1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Symmetric key cipher operations.
4 *
5 * Generic encrypt/decrypt wrapper for ciphers, handles operations across
6 * multiple page boundaries by using temporary blocks. In user context,
7 * the kernel is given a chance to schedule us once per page.
8 *
9 * Copyright (c) 2015 Herbert Xu <herbert@gondor.apana.org.au>
10 */
11
12 #include <crypto/internal/aead.h>
13 #include <crypto/internal/cipher.h>
14 #include <crypto/internal/skcipher.h>
15 #include <crypto/scatterwalk.h>
16 #include <linux/bug.h>
17 #include <linux/cryptouser.h>
18 #include <linux/err.h>
19 #include <linux/kernel.h>
20 #include <linux/module.h>
21 #include <linux/seq_file.h>
22 #include <linux/slab.h>
23 #include <linux/string.h>
24 #include <linux/string_choices.h>
25 #include <net/netlink.h>
26 #include "skcipher.h"
27
28 #define CRYPTO_ALG_TYPE_SKCIPHER_MASK 0x0000000e
29
30 static const struct crypto_type crypto_skcipher_type;
31
__crypto_skcipher_alg(struct crypto_alg * alg)32 static inline struct skcipher_alg *__crypto_skcipher_alg(
33 struct crypto_alg *alg)
34 {
35 return container_of(alg, struct skcipher_alg, base);
36 }
37
skcipher_walk_virt(struct skcipher_walk * __restrict walk,struct skcipher_request * __restrict req,bool atomic)38 int skcipher_walk_virt(struct skcipher_walk *__restrict walk,
39 struct skcipher_request *__restrict req, bool atomic)
40 {
41 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
42 struct skcipher_alg *alg;
43
44 might_sleep_if(req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP);
45
46 alg = crypto_skcipher_alg(tfm);
47
48 walk->total = req->cryptlen;
49 walk->nbytes = 0;
50 walk->iv = req->iv;
51 walk->oiv = req->iv;
52 if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP))
53 atomic = true;
54
55 if (unlikely(!walk->total))
56 return 0;
57
58 scatterwalk_start(&walk->in, req->src);
59 scatterwalk_start(&walk->out, req->dst);
60
61 walk->blocksize = crypto_skcipher_blocksize(tfm);
62 walk->ivsize = crypto_skcipher_ivsize(tfm);
63 walk->alignmask = crypto_skcipher_alignmask(tfm);
64
65 if (alg->co.base.cra_type != &crypto_skcipher_type)
66 walk->stride = alg->co.chunksize;
67 else
68 walk->stride = alg->walksize;
69
70 return skcipher_walk_first(walk, atomic);
71 }
72 EXPORT_SYMBOL_GPL(skcipher_walk_virt);
73
skcipher_walk_aead_common(struct skcipher_walk * __restrict walk,struct aead_request * __restrict req,bool atomic)74 static int skcipher_walk_aead_common(struct skcipher_walk *__restrict walk,
75 struct aead_request *__restrict req,
76 bool atomic)
77 {
78 struct crypto_aead *tfm = crypto_aead_reqtfm(req);
79
80 walk->nbytes = 0;
81 walk->iv = req->iv;
82 walk->oiv = req->iv;
83 if (!(req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP))
84 atomic = true;
85
86 if (unlikely(!walk->total))
87 return 0;
88
89 scatterwalk_start_at_pos(&walk->in, req->src, req->assoclen);
90 scatterwalk_start_at_pos(&walk->out, req->dst, req->assoclen);
91
92 walk->blocksize = crypto_aead_blocksize(tfm);
93 walk->stride = crypto_aead_chunksize(tfm);
94 walk->ivsize = crypto_aead_ivsize(tfm);
95 walk->alignmask = crypto_aead_alignmask(tfm);
96
97 return skcipher_walk_first(walk, atomic);
98 }
99
