1 /*
2 * Symmetric key cipher operations.
3 *
4 * Generic encrypt/decrypt wrapper for ciphers, handles operations across
5 * multiple page boundaries by using temporary blocks. In user context,
6 * the kernel is given a chance to schedule us once per page.
7 *
8 * Copyright (c) 2015 Herbert Xu <herbert@gondor.apana.org.au>
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the Free
12 * Software Foundation; either version 2 of the License, or (at your option)
13 * any later version.
14 *
15 */
16
17 #include <crypto/internal/skcipher.h>
18 #include <linux/bug.h>
19 #include <linux/cryptouser.h>
20 #include <linux/module.h>
21 #include <linux/rtnetlink.h>
22 #include <linux/seq_file.h>
23 #include <net/netlink.h>
24
25 #include "internal.h"
26
crypto_skcipher_extsize(struct crypto_alg * alg)27 static unsigned int crypto_skcipher_extsize(struct crypto_alg *alg)
28 {
29 if (alg->cra_type == &crypto_blkcipher_type)
30 return sizeof(struct crypto_blkcipher *);
31
32 if (alg->cra_type == &crypto_ablkcipher_type ||
33 alg->cra_type == &crypto_givcipher_type)
34 return sizeof(struct crypto_ablkcipher *);
35
36 return crypto_alg_extsize(alg);
37 }
38
skcipher_setkey_blkcipher(struct crypto_skcipher * tfm,const u8 * key,unsigned int keylen)39 static int skcipher_setkey_blkcipher(struct crypto_skcipher *tfm,
40 const u8 *key, unsigned int keylen)
41 {
42 struct crypto_blkcipher **ctx = crypto_skcipher_ctx(tfm);
43 struct crypto_blkcipher *blkcipher = *ctx;
44 int err;
45
46 crypto_blkcipher_clear_flags(blkcipher, ~0);
47 crypto_blkcipher_set_flags(blkcipher, crypto_skcipher_get_flags(tfm) &
48 CRYPTO_TFM_REQ_MASK);
49 err = crypto_blkcipher_setkey(blkcipher, key, keylen);
50 crypto_skcipher_set_flags(tfm, crypto_blkcipher_get_flags(blkcipher) &
51 CRYPTO_TFM_RES_MASK);
52
53 return err;
54 }
55
skcipher_crypt_blkcipher(struct skcipher_request * req,int (* crypt)(struct blkcipher_desc *,struct scatterlist *,struct scatterlist *,unsigned int))56 static int skcipher_crypt_blkcipher(struct skcipher_request *req,
57 int (*crypt)(struct blkcipher_desc *,
58 struct scatterlist *,
59 struct scatterlist *,
60 unsigned int))
61 {
62 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
63 struct crypto_blkcipher **ctx = crypto_skcipher_ctx(tfm);
64 struct blkcipher_desc desc = {
65 .tfm = *ctx,
66 .info = req->iv,
67 .flags = req->base.flags,
68 };
69
70
71 return crypt(&desc, req->dst, req->src, req->cryptlen);
72 }
73
skcipher_encrypt_blkcipher(struct skcipher_request * req)74 static int skcipher_encrypt_blkcipher(struct skcipher_request *req)
75 {
76 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
77 struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher);
78 struct blkcipher_alg *alg = &tfm->__crt_alg->cra_blkcipher;
79
80 return skcipher_crypt_blkcipher(req, alg->encrypt);
81 }
82
skcipher_decrypt_blkcipher(struct skcipher_request * req)83 static int skcipher_decrypt_blkcipher(struct skcipher_request *req)
84 {
85 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
86 struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher);
87 struct blkcipher_alg *alg = &tfm->__crt_alg->cra_blkcipher;
88
89 return skcipher_crypt_blkcipher(req, alg->decrypt);
90 }
91
crypto_exit_skcipher_ops_blkcipher(struct crypto_tfm * tfm)92 static void crypto_exit_skcipher_ops_blkcipher(struct crypto_tfm *tfm)
93 {
94 struct crypto_blkcipher **ctx = crypto_tfm_ctx(tfm);
95
96 crypto_free_blkcipher(*ctx);
97 }
98
crypto_init_skcipher_ops_blkcipher(struct crypto_tfm * tfm)99 static int crypto_init_skcipher_ops_blkcipher(struct crypto_tfm *tfm)
100 {
101 struct crypto_alg *calg = tfm->__crt_alg;
102 struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
103 struct crypto_blkcipher **ctx = crypto_tfm_ctx(tfm);
104 struct crypto_blkcipher *blkcipher;
105 struct crypto_tfm *btfm;
106
107 if (!crypto_mod_get(calg))
108 return -EAGAIN;
109
110 btfm = __crypto_alloc_tfm(calg, CRYPTO_ALG_TYPE_BLKCIPHER,
111 CRYPTO_ALG_TYPE_MASK);
112 if (IS_ERR(btfm)) {
113 crypto_mod_put(calg);
114 return PTR_ERR(btfm);
115 }
116
117 blkcipher = __crypto_blkcipher_cast(btfm);
118 *ctx = blkcipher;
119 tfm->exit = crypto_exit_skcipher_ops_blkcipher;
120
121 skcipher->setkey = skcipher_setkey_blkcipher;
122 skcipher->encrypt = skcipher_encrypt_blkcipher;
123 skcipher->decrypt = skcipher_decrypt_blkcipher;
124
125 skcipher->ivsize = crypto_blkcipher_ivsize(blkcipher);
126 skcipher->keysize = calg->cra_blkcipher.max_keysize;
127
128 return 0;
129 }
130
skcipher_setkey_ablkcipher(struct crypto_skcipher * tfm,const u8 * key,unsigned int keylen)131 static int skcipher_setkey_ablkcipher(struct crypto_skcipher *tfm,
132 const u8 *key, unsigned int keylen)
133 {
134 struct crypto_ablkcipher **ctx = crypto_skcipher_ctx(tfm);
135 struct crypto_ablkcipher *ablkcipher = *ctx;
136 int err;
137
138 crypto_ablkcipher_clear_flags(ablkcipher, ~0);
139 crypto_ablkcipher_set_flags(ablkcipher,
140 crypto_skcipher_get_flags(tfm) &
141 CRYPTO_TFM_REQ_MASK);
142 err = crypto_ablkcipher_setkey(ablkcipher, key, keylen);
143 crypto_skcipher_set_flags(tfm,
144 crypto_ablkcipher_get_flags(ablkcipher) &
145 CRYPTO_TFM_RES_MASK);
146
147 return err;
148 }
149
skcipher_crypt_ablkcipher(struct skcipher_request * req,int (* crypt)(struct ablkcipher_request *))150 static int skcipher_crypt_ablkcipher(struct skcipher_request *req,
151 int (*crypt)(struct ablkcipher_request *))
152 {
153 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
154 struct crypto_ablkcipher **ctx = crypto_skcipher_ctx(tfm);
155 struct ablkcipher_request *subreq = skcipher_request_ctx(req);
156
157 ablkcipher_request_set_tfm(subreq, *ctx);
158 ablkcipher_request_set_callback(subreq, skcipher_request_flags(req),
159 req->base.complete, req->base.data);
160 ablkcipher_request_set_crypt(subreq, req->src, req->dst, req->cryptlen,
161 req->iv);
162
163 return crypt(subreq);
164 }
165
skcipher_encrypt_ablkcipher(struct skcipher_request * req)166 static int skcipher_encrypt_ablkcipher(struct skcipher_request *req)
167 {
168 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
169 struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher);
170 struct ablkcipher_alg *alg = &tfm->__crt_alg->cra_ablkcipher;
171
172 return skcipher_crypt_ablkcipher(req, alg->encrypt);
173 }
174
skcipher_decrypt_ablkcipher(struct skcipher_request * req)175 static int skcipher_decrypt_ablkcipher(struct skcipher_request *req)
176 {
177 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
178 struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher);
179 struct ablkcipher_alg *alg = &tfm->__crt_alg->cra_ablkcipher;
