Commit a0f000ec9b61b99111757df138b11144236fc59b
1 parent
17f0f4a47d
Exists in
master
and in
4 other branches
crypto: skcipher - Use RNG interface instead of get_random_bytes
This patch makes the IV generators use the new RNG interface so that the user can pick an RNG other than the default get_random_bytes. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Showing 4 changed files with 75 additions and 13 deletions Side-by-side Diff
crypto/Kconfig
... | ... | @@ -41,6 +41,7 @@ |
41 | 41 | config CRYPTO_BLKCIPHER |
42 | 42 | tristate |
43 | 43 | select CRYPTO_ALGAPI |
44 | + select CRYPTO_RNG | |
44 | 45 | |
45 | 46 | config CRYPTO_HASH |
46 | 47 | tristate |
... | ... | @@ -125,6 +126,7 @@ |
125 | 126 | tristate "Sequence Number IV Generator" |
126 | 127 | select CRYPTO_AEAD |
127 | 128 | select CRYPTO_BLKCIPHER |
129 | + select CRYPTO_RNG | |
128 | 130 | help |
129 | 131 | This IV generator generates an IV based on a sequence number by |
130 | 132 | xoring it with a salt. This algorithm is mainly useful for CTR |
crypto/chainiv.c
... | ... | @@ -14,11 +14,11 @@ |
14 | 14 | */ |
15 | 15 | |
16 | 16 | #include <crypto/internal/skcipher.h> |
17 | +#include <crypto/rng.h> | |
17 | 18 | #include <linux/err.h> |
18 | 19 | #include <linux/init.h> |
19 | 20 | #include <linux/kernel.h> |
20 | 21 | #include <linux/module.h> |
21 | -#include <linux/random.h> | |
22 | 22 | #include <linux/spinlock.h> |
23 | 23 | #include <linux/string.h> |
24 | 24 | #include <linux/workqueue.h> |
... | ... | @@ -83,6 +83,7 @@ |
83 | 83 | { |
84 | 84 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); |
85 | 85 | struct chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); |
86 | + int err = 0; | |
86 | 87 | |
87 | 88 | spin_lock_bh(&ctx->lock); |
88 | 89 | if (crypto_ablkcipher_crt(geniv)->givencrypt != |
89 | 90 | |
... | ... | @@ -90,11 +91,15 @@ |
90 | 91 | goto unlock; |
91 | 92 | |
92 | 93 | crypto_ablkcipher_crt(geniv)->givencrypt = chainiv_givencrypt; |
93 | - get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv)); | |
94 | + err = crypto_rng_get_bytes(crypto_default_rng, ctx->iv, | |
95 | + crypto_ablkcipher_ivsize(geniv)); | |
94 | 96 | |
95 | 97 | unlock: |
96 | 98 | spin_unlock_bh(&ctx->lock); |
97 | 99 | |
100 | + if (err) | |
101 | + return err; | |
102 | + | |
98 | 103 | return chainiv_givencrypt(req); |
99 | 104 | } |
100 | 105 | |
... | ... | @@ -203,6 +208,7 @@ |
203 | 208 | { |
204 | 209 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); |
205 | 210 | struct async_chainiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); |
211 | + int err = 0; | |
206 | 212 | |
207 | 213 | if (test_and_set_bit(CHAINIV_STATE_INUSE, &ctx->state)) |
208 | 214 | goto out; |
209 | 215 | |
... | ... | @@ -212,11 +218,15 @@ |
212 | 218 | goto unlock; |
213 | 219 | |
214 | 220 | crypto_ablkcipher_crt(geniv)->givencrypt = async_chainiv_givencrypt; |
215 | - get_random_bytes(ctx->iv, crypto_ablkcipher_ivsize(geniv)); | |
221 | + err = crypto_rng_get_bytes(crypto_default_rng, ctx->iv, | |
222 | + crypto_ablkcipher_ivsize(geniv)); | |
216 | 223 | |
217 | 224 | unlock: |
218 | 225 | clear_bit(CHAINIV_STATE_INUSE, &ctx->state); |
219 | 226 | |
227 | + if (err) | |
228 | + return err; | |
229 | + | |
220 | 230 | out: |
221 | 231 | return async_chainiv_givencrypt(req); |
222 | 232 | } |
223 | 233 | |
... | ... | @@ -284,9 +294,13 @@ |
284 | 294 | if (IS_ERR(algt)) |
285 | 295 | return ERR_PTR(err); |
286 | 296 | |
297 | + err = crypto_get_default_rng(); | |
298 | + if (err) | |
299 | + return ERR_PTR(err); | |
300 | + | |
