From patchwork Tue Jun 11 13:47:44 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166451 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2387791ilk; Tue, 11 Jun 2019 06:48:00 -0700 (PDT) X-Google-Smtp-Source: APXvYqxzysUauVzlXEpkBNeb7Bc41F6QEFQQDYEVMWu+4EgLQSOsuayEPmKY/HYMbunQrg9nJbPy X-Received: by 2002:a65:4c07:: with SMTP id u7mr19742642pgq.93.1560260880171; Tue, 11 Jun 2019 06:48:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560260880; cv=none; d=google.com; s=arc-20160816; b=VJfEO0fcHAhb6QKtbf/XjsTAk4wIjAtDR5SCxSBeocL5yEYoTKXlIugZNYbwaIwDsM hbf8Zw+w39aQ/7lP0QhFFLTyCAuFSD9FkOlSdIaF/Q5MhrpCPXKLhFRhMYil19pANDjM 6hJkVjUARwp+N2z+3I2aPk3fcblZ5EUX2uiW9HWz/6DptHaOSWhb99P2/Tc2iHBCSgQ7 GLuSKDwaMCsiQUbYSu9A8fC+jiebDlfr9QP8VXJR2tIU7eEsFPM/1+azQymeV6ZU9Hgs wdMMAILDZ87tsn0rfcderGkqD/5c7Y/GI2ltnpYyx9nVCR6Famp0KzSdfPNquW+y9IwL mxTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=stBj9R470eTrFxTy8rUh9qMz0b4KHQ3ldsc1vJio+Ns=; b=fxhsAmF/J9E7DHGCxOFIK2IcLCDaSPok5w/PZH2+As0E/KxXBU6L8huU03kbNI4Skf pfUA3e3wBchES5YiDa5ODgzaPvsco+qwUZTG2gM3KTE3eQ469wNlm/iSvIPlM8KmQZKY 50bJFve70t2gD1MAXZvXtxOPSpi0VCGtsL7y93SGRlKel8sd7u2qcTE80Ax9FNCFxSrG 3nsTIYYrA5QEBEU7peLPZBLi3/Ablm+kNfyFY3FoZr5+2u8SAbiroegesxiM2JYyB+6u eOWHQbLWAzAfIiorpdSPXZpt1U17IdhDSo0b4nX9Ghu/Dwx9dccO6/uNgsgW0fhLcP4Z DOVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=m7dlklzR; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w127si14336788pfw.200.2019.06.11.06.47.59; Tue, 11 Jun 2019 06:48:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=m7dlklzR; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389566AbfFKNr7 (ORCPT + 3 others); Tue, 11 Jun 2019 09:47:59 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:42841 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388390AbfFKNr6 (ORCPT ); Tue, 11 Jun 2019 09:47:58 -0400 Received: by mail-wr1-f66.google.com with SMTP id x17so13093596wrl.9 for ; Tue, 11 Jun 2019 06:47:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=stBj9R470eTrFxTy8rUh9qMz0b4KHQ3ldsc1vJio+Ns=; b=m7dlklzRB9jkFwDMixQAjKWjqH73AX7Au3V9ZrY/9/z8dZtAjwGqjCSMpnPwmTGmbC Rk/vB3tdnwzfDHr7tPZF3/gmKE1eDZj7VePgm4t2ODU28BxtBlNB3Hi/9SqDDT6YivxJ ubojpkMRyHgvAbf7mYHswU8Hi/I1P6onXpLax7S5We+MUHi+yMbUmkiTAMc7kqnXX4ls b269AdF7THrxFetBWxxfYcMklptUrbGLX9fsUhsvK/sel0Uuq07xVNofcLj3QbK5BeuB KtRvGwR60ZIGaUGhxcIEEuEqPJmYWR1E0dHwAhCQmDE3OG00+rfSUsm863AyKJOs1wP3 J30A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=stBj9R470eTrFxTy8rUh9qMz0b4KHQ3ldsc1vJio+Ns=; b=M29K02ClkIJ5C9SMLOOoskLabjbJP9XXKoJD0B+0UKWE4CHI2pnyva5/1N+La02Dpx Jq7Y2TrNjWMvFZxdYJkaVAvz4v9WLMlor6afBWLcQPocFUL1QOJOPJ6YhUQC6FE1PQ3T yvku5E+YLyx6qZ8TnVThZCb1z96ITvWGmdJbpGVXQb/0f/RP5KZscPRFvNI2lc2wykaX IggdBXB+PQTpy1wmSlkAkPRn9b8EMq5v2ENwj1B7izx23SFIQMsb6umSlLSk52nP44c6 ot8peAuVeWN/ARClIjvDAhBI972tuGpxqOYgN/jx2y16g8lsSBnolB4Bd6bhxWAYtxgh 0CHw== X-Gm-Message-State: APjAAAX4F3DXzQuvHsvK6IYHd1NZ7yNT4UNEIA+VOwX8rb6UeXcyl3TD VjHvnrpkmlQ2jY+T9YqKaglDlpNyFYqPuXfZ X-Received: by 2002:a5d:6205:: with SMTP id y5mr18654578wru.340.1560260875652; Tue, 11 Jun 2019 06:47:55 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id o126sm3964305wmo.31.2019.06.11.06.47.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 06:47:54 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v3 1/7] crypto: arc4 - refactor arc4 core code into separate library Date: Tue, 11 Jun 2019 15:47:44 +0200 Message-Id: <20190611134750.2974-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611134750.2974-1-ard.biesheuvel@linaro.org> References: <20190611134750.2974-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Refactor the core rc4 handling so we can move most users to a library interface, permitting us to drop the cipher interface entirely in a future patch. This is part of an effort to simplify the crypto API and improve its robustness against incorrect use. Signed-off-by: Ard Biesheuvel --- MAINTAINERS | 1 + crypto/Kconfig | 4 ++ crypto/arc4.c | 60 +--------------- include/crypto/arc4.h | 10 +++ lib/Makefile | 2 +- lib/crypto/Makefile | 4 ++ lib/crypto/arc4.c | 72 ++++++++++++++++++++ 7 files changed, 93 insertions(+), 60 deletions(-) -- 2.20.1 diff --git a/MAINTAINERS b/MAINTAINERS index 57f496cff999..112f21066141 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -4241,6 +4241,7 @@ F: crypto/ F: drivers/crypto/ F: include/crypto/ F: include/linux/crypto* +F: lib/crypto/ CRYPTOGRAPHIC RANDOM NUMBER GENERATOR M: Neil Horman diff --git a/crypto/Kconfig b/crypto/Kconfig index 3d056e7da65f..5114b35ef3b4 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1230,9 +1230,13 @@ config CRYPTO_ANUBIS +config CRYPTO_LIB_ARC4 + tristate + config CRYPTO_ARC4 tristate "ARC4 cipher algorithm" select CRYPTO_BLKCIPHER + select CRYPTO_LIB_ARC4 help ARC4 cipher algorithm. diff --git a/crypto/arc4.c b/crypto/arc4.c index a2120e06bf84..6974dba1b7b9 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -13,33 +13,12 @@ #include #include -struct arc4_ctx { - u32 S[256]; - u32 x, y; -}; - static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len) { struct arc4_ctx *ctx = crypto_tfm_ctx(tfm); - int i, j = 0, k = 0; - - ctx->x = 1; - ctx->y = 0; - for (i = 0; i < 256; i++) - ctx->S[i] = i; - - for (i = 0; i < 256; i++) { - u32 a = ctx->S[i]; - j = (j + in_key[k] + a) & 0xff; - ctx->S[i] = ctx->S[j]; - ctx->S[j] = a; - if (++k >= key_len) - k = 0; - } - - return 0; + return arc4_setkey(ctx, in_key, key_len); } static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, @@ -48,43 +27,6 @@ static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, return arc4_set_key(&tfm->base, in_key, key_len); } -static void arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, - unsigned int len) -{ - u32 *const S = ctx->S; - u32 x, y, a, b; - u32 ty, ta, tb; - - if (len == 0) - return; - - x = ctx->x; - y = ctx->y; - - a = S[x]; - y = (y + a) & 0xff; - b = S[y]; - - do { - S[y] = a; - a = (a + b) & 0xff; - S[x] = b; - x = (x + 1) & 0xff; - ta = S[x]; - ty = (y + ta) & 0xff; - tb = S[ty]; - *out++ = *in++ ^ S[a]; - if (--len == 0) - break; - y = ty; - a = ta; - b = tb; - } while (true); - - ctx->x = x; - ctx->y = y; -} - static void arc4_crypt_one(struct crypto_tfm *tfm, u8 *out, const u8 *in) { arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); diff --git a/include/crypto/arc4.h b/include/crypto/arc4.h index 5b2c24ab0139..f3c22fe01704 100644 --- a/include/crypto/arc4.h +++ b/include/crypto/arc4.h @@ -6,8 +6,18 @@ #ifndef _CRYPTO_ARC4_H #define _CRYPTO_ARC4_H +#include + #define ARC4_MIN_KEY_SIZE 1 #define ARC4_MAX_KEY_SIZE 256 #define ARC4_BLOCK_SIZE 1 +struct arc4_ctx { + u32 S[256]; + u32 x, y; +}; + +int arc4_setkey(struct arc4_ctx *ctx, const u8 *in_key, unsigned int key_len); +void arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, unsigned int len); + #endif /* _CRYPTO_ARC4_H */ diff --git a/lib/Makefile b/lib/Makefile index fb7697031a79..d3daedf93c5a 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -102,7 +102,7 @@ endif obj-$(CONFIG_DEBUG_INFO_REDUCED) += debug_info.o CFLAGS_debug_info.o += $(call cc-option, -femit-struct-debug-detailed=any) -obj-y += math/ +obj-y += math/ crypto/ obj-$(CONFIG_GENERIC_IOMAP) += iomap.o obj-$(CONFIG_GENERIC_PCI_IOMAP) += pci_iomap.o diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile new file mode 100644 index 000000000000..88195c34932d --- /dev/null +++ b/lib/crypto/Makefile @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: GPL-2.0 + +obj-$(CONFIG_CRYPTO_LIB_ARC4) += libarc4.o +libarc4-y := arc4.o diff --git a/lib/crypto/arc4.c b/lib/crypto/arc4.c new file mode 100644 index 000000000000..fa589eba3d50 --- /dev/null +++ b/lib/crypto/arc4.c @@ -0,0 +1,72 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Cryptographic API + * + * ARC4 Cipher Algorithm + * + * Jon Oberheide + */ + +#include +#include + +int arc4_setkey(struct arc4_ctx *ctx, const u8 *in_key, unsigned int key_len) +{ + int i, j = 0, k = 0; + + ctx->x = 1; + ctx->y = 0; + + for (i = 0; i < 256; i++) + ctx->S[i] = i; + + for (i = 0; i < 256; i++) { + u32 a = ctx->S[i]; + + j = (j + in_key[k] + a) & 0xff; + ctx->S[i] = ctx->S[j]; + ctx->S[j] = a; + if (++k >= key_len) + k = 0; + } + + return 0; +} +EXPORT_SYMBOL(arc4_setkey); + +void arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, unsigned int len) +{ + u32 *const S = ctx->S; + u32 x, y, a, b; + u32 ty, ta, tb; + + if (len == 0) + return; + + x = ctx->x; + y = ctx->y; + + a = S[x]; + y = (y + a) & 0xff; + b = S[y]; + + do { + S[y] = a; + a = (a + b) & 0xff; + S[x] = b; + x = (x + 1) & 0xff; + ta = S[x]; + ty = (y + ta) & 0xff; + tb = S[ty]; + *out++ = *in++ ^ S[a]; + if (--len == 0) + break; + y = ty; + a = ta; + b = tb; + } while (true); + + ctx->x = x; + ctx->y = y; +} +EXPORT_SYMBOL(arc4_crypt); From patchwork Tue Jun 11 13:47:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166452 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2387819ilk; Tue, 11 Jun 2019 06:48:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqyoDHSQhZWsFh0CVAoV8TxCo51Ds4+BxR5v+Sb3Wtq52+tJKm8IcJEwPscGRWK3l0K20gn/ X-Received: by 2002:a62:6454:: with SMTP id y81mr41595635pfb.13.1560260881194; Tue, 11 Jun 2019 06:48:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560260881; cv=none; d=google.com; s=arc-20160816; b=bbfSERV0VoDRi8YV2hgxlt7ObHTRGWLHKBEZvdIPXQTxpTlnaNDU4cNySEaNDnW7nt qrJOONzMmfyRjBxffwi7t+ZPeCbK+K6sRyI13PEdc5k7/TAQw3/p/wsN6e8sDQccOGoX 2BzxkmQrSqrkTJcUwaSaw+ABwSf//aKDJmo8BEmOzk+HCeuT9COGr3i98gOAdaUgMKyY Qaqg4IqMjRRQQ0um9Jq7ZLe5jwrXxzw13N5Ck/AtYXPsnK6LsLrBfrFUM4uT41oOtSd2 Dj1cU6GtbPJY8Gsdp+LW/+er2re5YaUog99+EU8/4u+RV0NHf5ujbPdrz85QB1Pz51X9 sLBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=DItFFfUo//Kird/Oh8JncpUSqM+hznSI17tydK0gdQY=; b=I/yTK47nYKXeNO1bod9SQNz4fjpUgpao+bz0T7/g0KLRLKFJ2dY7T84s+GNaTAfw6x NHklh4C1O2Tqiv2UbkQqyE8OpVNt/idBI23Wdpc70IbxDSUCMsnljtBP/xgsE5S1fOMM 6Jzur+yKy3E+O5LpuOCHiAQ3bi6dRzSXeAUVW3DKjI5IXmuGXElTQNhavvE8+e0rk+oW xWEUErB0D4cD9ipYi5LiNfbcaWQHfpnaTfj/7L4OLTc950jr0JsT4+GY1D/ZBIdHfhhM w+3eDWQvCqKHJiAGxIWknRsnsqe8vaY6rG0oxyPXoLEOHYltBxPSinff7Ubdb3n/5i2Y 2IAw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ETgrHGhL; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w127si14336788pfw.200.2019.06.11.06.48.00; Tue, 11 Jun 2019 06:48:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ETgrHGhL; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388390AbfFKNsA (ORCPT + 3 others); Tue, 11 Jun 2019 09:48:00 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:35748 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388299AbfFKNsA (ORCPT ); Tue, 11 Jun 2019 09:48:00 -0400 Received: by mail-wm1-f67.google.com with SMTP id c6so3037742wml.0 for ; Tue, 11 Jun 2019 06:47:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=DItFFfUo//Kird/Oh8JncpUSqM+hznSI17tydK0gdQY=; b=ETgrHGhLHNBtW7+64eMuV0NJa/ctz+vK7rfFxyOmDYr5IG0peGFfoW556DuVccm2Mb AwklS7Ci1EiWGVOdY/LYMhJF26hINB07c8w9DzjD1Bm4PbbyfkL0rdsDrahuFFNxpb8T HsvBzKsQf6e9FV48YDrqTGmZss6gmU4TdgFNDvFuX6otKpgGGaliAsp/pONV7fmw5t+f 5xqWdGCDej5kLbDFn3vB+3jpQFlt6G/OKJeC+OZHDWS2uI4/8VD6ncHKnb9Eb+e/v7uq