180
181 return skcipher_crypt_ablkcipher(req, alg->decrypt);
182 }
183
crypto_exit_skcipher_ops_ablkcipher(struct crypto_tfm * tfm)184 static void crypto_exit_skcipher_ops_ablkcipher(struct crypto_tfm *tfm)
185 {
186 struct crypto_ablkcipher **ctx = crypto_tfm_ctx(tfm);
187
188 crypto_free_ablkcipher(*ctx);
189 }
190
crypto_init_skcipher_ops_ablkcipher(struct crypto_tfm * tfm)191 static int crypto_init_skcipher_ops_ablkcipher(struct crypto_tfm *tfm)
192 {
193 struct crypto_alg *calg = tfm->__crt_alg;
194 struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
195 struct crypto_ablkcipher **ctx = crypto_tfm_ctx(tfm);
196 struct crypto_ablkcipher *ablkcipher;
197 struct crypto_tfm *abtfm;
198
199 if (!crypto_mod_get(calg))
200 return -EAGAIN;
201
202 abtfm = __crypto_alloc_tfm(calg, 0, 0);
203 if (IS_ERR(abtfm)) {
204 crypto_mod_put(calg);
205 return PTR_ERR(abtfm);
206 }
207
208 ablkcipher = __crypto_ablkcipher_cast(abtfm);
209 *ctx = ablkcipher;
210 tfm->exit = crypto_exit_skcipher_ops_ablkcipher;
211
212 skcipher->setkey = skcipher_setkey_ablkcipher;
213 skcipher->encrypt = skcipher_encrypt_ablkcipher;
214 skcipher->decrypt = skcipher_decrypt_ablkcipher;
215
216 skcipher->ivsize = crypto_ablkcipher_ivsize(ablkcipher);
217 skcipher->reqsize = crypto_ablkcipher_reqsize(ablkcipher) +
218 sizeof(struct ablkcipher_request);
219 skcipher->keysize = calg->cra_ablkcipher.max_keysize;
220
221 return 0;
222 }
223
skcipher_setkey_unaligned(struct crypto_skcipher * tfm,const u8 * key,unsigned int keylen)224 static int skcipher_setkey_unaligned(struct crypto_skcipher *tfm,
225 const u8 *key, unsigned int keylen)
226 {
227 unsigned long alignmask = crypto_skcipher_alignmask(tfm);
228 struct skcipher_alg *cipher = crypto_skcipher_alg(tfm);
229 u8 *buffer, *alignbuffer;
230 unsigned long absize;
231 int ret;
232
233 absize = keylen + alignmask;
234 buffer = kmalloc(absize, GFP_ATOMIC);
235 if (!buffer)
236 return -ENOMEM;
237
238 alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
239 memcpy(alignbuffer, key, keylen);
240 ret = cipher->setkey(tfm, alignbuffer, keylen);
241 kzfree(buffer);
242 return ret;
243 }
244
skcipher_setkey(struct crypto_skcipher * tfm,const u8 * key,unsigned int keylen)245 static int skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key,
246 unsigned int keylen)
247 {
248 struct skcipher_alg *cipher = crypto_skcipher_alg(tfm);
249 unsigned long alignmask = crypto_skcipher_alignmask(tfm);
250
251 if (keylen < cipher->min_keysize || keylen > cipher->max_keysize) {
252 crypto_skcipher_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
253 return -EINVAL;
254 }
255
256 if ((unsigned long)key & alignmask)
257 return skcipher_setkey_unaligned(tfm, key, keylen);
258
259 return cipher->setkey(tfm, key, keylen);
260 }
261
crypto_skcipher_exit_tfm(struct crypto_tfm * tfm)262 static void crypto_skcipher_exit_tfm(struct crypto_tfm *tfm)
263 {
264 struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
265 struct skcipher_alg *alg = crypto_skcipher_alg(skcipher);
266
267 alg->exit(skcipher);
268 }
269
crypto_skcipher_init_tfm(struct crypto_tfm * tfm)270 static int crypto_skcipher_init_tfm(struct crypto_tfm *tfm)
271 {
272 struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
