]> git.ipfire.org Git - thirdparty/kernel/linux.git/blob - crypto/lskcipher.c
projects / thirdparty / kernel / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
crypto: remove CONFIG_CRYPTO_STATS
[thirdparty/kernel/linux.git] / crypto / lskcipher.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Linear symmetric key cipher operations.
4 *
5 * Generic encrypt/decrypt wrapper for ciphers.
6 *
7 * Copyright (c) 2023 Herbert Xu <herbert@gondor.apana.org.au>
8 */
9
10 #include <linux/cryptouser.h>
11 #include <linux/err.h>
12 #include <linux/export.h>
13 #include <linux/kernel.h>
14 #include <linux/seq_file.h>
15 #include <linux/slab.h>
16 #include <linux/string.h>
17 #include <net/netlink.h>
18 #include "skcipher.h"
19
20 static inline struct crypto_lskcipher *__crypto_lskcipher_cast(
21 struct crypto_tfm *tfm)
22 {
23 return container_of(tfm, struct crypto_lskcipher, base);
24 }
25
26 static inline struct lskcipher_alg *__crypto_lskcipher_alg(
27 struct crypto_alg *alg)
28 {
29 return container_of(alg, struct lskcipher_alg, co.base);
30 }
31
32 static int lskcipher_setkey_unaligned(struct crypto_lskcipher *tfm,
33 const u8 *key, unsigned int keylen)
34 {
35 unsigned long alignmask = crypto_lskcipher_alignmask(tfm);
36 struct lskcipher_alg *cipher = crypto_lskcipher_alg(tfm);
37 u8 *buffer, *alignbuffer;
38 unsigned long absize;
39 int ret;
40
41 absize = keylen + alignmask;
42 buffer = kmalloc(absize, GFP_ATOMIC);
43 if (!buffer)
44 return -ENOMEM;
45
46 alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
47 memcpy(alignbuffer, key, keylen);
48 ret = cipher->setkey(tfm, alignbuffer, keylen);
49 kfree_sensitive(buffer);
50 return ret;
51 }
52
53 int crypto_lskcipher_setkey(struct crypto_lskcipher *tfm, const u8 *key,
54 unsigned int keylen)
55 {
56 unsigned long alignmask = crypto_lskcipher_alignmask(tfm);
57 struct lskcipher_alg *cipher = crypto_lskcipher_alg(tfm);
58
59 if (keylen < cipher->co.min_keysize || keylen > cipher->co.max_keysize)
60 return -EINVAL;
61
62 if ((unsigned long)key & alignmask)
63 return lskcipher_setkey_unaligned(tfm, key, keylen);
64 else
65 return cipher->setkey(tfm, key, keylen);
66 }
67 EXPORT_SYMBOL_GPL(crypto_lskcipher_setkey);
68
69 static int crypto_lskcipher_crypt_unaligned(
70 struct crypto_lskcipher *tfm, const u8 *src, u8 *dst, unsigned len,
71 u8 *iv, int (*crypt)(struct crypto_lskcipher *tfm, const u8 *src,
72 u8 *dst, unsigned len, u8 *iv, u32 flags))
73 {
74 unsigned statesize = crypto_lskcipher_statesize(tfm);
75 unsigned ivsize = crypto_lskcipher_ivsize(tfm);
76 unsigned bs = crypto_lskcipher_blocksize(tfm);
77 unsigned cs = crypto_lskcipher_chunksize(tfm);
78 int err;
79 u8 *tiv;
80 u8 *p;
81
82 BUILD_BUG_ON(MAX_CIPHER_BLOCKSIZE > PAGE_SIZE ||
83 MAX_CIPHER_ALIGNMASK >= PAGE_SIZE);
84
85 tiv = kmalloc(PAGE_SIZE, GFP_ATOMIC);
86 if (!tiv)
87 return -ENOMEM;
88
89 memcpy(tiv, iv, ivsize + statesize);
90
