| /* |
| * Cryptographic API. |
| * |
| * Cipher operations. |
| * |
| * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> |
| * |
| * This program is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License as published by the Free |
| * Software Foundation; either version 2 of the License, or (at your option) |
| * any later version. |
| * |
| */ |
| #include <linux/compiler.h> |
| #include <linux/kernel.h> |
| #include <linux/crypto.h> |
| #include <linux/errno.h> |
| #include <linux/mm.h> |
| #include <linux/slab.h> |
| #include <linux/string.h> |
| #include <asm/scatterlist.h> |
| #include "internal.h" |
| #include "scatterwalk.h" |
| |
| typedef void (cryptfn_t)(void *, u8 *, const u8 *); |
| typedef void (procfn_t)(struct crypto_tfm *, u8 *, |
| u8*, cryptfn_t, void *); |
| |
| static inline void xor_64(u8 *a, const u8 *b) |
| { |
| ((u32 *)a)[0] ^= ((u32 *)b)[0]; |
| ((u32 *)a)[1] ^= ((u32 *)b)[1]; |
| } |
| |
| static inline void xor_128(u8 *a, const u8 *b) |
| { |
| ((u32 *)a)[0] ^= ((u32 *)b)[0]; |
| ((u32 *)a)[1] ^= ((u32 *)b)[1]; |
| ((u32 *)a)[2] ^= ((u32 *)b)[2]; |
| ((u32 *)a)[3] ^= ((u32 *)b)[3]; |
| } |
| |
| static inline void *prepare_src(struct scatter_walk *walk, int bsize, |
| void *tmp, int in_place) |
| { |
| void *src = walk->data; |
| int n = bsize; |
| |
| if (unlikely(scatterwalk_across_pages(walk, bsize))) { |
| src = tmp; |
| n = scatterwalk_copychunks(src, walk, bsize, 0); |
| } |
| scatterwalk_advance(walk, n); |
| return src; |
| } |
| |
| static inline void *prepare_dst(struct scatter_walk *walk, int bsize, |
| void *tmp, int in_place) |
| { |
| void *dst = walk->data; |
| |
| if (unlikely(scatterwalk_across_pages(walk, bsize)) || in_place) |
| dst = tmp; |
| return dst; |
| } |
| |
| static inline void complete_src(struct scatter_walk *walk, int bsize, |
| void *src, int in_place) |
| { |
| } |
| |
| static inline void complete_dst(struct scatter_walk *walk, int bsize, |
| void *dst, int in_place) |
| { |
| int n = bsize; |
| |
| if (unlikely(scatterwalk_across_pages(walk, bsize))) |
| n = scatterwalk_copychunks(dst, walk, bsize, 1); |
| else if (in_place) |
| memcpy(walk->data, dst, bsize); |
| scatterwalk_advance(walk, n); |
| } |
| |
| /* |
| * Generic encrypt/decrypt wrapper for ciphers, handles operations across |
| * multiple page boundaries by using temporary blocks. In user context, |
| * the kernel is given a chance to schedule us once per block. |
| */ |
| static int crypt(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, |
| unsigned int nbytes, cryptfn_t crfn, |
| procfn_t prfn, void *info) |
| { |
| struct scatter_walk walk_in, walk_out; |
| const unsigned int bsize = crypto_tfm_alg_blocksize(tfm); |
| u8 tmp_src[bsize]; |
| u8 tmp_dst[bsize]; |
| |
| if (!nbytes) |
| return 0; |
| |
| if (nbytes % bsize) { |
| tfm->crt_flags |= CRYPTO_TFM_RES_BAD_BLOCK_LEN; |