273 struct skcipher_alg *alg = crypto_skcipher_alg(skcipher);
274
275 if (tfm->__crt_alg->cra_type == &crypto_blkcipher_type)
276 return crypto_init_skcipher_ops_blkcipher(tfm);
277
278 if (tfm->__crt_alg->cra_type == &crypto_ablkcipher_type ||
279 tfm->__crt_alg->cra_type == &crypto_givcipher_type)
280 return crypto_init_skcipher_ops_ablkcipher(tfm);
281
282 skcipher->setkey = skcipher_setkey;
283 skcipher->encrypt = alg->encrypt;
284 skcipher->decrypt = alg->decrypt;
285 skcipher->ivsize = alg->ivsize;
286 skcipher->keysize = alg->max_keysize;
287
288 if (alg->exit)
289 skcipher->base.exit = crypto_skcipher_exit_tfm;
290
291 if (alg->init)
292 return alg->init(skcipher);
293
294 return 0;
295 }
296
crypto_skcipher_free_instance(struct crypto_instance * inst)297 static void crypto_skcipher_free_instance(struct crypto_instance *inst)
298 {
299 struct skcipher_instance *skcipher =
300 container_of(inst, struct skcipher_instance, s.base);
301
302 skcipher->free(skcipher);
303 }
304
305 static void crypto_skcipher_show(struct seq_file *m, struct crypto_alg *alg)
306 __attribute__ ((unused));
crypto_skcipher_show(struct seq_file * m,struct crypto_alg * alg)307 static void crypto_skcipher_show(struct seq_file *m, struct crypto_alg *alg)
308 {
309 struct skcipher_alg *skcipher = container_of(alg, struct skcipher_alg,
310 base);
311
312 seq_printf(m, "type : skcipher\n");
313 seq_printf(m, "async : %s\n",
314 alg->cra_flags & CRYPTO_ALG_ASYNC ? "yes" : "no");
315 seq_printf(m, "blocksize : %u\n", alg->cra_blocksize);
316 seq_printf(m, "min keysize : %u\n", skcipher->min_keysize);
317 seq_printf(m, "max keysize : %u\n", skcipher->max_keysize);
318 seq_printf(m, "ivsize : %u\n", skcipher->ivsize);
319 seq_printf(m, "chunksize : %u\n", skcipher->chunksize);
320 }
321
322 #ifdef CONFIG_NET
crypto_skcipher_report(struct sk_buff * skb,struct crypto_alg * alg)323 static int crypto_skcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
324 {
325 struct crypto_report_blkcipher rblkcipher;
326 struct skcipher_alg *skcipher = container_of(alg, struct skcipher_alg,
327 base);
328
329 strncpy(rblkcipher.type, "skcipher", sizeof(rblkcipher.type));
330 strncpy(rblkcipher.geniv, "<none>", sizeof(rblkcipher.geniv));
331
332 rblkcipher.blocksize = alg->cra_blocksize;
333 rblkcipher.min_keysize = skcipher->min_keysize;
334 rblkcipher.max_keysize = skcipher->max_keysize;
335 rblkcipher.ivsize = skcipher->ivsize;
336
337 if (nla_put(skb, CRYPTOCFGA_REPORT_BLKCIPHER,
338 sizeof(struct crypto_report_blkcipher), &rblkcipher))
339 goto nla_put_failure;
340 return 0;
341
342 nla_put_failure:
343 return -EMSGSIZE;
344 }
345 #else
crypto_skcipher_report(struct sk_buff * skb,struct crypto_alg * alg)346 static int crypto_skcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
347 {
348 return -ENOSYS;
349 }
350 #endif
351
352 static const struct crypto_type crypto_skcipher_type2 = {
353 .extsize = crypto_skcipher_extsize,
354 .init_tfm = crypto_skcipher_init_tfm,
355 .free = crypto_skcipher_free_instance,
356 #ifdef CONFIG_PROC_FS
357 .show = crypto_skcipher_show,
358 #endif
359 .report = crypto_skcipher_report,
360 .maskclear = ~CRYPTO_ALG_TYPE_MASK,
361 .maskset = CRYPTO_ALG_TYPE_BLKCIPHER_MASK,
362 .type = CRYPTO_ALG_TYPE_SKCIPHER,
363 .tfmsize = offsetof(struct crypto_skcipher, base),