LWAzcXEwG6Q6lb6dk6JeptOjSXNMocYL49g3TK+QCnl/wgoRSnjq1+Ph8L2ancAQoETt AwBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=DItFFfUo//Kird/Oh8JncpUSqM+hznSI17tydK0gdQY=; b=ix29QgW2FB6+IdtRO4xV8evypn4x+9tvbDTpa7iXKd76IBmoTcJzIi/1ujsOV52TfY 8A7aaqSEPdRmyUg/nu4W7UKjnd8bjrZ5h/6vV77q1iZD0hLv3C1iwBdA23c3swP6df4E dUDNSn6V96YKh3C3EXa5btgqLinjBYGZKcovJPcW8LzYTCabALx05pumAkxHXhgQ6+SN ZoySURqKDSPYuKDN60KA7GbUv2T19SbBW6edMuWtNc7MK8Bm2eEpHa3+NRMgsFnicAcn 3hrAvVeqftG7IsVZo/YFEqrNhzD4nh5qaOi8jAipsljfgu8h2HxmE+glyNtjpov+YT8R HXeg== X-Gm-Message-State: APjAAAU9vDGoRFeewhUosAeRrzGWdpnMJCl7waieM06L3hfobL8vngS6 KSVg0xrAC46jrdGAZzbmk9tNDfxoQwzxYcm/ X-Received: by 2002:a1c:a983:: with SMTP id s125mr16990751wme.18.1560260876873; Tue, 11 Jun 2019 06:47:56 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id o126sm3964305wmo.31.2019.06.11.06.47.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 06:47:56 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v3 2/7] net/mac80211: move WEP handling to ARC4 library interface Date: Tue, 11 Jun 2019 15:47:45 +0200 Message-Id: <20190611134750.2974-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611134750.2974-1-ard.biesheuvel@linaro.org> References: <20190611134750.2974-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The WEP code in the mac80211 subsystem currently uses the crypto API to access the arc4 (RC4) cipher, which is overly complicated, and doesn't really have an upside in this particular case, since ciphers are always synchronous and therefore always implemented in software. Given that we have no accelerated software implementations either, it is much more straightforward to invoke a generic library interface directly. Signed-off-by: Ard Biesheuvel --- net/mac80211/Kconfig | 2 +- net/mac80211/cfg.c | 3 -- net/mac80211/ieee80211_i.h | 4 +- net/mac80211/key.h | 1 + net/mac80211/main.c | 6 +-- net/mac80211/mlme.c | 2 - net/mac80211/tkip.c | 8 ++-- net/mac80211/tkip.h | 4 +- net/mac80211/wep.c | 47 ++++---------------- net/mac80211/wep.h | 4 +- net/mac80211/wpa.c | 4 +- 11 files changed, 24 insertions(+), 61 deletions(-) -- 2.20.1 diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig index 0227cce9685e..0c93b1b7a826 100644 --- a/net/mac80211/Kconfig +++ b/net/mac80211/Kconfig @@ -3,7 +3,7 @@ config MAC80211 tristate "Generic IEEE 802.11 Networking Stack (mac80211)" depends on CFG80211 select CRYPTO - select CRYPTO_ARC4 + select CRYPTO_LIB_ARC4 select CRYPTO_AES select CRYPTO_CCM select CRYPTO_GCM diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index a1973a26c7fc..9d8a8878a487 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -402,9 +402,6 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev, case WLAN_CIPHER_SUITE_WEP40: case WLAN_CIPHER_SUITE_TKIP: case WLAN_CIPHER_SUITE_WEP104: - if (IS_ERR(local->wep_tx_tfm)) - return -EINVAL; - break; case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP_256: case WLAN_CIPHER_SUITE_AES_CMAC: diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index 073a8235ae1b..412da8cfbc36 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h @@ -1258,8 +1258,8 @@ struct ieee80211_local { struct rate_control_ref *rate_ctrl; - struct crypto_cipher *wep_tx_tfm; - struct crypto_cipher *wep_rx_tfm; + struct arc4_ctx wep_tx_ctx; + struct arc4_ctx wep_rx_ctx; u32 wep_iv; /* see iface.c */ diff --git a/net/mac80211/key.h b/net/mac80211/key.h index f06fbd03d235..6c5bbaebd02c 100644 --- a/net/mac80211/key.h +++ b/net/mac80211/key.h @@ -14,6 +14,7 @@ #include #include #include +#include #include #define NUM_DEFAULT_KEYS 4 diff --git a/net/mac80211/main.c b/net/mac80211/main.c index 2b608044ae23..93c4a2d0623e 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c @@ -13,6 +13,7 @@ #include #include +#include #include #include #include @@ -733,8 +734,7 @@ EXPORT_SYMBOL(ieee80211_alloc_hw_nm); static int ieee80211_init_cipher_suites(struct ieee80211_local *local) { - bool have_wep = !(IS_ERR(local->wep_tx_tfm) || - IS_ERR(local->wep_rx_tfm)); + bool have_wep = !fips_enabled; /* FIPS does not permit the use of RC4 */ bool have_mfp = ieee80211_hw_check(&local->hw, MFP_CAPABLE); int n_suites = 0, r = 0, w = 0; u32 *suites; @@ -1301,7 +1301,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw) fail_rate: rtnl_unlock(); ieee80211_led_exit(local); - ieee80211_wep_free(local); fail_flows: destroy_workqueue(local->workqueue); fail_workqueue: @@ -1358,7 +1357,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw) destroy_workqueue(local->workqueue); wiphy_unregister(local->hw.wiphy); - ieee80211_wep_free(local); ieee80211_led_exit(local); kfree(local->int_scan_req); } diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index b7a9fe3d5fcb..cf8b87cfd619 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -5038,8 +5038,6 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, auth_alg = WLAN_AUTH_OPEN; break; case NL80211_AUTHTYPE_SHARED_KEY: - if (IS_ERR(local->wep_tx_tfm)) - return -EOPNOTSUPP; auth_alg = WLAN_AUTH_SHARED_KEY; break; case NL80211_AUTHTYPE_FT: diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index b3622823bad2..96b87fc7122e 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c @@ -222,7 +222,7 @@ EXPORT_SYMBOL(ieee80211_get_tkip_p2k); * @payload_len is the length of payload (_not_ including IV/ICV length). * @ta is the transmitter addresses. */ -int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_encrypt_data(struct arc4_ctx *ctx, struct ieee80211_key *key, struct sk_buff *skb, u8 *payload, size_t payload_len) @@ -231,7 +231,7 @@ int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, ieee80211_get_tkip_p2k(&key->conf, skb, rc4key); - return ieee80211_wep_encrypt_data(tfm, rc4key, 16, + return ieee80211_wep_encrypt_data(ctx, rc4key, 16, payload, payload_len); } @@ -239,7 +239,7 @@ int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, * beginning of the buffer containing IEEE 802.11 header payload, i.e., * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the * length of payload, including IV, Ext. IV, MIC, ICV. */ -int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_decrypt_data(struct arc4_ctx *ctx, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, u8 *ra, int only_iv, int queue, @@ -297,7 +297,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, tkip_mixing_phase2(tk, &rx_ctx->ctx, iv16, rc4key); - res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12); + res = ieee80211_wep_decrypt_data(ctx, rc4key, 16, pos, payload_len - 12); done: if (res == TKIP_DECRYPT_OK) { /* diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h index a1bcbfbefe7c..798583056201 100644 --- a/net/mac80211/tkip.h +++ b/net/mac80211/tkip.h @@ -13,7 +13,7 @@ #include #include "key.h" -int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_encrypt_data(struct arc4_ctx *ctx, struct ieee80211_key *key, struct sk_buff *skb, u8 *payload, size_t payload_len); @@ -24,7 +24,7 @@ enum { TKIP_DECRYPT_INVALID_KEYIDX = -2, TKIP_DECRYPT_REPLAY = -3, }; -int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_decrypt_data(struct arc4_ctx *ctx, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, u8 *ra, int only_iv, int queue, diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c index bfe9ed9f4c48..4373c62ecce2 100644 --- a/net/mac80211/wep.c +++ b/net/mac80211/wep.c @@ -30,30 +30,9 @@ int ieee80211_wep_init(struct ieee80211_local *local) /* start WEP IV from a random value */ get_random_bytes(&local->wep_iv, IEEE80211_WEP_IV_LEN); - local->wep_tx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(local->wep_tx_tfm)) { - local->wep_rx_tfm = ERR_PTR(-EINVAL); - return PTR_ERR(local->wep_tx_tfm); - } - - local->wep_rx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(local->wep_rx_tfm)) { - crypto_free_cipher(local->wep_tx_tfm); - local->wep_tx_tfm = ERR_PTR(-EINVAL); - return PTR_ERR(local->wep_rx_tfm); - } - return 0; } -void ieee80211_wep_free(struct ieee80211_local *local) -{ - if (!IS_ERR(local->wep_tx_tfm)) - crypto_free_cipher(local->wep_tx_tfm); - if (!IS_ERR(local->wep_rx_tfm)) - crypto_free_cipher(local->wep_rx_tfm); -} - static inline bool ieee80211_wep_weak_iv(u32 iv, int keylen) { /* @@ -131,21 +110,16 @@ static void ieee80211_wep_remove_iv(struct ieee80211_local *local, /* Perform WEP encryption using given key. data buffer must have tailroom * for 4-byte ICV. data_len must not include this ICV. Note: this function * does _not_ add IV. data = RC4(data | CRC32(data)) */ -int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_encrypt_data(struct arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len) { __le32 icv; - int i; - - if (IS_ERR(tfm)) - return -1; icv = cpu_to_le32(~crc32_le(~0, data, data_len)); put_unaligned(icv, (__le32 *)(data + data_len)); - crypto_cipher_setkey(tfm, rc4key, klen); - for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++) - crypto_cipher_encrypt_one(tfm, data + i, data + i); + arc4_setkey(ctx, rc4key, klen); + arc4_crypt(ctx, data, data, data_len + IEEE80211_WEP_ICV_LEN); return 0; } @@ -184,7 +158,7 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, /* Add room for ICV */ skb_put(skb, IEEE80211_WEP_ICV_LEN); - return ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, keylen + 3, + return ieee80211_wep_encrypt_data(&local->wep_tx_ctx, rc4key, keylen + 3, iv + IEEE80211_WEP_IV_LEN, len); } @@ -192,18 +166,13 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, /* Perform WEP decryption using given key. data buffer includes encrypted * payload, including 4-byte ICV, but _not_ IV. data_len must not include ICV. * Return 0 on success and -1 on ICV mismatch. */ -int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_decrypt_data(struct arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len) { __le32 crc; - int i; - - if (IS_ERR(tfm)) - return -1; - crypto_cipher_setkey(tfm, rc4key, klen); - for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++) - crypto_cipher_decrypt_one(tfm, data + i, data + i); + arc4_setkey(ctx, rc4key, klen); + arc4_crypt(ctx, data, data, data_len + IEEE80211_WEP_ICV_LEN); crc = cpu_to_le32(~crc32_le(~0, data, data_len)); if (memcmp(&crc, data + data_len, IEEE80211_WEP_ICV_LEN) != 0) @@ -256,7 +225,7 @@ static int ieee80211_wep_decrypt(struct ieee80211_local *local, /* Copy rest of the WEP key (the secret part) */ memcpy(rc4key + 3, key->conf.key, key->conf.keylen); - if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen, + if (ieee80211_wep_decrypt_data(&local->wep_rx_ctx, rc4key, klen, skb->data + hdrlen + IEEE80211_WEP_IV_LEN, len)) ret = -1; diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h index 9615749d1f65..f752f5b78713 100644 --- a/net/mac80211/wep.h +++ b/net/mac80211/wep.h @@ -18,12 +18,12 @@ int ieee80211_wep_init(struct ieee80211_local *local); void ieee80211_wep_free(struct ieee80211_local *local); -int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_encrypt_data(struct arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len); int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb, const