91 p = kmalloc(PAGE_SIZE, GFP_ATOMIC);
92 err = -ENOMEM;
93 if (!p)
94 goto out;
95
96 while (len >= bs) {
97 unsigned chunk = min((unsigned)PAGE_SIZE, len);
98 int err;
99
100 if (chunk > cs)
101 chunk &= ~(cs - 1);
102
103 memcpy(p, src, chunk);
104 err = crypt(tfm, p, p, chunk, tiv, CRYPTO_LSKCIPHER_FLAG_FINAL);
105 if (err)
106 goto out;
107
108 memcpy(dst, p, chunk);
109 src += chunk;
110 dst += chunk;
111 len -= chunk;
112 }
113
114 err = len ? -EINVAL : 0;
115
116 out:
117 memcpy(iv, tiv, ivsize + statesize);
118 kfree_sensitive(p);
119 kfree_sensitive(tiv);
120 return err;
121 }
122
123 static int crypto_lskcipher_crypt(struct crypto_lskcipher *tfm, const u8 *src,
124 u8 *dst, unsigned len, u8 *iv,
125 int (*crypt)(struct crypto_lskcipher *tfm,
126 const u8 *src, u8 *dst,
127 unsigned len, u8 *iv,
128 u32 flags))
129 {
130 unsigned long alignmask = crypto_lskcipher_alignmask(tfm);
131
132 if (((unsigned long)src | (unsigned long)dst | (unsigned long)iv) &
133 alignmask)
134 return crypto_lskcipher_crypt_unaligned(tfm, src, dst, len, iv,
135 crypt);
136
137 return crypt(tfm, src, dst, len, iv, CRYPTO_LSKCIPHER_FLAG_FINAL);
138 }
139
140 int crypto_lskcipher_encrypt(struct crypto_lskcipher *tfm, const u8 *src,
141 u8 *dst, unsigned len, u8 *iv)
142 {
143 struct lskcipher_alg *alg = crypto_lskcipher_alg(tfm);
144
145 return crypto_lskcipher_crypt(tfm, src, dst, len, iv, alg->encrypt);
146 }
147 EXPORT_SYMBOL_GPL(crypto_lskcipher_encrypt);
148
149 int crypto_lskcipher_decrypt(struct crypto_lskcipher *tfm, const u8 *src,
150 u8 *dst, unsigned len, u8 *iv)
151 {
152 struct lskcipher_alg *alg = crypto_lskcipher_alg(tfm);
153
154 return crypto_lskcipher_crypt(tfm, src, dst, len, iv, alg->decrypt);
155 }
156 EXPORT_SYMBOL_GPL(crypto_lskcipher_decrypt);
157
158 static int crypto_lskcipher_crypt_sg(struct skcipher_request *req,
159 int (*crypt)(struct crypto_lskcipher *tfm,
160 const u8 *src, u8 *dst,
161 unsigned len, u8 *ivs,
162 u32 flags))
163 {
164 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
165 struct crypto_lskcipher **ctx = crypto_skcipher_ctx(skcipher);
166 u8 *ivs = skcipher_request_ctx(req);
167 struct crypto_lskcipher *tfm = *ctx;
168 struct skcipher_walk walk;
169 unsigned ivsize;
170 u32 flags;
171 int err;
172
173 ivsize = crypto_lskcipher_ivsize(tfm);
174 ivs = PTR_ALIGN(ivs, crypto_skcipher_alignmask(skcipher) + 1);
175
176 flags = req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP;
177
178 if (req->base.flags & CRYPTO_SKCIPHER_REQ_CONT)
179 flags |= CRYPTO_LSKCIPHER_FLAG_CONT;
180 else
181 memcpy(ivs, req->iv, ivsize);
182
183 if (!(req->base.flags & CRYPTO_SKCIPHER_REQ_NOTFINAL))
184 flags |= CRYPTO_LSKCIPHER_FLAG_FINAL;
185
186 err = skcipher_walk_virt(&walk, req, false);
187
188 while (walk.nbytes) {
189 err = crypt(tfm, walk.src.virt.addr, walk.dst.virt.addr,
190 walk.nbytes, ivs,
191 flags & ~(walk.nbytes == walk.total ?