skcipher_walk_aead_encrypt(struct skcipher_walk * __restrict walk,struct aead_request * __restrict req,bool atomic)100 int skcipher_walk_aead_encrypt(struct skcipher_walk *__restrict walk,
101 struct aead_request *__restrict req,
102 bool atomic)
103 {
104 walk->total = req->cryptlen;
105
106 return skcipher_walk_aead_common(walk, req, atomic);
107 }
108 EXPORT_SYMBOL_GPL(skcipher_walk_aead_encrypt);
109
skcipher_walk_aead_decrypt(struct skcipher_walk * __restrict walk,struct aead_request * __restrict req,bool atomic)110 int skcipher_walk_aead_decrypt(struct skcipher_walk *__restrict walk,
111 struct aead_request *__restrict req,
112 bool atomic)
113 {
114 struct crypto_aead *tfm = crypto_aead_reqtfm(req);
115
116 walk->total = req->cryptlen - crypto_aead_authsize(tfm);
117
118 return skcipher_walk_aead_common(walk, req, atomic);
119 }
120 EXPORT_SYMBOL_GPL(skcipher_walk_aead_decrypt);
121
skcipher_set_needkey(struct crypto_skcipher * tfm)122 static void skcipher_set_needkey(struct crypto_skcipher *tfm)
123 {
124 if (crypto_skcipher_max_keysize(tfm) != 0)
125 crypto_skcipher_set_flags(tfm, CRYPTO_TFM_NEED_KEY);
126 }
127
skcipher_setkey_unaligned(struct crypto_skcipher * tfm,const u8 * key,unsigned int keylen)128 static int skcipher_setkey_unaligned(struct crypto_skcipher *tfm,
129 const u8 *key, unsigned int keylen)
130 {
131 unsigned long alignmask = crypto_skcipher_alignmask(tfm);
132 struct skcipher_alg *cipher = crypto_skcipher_alg(tfm);
133 u8 *buffer, *alignbuffer;
134 unsigned long absize;
135 int ret;
136
137 absize = keylen + alignmask;
138 buffer = kmalloc(absize, GFP_ATOMIC);
139 if (!buffer)
140 return -ENOMEM;
141
142 alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
143 memcpy(alignbuffer, key, keylen);
144 ret = cipher->setkey(tfm, alignbuffer, keylen);
145 kfree_sensitive(buffer);
146 return ret;
147 }
148
crypto_skcipher_setkey(struct crypto_skcipher * tfm,const u8 * key,unsigned int keylen)149 int crypto_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key,
150 unsigned int keylen)
151 {
152 struct skcipher_alg *cipher = crypto_skcipher_alg(tfm);
153 unsigned long alignmask = crypto_skcipher_alignmask(tfm);
154 int err;
155
156 if (cipher->co.base.cra_type != &crypto_skcipher_type) {
157 struct crypto_lskcipher **ctx = crypto_skcipher_ctx(tfm);
158
159 crypto_lskcipher_clear_flags(*ctx, CRYPTO_TFM_REQ_MASK);
160 crypto_lskcipher_set_flags(*ctx,
161 crypto_skcipher_get_flags(tfm) &
162 CRYPTO_TFM_REQ_MASK);
163 err = crypto_lskcipher_setkey(*ctx, key, keylen);
164 goto out;
165 }
166
167 if (keylen < cipher->min_keysize || keylen > cipher->max_keysize)
168 return -EINVAL;
169
170 if ((unsigned long)key & alignmask)
171 err = skcipher_setkey_unaligned(tfm, key, keylen);
172 else
173 err = cipher->setkey(tfm, key, keylen);
174
175 out:
176 if (unlikely(err)) {
177 skcipher_set_needkey(tfm);
178 return err;
179 }
180
181 crypto_skcipher_clear_flags(tfm, CRYPTO_TFM_NEED_KEY);
182 return 0;
183 }
184 EXPORT_SYMBOL_GPL(crypto_skcipher_setkey);
185
crypto_skcipher_encrypt(struct skcipher_request * req)186 int crypto_skcipher_encrypt(struct skcipher_request *req)
187 {
188 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