| return -EINVAL; |
| } |
| |
| scatterwalk_start(&walk_in, src); |
| scatterwalk_start(&walk_out, dst); |
| |
| for(;;) { |
| u8 *src_p, *dst_p; |
| int in_place; |
| |
| scatterwalk_map(&walk_in, 0); |
| scatterwalk_map(&walk_out, 1); |
| |
| in_place = scatterwalk_samebuf(&walk_in, &walk_out); |
| |
| do { |
| src_p = prepare_src(&walk_in, bsize, tmp_src, |
| in_place); |
| dst_p = prepare_dst(&walk_out, bsize, tmp_dst, |
| in_place); |
| |
| prfn(tfm, dst_p, src_p, crfn, info); |
| |
| complete_src(&walk_in, bsize, src_p, in_place); |
| complete_dst(&walk_out, bsize, dst_p, in_place); |
| |
| nbytes -= bsize; |
| } while (nbytes && |
| !scatterwalk_across_pages(&walk_in, bsize) && |
| !scatterwalk_across_pages(&walk_out, bsize)); |
| |
| scatterwalk_done(&walk_in, 0, nbytes); |
| scatterwalk_done(&walk_out, 1, nbytes); |
| |
| if (!nbytes) |
| return 0; |
| |
| crypto_yield(tfm); |
| } |
| } |
| |
| static void cbc_process_encrypt(struct crypto_tfm *tfm, u8 *dst, u8 *src, |
| cryptfn_t fn, void *info) |
| { |
| u8 *iv = info; |
| |
| tfm->crt_u.cipher.cit_xor_block(iv, src); |
| fn(crypto_tfm_ctx(tfm), dst, iv); |
| memcpy(iv, dst, crypto_tfm_alg_blocksize(tfm)); |
| } |
| |
| static void cbc_process_decrypt(struct crypto_tfm *tfm, u8 *dst, u8 *src, |
| cryptfn_t fn, void *info) |
| { |
| u8 *iv = info; |
| |
| fn(crypto_tfm_ctx(tfm), dst, src); |
| tfm->crt_u.cipher.cit_xor_block(dst, iv); |
| memcpy(iv, src, crypto_tfm_alg_blocksize(tfm)); |
| } |
| |
| static void ecb_process(struct crypto_tfm *tfm, u8 *dst, u8 *src, |
| cryptfn_t fn, void *info) |
| { |
| fn(crypto_tfm_ctx(tfm), dst, src); |
| } |
| |
| static int setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int keylen) |
| { |
| struct cipher_alg *cia = &tfm->__crt_alg->cra_cipher; |
| |
| if (keylen < cia->cia_min_keysize || keylen > cia->cia_max_keysize) { |
| tfm->crt_flags |= CRYPTO_TFM_RES_BAD_KEY_LEN; |
| return -EINVAL; |
| } else |
| return cia->cia_setkey(crypto_tfm_ctx(tfm), key, keylen, |
| &tfm->crt_flags); |
| } |
| |
| static int ecb_encrypt(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, unsigned int nbytes) |
| { |
| return crypt(tfm, dst, src, nbytes, |
| tfm->__crt_alg->cra_cipher.cia_encrypt, |
| ecb_process, NULL); |
| } |
| |
| static int ecb_decrypt(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, |
| unsigned int nbytes) |
| { |
| return crypt(tfm, dst, src, nbytes, |
| tfm->__crt_alg->cra_cipher.cia_decrypt, |
| ecb_process, NULL); |
| } |
| |
| static int cbc_encrypt(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, |
| unsigned int nbytes) |
| { |
| return crypt(tfm, dst, src, nbytes, |
| tfm->__crt_alg->cra_cipher.cia_encrypt, |
| cbc_process_encrypt, tfm->crt_cipher.cit_iv); |
| } |
| |
| static int cbc_encrypt_iv(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, |
| unsigned int nbytes, u8 *iv) |
| { |
