blob: 93110d70c1d3061bf1640989addca4b8a5a2cb48
1 | /* |
2 | * Symmetric key cipher operations. |
3 | * |
4 | * Generic encrypt/decrypt wrapper for ciphers, handles operations across |
5 | * multiple page boundaries by using temporary blocks. In user context, |
6 | * the kernel is given a chance to schedule us once per page. |
7 | * |
8 | * Copyright (c) 2015 Herbert Xu <herbert@gondor.apana.org.au> |
9 | * |
10 | * This program is free software; you can redistribute it and/or modify it |
11 | * under the terms of the GNU General Public License as published by the Free |
12 | * Software Foundation; either version 2 of the License, or (at your option) |
13 | * any later version. |
14 | * |
15 | */ |
16 | |
17 | #include <crypto/internal/skcipher.h> |
18 | #include <linux/bug.h> |
19 | #include <linux/cryptouser.h> |
20 | #include <linux/module.h> |
21 | #include <linux/rtnetlink.h> |
22 | #include <linux/seq_file.h> |
23 | #include <net/netlink.h> |
24 | |
25 | #include "internal.h" |
26 | |
27 | static unsigned int crypto_skcipher_extsize(struct crypto_alg *alg) |
28 | { |
29 | if (alg->cra_type == &crypto_blkcipher_type) |
30 | return sizeof(struct crypto_blkcipher *); |
31 | |
32 | if (alg->cra_type == &crypto_ablkcipher_type || |
33 | alg->cra_type == &crypto_givcipher_type) |
34 | return sizeof(struct crypto_ablkcipher *); |
35 | |
36 | return crypto_alg_extsize(alg); |
37 | } |
38 | |
39 | static int skcipher_setkey_blkcipher(struct crypto_skcipher *tfm, |
40 | const u8 *key, unsigned int keylen) |
41 | { |
42 | struct crypto_blkcipher **ctx = crypto_skcipher_ctx(tfm); |
43 | struct crypto_blkcipher *blkcipher = *ctx; |
44 | int err; |
45 | |
46 | crypto_blkcipher_clear_flags(blkcipher, ~0); |
47 | crypto_blkcipher_set_flags(blkcipher, crypto_skcipher_get_flags(tfm) & |
48 | CRYPTO_TFM_REQ_MASK); |
49 | err = crypto_blkcipher_setkey(blkcipher, key, keylen); |
50 | crypto_skcipher_set_flags(tfm, crypto_blkcipher_get_flags(blkcipher) & |
51 | CRYPTO_TFM_RES_MASK); |
52 | |
53 | return err; |
54 | } |
55 | |
56 | static int skcipher_crypt_blkcipher(struct skcipher_request *req, |
57 | int (*crypt)(struct blkcipher_desc *, |
58 | struct scatterlist *, |
59 | struct scatterlist *, |
60 | unsigned int)) |
61 | { |
62 | struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); |
63 | struct crypto_blkcipher **ctx = crypto_skcipher_ctx(tfm); |
64 | struct blkcipher_desc desc = { |
65 | .tfm = *ctx, |
66 | .info = req->iv, |
67 | .flags = req->base.flags, |
68 | }; |
69 | |
70 | |
71 | return crypt(&desc, req->dst, req->src, req->cryptlen); |
72 | } |
73 | |
74 | static int skcipher_encrypt_blkcipher(struct skcipher_request *req) |
75 | { |
76 | struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); |
77 | struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); |
78 | struct blkcipher_alg *alg = &tfm->__crt_alg->cra_blkcipher; |
79 | |
80 | return skcipher_crypt_blkcipher(req, alg->encrypt); |
81 | } |
82 | |
83 | static int skcipher_decrypt_blkcipher(struct skcipher_request *req) |
84 | { |
85 | struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); |
86 | struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); |
87 | struct blkcipher_alg *alg = &tfm->__crt_alg->cra_blkcipher; |
88 | |
89 | return skcipher_crypt_blkcipher(req, alg->decrypt); |