192 0 : CRYPTO_LSKCIPHER_FLAG_FINAL));
193 err = skcipher_walk_done(&walk, err);
194 flags |= CRYPTO_LSKCIPHER_FLAG_CONT;
195 }
196
197 if (flags & CRYPTO_LSKCIPHER_FLAG_FINAL)
198 memcpy(req->iv, ivs, ivsize);
199
200 return err;
201 }
202
203 int crypto_lskcipher_encrypt_sg(struct skcipher_request *req)
204 {
205 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
206 struct crypto_lskcipher **ctx = crypto_skcipher_ctx(skcipher);
207 struct lskcipher_alg *alg = crypto_lskcipher_alg(*ctx);
208
209 return crypto_lskcipher_crypt_sg(req, alg->encrypt);
210 }
211
212 int crypto_lskcipher_decrypt_sg(struct skcipher_request *req)
213 {
214 struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
215 struct crypto_lskcipher **ctx = crypto_skcipher_ctx(skcipher);
216 struct lskcipher_alg *alg = crypto_lskcipher_alg(*ctx);
217
218 return crypto_lskcipher_crypt_sg(req, alg->decrypt);
219 }
220
221 static void crypto_lskcipher_exit_tfm(struct crypto_tfm *tfm)
222 {
223 struct crypto_lskcipher *skcipher = __crypto_lskcipher_cast(tfm);
224 struct lskcipher_alg *alg = crypto_lskcipher_alg(skcipher);
225
226 alg->exit(skcipher);
227 }
228
229 static int crypto_lskcipher_init_tfm(struct crypto_tfm *tfm)
230 {
231 struct crypto_lskcipher *skcipher = __crypto_lskcipher_cast(tfm);
232 struct lskcipher_alg *alg = crypto_lskcipher_alg(skcipher);
233
234 if (alg->exit)
235 skcipher->base.exit = crypto_lskcipher_exit_tfm;
236
237 if (alg->init)
238 return alg->init(skcipher);
239
240 return 0;
241 }
242
243 static void crypto_lskcipher_free_instance(struct crypto_instance *inst)
244 {
245 struct lskcipher_instance *skcipher =
246 container_of(inst, struct lskcipher_instance, s.base);
247
248 skcipher->free(skcipher);
249 }
250
251 static void __maybe_unused crypto_lskcipher_show(
252 struct seq_file *m, struct crypto_alg *alg)
253 {
254 struct lskcipher_alg *skcipher = __crypto_lskcipher_alg(alg);
255
256 seq_printf(m, "type : lskcipher\n");
257 seq_printf(m, "blocksize : %u\n", alg->cra_blocksize);
258 seq_printf(m, "min keysize : %u\n", skcipher->co.min_keysize);
259 seq_printf(m, "max keysize : %u\n", skcipher->co.max_keysize);
260 seq_printf(m, "ivsize : %u\n", skcipher->co.ivsize);
261 seq_printf(m, "chunksize : %u\n", skcipher->co.chunksize);
262 seq_printf(m, "statesize : %u\n", skcipher->co.statesize);
263 }
264
265 static int __maybe_unused crypto_lskcipher_report(
266 struct sk_buff *skb, struct crypto_alg *alg)
267 {
268 struct lskcipher_alg *skcipher = __crypto_lskcipher_alg(alg);
269 struct crypto_report_blkcipher rblkcipher;
270
271 memset(&rblkcipher, 0, sizeof(rblkcipher));
272
273 strscpy(rblkcipher.type, "lskcipher", sizeof(rblkcipher.type));
274 strscpy(rblkcipher.geniv, "<none>", sizeof(rblkcipher.geniv));
275
276 rblkcipher.blocksize = alg->cra_blocksize;
277 rblkcipher.min_keysize = skcipher->co.min_keysize;
278 rblkcipher.max_keysize = skcipher->co.max_keysize;