u8 *key, int keylen, int keyidx); -int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_decrypt_data(struct arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len); ieee80211_rx_result diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 58d0b258b684..02e8ab7b2b4c 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -242,7 +242,7 @@ static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb) /* Add room for ICV */ skb_put(skb, IEEE80211_TKIP_ICV_LEN); - return ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm, + return ieee80211_tkip_encrypt_data(&tx->local->wep_tx_ctx, key, skb, pos, len); } @@ -293,7 +293,7 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx) if (status->flag & RX_FLAG_DECRYPTED) hwaccel = 1; - res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm, + res = ieee80211_tkip_decrypt_data(&rx->local->wep_rx_ctx, key, skb->data + hdrlen, skb->len - hdrlen, rx->sta->sta.addr, hdr->addr1, hwaccel, rx->security_idx, From patchwork Tue Jun 11 13:47:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166453 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2387830ilk; Tue, 11 Jun 2019 06:48:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqxR4hpAY3RAyS6Ov6LuzB/gVGl2EE47yzMG0aQ5J0rIRfVyc8pN9HOZOd5T/KypgTAefgto X-Received: by 2002:a17:90a:9385:: with SMTP id q5mr26507909pjo.126.1560260881706; Tue, 11 Jun 2019 06:48:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560260881; cv=none; d=google.com; s=arc-20160816; b=Jh9COb2Wl45RZQHZFuq7E8faMkjbuIv7DrUvfNxI2ELdif+6kzR1CdY5fq2GTz5QJS 3XuuynfzozsPBMM1umNHLsp2KtSn0WY6j12EsmaOIdboTUG2u+y5RYG7j8ersmT4WfnO gYNMsw8f/mXJNpAxpB1rAI4lDLIUAeNtjCV3+nofXcIUqmVuttY0fwuRW2/JS+9Ur/Sc y2A8BsQCsKxM3PDdcy0yJozx/rEebYJmzFF8UKal71z8jYFi3oLpyKbTgKeF1KStFWUf UYWjcyoELZhVPjTwI4f3o0qEh3zD629t46y4YsOawevnfLSMs/XVfKYkrwrR4DUG0yf/ 2Dhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=/gY5jF66N0ah9l8UKu613ADNAxCdjTNe2VAUbLEx/sY=; b=Ykt34NmA7FNtKljbhqAHHd5l1nFsZskFBAq5NDzLgzMMV3hhalYPNQMT6+8pRW70VY 1Fm2Tk4aRO7DEjGWMccaMySZ/ZG7J8Q5N5RHgnZJszOsVpteR7CaNl+QXooLPlC6FkcW zPE06Qf2BMy1ioyB/TkEFohOC8q6EL1xqNck2URpu/GbWJdEFJ2XDxaoiPtMf5XiZm/Z gGvY3o5yZpNoAZwtbgKWrdP4cRgIrm1FPUxC/h/7EbggJ/JiI3muURAahthasKHHnr9Q KTXql9sqM8I19CC5a8+wHqKocOQaZFaH/cPH4jDRQOfR4WVB8GxMIJJ9lF4l5QOHmddC 8G8A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=vCzJ4LFc; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w127si14336788pfw.200.2019.06.11.06.48.01; Tue, 11 Jun 2019 06:48:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=vCzJ4LFc; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389733AbfFKNsA (ORCPT + 3 others); Tue, 11 Jun 2019 09:48:00 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:33395 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389298AbfFKNsA (ORCPT ); Tue, 11 Jun 2019 09:48:00 -0400 Received: by mail-wr1-f65.google.com with SMTP id n9so13170215wru.0 for ; Tue, 11 Jun 2019 06:47:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=/gY5jF66N0ah9l8UKu613ADNAxCdjTNe2VAUbLEx/sY=; b=vCzJ4LFc4W+qqyhi9wcuXopDIPfIUqJwT+fXZe3Pj6hqfe8qAwtPhAc3iWFduFHv9E hKcsJyRemE2dBglJk2k+Qi3jhjhzb3FlOhHwFJsv3tg3GaX/opYgdR9vFhIXKtV7FVu8 nzLwmPtjxZR4Vpjb2i5dMtUHoOmlxWqT7w5nnAtaCiS2djPC9HpMYtXx8d1GyNcvkrXJ BsbnT7/b+b+roVOQ8DnMMShf3362cvQVNAXKAs6xLBLGfJetd28kv5eWQdNB70gXbapD 5OBrtmodGNMRwUh12/Jdu5cAKbgqtdPp5t74Kx9pDInmMtSaUxvSOcnJ9UT0w7d30wQh DuDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=/gY5jF66N0ah9l8UKu613ADNAxCdjTNe2VAUbLEx/sY=; b=Das76rH7khzvqxhJDNeDehifscTk0eOn16qe8E3IPtHx8hd73xm+l6LDLcCbmw96/Y DwWOPBw1UCpShAOADvR1Pw7Cfz1b+lDp+0WhIIdC+OfwhWG+5g5tHKZ1lgwqGTygyC+I RhQsIN27pRAf27eQ86f7LziQVoaNDdWgMZEiOmpTyxP1efa1CizbBKwp7otaP9jRLuDA 2Nvu9KkGeqcAVenkbS+d/nVAmCShW2+ra6FVE7olvlFZBcYDqievPuLrMnk7Towr7nP7 WWApau4YtSKH9+kom8/FXmKI5fA1YV4a8xS/TS21Wz75EDDLAAReV5y6xUChX/oi6HRk W8/Q== X-Gm-Message-State: APjAAAVou+62UCJdGUub9CqqHn4IF69qpGRRddxjrK1kiImrk/KCkRJA +piY+wsOPTRzGiCqjsAMnodUdh3avBrj1nbk X-Received: by 2002:a5d:5448:: with SMTP id w8mr16959006wrv.180.1560260877993; Tue, 11 Jun 2019 06:47:57 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id o126sm3964305wmo.31.2019.06.11.06.47.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 06:47:57 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v3 3/7] net/lib80211: move WEP handling to ARC4 library code Date: Tue, 11 Jun 2019 15:47:46 +0200 Message-Id: <20190611134750.2974-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611134750.2974-1-ard.biesheuvel@linaro.org> References: <20190611134750.2974-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The crypto API abstraction is not very useful for invoking ciphers directly, especially in the case of arc4, which only has a generic implementation in C. So let's invoke the library code directly. Signed-off-by: Ard Biesheuvel --- net/wireless/Kconfig | 1 + net/wireless/lib80211_crypt_wep.c | 49 +++++--------------- 2 files changed, 13 insertions(+), 37 deletions(-) -- 2.20.1 diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig index 6310ddede220..6d9c48cea07e 100644 --- a/net/wireless/Kconfig +++ b/net/wireless/Kconfig @@ -213,6 +213,7 @@ config LIB80211 config LIB80211_CRYPT_WEP tristate + select CRYPTO_LIB_ARC4 config LIB80211_CRYPT_CCMP tristate diff --git a/net/wireless/lib80211_crypt_wep.c b/net/wireless/lib80211_crypt_wep.c index 20c1ad63ad44..9a4e4653fe64 100644 --- a/net/wireless/lib80211_crypt_wep.c +++ b/net/wireless/lib80211_crypt_wep.c @@ -11,6 +11,7 @@ */ #include +#include #include #include #include @@ -22,7 +23,7 @@ #include -#include +#include #include MODULE_AUTHOR("Jouni Malinen"); @@ -35,51 +36,30 @@ struct lib80211_wep_data { u8 key[WEP_KEY_LEN + 1]; u8 key_len; u8 key_idx; - struct crypto_cipher *tx_tfm; - struct crypto_cipher *rx_tfm; + struct arc4_ctx tx_ctx; + struct arc4_ctx rx_ctx; }; static void *lib80211_wep_init(int keyidx) { struct lib80211_wep_data *priv; + if (fips_enabled) + return NULL; + priv = kzalloc(sizeof(*priv), GFP_ATOMIC); if (priv == NULL) - goto fail; + return NULL; priv->key_idx = keyidx; - priv->tx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->tx_tfm)) { - priv->tx_tfm = NULL; - goto fail; - } - - priv->rx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->rx_tfm)) { - priv->rx_tfm = NULL; - goto fail; - } /* start WEP IV from a random value */ get_random_bytes(&priv->iv, 4); return priv; - - fail: - if (priv) { - crypto_free_cipher(priv->tx_tfm); - crypto_free_cipher(priv->rx_tfm); - kfree(priv); - } - return NULL; } static void lib80211_wep_deinit(void *priv) { - struct lib80211_wep_data *_priv = priv; - if (_priv) { - crypto_free_cipher(_priv->tx_tfm); - crypto_free_cipher(_priv->rx_tfm); - } kfree(priv); } @@ -132,7 +112,6 @@ static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) u32 crc, klen, len; u8 *pos, *icv; u8 key[WEP_KEY_LEN + 3]; - int i; /* other checks are in lib80211_wep_build_iv */ if (skb_tailroom(skb) < 4) @@ -160,10 +139,8 @@ static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(wep->tx_tfm, key, klen); - - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(wep->tx_tfm, pos + i, pos + i); + arc4_setkey(&wep->tx_ctx, key, klen); + arc4_crypt(&wep->tx_ctx, pos, pos, len + 4); return 0; } @@ -181,7 +158,6 @@ static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv) u32 crc, klen, plen; u8 key[WEP_KEY_LEN + 3]; u8 keyidx, *pos, icv[4]; - int i; if (skb->len < hdr_len + 8) return -1; @@ -202,9 +178,8 @@ static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv) /* Apply RC4 to data and compute CRC32 over decrypted data */ plen = skb->len - hdr_len - 8; - crypto_cipher_setkey(wep->rx_tfm, key, klen); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(wep->rx_tfm, pos + i, pos + i); + arc4_setkey(&wep->rx_ctx, key, klen); + arc4_crypt(&wep->rx_ctx, pos, pos, plen + 4); crc = ~crc32_le(~0, pos, plen); icv[0] = crc; From patchwork Tue Jun 11 13:47:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166454 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2387855ilk; Tue, 11 Jun 2019 06:48:03 -0700 (PDT) X-Google-Smtp-Source: APXvYqyaeAQ71Gq3O/0wTYDFoT3d2N9sa67/PogTcVxzglwTlerermjkTf6VnL0xtJfQZApZBEmt X-Received: by 2002:a17:902:d695:: with SMTP id v21mr60528969ply.342.1560260883496; Tue, 11 Jun 2019 06:48:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560260883; cv=none; d=google.com; s=arc-20160816; b=Im/hedEOkmG/LNNLECLTZpn3XFJFZAQC5kTlIwBj7ZXZS5wUhgI174wSyt0W9pTvQA KVd2T8/VaRgIeiJCyNYuZPtnZeWmaU11A2SCXbzmp1wsHiu3HG76NfUSH7AyD0Tw9nQM 6u89ILFLWi23cqn46dmwOk7M9Ww5eJZext+fE6rOZenvS59Rd1dqWM1d50f4eRl3//97 hCABoA4YUfX/v2AjbWUu1Mvd/q83OdOgupk5R1aamGRhyZo+HBDlOLzjPm7eM27XA868 VRsy8GoJU+ZY2bmDPhyXVsnhQPcqHwt+G0yGqRT3eJLA0+DupF0w6xcUAf+1rmEpJ1nW OK/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=h11UGXC77nWA4rTdnJxsAlZsGimBDhlsPa3AUVrAjDI=; b=NM8esIF436PCzpfLFIB3tbRKmY0JoU1YEHxTRK9UUidQhvkZk1OP5k0JH3IHZaoNHp PhZzwgmsBUAXNV00sNKpPg6aN9/Cu+5DdCG5I6YBO8dZ0HTCX/QR9VJvsDYVIBRaj0J1 NClSf2g6aRAviScyV7PyT4dtATqxNppXkkJC18oUYOOWw03Dk2oqZC4djgydVyGDKxC/ r9WbMAzq7s33TBzxGFUIjZqf1KDR/S1n43QZOJadeWlxon0ALt7DN87vPCbExdWj9vxN 8xPeaYc1RScq00K5nv++sZZiS6GXPUvf30Te5pBUgZ/4L4jQvVu3uas02WjueJdgUxr9 JEDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=TutfpOMq; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w127si14336788pfw.200.2019.06.11.06.48.03; Tue, 11 Jun 2019 06:48:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=TutfpOMq; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389926AbfFKNsC (ORCPT + 3 others); Tue, 11 Jun 2019 09:48:02 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:37942 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388299AbfFKNsC (ORCPT ); Tue, 11 Jun 2019 09:48:02 -0400 Received: by mail-wm1-f68.google.com with SMTP id s15so3019008wmj.3 for ; Tue, 11 Jun 2019 06:48:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=h11UGXC77nWA4rTdnJxsAlZsGimBDhlsPa3AUVrAjDI=; b=TutfpOMqEcfZAruOCoYI7FuGfW4rYqI6J+pl7gHaBBYpWaIOrvnhWoXJ0PARHidzBJ gePL9pqS3HqSyXJzT41TEkJMcl5Z4eG590tGJm5YiffIEVMFqrV7Gixpws2S7z6Q/v/S jCnhF4h2pF/nALBno5smDMdMrmCpHd+4cON//PfonPyOS4j9MTJXthQxCsVP0c5iIRh7 XHOpi3wKGRJh29yKIWeU0cl9euo9eMt0P4+E+4XWcd1zpoUNOzaNPTYVxG7jcdb3g61A c+LtcIElc2u+RRm/QO2PViM5/FiJdsJ+rvylyHU24Yk2nW+TiMSClauS/b2/l1M9jKYS agUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=h11UGXC77nWA4rTdnJxsAlZsGimBDhlsPa3AUVrAjDI=; b=iDNnkLTMh9K/andgemDTJvt+h0RgbK9o27FJOGKNGqnl3keZp3t39mluMXd4KdKxKW eDgXA1WYsbNYrLomd8DBDt9gu6ygI7FES/11Qqku8Miyzvt5OW6GrGojGb8/i/ey3TXl /UFiISRiAJExfqtPxYwtVQK5BrZ3adFzth/mwMeNsL7Bjv6OFLhzRCcZmrXohiL01j1i YpmkAY5H3sdt7N8Dg2m0uaam7Ba5yavorF+o95PY8OKAotJAwRxNtexNsG7BXNap0W3s cqSzEsvPrgVF7pUJx7LGD9Oix28qgxuyqG/nGdPjipzGo2iwanVJf3d49NdvPcM8XWnp b0kg== X-Gm-Message-State: APjAAAUzIBFS2m9AGo8ii9mRaFN3ANfUwfUQn1BEoTIxrwuzHMvnBHFo bIPPJpsM0Uz4ulsAS2vMcSejtIR71kt4d6DU X-Received: by 2002:a05:600c:2507:: with SMTP id d7mr17396893wma.2.1560260879383; Tue, 11 Jun 2019 06:47:59 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id o126sm3964305wmo.31.2019.06.11.06.47.