189 struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
190
191 if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
192 return -ENOKEY;
193 if (alg->co.base.cra_type != &crypto_skcipher_type)
194 return crypto_lskcipher_encrypt_sg(req);
195 return alg->encrypt(req);
196 }
197 EXPORT_SYMBOL_GPL(crypto_skcipher_encrypt);
198
crypto_skcipher_decrypt(struct skcipher_request * req)199 int crypto_skcipher_decrypt(struct skcipher_request *req)
200 {
201 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
202 struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
203
204 if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
205 return -ENOKEY;
206 if (alg->co.base.cra_type != &crypto_skcipher_type)
207 return crypto_lskcipher_decrypt_sg(req);
208 return alg->decrypt(req);
209 }
210 EXPORT_SYMBOL_GPL(crypto_skcipher_decrypt);
211
crypto_lskcipher_export(struct skcipher_request * req,void * out)212 static int crypto_lskcipher_export(struct skcipher_request *req, void *out)
213 {
214 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
215 u8 *ivs = skcipher_request_ctx(req);
216
217 ivs = PTR_ALIGN(ivs, crypto_skcipher_alignmask(tfm) + 1);
218
219 memcpy(out, ivs + crypto_skcipher_ivsize(tfm),
220 crypto_skcipher_statesize(tfm));
221
222 return 0;
223 }
224
crypto_lskcipher_import(struct skcipher_request * req,const void * in)225 static int crypto_lskcipher_import(struct skcipher_request *req, const void *in)
226 {
227 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
228 u8 *ivs = skcipher_request_ctx(req);
229
230 ivs = PTR_ALIGN(ivs, crypto_skcipher_alignmask(tfm) + 1);
231
232 memcpy(ivs + crypto_skcipher_ivsize(tfm), in,
233 crypto_skcipher_statesize(tfm));
234
235 return 0;
236 }
237
skcipher_noexport(struct skcipher_request * req,void * out)238 static int skcipher_noexport(struct skcipher_request *req, void *out)
239 {
240 return 0;
241 }
242
skcipher_noimport(struct skcipher_request * req,const void * in)243 static int skcipher_noimport(struct skcipher_request *req, const void *in)
244 {
245 return 0;
246 }
247
crypto_skcipher_export(struct skcipher_request * req,void * out)248 int crypto_skcipher_export(struct skcipher_request *req, void *out)
249 {
250 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
251 struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
252
253 if (alg->co.base.cra_type != &crypto_skcipher_type)
254 return crypto_lskcipher_export(req, out);
255 return alg->export(req, out);
256 }
257 EXPORT_SYMBOL_GPL(crypto_skcipher_export);
258
crypto_skcipher_import(struct skcipher_request * req,const void * in)259 int crypto_skcipher_import(struct skcipher_request *req, const void *in)
260 {
261 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
262 struct skcipher_alg *alg = crypto_skcipher_alg(tfm);
263
264 if (alg->co.base.cra_type != &crypto_skcipher_type)
265 return crypto_lskcipher_import(req, in);
266 return alg->import(req, in);
267 }
268 EXPORT_SYMBOL_GPL(crypto_skcipher_import);
269
crypto_skcipher_exit_tfm(struct crypto_tfm * tfm)270 static void crypto_skcipher_exit_tfm(struct crypto_tfm *tfm)
271 {
272 struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
273 struct skcipher_alg *alg = crypto_skcipher_alg(skcipher);
274
275 alg->exit(skcipher);