279 rblkcipher.ivsize = skcipher->co.ivsize;
280
281 return nla_put(skb, CRYPTOCFGA_REPORT_BLKCIPHER,
282 sizeof(rblkcipher), &rblkcipher);
283 }
284
285 static const struct crypto_type crypto_lskcipher_type = {
286 .extsize = crypto_alg_extsize,
287 .init_tfm = crypto_lskcipher_init_tfm,
288 .free = crypto_lskcipher_free_instance,
289 #ifdef CONFIG_PROC_FS
290 .show = crypto_lskcipher_show,
291 #endif
292 #if IS_ENABLED(CONFIG_CRYPTO_USER)
293 .report = crypto_lskcipher_report,
294 #endif
295 .maskclear = ~CRYPTO_ALG_TYPE_MASK,
296 .maskset = CRYPTO_ALG_TYPE_MASK,
297 .type = CRYPTO_ALG_TYPE_LSKCIPHER,
298 .tfmsize = offsetof(struct crypto_lskcipher, base),
299 };
300
301 static void crypto_lskcipher_exit_tfm_sg(struct crypto_tfm *tfm)
302 {
303 struct crypto_lskcipher **ctx = crypto_tfm_ctx(tfm);
304
305 crypto_free_lskcipher(*ctx);
306 }
307
308 int crypto_init_lskcipher_ops_sg(struct crypto_tfm *tfm)
309 {
310 struct crypto_lskcipher **ctx = crypto_tfm_ctx(tfm);
311 struct crypto_alg *calg = tfm->__crt_alg;
312 struct crypto_lskcipher *skcipher;
313
314 if (!crypto_mod_get(calg))
315 return -EAGAIN;
316
317 skcipher = crypto_create_tfm(calg, &crypto_lskcipher_type);
318 if (IS_ERR(skcipher)) {
319 crypto_mod_put(calg);
320 return PTR_ERR(skcipher);
321 }
322
323 *ctx = skcipher;
324 tfm->exit = crypto_lskcipher_exit_tfm_sg;
325
326 return 0;
327 }
328
329 int crypto_grab_lskcipher(struct crypto_lskcipher_spawn *spawn,
330 struct crypto_instance *inst,
331 const char *name, u32 type, u32 mask)
332 {
333 spawn->base.frontend = &crypto_lskcipher_type;
334 return crypto_grab_spawn(&spawn->base, inst, name, type, mask);
335 }
336 EXPORT_SYMBOL_GPL(crypto_grab_lskcipher);
337
338 struct crypto_lskcipher *crypto_alloc_lskcipher(const char *alg_name,
339 u32 type, u32 mask)
340 {
341 return crypto_alloc_tfm(alg_name, &crypto_lskcipher_type, type, mask);
342 }
343 EXPORT_SYMBOL_GPL(crypto_alloc_lskcipher);
344
345 static int lskcipher_prepare_alg(struct lskcipher_alg *alg)
346 {
347 struct crypto_alg *base = &alg->co.base;
348 int err;
349
350 err = skcipher_prepare_alg_common(&alg->co);
351 if (err)
352 return err;
353
354 if (alg->co.chunksize & (alg->co.chunksize - 1))
355 return -EINVAL;
356
357 base->cra_type = &crypto_lskcipher_type;
358 base->cra_flags |= CRYPTO_ALG_TYPE_LSKCIPHER;
359
360 return 0;
361 }
362
363 int crypto_register_lskcipher(struct lskcipher_alg *alg)
364 {
365 struct crypto_alg *base = &alg->co.base;
366 int err;
367
368 err = lskcipher_prepare_alg(alg);
369 if (err)
370 return err;
371
372 return crypto_register_alg(base);
373 }
374 EXPORT_SYMBOL_GPL(crypto_register_lskcipher);
375
376 void crypto_unregister_lskcipher(struct lskcipher_alg *alg)
377 {
378 crypto_unregister_alg(&alg->co.base);
379 }
380 EXPORT_SYMBOL_GPL(crypto_unregister_lskcipher);
381
382 int crypto_register_lskciphers(struct lskcipher_alg *algs, int count)
383 {
384 int i, ret;
385
386 for (i = 0; i < count; i++) {
387 ret = crypto_register_lskcipher(&algs[i]);
388 if (ret)
389 goto err;
390 }
391
392 return 0;
393
394 err:
395 for (--i; i >= 0; --i)
396 crypto_unregister_lskcipher(&algs[i]);
397
398 return ret;
399 }
400 EXPORT_SYMBOL_GPL(crypto_register_lskciphers);
401
402 void crypto_unregister_lskciphers(struct lskcipher_alg *algs, int count)
403 {
404 int i;
405
406 for (i = count - 1; i >= 0; --i)
407 crypto_unregister_lskcipher(&algs[i]);
408 }
409 EXPORT_SYMBOL_GPL(crypto_unregister_lskciphers);
410
411 int lskcipher_register_instance(struct crypto_template *tmpl,
412 struct lskcipher_instance *inst)
413 {
414 int err;
415
416 if (WARN_ON(!inst->free))
417 return -EINVAL;
418
419 err = lskcipher_prepare_alg(&inst->alg);
420 if (err)
421 return err;
422
423 return crypto_register_instance(tmpl, lskcipher_crypto_instance(inst));
424 }
425 EXPORT_SYMBOL_GPL(lskcipher_register_instance);
426
427 static int lskcipher_setkey_simple(struct crypto_lskcipher *tfm, const u8 *key,
428 unsigned int keylen)
429 {
430 struct crypto_lskcipher *cipher = lskcipher_cipher_simple(tfm);
431
432 crypto_lskcipher_clear_flags(cipher, CRYPTO_TFM_REQ_MASK);
433 crypto_lskcipher_set_flags(cipher, crypto_lskcipher_get_flags(tfm) &
434 CRYPTO_TFM_REQ_MASK);
435 return crypto_lskcipher_setkey(cipher, key, keylen);
436 }
437
438 static int lskcipher_init_tfm_simple(struct crypto_lskcipher *tfm)
439 {
440 struct lskcipher_instance *inst = lskcipher_alg_instance(tfm);
441 struct crypto_lskcipher **ctx = crypto_lskcipher_ctx(tfm);
442 struct crypto_lskcipher_spawn *spawn;
443 struct crypto_lskcipher *cipher;
444
445 spawn = lskcipher_instance_ctx(inst);
446 cipher = crypto_spawn_lskcipher(spawn);
447 if (IS_ERR(cipher))
448 return PTR_ERR(cipher);
449
450 *ctx = cipher;
451 return 0;
452 }
453
454 static void lskcipher_exit_tfm_simple(struct crypto_lskcipher *tfm)
455 {
456 struct crypto_lskcipher **ctx = crypto_lskcipher_ctx(tfm);
457
458 crypto_free_lskcipher(*ctx);
459 }
460
461 static void lskcipher_free_instance_simple(struct lskcipher_instance *inst)
462 {
463 crypto_drop_lskcipher(lskcipher_instance_ctx(inst));
464 kfree(inst);
465 }
466
467 /**
468 * lskcipher_alloc_instance_simple - allocate instance of simple block cipher
469 *
470 * Allocate an lskcipher_instance for a simple block cipher mode of operation,
471 * e.g. cbc or ecb. The instance context will have just a single crypto_spawn,
472 * that for the underlying cipher. The {min,max}_keysize, ivsize, blocksize,
473 * alignmask, and priority are set from the underlying cipher but can be
474 * overridden if needed. The tfm context defaults to
475 * struct crypto_lskcipher *, and default ->setkey(), ->init(), and
476 * ->exit() methods are installed.
477 *
478 * @tmpl: the template being instantiated
479 * @tb: the template parameters
480 *
481 * Return: a pointer to the new instance, or an ERR_PTR(). The caller still
482 * needs to register the instance.
483 */
484 struct lskcipher_instance *lskcipher_alloc_instance_simple(
485 struct crypto_template *tmpl, struct rtattr **tb)
486 {
487 u32 mask;
488 struct lskcipher_instance *inst;
489 struct crypto_lskcipher_spawn *spawn;
490 char ecb_name[CRYPTO_MAX_ALG_NAME];
491 struct lskcipher_alg *cipher_alg;
492 const char *cipher_name;
493 int err;
494
495 err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_LSKCIPHER, &mask);
496 if (err)
497 return ERR_PTR(err);
498
499 cipher_name = crypto_attr_alg_name(tb[1]);
500 if (IS_ERR(cipher_name))
501 return ERR_CAST(cipher_name);
502
503 inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL);
504 if (!inst)
505 return ERR_PTR(-ENOMEM);
506
507 spawn = lskcipher_instance_ctx(inst);
508 err = crypto_grab_lskcipher(spawn,
509 lskcipher_crypto_instance(inst),
510 cipher_name, 0, mask);
511
512 ecb_name[0] = 0;
513 if (err == -ENOENT && !!memcmp(tmpl->name, "ecb", 4)) {
514 err = -ENAMETOOLONG;
515 if (snprintf(ecb_name, CRYPTO_MAX_ALG_NAME, "ecb(%s)",
516 cipher_name) >= CRYPTO_MAX_ALG_NAME)
517 goto err_free_inst;
518
519 err = crypto_grab_lskcipher(spawn,
520 lskcipher_crypto_instance(inst),
521 ecb_name, 0, mask);
522 }
523
524 if (err)
525 goto err_free_inst;
526
527 cipher_alg = crypto_lskcipher_spawn_alg(spawn);
528
529 err = crypto_inst_setname(lskcipher_crypto_instance(inst), tmpl->name,
530 &cipher_alg->co.base);
531 if (err)
532 goto err_free_inst;
533
534 if (ecb_name[0]) {
535 int len;
536
537 err = -EINVAL;
538 len = strscpy(ecb_name, &cipher_alg->co.base.cra_name[4],
539 sizeof(ecb_name));
540 if (len < 2)
541 goto err_free_inst;
542
543 if (ecb_name[len - 1] != ')')
544 goto err_free_inst;
545
546 ecb_name[len - 1] = 0;
547
548 err = -ENAMETOOLONG;
549 if (snprintf(inst->alg.co.base.cra_name, CRYPTO_MAX_ALG_NAME,
550 "%s(%s)", tmpl->name, ecb_name) >=
551 CRYPTO_MAX_ALG_NAME)
552 goto err_free_inst;
553
554 if (strcmp(ecb_name, cipher_name) &&
555 snprintf(inst->alg.co.base.cra_driver_name,
556 CRYPTO_MAX_ALG_NAME,
557 "%s(%s)", tmpl->name, cipher_name) >=
558 CRYPTO_MAX_ALG_NAME)
559 goto err_free_inst;
560 } else {
561 /* Don't allow nesting. */
562 err = -ELOOP;
563 if ((cipher_alg->co.base.cra_flags & CRYPTO_ALG_INSTANCE))
564 goto err_free_inst;
565 }
566
567 err = -EINVAL;
568 if (cipher_alg->co.ivsize)
569 goto err_free_inst;
570
571 inst->free = lskcipher_free_instance_simple;
572
573 /* Default algorithm properties, can be overridden */
574 inst->alg.co.base.cra_blocksize = cipher_alg->co.base.cra_blocksize;
575 inst->alg.co.base.cra_alignmask = cipher_alg->co.base.cra_alignmask;
576 inst->alg.co.base.cra_priority = cipher_alg->co.base.cra_priority;
577 inst->alg.co.min_keysize = cipher_alg->co.min_keysize;
578 inst->alg.co.max_keysize = cipher_alg->co.max_keysize;
579 inst->alg.co.ivsize = cipher_alg->co.base.cra_blocksize;
580 inst->alg.co.statesize = cipher_alg->co.statesize;
581
582 /* Use struct crypto_lskcipher * by default, can be overridden */
583 inst->alg.co.base.cra_ctxsize = sizeof(struct crypto_lskcipher *);
584 inst->alg.setkey = lskcipher_setkey_simple;
585 inst->alg.init = lskcipher_init_tfm_simple;
586 inst->alg.exit = lskcipher_exit_tfm_simple;
587
588 return inst;
589
590 err_free_inst:
591 lskcipher_free_instance_simple(inst);
592 return ERR_PTR(err);
593 }
594 EXPORT_SYMBOL_GPL(lskcipher_alloc_instance_simple);
A mirror of Linus' kernel repository