287 | 301 | inst = skcipher_geniv_alloc(&chainiv_tmpl, tb, 0, 0); |
288 | 302 | if (IS_ERR(inst)) |
289 | - goto out; | |
303 | + goto put_rng; | |
290 | 304 | |
291 | 305 | inst->alg.cra_ablkcipher.givencrypt = chainiv_givencrypt_first; |
292 | 306 | |
293 | 307 | |
294 | 308 | |
... | ... | @@ -311,12 +325,22 @@ |
311 | 325 | |
312 | 326 | out: |
313 | 327 | return inst; |
328 | + | |
329 | +put_rng: | |
330 | + crypto_put_default_rng(); | |
331 | + goto out; | |
314 | 332 | } |
315 | 333 | |
334 | +static void chainiv_free(struct crypto_instance *inst) | |
335 | +{ | |
336 | + skcipher_geniv_free(inst); | |
337 | + crypto_put_default_rng(); | |
338 | +} | |
339 | + | |
316 | 340 | static struct crypto_template chainiv_tmpl = { |
317 | 341 | .name = "chainiv", |
318 | 342 | .alloc = chainiv_alloc, |
319 | - .free = skcipher_geniv_free, | |
343 | + .free = chainiv_free, | |
320 | 344 | .module = THIS_MODULE, |
321 | 345 | }; |
322 | 346 |
crypto/eseqiv.c
... | ... | @@ -16,13 +16,13 @@ |
16 | 16 | */ |
17 | 17 | |
18 | 18 | #include <crypto/internal/skcipher.h> |
19 | +#include <crypto/rng.h> | |
19 | 20 | #include <crypto/scatterwalk.h> |
20 | 21 | #include <linux/err.h> |
21 | 22 | #include <linux/init.h> |
22 | 23 | #include <linux/kernel.h> |
23 | 24 | #include <linux/mm.h> |
24 | 25 | #include <linux/module.h> |
25 | -#include <linux/random.h> | |
26 | 26 | #include <linux/scatterlist.h> |
27 | 27 | #include <linux/spinlock.h> |
28 | 28 | #include <linux/string.h> |
29 | 29 | |
30 | 30 | |
... | ... | @@ -163,17 +163,22 @@ |
163 | 163 | { |
164 | 164 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); |
165 | 165 | struct eseqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); |
166 | + int err = 0; | |
166 | 167 | |
167 | 168 | spin_lock_bh(&ctx->lock); |
168 | 169 | if (crypto_ablkcipher_crt(geniv)->givencrypt != eseqiv_givencrypt_first) |
169 | 170 | goto unlock; |
170 | 171 | |
171 | 172 | crypto_ablkcipher_crt(geniv)->givencrypt = eseqiv_givencrypt; |
172 | - get_random_bytes(ctx->salt, crypto_ablkcipher_ivsize(geniv)); | |
173 | + err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, | |
174 | + crypto_ablkcipher_ivsize(geniv)); | |
173 | 175 | |
174 | 176 | unlock: |
175 | 177 | spin_unlock_bh(&ctx->lock); |
176 | 178 | |
179 | + if (err) | |
180 | + return err; | |
181 | + | |
177 | 182 | return eseqiv_givencrypt(req); |
178 | 183 | } |
179 | 184 | |
180 | 185 | |
... | ... | @@ -216,9 +221,13 @@ |
216 | 221 | struct crypto_instance *inst; |
217 | 222 | int err; |
218 | 223 | |
224 | + err = crypto_get_default_rng(); | |
225 | + if (err) | |
226 | + return ERR_PTR(err); | |
227 | + | |
219 | 228 | inst = skcipher_geniv_alloc(&eseqiv_tmpl, tb, 0, 0); |
220 | 229 | if (IS_ERR(inst)) |
221 | - goto out; | |
230 | + goto put_rng; | |
222 | 231 | |
223 | 232 | err = -EINVAL; |
224 | 233 | if (inst->alg.cra_ablkcipher.ivsize != inst->alg.cra_blocksize) |
225 | 234 | |
226 | 235 | |
... | ... | @@ -238,13 +247,21 @@ |
238 | 247 | free_inst: |
239 | 248 | skcipher_geniv_free(inst); |
240 | 249 | inst = ERR_PTR(err); |
250 | +put_rng: | |
251 | + crypto_put_default_rng(); | |
241 | 252 | goto out; |
242 | 253 | } |
243 | 254 | |
255 | +static void eseqiv_free(struct crypto_instance *inst) | |
256 | +{ | |
257 | + skcipher_geniv_free(inst); | |
258 | + crypto_put_default_rng(); | |
259 | +} | |
260 | + | |
244 | 261 | static struct crypto_template eseqiv_tmpl = { |
245 | 262 | .name = "eseqiv", |
246 | 263 | .alloc = eseqiv_alloc, |
247 | - .free = skcipher_geniv_free, | |