276 }
277
crypto_skcipher_init_tfm(struct crypto_tfm * tfm)278 static int crypto_skcipher_init_tfm(struct crypto_tfm *tfm)
279 {
280 struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
281 struct skcipher_alg *alg = crypto_skcipher_alg(skcipher);
282
283 skcipher_set_needkey(skcipher);
284
285 if (tfm->__crt_alg->cra_type != &crypto_skcipher_type) {
286 unsigned am = crypto_skcipher_alignmask(skcipher);
287 unsigned reqsize;
288
289 reqsize = am & ~(crypto_tfm_ctx_alignment() - 1);
290 reqsize += crypto_skcipher_ivsize(skcipher);
291 reqsize += crypto_skcipher_statesize(skcipher);
292 crypto_skcipher_set_reqsize(skcipher, reqsize);
293
294 return crypto_init_lskcipher_ops_sg(tfm);
295 }
296
297 crypto_skcipher_set_reqsize(skcipher, crypto_tfm_alg_reqsize(tfm));
298
299 if (alg->exit)
300 skcipher->base.exit = crypto_skcipher_exit_tfm;
301
302 if (alg->init)
303 return alg->init(skcipher);
304
305 return 0;
306 }
307
crypto_skcipher_extsize(struct crypto_alg * alg)308 static unsigned int crypto_skcipher_extsize(struct crypto_alg *alg)
309 {
310 if (alg->cra_type != &crypto_skcipher_type)
311 return sizeof(struct crypto_lskcipher *);
312
313 return crypto_alg_extsize(alg);
314 }
315
crypto_skcipher_free_instance(struct crypto_instance * inst)316 static void crypto_skcipher_free_instance(struct crypto_instance *inst)
317 {
318 struct skcipher_instance *skcipher =
319 container_of(inst, struct skcipher_instance, s.base);
320
321 skcipher->free(skcipher);
322 }
323
324 static void crypto_skcipher_show(struct seq_file *m, struct crypto_alg *alg)
325 __maybe_unused;
crypto_skcipher_show(struct seq_file * m,struct crypto_alg * alg)326 static void crypto_skcipher_show(struct seq_file *m, struct crypto_alg *alg)
327 {
328 struct skcipher_alg *skcipher = __crypto_skcipher_alg(alg);
329
330 seq_printf(m, "type : skcipher\n");
331 seq_printf(m, "async : %s\n",
332 str_yes_no(alg->cra_flags & CRYPTO_ALG_ASYNC));
333 seq_printf(m, "blocksize : %u\n", alg->cra_blocksize);
334 seq_printf(m, "min keysize : %u\n", skcipher->min_keysize);
335 seq_printf(m, "max keysize : %u\n", skcipher->max_keysize);
336 seq_printf(m, "ivsize : %u\n", skcipher->ivsize);
337 seq_printf(m, "chunksize : %u\n", skcipher->chunksize);
338 seq_printf(m, "walksize : %u\n", skcipher->walksize);
339 seq_printf(m, "statesize : %u\n", skcipher->statesize);
340 }
341
crypto_skcipher_report(struct sk_buff * skb,struct crypto_alg * alg)342 static int __maybe_unused crypto_skcipher_report(
343 struct sk_buff *skb, struct crypto_alg *alg)
344 {
345 struct skcipher_alg *skcipher = __crypto_skcipher_alg(alg);
346 struct crypto_report_blkcipher rblkcipher;
347
348 memset(&rblkcipher, 0, sizeof(rblkcipher));
349
350 strscpy(rblkcipher.type, "skcipher", sizeof(rblkcipher.type));
351 strscpy(rblkcipher.geniv, "<none>", sizeof(rblkcipher.geniv));
352
353 rblkcipher.blocksize = alg->cra_blocksize;
354 rblkcipher.min_keysize = skcipher->min_keysize;
355 rblkcipher.max_keysize = skcipher->max_keysize;
356 rblkcipher.ivsize = skcipher->ivsize;
357
358 return nla_put(skb, CRYPTOCFGA_REPORT_BLKCIPHER,
359 sizeof(rblkcipher), &rblkcipher);
360 }
361
362 static const struct crypto_type crypto_skcipher_type = {