90 | } |
91 | |
92 | static void crypto_exit_skcipher_ops_blkcipher(struct crypto_tfm *tfm) |
93 | { |
94 | struct crypto_blkcipher **ctx = crypto_tfm_ctx(tfm); |
95 | |
96 | crypto_free_blkcipher(*ctx); |
97 | } |
98 | |
99 | static int crypto_init_skcipher_ops_blkcipher(struct crypto_tfm *tfm) |
100 | { |
101 | struct crypto_alg *calg = tfm->__crt_alg; |
102 | struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm); |
103 | struct crypto_blkcipher **ctx = crypto_tfm_ctx(tfm); |
104 | struct crypto_blkcipher *blkcipher; |
105 | struct crypto_tfm *btfm; |
106 | |
107 | if (!crypto_mod_get(calg)) |
108 | return -EAGAIN; |
109 | |
110 | btfm = __crypto_alloc_tfm(calg, CRYPTO_ALG_TYPE_BLKCIPHER, |
111 | CRYPTO_ALG_TYPE_MASK); |
112 | if (IS_ERR(btfm)) { |
113 | crypto_mod_put(calg); |
114 | return PTR_ERR(btfm); |
115 | } |
116 | |
117 | blkcipher = __crypto_blkcipher_cast(btfm); |
118 | *ctx = blkcipher; |
119 | tfm->exit = crypto_exit_skcipher_ops_blkcipher; |
120 | |
121 | skcipher->setkey = skcipher_setkey_blkcipher; |
122 | skcipher->encrypt = skcipher_encrypt_blkcipher; |
123 | skcipher->decrypt = skcipher_decrypt_blkcipher; |
124 | |
125 | skcipher->ivsize = crypto_blkcipher_ivsize(blkcipher); |
126 | skcipher->keysize = calg->cra_blkcipher.max_keysize; |
127 | |
128 | return 0; |
129 | } |
130 | |
131 | static int skcipher_setkey_ablkcipher(struct crypto_skcipher *tfm, |
132 | const u8 *key, unsigned int keylen) |
133 | { |
134 | struct crypto_ablkcipher **ctx = crypto_skcipher_ctx(tfm); |
135 | struct crypto_ablkcipher *ablkcipher = *ctx; |
136 | int err; |
137 | |
138 | crypto_ablkcipher_clear_flags(ablkcipher, ~0); |
139 | crypto_ablkcipher_set_flags(ablkcipher, |
140 | crypto_skcipher_get_flags(tfm) & |
141 | CRYPTO_TFM_REQ_MASK); |
142 | err = crypto_ablkcipher_setkey(ablkcipher, key, keylen); |
143 | crypto_skcipher_set_flags(tfm, |
144 | crypto_ablkcipher_get_flags(ablkcipher) & |
145 | CRYPTO_TFM_RES_MASK); |
146 | |
147 | return err; |
148 | } |
149 | |
150 | static int skcipher_crypt_ablkcipher(struct skcipher_request *req, |
151 | int (*crypt)(struct ablkcipher_request *)) |
152 | { |
153 | struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); |
154 | struct crypto_ablkcipher **ctx = crypto_skcipher_ctx(tfm); |
155 | struct ablkcipher_request *subreq = skcipher_request_ctx(req); |
156 | |
157 | ablkcipher_request_set_tfm(subreq, *ctx); |
158 | ablkcipher_request_set_callback(subreq, skcipher_request_flags(req), |
159 | req->base.complete, req->base.data); |
160 | ablkcipher_request_set_crypt(subreq, req->src, req->dst, req->cryptlen, |
161 | req->iv); |
162 | |
163 | return crypt(subreq); |
164 | } |
165 | |
166 | static int skcipher_encrypt_ablkcipher(struct skcipher_request *req) |
167 | { |
168 | struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); |
169 | struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); |
170 | struct ablkcipher_alg *alg = &tfm->__crt_alg->cra_ablkcipher; |
171 | |
172 | return skcipher_crypt_ablkcipher(req, alg->encrypt); |
173 | } |
174 | |
175 | static int skcipher_decrypt_ablkcipher(struct skcipher_request *req) |
176 | { |
177 | struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); |
178 | struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); |
