Commit 823655c9 authored by Herbert Xu's avatar Herbert Xu

crypto: echainiv - Stop using cryptoff

The cryptoff parameter was added to facilitate the skipping of
IVs that sit between the AD and the plain/cipher text.  However,
it was never implemented correctly as and we do not handle users
such as IPsec setting cryptoff.  It is simply ignored.

Implementing correctly is in fact more trouble than what it's
worth.

This patch removes the uses of cryptoff and simply falls back
to using the old AEAD interface as it's only needed for old AEAD
implementations.
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent d1ee1f02
...@@ -167,6 +167,9 @@ static int echainiv_encrypt_compat(struct aead_request *req) ...@@ -167,6 +167,9 @@ static int echainiv_encrypt_compat(struct aead_request *req)
__be64 seq; __be64 seq;
int err; int err;
if (req->cryptlen < ivsize)
return -EINVAL;
compl = req->base.complete; compl = req->base.complete;
data = req->base.data; data = req->base.data;
...@@ -212,17 +215,18 @@ static int echainiv_encrypt(struct aead_request *req) ...@@ -212,17 +215,18 @@ static int echainiv_encrypt(struct aead_request *req)
crypto_completion_t compl; crypto_completion_t compl;
void *data; void *data;
u8 *info; u8 *info;
unsigned int ivsize; unsigned int ivsize = crypto_aead_ivsize(geniv);
int err; int err;
if (req->cryptlen < ivsize)
return -EINVAL;
aead_request_set_tfm(subreq, ctx->child); aead_request_set_tfm(subreq, ctx->child);
compl = echainiv_encrypt_complete; compl = echainiv_encrypt_complete;
data = req; data = req;
info = req->iv; info = req->iv;
ivsize = crypto_aead_ivsize(geniv);
if (req->src != req->dst) { if (req->src != req->dst) {
struct scatterlist src[2]; struct scatterlist src[2];
struct scatterlist dst[2]; struct scatterlist dst[2];
...@@ -270,22 +274,28 @@ static int echainiv_decrypt_compat(struct aead_request *req) ...@@ -270,22 +274,28 @@ static int echainiv_decrypt_compat(struct aead_request *req)
{ {
struct crypto_aead *geniv = crypto_aead_reqtfm(req); struct crypto_aead *geniv = crypto_aead_reqtfm(req);
struct echainiv_ctx *ctx = crypto_aead_ctx(geniv); struct echainiv_ctx *ctx = crypto_aead_ctx(geniv);
struct aead_request *subreq = aead_request_ctx(req); struct echainiv_request_ctx *rctx = aead_request_ctx(req);
struct aead_request *subreq = &rctx->subreq.areq;
crypto_completion_t compl; crypto_completion_t compl;
void *data; void *data;
unsigned int ivsize; unsigned int ivsize = crypto_aead_ivsize(geniv);
if (req->cryptlen < ivsize + crypto_aead_authsize(geniv))
return -EINVAL;
aead_request_set_tfm(subreq, ctx->child); aead_request_set_tfm(subreq, ctx->child);
compl = req->base.complete; compl = req->base.complete;
data = req->base.data; data = req->base.data;
ivsize = crypto_aead_ivsize(geniv);
aead_request_set_callback(subreq, req->base.flags, compl, data); aead_request_set_callback(subreq, req->base.flags, compl, data);
aead_request_set_crypt(subreq, req->src, req->dst, aead_request_set_crypt(subreq,
scatterwalk_ffwd(rctx->src, req->src,
req->assoclen + ivsize),
scatterwalk_ffwd(rctx->dst, req->dst,
req->assoclen + ivsize),
req->cryptlen - ivsize, req->iv); req->cryptlen - ivsize, req->iv);
aead_request_set_ad(subreq, req->assoclen, ivsize); aead_request_set_assoc(subreq, req->src, req->assoclen);
scatterwalk_map_and_copy(req->iv, req->src, req->assoclen, ivsize, 0); scatterwalk_map_and_copy(req->iv, req->src, req->assoclen, ivsize, 0);
...@@ -299,15 +309,16 @@ static int echainiv_decrypt(struct aead_request *req) ...@@ -299,15 +309,16 @@ static int echainiv_decrypt(struct aead_request *req)
struct aead_request *subreq = aead_request_ctx(req); struct aead_request *subreq = aead_request_ctx(req);
crypto_completion_t compl; crypto_completion_t compl;
void *data; void *data;
unsigned int ivsize; unsigned int ivsize = crypto_aead_ivsize(geniv);
if (req->cryptlen < ivsize + crypto_aead_authsize(geniv))
return -EINVAL;
aead_request_set_tfm(subreq, ctx->child); aead_request_set_tfm(subreq, ctx->child);
compl = req->base.complete; compl = req->base.complete;
data = req->base.data; data = req->base.data;
ivsize = crypto_aead_ivsize(geniv);
aead_request_set_callback(subreq, req->base.flags, compl, data); aead_request_set_callback(subreq, req->base.flags, compl, data);
aead_request_set_crypt(subreq, req->src, req->dst, aead_request_set_crypt(subreq, req->src, req->dst,
req->cryptlen - ivsize, req->iv); req->cryptlen - ivsize, req->iv);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment