18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-or-later 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * geniv: Shared IV generator code 48c2ecf20Sopenharmony_ci * 58c2ecf20Sopenharmony_ci * This file provides common code to IV generators such as seqiv. 68c2ecf20Sopenharmony_ci * 78c2ecf20Sopenharmony_ci * Copyright (c) 2007-2019 Herbert Xu <herbert@gondor.apana.org.au> 88c2ecf20Sopenharmony_ci */ 98c2ecf20Sopenharmony_ci 108c2ecf20Sopenharmony_ci#include <crypto/internal/geniv.h> 118c2ecf20Sopenharmony_ci#include <crypto/internal/rng.h> 128c2ecf20Sopenharmony_ci#include <crypto/null.h> 138c2ecf20Sopenharmony_ci#include <linux/err.h> 148c2ecf20Sopenharmony_ci#include <linux/kernel.h> 158c2ecf20Sopenharmony_ci#include <linux/module.h> 168c2ecf20Sopenharmony_ci#include <linux/rtnetlink.h> 178c2ecf20Sopenharmony_ci#include <linux/slab.h> 188c2ecf20Sopenharmony_ci 198c2ecf20Sopenharmony_cistatic int aead_geniv_setkey(struct crypto_aead *tfm, 208c2ecf20Sopenharmony_ci const u8 *key, unsigned int keylen) 218c2ecf20Sopenharmony_ci{ 228c2ecf20Sopenharmony_ci struct aead_geniv_ctx *ctx = crypto_aead_ctx(tfm); 238c2ecf20Sopenharmony_ci 248c2ecf20Sopenharmony_ci return crypto_aead_setkey(ctx->child, key, keylen); 258c2ecf20Sopenharmony_ci} 268c2ecf20Sopenharmony_ci 278c2ecf20Sopenharmony_cistatic int aead_geniv_setauthsize(struct crypto_aead *tfm, 288c2ecf20Sopenharmony_ci unsigned int authsize) 298c2ecf20Sopenharmony_ci{ 308c2ecf20Sopenharmony_ci struct aead_geniv_ctx *ctx = crypto_aead_ctx(tfm); 318c2ecf20Sopenharmony_ci 328c2ecf20Sopenharmony_ci return crypto_aead_setauthsize(ctx->child, authsize); 338c2ecf20Sopenharmony_ci} 348c2ecf20Sopenharmony_ci 358c2ecf20Sopenharmony_cistatic void aead_geniv_free(struct aead_instance *inst) 368c2ecf20Sopenharmony_ci{ 378c2ecf20Sopenharmony_ci crypto_drop_aead(aead_instance_ctx(inst)); 388c2ecf20Sopenharmony_ci kfree(inst); 398c2ecf20Sopenharmony_ci} 408c2ecf20Sopenharmony_ci 418c2ecf20Sopenharmony_cistruct aead_instance *aead_geniv_alloc(struct crypto_template *tmpl, 428c2ecf20Sopenharmony_ci struct rtattr **tb) 438c2ecf20Sopenharmony_ci{ 448c2ecf20Sopenharmony_ci struct crypto_aead_spawn *spawn; 458c2ecf20Sopenharmony_ci struct aead_instance *inst; 468c2ecf20Sopenharmony_ci struct aead_alg *alg; 478c2ecf20Sopenharmony_ci unsigned int ivsize; 488c2ecf20Sopenharmony_ci unsigned int maxauthsize; 498c2ecf20Sopenharmony_ci u32 mask; 508c2ecf20Sopenharmony_ci int err; 518c2ecf20Sopenharmony_ci 528c2ecf20Sopenharmony_ci err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_AEAD, &mask); 538c2ecf20Sopenharmony_ci if (err) 548c2ecf20Sopenharmony_ci return ERR_PTR(err); 558c2ecf20Sopenharmony_ci 568c2ecf20Sopenharmony_ci inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); 578c2ecf20Sopenharmony_ci if (!inst) 588c2ecf20Sopenharmony_ci return ERR_PTR(-ENOMEM); 598c2ecf20Sopenharmony_ci 608c2ecf20Sopenharmony_ci spawn = aead_instance_ctx(inst); 618c2ecf20Sopenharmony_ci 628c2ecf20Sopenharmony_ci err = crypto_grab_aead(spawn, aead_crypto_instance(inst), 638c2ecf20Sopenharmony_ci crypto_attr_alg_name(tb[1]), 0, mask); 648c2ecf20Sopenharmony_ci if (err) 658c2ecf20Sopenharmony_ci goto err_free_inst; 668c2ecf20Sopenharmony_ci 678c2ecf20Sopenharmony_ci alg = crypto_spawn_aead_alg(spawn); 688c2ecf20Sopenharmony_ci 698c2ecf20Sopenharmony_ci ivsize = crypto_aead_alg_ivsize(alg); 708c2ecf20Sopenharmony_ci maxauthsize = crypto_aead_alg_maxauthsize(alg); 718c2ecf20Sopenharmony_ci 728c2ecf20Sopenharmony_ci err = -EINVAL; 738c2ecf20Sopenharmony_ci if (ivsize < sizeof(u64)) 748c2ecf20Sopenharmony_ci goto err_free_inst; 758c2ecf20Sopenharmony_ci 768c2ecf20Sopenharmony_ci err = -ENAMETOOLONG; 778c2ecf20Sopenharmony_ci if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, 788c2ecf20Sopenharmony_ci "%s(%s)", tmpl->name, alg->base.cra_name) >= 798c2ecf20Sopenharmony_ci CRYPTO_MAX_ALG_NAME) 808c2ecf20Sopenharmony_ci goto err_free_inst; 818c2ecf20Sopenharmony_ci if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, 828c2ecf20Sopenharmony_ci "%s(%s)", tmpl->name, alg->base.cra_driver_name) >= 838c2ecf20Sopenharmony_ci CRYPTO_MAX_ALG_NAME) 848c2ecf20Sopenharmony_ci goto err_free_inst; 858c2ecf20Sopenharmony_ci 868c2ecf20Sopenharmony_ci inst->alg.base.cra_priority = alg->base.cra_priority; 878c2ecf20Sopenharmony_ci inst->alg.base.cra_blocksize = alg->base.cra_blocksize; 888c2ecf20Sopenharmony_ci inst->alg.base.cra_alignmask = alg->base.cra_alignmask; 898c2ecf20Sopenharmony_ci inst->alg.base.cra_ctxsize = sizeof(struct aead_geniv_ctx); 908c2ecf20Sopenharmony_ci 918c2ecf20Sopenharmony_ci inst->alg.setkey = aead_geniv_setkey; 928c2ecf20Sopenharmony_ci inst->alg.setauthsize = aead_geniv_setauthsize; 938c2ecf20Sopenharmony_ci 948c2ecf20Sopenharmony_ci inst->alg.ivsize = ivsize; 958c2ecf20Sopenharmony_ci inst->alg.maxauthsize = maxauthsize; 968c2ecf20Sopenharmony_ci 978c2ecf20Sopenharmony_ci inst->free = aead_geniv_free; 988c2ecf20Sopenharmony_ci 998c2ecf20Sopenharmony_ciout: 1008c2ecf20Sopenharmony_ci return inst; 1018c2ecf20Sopenharmony_ci 1028c2ecf20Sopenharmony_cierr_free_inst: 1038c2ecf20Sopenharmony_ci aead_geniv_free(inst); 1048c2ecf20Sopenharmony_ci inst = ERR_PTR(err); 1058c2ecf20Sopenharmony_ci goto out; 1068c2ecf20Sopenharmony_ci} 1078c2ecf20Sopenharmony_ciEXPORT_SYMBOL_GPL(aead_geniv_alloc); 