179 | struct ablkcipher_alg *alg = &tfm->__crt_alg->cra_ablkcipher; |
180 | |
181 | return skcipher_crypt_ablkcipher(req, alg->decrypt); |
182 | } |
183 | |
184 | static void crypto_exit_skcipher_ops_ablkcipher(struct crypto_tfm *tfm) |
185 | { |
186 | struct crypto_ablkcipher **ctx = crypto_tfm_ctx(tfm); |
187 | |
188 | crypto_free_ablkcipher(*ctx); |
189 | } |
190 | |
191 | static int crypto_init_skcipher_ops_ablkcipher(struct crypto_tfm *tfm) |
192 | { |
193 | struct crypto_alg *calg = tfm->__crt_alg; |
194 | struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm); |
195 | struct crypto_ablkcipher **ctx = crypto_tfm_ctx(tfm); |
196 | struct crypto_ablkcipher *ablkcipher; |
197 | struct crypto_tfm *abtfm; |
198 | |
199 | if (!crypto_mod_get(calg)) |
200 | return -EAGAIN; |
201 | |
202 | abtfm = __crypto_alloc_tfm(calg, 0, 0); |
203 | if (IS_ERR(abtfm)) { |
204 | crypto_mod_put(calg); |
205 | return PTR_ERR(abtfm); |
206 | } |
207 | |
208 | ablkcipher = __crypto_ablkcipher_cast(abtfm); |
209 | *ctx = ablkcipher; |
210 | tfm->exit = crypto_exit_skcipher_ops_ablkcipher; |
211 | |
212 | skcipher->setkey = skcipher_setkey_ablkcipher; |
213 | skcipher->encrypt = skcipher_encrypt_ablkcipher; |
214 | skcipher->decrypt = skcipher_decrypt_ablkcipher; |
215 | |
216 | skcipher->ivsize = crypto_ablkcipher_ivsize(ablkcipher); |
217 | skcipher->reqsize = crypto_ablkcipher_reqsize(ablkcipher) + |
218 | sizeof(struct ablkcipher_request); |
219 | skcipher->keysize = calg->cra_ablkcipher.max_keysize; |
220 | |
221 | return 0; |
222 | } |
223 | |
224 | static int skcipher_setkey_unaligned(struct crypto_skcipher *tfm, |
225 | const u8 *key, unsigned int keylen) |
226 | { |
227 | unsigned long alignmask = crypto_skcipher_alignmask(tfm); |
228 | struct skcipher_alg *cipher = crypto_skcipher_alg(tfm); |
229 | u8 *buffer, *alignbuffer; |
230 | unsigned long absize; |
231 | int ret; |
232 | |
233 | absize = keylen + alignmask; |
234 | buffer = kmalloc(absize, GFP_ATOMIC); |
235 | if (!buffer) |
236 | return -ENOMEM; |
237 | |
238 | alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1); |
239 | memcpy(alignbuffer, key, keylen); |
240 | ret = cipher->setkey(tfm, alignbuffer, keylen); |
241 | kzfree(buffer); |
242 | return ret; |
243 | } |
244 | |
245 | static int skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key, |
246 | unsigned int keylen) |
247 | { |
248 | struct skcipher_alg *cipher = crypto_skcipher_alg(tfm); |
249 | unsigned long alignmask = crypto_skcipher_alignmask(tfm); |
250 | |
251 | if (keylen < cipher->min_keysize || keylen > cipher->max_keysize) { |
252 | crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN); |
253 | return -EINVAL; |
254 | } |
255 | |
256 | if ((unsigned long)key & alignmask) |
257 | return skcipher_setkey_unaligned(tfm, key, keylen); |
258 | |
259 | return cipher->setkey(tfm, key, keylen); |
260 | } |
261 | |
262 | static void crypto_skcipher_exit_tfm(struct crypto_tfm *tfm) |
263 | { |
264 | struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm); |
265 | struct skcipher_alg *alg = crypto_skcipher_alg(skcipher); |
266 | |
267 | alg->exit(skcipher); |
268 | } |
269 | |
270 | static int crypto_skcipher_init_tfm(struct crypto_tfm *tfm) |
271 | { |
272 | struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm); |