264 | + .free = eseqiv_free, | |
248 | 265 | .module = THIS_MODULE, |
249 | 266 | }; |
250 | 267 |
crypto/seqiv.c
... | ... | @@ -15,11 +15,11 @@ |
15 | 15 | |
16 | 16 | #include <crypto/internal/aead.h> |
17 | 17 | #include <crypto/internal/skcipher.h> |
18 | +#include <crypto/rng.h> | |
18 | 19 | #include <linux/err.h> |
19 | 20 | #include <linux/init.h> |
20 | 21 | #include <linux/kernel.h> |
21 | 22 | #include <linux/module.h> |
22 | -#include <linux/random.h> | |
23 | 23 | #include <linux/spinlock.h> |
24 | 24 | #include <linux/string.h> |
25 | 25 | |
26 | 26 | |
27 | 27 | |
... | ... | @@ -189,17 +189,22 @@ |
189 | 189 | { |
190 | 190 | struct crypto_ablkcipher *geniv = skcipher_givcrypt_reqtfm(req); |
191 | 191 | struct seqiv_ctx *ctx = crypto_ablkcipher_ctx(geniv); |
192 | + int err = 0; | |
192 | 193 | |
193 | 194 | spin_lock_bh(&ctx->lock); |
194 | 195 | if (crypto_ablkcipher_crt(geniv)->givencrypt != seqiv_givencrypt_first) |
195 | 196 | goto unlock; |
196 | 197 | |
197 | 198 | crypto_ablkcipher_crt(geniv)->givencrypt = seqiv_givencrypt; |
198 | - get_random_bytes(ctx->salt, crypto_ablkcipher_ivsize(geniv)); | |
199 | + err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, | |
200 | + crypto_ablkcipher_ivsize(geniv)); | |
199 | 201 | |
200 | 202 | unlock: |
201 | 203 | spin_unlock_bh(&ctx->lock); |
202 | 204 | |
205 | + if (err) | |
206 | + return err; | |
207 | + | |
203 | 208 | return seqiv_givencrypt(req); |
204 | 209 | } |
205 | 210 | |
206 | 211 | |
207 | 212 | |
... | ... | @@ -207,17 +212,22 @@ |
207 | 212 | { |
208 | 213 | struct crypto_aead *geniv = aead_givcrypt_reqtfm(req); |
209 | 214 | struct seqiv_ctx *ctx = crypto_aead_ctx(geniv); |
215 | + int err = 0; | |
210 | 216 | |
211 | 217 | spin_lock_bh(&ctx->lock); |
212 | 218 | if (crypto_aead_crt(geniv)->givencrypt != seqiv_aead_givencrypt_first) |
213 | 219 | goto unlock; |
214 | 220 | |
215 | 221 | crypto_aead_crt(geniv)->givencrypt = seqiv_aead_givencrypt; |
216 | - get_random_bytes(ctx->salt, crypto_aead_ivsize(geniv)); | |
222 | + err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, | |
223 | + crypto_aead_ivsize(geniv)); | |
217 | 224 | |
218 | 225 | unlock: |
219 | 226 | spin_unlock_bh(&ctx->lock); |
220 | 227 | |
228 | + if (err) | |
229 | + return err; | |
230 | + | |
221 | 231 | return seqiv_aead_givencrypt(req); |
222 | 232 | } |
223 | 233 | |
224 | 234 | |
225 | 235 | |
... | ... | @@ -298,19 +308,27 @@ |
298 | 308 | if (IS_ERR(algt)) |
299 | 309 | return ERR_PTR(err); |
300 | 310 | |
311 | + err = crypto_get_default_rng(); | |
312 | + if (err) | |
313 | + return ERR_PTR(err); | |
314 | + | |
301 | 315 | if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & CRYPTO_ALG_TYPE_MASK) |
302 | 316 | inst = seqiv_ablkcipher_alloc(tb); |
303 | 317 | else |
304 | 318 | inst = seqiv_aead_alloc(tb); |
305 | 319 | |
306 | 320 | if (IS_ERR(inst)) |
307 | - goto out; | |
321 | + goto put_rng; | |
308 | 322 | |
309 | 323 | inst->alg.cra_alignmask |= __alignof__(u32) - 1; |
310 | 324 | inst->alg.cra_ctxsize += sizeof(struct seqiv_ctx); |
311 | 325 | |
312 | 326 | out: |
313 | 327 | return inst; |
328 | + | |
329 | +put_rng: | |
330 | + crypto_put_default_rng(); | |
331 | + goto out; | |
314 | 332 | } |
315 | 333 | |
316 | 334 | static void seqiv_free(struct crypto_instance *inst) |
... | ... | @@ -319,6 +337,7 @@ |
319 | 337 | skcipher_geniv_free(inst); |
320 | 338 | else |
321 | 339 | aead_geniv_free(inst); |
340 | + crypto_put_default_rng(); | |
322 | 341 | } |
323 | 342 | |
324 | 343 | static struct crypto_template seqiv_tmpl = { |