1088c2ecf20Sopenharmony_ci 1098c2ecf20Sopenharmony_ciint aead_init_geniv(struct crypto_aead *aead) 1108c2ecf20Sopenharmony_ci{ 1118c2ecf20Sopenharmony_ci struct aead_geniv_ctx *ctx = crypto_aead_ctx(aead); 1128c2ecf20Sopenharmony_ci struct aead_instance *inst = aead_alg_instance(aead); 1138c2ecf20Sopenharmony_ci struct crypto_aead *child; 1148c2ecf20Sopenharmony_ci int err; 1158c2ecf20Sopenharmony_ci 1168c2ecf20Sopenharmony_ci spin_lock_init(&ctx->lock); 1178c2ecf20Sopenharmony_ci 1188c2ecf20Sopenharmony_ci err = crypto_get_default_rng(); 1198c2ecf20Sopenharmony_ci if (err) 1208c2ecf20Sopenharmony_ci goto out; 1218c2ecf20Sopenharmony_ci 1228c2ecf20Sopenharmony_ci err = crypto_rng_get_bytes(crypto_default_rng, ctx->salt, 1238c2ecf20Sopenharmony_ci crypto_aead_ivsize(aead)); 1248c2ecf20Sopenharmony_ci crypto_put_default_rng(); 1258c2ecf20Sopenharmony_ci if (err) 1268c2ecf20Sopenharmony_ci goto out; 1278c2ecf20Sopenharmony_ci 1288c2ecf20Sopenharmony_ci ctx->sknull = crypto_get_default_null_skcipher(); 1298c2ecf20Sopenharmony_ci err = PTR_ERR(ctx->sknull); 1308c2ecf20Sopenharmony_ci if (IS_ERR(ctx->sknull)) 1318c2ecf20Sopenharmony_ci goto out; 1328c2ecf20Sopenharmony_ci 1338c2ecf20Sopenharmony_ci child = crypto_spawn_aead(aead_instance_ctx(inst)); 1348c2ecf20Sopenharmony_ci err = PTR_ERR(child); 1358c2ecf20Sopenharmony_ci if (IS_ERR(child)) 1368c2ecf20Sopenharmony_ci goto drop_null; 1378c2ecf20Sopenharmony_ci 1388c2ecf20Sopenharmony_ci ctx->child = child; 1398c2ecf20Sopenharmony_ci crypto_aead_set_reqsize(aead, crypto_aead_reqsize(child) + 1408c2ecf20Sopenharmony_ci sizeof(struct aead_request)); 1418c2ecf20Sopenharmony_ci 1428c2ecf20Sopenharmony_ci err = 0; 1438c2ecf20Sopenharmony_ci 1448c2ecf20Sopenharmony_ciout: 1458c2ecf20Sopenharmony_ci return err; 1468c2ecf20Sopenharmony_ci 1478c2ecf20Sopenharmony_cidrop_null: 1488c2ecf20Sopenharmony_ci crypto_put_default_null_skcipher(); 1498c2ecf20Sopenharmony_ci goto out; 1508c2ecf20Sopenharmony_ci} 1518c2ecf20Sopenharmony_ciEXPORT_SYMBOL_GPL(aead_init_geniv); 1528c2ecf20Sopenharmony_ci 1538c2ecf20Sopenharmony_civoid aead_exit_geniv(struct crypto_aead *tfm) 1548c2ecf20Sopenharmony_ci{ 1558c2ecf20Sopenharmony_ci struct aead_geniv_ctx *ctx = crypto_aead_ctx(tfm); 1568c2ecf20Sopenharmony_ci 1578c2ecf20Sopenharmony_ci crypto_free_aead(ctx->child); 1588c2ecf20Sopenharmony_ci crypto_put_default_null_skcipher(); 1598c2ecf20Sopenharmony_ci} 1608c2ecf20Sopenharmony_ciEXPORT_SYMBOL_GPL(aead_exit_geniv); 1618c2ecf20Sopenharmony_ci 1628c2ecf20Sopenharmony_ciMODULE_LICENSE("GPL"); 1638c2ecf20Sopenharmony_ciMODULE_DESCRIPTION("Shared IV generator code"); 164