363 .extsize = crypto_skcipher_extsize,
364 .init_tfm = crypto_skcipher_init_tfm,
365 .free = crypto_skcipher_free_instance,
366 #ifdef CONFIG_PROC_FS
367 .show = crypto_skcipher_show,
368 #endif
369 #if IS_ENABLED(CONFIG_CRYPTO_USER)
370 .report = crypto_skcipher_report,
371 #endif
372 .maskclear = ~CRYPTO_ALG_TYPE_MASK,
373 .maskset = CRYPTO_ALG_TYPE_SKCIPHER_MASK,
374 .type = CRYPTO_ALG_TYPE_SKCIPHER,
375 .tfmsize = offsetof(struct crypto_skcipher, base),
376 .algsize = offsetof(struct skcipher_alg, base),
377 };
378
crypto_grab_skcipher(struct crypto_skcipher_spawn * spawn,struct crypto_instance * inst,const char * name,u32 type,u32 mask)379 int crypto_grab_skcipher(struct crypto_skcipher_spawn *spawn,
380 struct crypto_instance *inst,
381 const char *name, u32 type, u32 mask)
382 {
383 spawn->base.frontend = &crypto_skcipher_type;
384 return crypto_grab_spawn(&spawn->base, inst, name, type, mask);
385 }
386 EXPORT_SYMBOL_GPL(crypto_grab_skcipher);
387
crypto_alloc_skcipher(const char * alg_name,u32 type,u32 mask)388 struct crypto_skcipher *crypto_alloc_skcipher(const char *alg_name,
389 u32 type, u32 mask)
390 {
391 return crypto_alloc_tfm(alg_name, &crypto_skcipher_type, type, mask);
392 }
393 EXPORT_SYMBOL_GPL(crypto_alloc_skcipher);
394
crypto_alloc_sync_skcipher(const char * alg_name,u32 type,u32 mask)395 struct crypto_sync_skcipher *crypto_alloc_sync_skcipher(
396 const char *alg_name, u32 type, u32 mask)
397 {
398 struct crypto_skcipher *tfm;
399
400 /* Only sync algorithms allowed. */
401 mask |= CRYPTO_ALG_ASYNC | CRYPTO_ALG_SKCIPHER_REQSIZE_LARGE;
402 type &= ~(CRYPTO_ALG_ASYNC | CRYPTO_ALG_SKCIPHER_REQSIZE_LARGE);
403
404 tfm = crypto_alloc_tfm(alg_name, &crypto_skcipher_type, type, mask);
405
406 /*
407 * Make sure we do not allocate something that might get used with
408 * an on-stack request: check the request size.
409 */
410 if (!IS_ERR(tfm) && WARN_ON(crypto_skcipher_reqsize(tfm) >
411 MAX_SYNC_SKCIPHER_REQSIZE)) {
412 crypto_free_skcipher(tfm);
413 return ERR_PTR(-EINVAL);
414 }
415
416 return (struct crypto_sync_skcipher *)tfm;
417 }
418 EXPORT_SYMBOL_GPL(crypto_alloc_sync_skcipher);
419
crypto_has_skcipher(const char * alg_name,u32 type,u32 mask)420 int crypto_has_skcipher(const char *alg_name, u32 type, u32 mask)
421 {
422 return crypto_type_has_alg(alg_name, &crypto_skcipher_type, type, mask);
423 }
424 EXPORT_SYMBOL_GPL(crypto_has_skcipher);
425
skcipher_prepare_alg_common(struct skcipher_alg_common * alg)426 int skcipher_prepare_alg_common(struct skcipher_alg_common *alg)
427 {
428 struct crypto_alg *base = &alg->base;
429
430 if (alg->ivsize > PAGE_SIZE / 8 || alg->chunksize > PAGE_SIZE / 8 ||
431 alg->statesize > PAGE_SIZE / 2 ||
432 (alg->ivsize + alg->statesize) > PAGE_SIZE / 2)
433 return -EINVAL;
434
435 if (!alg->chunksize)
436 alg->chunksize = base->cra_blocksize;
437
438 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK;
439
440 return 0;
441 }
442
skcipher_prepare_alg(struct skcipher_alg * alg)443 static int skcipher_prepare_alg(struct skcipher_alg *alg)
444 {
445 struct crypto_alg *base = &alg->base;
446 int err;
447
448 err = skcipher_prepare_alg_common(&alg->co);
449 if (err)
450 return err;
451
452 if (alg->walksize > PAGE_SIZE / 8)
