tfm); |
202 | struct crypto_cipher *cipher; |
203 | |
204 | cipher = crypto_spawn_cipher(spawn); |
205 | if (IS_ERR(cipher)) |
206 | return PTR_ERR(cipher); |
207 | |
208 | ctx->child = cipher; |
209 | return 0; |
210 | } |
211 | |
212 | static void crypto_pcbc_exit_tfm(struct crypto_tfm *tfm) |
213 | { |
214 | struct crypto_pcbc_ctx *ctx = crypto_tfm_ctx(tfm); |
215 | crypto_free_cipher(ctx->child); |
216 | } |
217 | |
218 | static struct crypto_instance *crypto_pcbc_alloc(struct rtattr **tb) |
219 | { |
220 | struct crypto_instance *inst; |
221 | struct crypto_alg *alg; |
222 | int err; |
223 | |
224 | err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_BLKCIPHER); |
225 | if (err) |
226 | return ERR_PTR(err); |
227 | |
228 | alg = crypto_get_attr_alg(tb, CRYPTO_ALG_TYPE_CIPHER, |
229 | CRYPTO_ALG_TYPE_MASK); |
230 | if (IS_ERR(alg)) |
231 | return ERR_CAST(alg); |
232 | |
233 | inst = crypto_alloc_instance("pcbc", alg); |
234 | if (IS_ERR(inst)) |
235 | goto out_put_alg; |
236 | |
237 | inst->alg.cra_flags = CRYPTO_ALG_TYPE_BLKCIPHER; |
238 | inst->alg.cra_priority = alg->cra_priority; |
239 | inst->alg.cra_blocksize = alg->cra_blocksize; |
240 | inst->alg.cra_alignmask = alg->cra_alignmask; |
241 | inst->alg.cra_type = &crypto_blkcipher_type; |
242 | |
243 | /* We access the data as u32s when xoring. */ |
244 | inst->alg.cra_alignmask |= __alignof__(u32) - 1; |
245 | |
246 | inst->alg.cra_blkcipher.ivsize = alg->cra_blocksize; |
247 | inst->alg.cra_blkcipher.min_keysize = alg->cra_cipher.cia_min_keysize; |
248 | inst->alg.cra_blkcipher.max_keysize = alg->cra_cipher.cia_max_keysize; |
249 | |
250 | inst->alg.cra_ctxsize = sizeof(struct crypto_pcbc_ctx); |
251 | |
252 | inst->alg.cra_init = crypto_pcbc_init_tfm; |
253 | inst->alg.cra_exit = crypto_pcbc_exit_tfm; |
254 | |
255 | inst->alg.cra_blkcipher.setkey = crypto_pcbc_setkey; |
256 | inst->alg.cra_blkcipher.encrypt = crypto_pcbc_encrypt; |
257 | inst->alg.cra_blkcipher.decrypt = crypto_pcbc_decrypt; |
258 | |
259 | out_put_alg: |
260 | crypto_mod_put(alg); |
261 | return inst; |
262 | } |
263 | |
264 | static void crypto_pcbc_free(struct crypto_instance *inst) |
265 | { |
266 | crypto_drop_spawn(crypto_instance_ctx(inst)); |
267 | kfree(inst); |
268 | } |
269 | |
270 | static struct crypto_template crypto_pcbc_tmpl = { |
271 | .name = "pcbc", |
272 | .alloc = crypto_pcbc_alloc, |
273 | .free = crypto_pcbc_free, |
274 | .module = THIS_MODULE, |
275 | }; |
276 | |
277 | static int __init crypto_pcbc_module_init(void) |
278 | { |
279 | return crypto_register_template(&crypto_pcbc_tmpl); |
280 | } |
281 | |
282 | static void __exit crypto_pcbc_module_exit(void) |
283 | { |
284 | crypto_unregister_template(&crypto_pcbc_tmpl); |
285 | } |
286 | |
287 | module_init(crypto_pcbc_module_init); |
288 | module_exit(crypto_pcbc_module_exit); |
289 | |
290 | MODULE_LICENSE("GPL"); |
291 | MODULE_DESCRIPTION("PCBC block cipher algorithm"); |
292 | MODULE_ALIAS_CRYPTO("pcbc"); |
293 |