364 };
365
crypto_grab_skcipher(struct crypto_skcipher_spawn * spawn,const char * name,u32 type,u32 mask)366 int crypto_grab_skcipher(struct crypto_skcipher_spawn *spawn,
367 const char *name, u32 type, u32 mask)
368 {
369 spawn->base.frontend = &crypto_skcipher_type2;
370 return crypto_grab_spawn(&spawn->base, name, type, mask);
371 }
372 EXPORT_SYMBOL_GPL(crypto_grab_skcipher);
373
crypto_alloc_skcipher(const char * alg_name,u32 type,u32 mask)374 struct crypto_skcipher *crypto_alloc_skcipher(const char *alg_name,
375 u32 type, u32 mask)
376 {
377 return crypto_alloc_tfm(alg_name, &crypto_skcipher_type2, type, mask);
378 }
379 EXPORT_SYMBOL_GPL(crypto_alloc_skcipher);
380
crypto_has_skcipher2(const char * alg_name,u32 type,u32 mask)381 int crypto_has_skcipher2(const char *alg_name, u32 type, u32 mask)
382 {
383 return crypto_type_has_alg(alg_name, &crypto_skcipher_type2,
384 type, mask);
385 }
386 EXPORT_SYMBOL_GPL(crypto_has_skcipher2);
387
skcipher_prepare_alg(struct skcipher_alg * alg)388 static int skcipher_prepare_alg(struct skcipher_alg *alg)
389 {
390 struct crypto_alg *base = &alg->base;
391
392 if (alg->ivsize > PAGE_SIZE / 8 || alg->chunksize > PAGE_SIZE / 8)
393 return -EINVAL;
394
395 if (!alg->chunksize)
396 alg->chunksize = base->cra_blocksize;
397
398 base->cra_type = &crypto_skcipher_type2;
399 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK;
400 base->cra_flags |= CRYPTO_ALG_TYPE_SKCIPHER;
401
402 return 0;
403 }
404
crypto_register_skcipher(struct skcipher_alg * alg)405 int crypto_register_skcipher(struct skcipher_alg *alg)
406 {
407 struct crypto_alg *base = &alg->base;
408 int err;
409
410 err = skcipher_prepare_alg(alg);
411 if (err)
412 return err;
413
414 return crypto_register_alg(base);
415 }
416 EXPORT_SYMBOL_GPL(crypto_register_skcipher);
417
crypto_unregister_skcipher(struct skcipher_alg * alg)418 void crypto_unregister_skcipher(struct skcipher_alg *alg)
419 {
420 crypto_unregister_alg(&alg->base);
421 }
422 EXPORT_SYMBOL_GPL(crypto_unregister_skcipher);
423
crypto_register_skciphers(struct skcipher_alg * algs,int count)424 int crypto_register_skciphers(struct skcipher_alg *algs, int count)
425 {
426 int i, ret;
427
428 for (i = 0; i < count; i++) {
429 ret = crypto_register_skcipher(&algs[i]);
430 if (ret)
431 goto err;
432 }
433
434 return 0;
435
436 err:
437 for (--i; i >= 0; --i)
438 crypto_unregister_skcipher(&algs[i]);
439
440 return ret;
441 }
442 EXPORT_SYMBOL_GPL(crypto_register_skciphers);
443
crypto_unregister_skciphers(struct skcipher_alg * algs,int count)444 void crypto_unregister_skciphers(struct skcipher_alg *algs, int count)
445 {
446 int i;
447
448 for (i = count - 1; i >= 0; --i)
449 crypto_unregister_skcipher(&algs[i]);
450 }
451 EXPORT_SYMBOL_GPL(crypto_unregister_skciphers);
452
skcipher_register_instance(struct crypto_template * tmpl,struct skcipher_instance * inst)453 int skcipher_register_instance(struct crypto_template *tmpl,
454 struct skcipher_instance *inst)
455 {
456 int err;
457
458 err = skcipher_prepare_alg(&inst->alg);
459 if (err)
460 return err;
461
462 return crypto_register_instance(tmpl, skcipher_crypto_instance(inst));
463 }
464 EXPORT_SYMBOL_GPL(skcipher_register_instance);
465
466 MODULE_LICENSE("GPL");
467 MODULE_DESCRIPTION("Symmetric key cipher type");
468