| return crypt(tfm, dst, src, nbytes, |
| tfm->__crt_alg->cra_cipher.cia_encrypt, |
| cbc_process_encrypt, iv); |
| } |
| |
| static int cbc_decrypt(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, |
| unsigned int nbytes) |
| { |
| return crypt(tfm, dst, src, nbytes, |
| tfm->__crt_alg->cra_cipher.cia_decrypt, |
| cbc_process_decrypt, tfm->crt_cipher.cit_iv); |
| } |
| |
| static int cbc_decrypt_iv(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, |
| unsigned int nbytes, u8 *iv) |
| { |
| return crypt(tfm, dst, src, nbytes, |
| tfm->__crt_alg->cra_cipher.cia_decrypt, |
| cbc_process_decrypt, iv); |
| } |
| |
| static int nocrypt(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, |
| unsigned int nbytes) |
| { |
| return -ENOSYS; |
| } |
| |
| static int nocrypt_iv(struct crypto_tfm *tfm, |
| struct scatterlist *dst, |
| struct scatterlist *src, |
| unsigned int nbytes, u8 *iv) |
| { |
| return -ENOSYS; |
| } |
| |
| int crypto_init_cipher_flags(struct crypto_tfm *tfm, u32 flags) |
| { |
| u32 mode = flags & CRYPTO_TFM_MODE_MASK; |
| |
| tfm->crt_cipher.cit_mode = mode ? mode : CRYPTO_TFM_MODE_ECB; |
| if (flags & CRYPTO_TFM_REQ_WEAK_KEY) |
| tfm->crt_flags = CRYPTO_TFM_REQ_WEAK_KEY; |
| |
| return 0; |
| } |
| |
| int crypto_init_cipher_ops(struct crypto_tfm *tfm) |
| { |
| int ret = 0; |
| struct cipher_tfm *ops = &tfm->crt_cipher; |
| |
| ops->cit_setkey = setkey; |
| |
| switch (tfm->crt_cipher.cit_mode) { |
| case CRYPTO_TFM_MODE_ECB: |
| ops->cit_encrypt = ecb_encrypt; |
| ops->cit_decrypt = ecb_decrypt; |
| break; |
| |
| case CRYPTO_TFM_MODE_CBC: |
| ops->cit_encrypt = cbc_encrypt; |
| ops->cit_decrypt = cbc_decrypt; |
| ops->cit_encrypt_iv = cbc_encrypt_iv; |
| ops->cit_decrypt_iv = cbc_decrypt_iv; |
| break; |
| |
| case CRYPTO_TFM_MODE_CFB: |
| ops->cit_encrypt = nocrypt; |
| ops->cit_decrypt = nocrypt; |
| ops->cit_encrypt_iv = nocrypt_iv; |
| ops->cit_decrypt_iv = nocrypt_iv; |
| break; |
| |
| case CRYPTO_TFM_MODE_CTR: |
| ops->cit_encrypt = nocrypt; |
| ops->cit_decrypt = nocrypt; |
| ops->cit_encrypt_iv = nocrypt_iv; |
| ops->cit_decrypt_iv = nocrypt_iv; |
| break; |
| |
| default: |
| BUG(); |
| } |
| |
| if (ops->cit_mode == CRYPTO_TFM_MODE_CBC) { |
| |
| switch (crypto_tfm_alg_blocksize(tfm)) { |
| case 8: |
| ops->cit_xor_block = xor_64; |
| break; |
| |
| case 16: |
| ops->cit_xor_block = xor_128; |
| break; |
| |
| default: |
| printk(KERN_WARNING "%s: block size %u not supported\n", |
| crypto_tfm_alg_name(tfm), |
| crypto_tfm_alg_blocksize(tfm)); |
| ret = -EINVAL; |
| goto out; |
| } |
| |
| ops->cit_ivsize = crypto_tfm_alg_blocksize(tfm); |
| ops->cit_iv = kmalloc(ops->cit_ivsize, GFP_KERNEL); |
| if (ops->cit_iv == NULL) |
| ret = -ENOMEM; |
| } |
| |
| out: |
| return ret; |
| } |
| |
| void crypto_exit_cipher_ops(struct crypto_tfm *tfm) |
| { |
| kfree(tfm->crt_cipher.cit_iv); |
| } |