453 return -EINVAL;
454
455 if (!alg->walksize)
456 alg->walksize = alg->chunksize;
457
458 if (!alg->statesize) {
459 alg->import = skcipher_noimport;
460 alg->export = skcipher_noexport;
461 } else if (!(alg->import && alg->export))
462 return -EINVAL;
463
464 base->cra_type = &crypto_skcipher_type;
465 base->cra_flags |= CRYPTO_ALG_TYPE_SKCIPHER;
466
467 return 0;
468 }
469
crypto_register_skcipher(struct skcipher_alg * alg)470 int crypto_register_skcipher(struct skcipher_alg *alg)
471 {
472 struct crypto_alg *base = &alg->base;
473 int err;
474
475 err = skcipher_prepare_alg(alg);
476 if (err)
477 return err;
478
479 return crypto_register_alg(base);
480 }
481 EXPORT_SYMBOL_GPL(crypto_register_skcipher);
482
crypto_unregister_skcipher(struct skcipher_alg * alg)483 void crypto_unregister_skcipher(struct skcipher_alg *alg)
484 {
485 crypto_unregister_alg(&alg->base);
486 }
487 EXPORT_SYMBOL_GPL(crypto_unregister_skcipher);
488
crypto_register_skciphers(struct skcipher_alg * algs,int count)489 int crypto_register_skciphers(struct skcipher_alg *algs, int count)
490 {
491 int i, ret;
492
493 for (i = 0; i < count; i++) {
494 ret = crypto_register_skcipher(&algs[i]);
495 if (ret)
496 goto err;
497 }
498
499 return 0;
500
501 err:
502 for (--i; i >= 0; --i)
503 crypto_unregister_skcipher(&algs[i]);
504
505 return ret;
506 }
507 EXPORT_SYMBOL_GPL(crypto_register_skciphers);
508
crypto_unregister_skciphers(struct skcipher_alg * algs,int count)509 void crypto_unregister_skciphers(struct skcipher_alg *algs, int count)
510 {
511 int i;
512
513 for (i = count - 1; i >= 0; --i)
514 crypto_unregister_skcipher(&algs[i]);
515 }
516 EXPORT_SYMBOL_GPL(crypto_unregister_skciphers);
517
skcipher_register_instance(struct crypto_template * tmpl,struct skcipher_instance * inst)518 int skcipher_register_instance(struct crypto_template *tmpl,
519 struct skcipher_instance *inst)
520 {
521 int err;
522
523 if (WARN_ON(!inst->free))
524 return -EINVAL;
525
526 err = skcipher_prepare_alg(&inst->alg);
527 if (err)
528 return err;
529
530 return crypto_register_instance(tmpl, skcipher_crypto_instance(inst));
531 }
532 EXPORT_SYMBOL_GPL(skcipher_register_instance);
533
skcipher_setkey_simple(struct crypto_skcipher * tfm,const u8 * key,unsigned int keylen)534 static int skcipher_setkey_simple(struct crypto_skcipher *tfm, const u8 *key,
535 unsigned int keylen)
536 {
537 struct crypto_cipher *cipher = skcipher_cipher_simple(tfm);
538
539 crypto_cipher_clear_flags(cipher, CRYPTO_TFM_REQ_MASK);
540 crypto_cipher_set_flags(cipher, crypto_skcipher_get_flags(tfm) &
541 CRYPTO_TFM_REQ_MASK);
542 return crypto_cipher_setkey(cipher, key, keylen);
543 }
544
skcipher_init_tfm_simple(struct crypto_skcipher * tfm)545 static int skcipher_init_tfm_simple(struct crypto_skcipher *tfm)
546 {
547 struct skcipher_instance *inst = skcipher_alg_instance(tfm);
548 struct crypto_cipher_spawn *spawn = skcipher_instance_ctx(inst);
549 struct skcipher_ctx_simple *ctx = crypto_skcipher_ctx(tfm);
550 struct crypto_cipher *cipher;
551
552 cipher = crypto_spawn_cipher(spawn);
553 if (IS_ERR(cipher))
554 return PTR_ERR(cipher);
555
556 ctx->cipher = cipher;
557 return 0;
558 }
559