273 | struct skcipher_alg *alg = crypto_skcipher_alg(skcipher); |
274 | |
275 | if (tfm->__crt_alg->cra_type == &crypto_blkcipher_type) |
276 | return crypto_init_skcipher_ops_blkcipher(tfm); |
277 | |
278 | if (tfm->__crt_alg->cra_type == &crypto_ablkcipher_type || |
279 | tfm->__crt_alg->cra_type == &crypto_givcipher_type) |
280 | return crypto_init_skcipher_ops_ablkcipher(tfm); |
281 | |
282 | skcipher->setkey = skcipher_setkey; |
283 | skcipher->encrypt = alg->encrypt; |
284 | skcipher->decrypt = alg->decrypt; |
285 | skcipher->ivsize = alg->ivsize; |
286 | skcipher->keysize = alg->max_keysize; |
287 | |
288 | if (alg->exit) |
289 | skcipher->base.exit = crypto_skcipher_exit_tfm; |
290 | |
291 | if (alg->init) |
292 | return alg->init(skcipher); |
293 | |
294 | return 0; |
295 | } |
296 | |
297 | static void crypto_skcipher_free_instance(struct crypto_instance *inst) |
298 | { |
299 | struct skcipher_instance *skcipher = |
300 | container_of(inst, struct skcipher_instance, s.base); |
301 | |
302 | skcipher->free(skcipher); |
303 | } |
304 | |
305 | static void crypto_skcipher_show(struct seq_file *m, struct crypto_alg *alg) |
306 | __attribute__ ((unused)); |
307 | static void crypto_skcipher_show(struct seq_file *m, struct crypto_alg *alg) |
308 | { |
309 | struct skcipher_alg *skcipher = container_of(alg, struct skcipher_alg, |
310 | base); |
311 | |
312 | seq_printf(m, "type : skcipher\n"); |
313 | seq_printf(m, "async : %s\n", |
314 | alg->cra_flags & CRYPTO_ALG_ASYNC ? "yes" : "no"); |
315 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); |
316 | seq_printf(m, "min keysize : %u\n", skcipher->min_keysize); |
317 | seq_printf(m, "max keysize : %u\n", skcipher->max_keysize); |
318 | seq_printf(m, "ivsize : %u\n", skcipher->ivsize); |
319 | seq_printf(m, "chunksize : %u\n", skcipher->chunksize); |
320 | } |
321 | |
322 | #ifdef CONFIG_NET |
323 | static int crypto_skcipher_report(struct sk_buff *skb, struct crypto_alg *alg) |
324 | { |
325 | struct crypto_report_blkcipher rblkcipher; |
326 | struct skcipher_alg *skcipher = container_of(alg, struct skcipher_alg, |
327 | base); |
328 | |
329 | strncpy(rblkcipher.type, "skcipher", sizeof(rblkcipher.type)); |
330 | strncpy(rblkcipher.geniv, "<none>", sizeof(rblkcipher.geniv)); |
331 | |
332 | rblkcipher.blocksize = alg->cra_blocksize; |
333 | rblkcipher.min_keysize = skcipher->min_keysize; |
334 | rblkcipher.max_keysize = skcipher->max_keysize; |
335 | rblkcipher.ivsize = skcipher->ivsize; |
336 | |
337 | if (nla_put(skb, CRYPTOCFGA_REPORT_BLKCIPHER, |
338 | sizeof(struct crypto_report_blkcipher), &rblkcipher)) |
339 | goto nla_put_failure; |
340 | return 0; |
341 | |
342 | nla_put_failure: |
343 | return -EMSGSIZE; |
344 | } |
345 | #else |
346 | static int crypto_skcipher_report(struct sk_buff *skb, struct crypto_alg *alg) |
347 | { |
348 | return -ENOSYS; |
349 | } |
350 | #endif |
351 | |
352 | static const struct crypto_type crypto_skcipher_type2 = { |
353 | .extsize = crypto_skcipher_extsize, |
354 | .init_tfm = crypto_skcipher_init_tfm, |
355 | .free = crypto_skcipher_free_instance, |
356 | #ifdef CONFIG_PROC_FS |
357 | .show = crypto_skcipher_show, |
358 | #endif |
359 | .report = crypto_skcipher_report, |
360 | .maskclear = ~CRYPTO_ALG_TYPE_MASK, |
361 | .maskset = CRYPTO_ALG_TYPE_BLKCIPHER_MASK, |
362 | .type = CRYPTO_ALG_TYPE_SKCIPHER, |
363 | .tfmsize = offsetof(struct crypto_skcipher, base), |
364 | }; |
365 | |
366 | int crypto_grab_skcipher(struct crypto_skcipher_spawn *spawn, |
367 | const char *name, u32 type, u32 mask) |
368 | { |
369 | spawn->base.frontend = &crypto_skcipher_type2; |
370 | return crypto_grab_spawn(&spawn->base, name, type, mask); |
371 | } |
372 | EXPORT_SYMBOL_GPL(crypto_grab_skcipher); |
373 | |
374 | struct crypto_skcipher *crypto_alloc_skcipher(const char *alg_name, |
375 | u32 type, u32 mask) |
376 | { |
377 | return crypto_alloc_tfm(alg_name, &crypto_skcipher_type2, type, mask); |
378 | } |
379 | EXPORT_SYMBOL_GPL(crypto_alloc_skcipher); |
380 | |
381 | int crypto_has_skcipher2(const char *alg_name, u32 type, u32 mask) |
382 | { |
383 | return crypto_type_has_alg(alg_name, &crypto_skcipher_type2, |
384 | type, mask); |
385 | } |
386 | EXPORT_SYMBOL_GPL(crypto_has_skcipher2); |
387 | |
388 | static int skcipher_prepare_alg(struct skcipher_alg *alg) |
389 | { |
390 | struct crypto_alg *base = &alg->base; |
391 | |
392 | if (alg->ivsize > PAGE_SIZE / 8 || alg->chunksize > PAGE_SIZE / 8) |
393 | return -EINVAL; |
394 | |
395 | if (!alg->chunksize) |
396 | alg->chunksize = base->cra_blocksize; |
397 | |
398 | base->cra_type = &crypto_skcipher_type2; |
399 | base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; |
400 | base->cra_flags |= CRYPTO_ALG_TYPE_SKCIPHER; |
401 | |
402 | return 0; |
403 | } |
404 | |
405 | int crypto_register_skcipher(struct skcipher_alg *alg) |
406 | { |
407 | struct crypto_alg *base = &alg->base; |
408 | int err; |
409 | |
410 | err = skcipher_prepare_alg(alg); |
411 | if (err) |
412 | return err; |
413 | |
414 | return crypto_register_alg(base); |
415 | } |
416 | EXPORT_SYMBOL_GPL(crypto_register_skcipher); |
417 | |
418 | void crypto_unregister_skcipher(struct skcipher_alg *alg) |
419 | { |
420 | crypto_unregister_alg(&alg->base); |
421 | } |
422 | EXPORT_SYMBOL_GPL(crypto_unregister_skcipher); |
423 | |
424 | int crypto_register_skciphers(struct skcipher_alg *algs, int count) |
425 | { |
426 | int i, ret; |
427 | |
428 | for (i = 0; i < count; i++) { |
429 | ret = crypto_register_skcipher(&algs[i]); |
430 | if (ret) |
431 | goto err; |
432 | } |
433 | |
434 | return 0; |
435 | |
436 | err: |
437 | for (--i; i >= 0; --i) |
438 | crypto_unregister_skcipher(&algs[i]); |
439 | |
440 | return ret; |
441 | } |
442 | EXPORT_SYMBOL_GPL(crypto_register_skciphers); |
443 | |
444 | void crypto_unregister_skciphers(struct skcipher_alg *algs, int count) |
445 | { |
446 | int i; |
447 | |
448 | for (i = count - 1; i >= 0; --i) |
449 | crypto_unregister_skcipher(&algs[i]); |
450 | } |
451 | EXPORT_SYMBOL_GPL(crypto_unregister_skciphers); |
452 | |
453 | int skcipher_register_instance(struct crypto_template *tmpl, |
454 | struct skcipher_instance *inst) |
455 | { |
456 | int err; |
457 | |
458 | err = skcipher_prepare_alg(&inst->alg); |
459 | if (err) |
460 | return err; |
461 | |
462 | return crypto_register_instance(tmpl, skcipher_crypto_instance(inst)); |
463 | } |
464 | EXPORT_SYMBOL_GPL(skcipher_register_instance); |
465 | |
466 | MODULE_LICENSE("GPL"); |
467 | MODULE_DESCRIPTION("Symmetric key cipher type"); |
468 |