skcipher_exit_tfm_simple(struct crypto_skcipher * tfm)560 static void skcipher_exit_tfm_simple(struct crypto_skcipher *tfm)
561 {
562 struct skcipher_ctx_simple *ctx = crypto_skcipher_ctx(tfm);
563
564 crypto_free_cipher(ctx->cipher);
565 }
566
skcipher_free_instance_simple(struct skcipher_instance * inst)567 static void skcipher_free_instance_simple(struct skcipher_instance *inst)
568 {
569 crypto_drop_cipher(skcipher_instance_ctx(inst));
570 kfree(inst);
571 }
572
573 /**
574 * skcipher_alloc_instance_simple - allocate instance of simple block cipher mode
575 *
576 * Allocate an skcipher_instance for a simple block cipher mode of operation,
577 * e.g. cbc or ecb. The instance context will have just a single crypto_spawn,
578 * that for the underlying cipher. The {min,max}_keysize, ivsize, blocksize,
579 * alignmask, and priority are set from the underlying cipher but can be
580 * overridden if needed. The tfm context defaults to skcipher_ctx_simple, and
581 * default ->setkey(), ->init(), and ->exit() methods are installed.
582 *
583 * @tmpl: the template being instantiated
584 * @tb: the template parameters
585 *
586 * Return: a pointer to the new instance, or an ERR_PTR(). The caller still
587 * needs to register the instance.
588 */
skcipher_alloc_instance_simple(struct crypto_template * tmpl,struct rtattr ** tb)589 struct skcipher_instance *skcipher_alloc_instance_simple(
590 struct crypto_template *tmpl, struct rtattr **tb)
591 {
592 u32 mask;
593 struct skcipher_instance *inst;
594 struct crypto_cipher_spawn *spawn;
595 struct crypto_alg *cipher_alg;
596 int err;
597
598 err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_SKCIPHER, &mask);
599 if (err)
600 return ERR_PTR(err);
601
602 inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL);
603 if (!inst)
604 return ERR_PTR(-ENOMEM);
605 spawn = skcipher_instance_ctx(inst);
606
607 err = crypto_grab_cipher(spawn, skcipher_crypto_instance(inst),
608 crypto_attr_alg_name(tb[1]), 0, mask);
609 if (err)
610 goto err_free_inst;
611 cipher_alg = crypto_spawn_cipher_alg(spawn);
612
613 err = crypto_inst_setname(skcipher_crypto_instance(inst), tmpl->name,
614 cipher_alg);
615 if (err)
616 goto err_free_inst;
617
618 inst->free = skcipher_free_instance_simple;
619
620 /* Default algorithm properties, can be overridden */
621 inst->alg.base.cra_blocksize = cipher_alg->cra_blocksize;
622 inst->alg.base.cra_alignmask = cipher_alg->cra_alignmask;
623 inst->alg.base.cra_priority = cipher_alg->cra_priority;
624 inst->alg.min_keysize = cipher_alg->cra_cipher.cia_min_keysize;
625 inst->alg.max_keysize = cipher_alg->cra_cipher.cia_max_keysize;
626 inst->alg.ivsize = cipher_alg->cra_blocksize;
627
628 /* Use skcipher_ctx_simple by default, can be overridden */
629 inst->alg.base.cra_ctxsize = sizeof(struct skcipher_ctx_simple);
630 inst->alg.setkey = skcipher_setkey_simple;
631 inst->alg.init = skcipher_init_tfm_simple;
632 inst->alg.exit = skcipher_exit_tfm_simple;
633
634 return inst;
635
636 err_free_inst:
637 skcipher_free_instance_simple(inst);
638 return ERR_PTR(err);
639 }
640 EXPORT_SYMBOL_GPL(skcipher_alloc_instance_simple);
641
642 MODULE_LICENSE("GPL");
643 MODULE_DESCRIPTION("Symmetric key cipher type");
644 MODULE_IMPORT_NS("CRYPTO_INTERNAL");
645