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 06:47:58 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v3 4/7] net/lib80211: move TKIP handling to ARC4 library code Date: Tue, 11 Jun 2019 15:47:47 +0200 Message-Id: <20190611134750.2974-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611134750.2974-1-ard.biesheuvel@linaro.org> References: <20190611134750.2974-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The crypto API abstraction is not very useful for invoking ciphers directly, especially in the case of arc4, which only has a generic implementation in C. So let's invoke the library code directly. Signed-off-by: Ard Biesheuvel --- net/wireless/lib80211_crypt_tkip.c | 46 +++++++------------- 1 file changed, 16 insertions(+), 30 deletions(-) -- 2.20.1 diff --git a/net/wireless/lib80211_crypt_tkip.c b/net/wireless/lib80211_crypt_tkip.c index 11eaa5956f00..02841825bf73 100644 --- a/net/wireless/lib80211_crypt_tkip.c +++ b/net/wireless/lib80211_crypt_tkip.c @@ -13,6 +13,7 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt #include +#include #include #include #include @@ -29,6 +30,7 @@ #include #include +#include #include #include #include @@ -64,9 +66,9 @@ struct lib80211_tkip_data { int key_idx; - struct crypto_cipher *rx_tfm_arc4; + struct arc4_ctx rx_ctx_arc4; + struct arc4_ctx tx_ctx_arc4; struct crypto_shash *rx_tfm_michael; - struct crypto_cipher *tx_tfm_arc4; struct crypto_shash *tx_tfm_michael; /* scratch buffers for virt_to_page() (crypto API) */ @@ -93,30 +95,21 @@ static void *lib80211_tkip_init(int key_idx) { struct lib80211_tkip_data *priv; + if (fips_enabled) + return NULL; + priv = kzalloc(sizeof(*priv), GFP_ATOMIC); if (priv == NULL) goto fail; priv->key_idx = key_idx; - priv->tx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->tx_tfm_arc4)) { - priv->tx_tfm_arc4 = NULL; - goto fail; - } - priv->tx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0); if (IS_ERR(priv->tx_tfm_michael)) { priv->tx_tfm_michael = NULL; goto fail; } - priv->rx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->rx_tfm_arc4)) { - priv->rx_tfm_arc4 = NULL; - goto fail; - } - priv->rx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0); if (IS_ERR(priv->rx_tfm_michael)) { priv->rx_tfm_michael = NULL; @@ -128,9 +121,7 @@ static void *lib80211_tkip_init(int key_idx) fail: if (priv) { crypto_free_shash(priv->tx_tfm_michael); - crypto_free_cipher(priv->tx_tfm_arc4); crypto_free_shash(priv->rx_tfm_michael); - crypto_free_cipher(priv->rx_tfm_arc4); kfree(priv); } @@ -142,9 +133,7 @@ static void lib80211_tkip_deinit(void *priv) struct lib80211_tkip_data *_priv = priv; if (_priv) { crypto_free_shash(_priv->tx_tfm_michael); - crypto_free_cipher(_priv->tx_tfm_arc4); crypto_free_shash(_priv->rx_tfm_michael); - crypto_free_cipher(_priv->rx_tfm_arc4); } kfree(priv); } @@ -345,7 +334,6 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) int len; u8 rc4key[16], *pos, *icv; u32 crc; - int i; if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; @@ -370,9 +358,9 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(tkey->tx_tfm_arc4, rc4key, 16); - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(tkey->tx_tfm_arc4, pos + i, pos + i); + arc4_setkey(&tkey->tx_ctx_arc4, rc4key, 16); + arc4_crypt(&tkey->tx_ctx_arc4, pos, pos, len + 4); + return 0; } @@ -400,7 +388,6 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) u8 icv[4]; u32 crc; int plen; - int i; hdr = (struct ieee80211_hdr *)skb->data; @@ -453,9 +440,8 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) plen = skb->len - hdr_len - 12; - crypto_cipher_setkey(tkey->rx_tfm_arc4, rc4key, 16); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(tkey->rx_tfm_arc4, pos + i, pos + i); + arc4_setkey(&tkey->rx_ctx_arc4, rc4key, 16); + arc4_crypt(&tkey->rx_ctx_arc4, pos, pos, plen + 4); crc = ~crc32_le(~0, pos, plen); icv[0] = crc; @@ -640,17 +626,17 @@ static int lib80211_tkip_set_key(void *key, int len, u8 * seq, void *priv) struct lib80211_tkip_data *tkey = priv; int keyidx; struct crypto_shash *tfm = tkey->tx_tfm_michael; - struct crypto_cipher *tfm2 = tkey->tx_tfm_arc4; + struct arc4_ctx *tfm2 = &tkey->tx_ctx_arc4; struct crypto_shash *tfm3 = tkey->rx_tfm_michael; - struct crypto_cipher *tfm4 = tkey->rx_tfm_arc4; + struct arc4_ctx *tfm4 = &tkey->rx_ctx_arc4; keyidx = tkey->key_idx; memset(tkey, 0, sizeof(*tkey)); tkey->key_idx = keyidx; tkey->tx_tfm_michael = tfm; - tkey->tx_tfm_arc4 = tfm2; + tkey->tx_ctx_arc4 = *tfm2; tkey->rx_tfm_michael = tfm3; - tkey->rx_tfm_arc4 = tfm4; + tkey->rx_ctx_arc4 = *tfm4; if (len == TKIP_KEY_LEN) { memcpy(tkey->key, key, TKIP_KEY_LEN); tkey->key_set = 1; From patchwork Tue Jun 11 13:47:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166455 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2387884ilk; Tue, 11 Jun 2019 06:48:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqz5Dc074PGg7nGPvHdEbNO7g6cLlAbZD+0PAvS32seT4e0eTbCFMR448wAK7LsW/DlC5xrb X-Received: by 2002:a17:902:aa0a:: with SMTP id be10mr69347771plb.27.1560260884732; Tue, 11 Jun 2019 06:48:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560260884; cv=none; d=google.com; s=arc-20160816; b=RUPrhhXIuZAr7GmGz7SMEOu5lQGWJMZtbK2KH5eHzey/Vo65AoZG3rVYVYV3gESBEI Hltm+2H1WcBiQuT1d6XXsIR/l2Kep6PNCukPAkCn+yNuJnAaQiwzU/lDgjuRtJsuXrdj 2BOzbzbEVwk0GADdnxOy9IsUfww6snrrbpxYUTV2Wcxl6WyEG4+i0XjjBSRGw/FSwzGZ vMfkQ+MKo9Ug6DOStbgj8rtPT8fBAvGkUd6tw7JsqBgrv5DUwhZIG2Vq9UCHz0DlI8OT SG3eQa4B1BOw2iE+Zg+iRujctsLidsLyp8lKOru71kVyHOZab5wO6S1lGaElq6lRBkIy +yFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=3I0sVEcJNKK5i1GhWoBB9kBvtudu6BnBVt42aYvHhK0=; b=Q4RTW/JQ5p7cJQ+DtoQuTYaeHSHtMrK9dpxYsvLhhdRU+PFeZbVIqTyqNKaHxxcCH2 j/gQejXYceBAB49d9FZS6rof1QqfPukcikhT8n2Hbz5g1cgIb6q2iGoqzT/ERuTAn2w6 s+gOf1mU5mKsT4dL2aGk3g3aoVhAybp4if6kCTibwRS349W6F1/12iD+rnLgbLtTd8E1 zp87jprjQs9PEkqPNUpcJUU0U8AhkSMI0fCXN+AB/Lw4AA2etjygwYFajgTzWRm1SRCg gBq/r+olgPmb/+2s9VIZJqqFkbTbQvrVl5M2a5tYeZ8aPiXTci5ckF++3cIGVoA5RgkD asmw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="zj/ey98w"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w127si14336788pfw.200.2019.06.11.06.48.04; Tue, 11 Jun 2019 06:48:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="zj/ey98w"; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390988AbfFKNsE (ORCPT + 3 others); Tue, 11 Jun 2019 09:48:04 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:54835 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389298AbfFKNsD (ORCPT ); Tue, 11 Jun 2019 09:48:03 -0400 Received: by mail-wm1-f66.google.com with SMTP id g135so3042719wme.4 for ; Tue, 11 Jun 2019 06:48:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=3I0sVEcJNKK5i1GhWoBB9kBvtudu6BnBVt42aYvHhK0=; b=zj/ey98wPanTfXmMnGYdICoWHd5IsvcgXDDnHto4mHfrAbCkkjDmx6got6b6VFhnDX +lC4myTMOybE/EzrSeRwipAGupn/23Hr5qxOJqY6tyiEiSjHNOFp8DDa/tL2zB+EcEQm bLVByxRkOMQ0mWtrwrZmhfCWZ97qcw5QvPWHEU/hzLCYljcNFo2/gKds3m7f+LsmetSV XBr9nO7Sx1v239IQslLGebJ5SroZqSEaqmDhbIH55yaKAE1HtUDFVQVBuxbZn1ZvKCSE BfNQOM7v5stu2A2YNWLJ77DqYVnE2jKnt9dQHOB8vPJw9MItTB0PqYJW07j4mg6wCWnV tDqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3I0sVEcJNKK5i1GhWoBB9kBvtudu6BnBVt42aYvHhK0=; b=YOtnv8yZy+0u/fbeZ0YCnoMr5Xk6iofTvTtURkqX7/nYPa7nl1M9Lx51OqiOJNqTo8 0rMZHXix9X+N9FinLlW8Dbohu5y870vcDrN7Pmkqczb2n8L+aVPmRfZCU5mMNYj8Z93X EauptJXujpRuzF83oRe1ALgej++mbJIXwSXGAMeJGfIVU++4ymmz+58Tmxt/VpX+pei9 pwX/L6zZ8FZy14ei62Pe9zkJ7byTPEUvoCSg3VyywPyCWLUqL5G46tFyWcCvkQDm6pTR lTfuk039tVRtpejJ+NMEgdSKqI4IbSk676r0cMd8wMy5GpJ3D9NQgVv1WBkUaWmQ5WHx iXKw== X-Gm-Message-State: APjAAAXUNoZRJCuVlyIJTtbNaz3eh9nxy7Q4XtUAvLzjCfVzbAWS34B4 ptB2ifOypN4UY8Mp6lEWRD+QUEFuahyQyTZL X-Received: by 2002:a1c:a783:: with SMTP id q125mr18760740wme.94.1560260880932; Tue, 11 Jun 2019 06:48:00 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id o126sm3964305wmo.31.2019.06.11.06.47.59 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 06:48:00 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v3 5/7] crypto: arc4 - remove cipher implementation Date: Tue, 11 Jun 2019 15:47:48 +0200 Message-Id: <20190611134750.2974-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611134750.2974-1-ard.biesheuvel@linaro.org> References: <20190611134750.2974-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org There are no remaining users of the cipher implementation, and there are no meaningful ways in which the arc4 cipher can be combined with templates other than ECB (and the way we do provide that combination is highly dubious to begin with). So let's drop the arc4 cipher altogether, and only keep the ecb(arc4) skcipher, which is used in various places in the kernel. Signed-off-by: Ard Biesheuvel --- crypto/arc4.c | 46 ++------------------ 1 file changed, 4 insertions(+), 42 deletions(-) -- 2.20.1 diff --git a/crypto/arc4.c b/crypto/arc4.c index 6974dba1b7b9..79a51e9f90ae 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -13,23 +13,12 @@ #include #include -static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key, - unsigned int key_len) -{ - struct arc4_ctx *ctx = crypto_tfm_ctx(tfm); - - return arc4_setkey(ctx, in_key, key_len); -} - static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, unsigned int key_len) { - return arc4_set_key(&tfm->base, in_key, key_len); -} + struct arc4_ctx *ctx = crypto_tfm_ctx(&tfm->base); -static void arc4_crypt_one(struct crypto_tfm *tfm, u8 *out, const u8 *in) -{ - arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); + return arc4_setkey(ctx, in_key, key_len); } static int ecb_arc4_crypt(struct skcipher_request *req) @@ -50,23 +39,6 @@ static int ecb_arc4_crypt(struct skcipher_request *req) return err; } -static struct crypto_alg arc4_cipher = { - .cra_name = "arc4", - .cra_flags = CRYPTO_ALG_TYPE_CIPHER, - .cra_blocksize = ARC4_BLOCK_SIZE, - .cra_ctxsize = sizeof(struct arc4_ctx), - .cra_module = THIS_MODULE, - .cra_u = { - .cipher = { - .cia_min_keysize = ARC4_MIN_KEY_SIZE, - .cia_max_keysize = ARC4_MAX_KEY_SIZE, - .cia_setkey = arc4_set_key, - .cia_encrypt = arc4_crypt_one, - .cia_decrypt = arc4_crypt_one, - }, - }, -}; - static struct skcipher_alg arc4_skcipher = { .base.cra_name = "ecb(arc4)", .base.cra_priority = 100, @@ -82,21 +54,11 @@ static struct skcipher_alg arc4_skcipher = { static int __init arc4_init(void) { - int err; - - err = crypto_register_alg(&arc4_cipher); - if (err) - return err; - - err = crypto_register_skcipher(&arc4_skcipher); - if (err) - crypto_unregister_alg(&arc4_cipher); - return err; + return crypto_register_skcipher(&arc4_skcipher); } static void __exit arc4_exit(void) { - crypto_unregister_alg(&arc4_cipher); crypto_unregister_skcipher(&arc4_skcipher); } @@ -106,4 +68,4 @@ module_exit(arc4_exit); MODULE_LICENSE("GPL"); MODULE_DESCRIPTION("ARC4 Cipher Algorithm"); MODULE_AUTHOR("Jon Oberheide "); -MODULE_ALIAS_CRYPTO("arc4"); +MODULE_ALIAS_CRYPTO("ecb(arc4)"); From patchwork Tue Jun 11 13:47:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166456 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2387909ilk; Tue, 11 Jun 2019 06:48:06 -0700 (PDT) X-Google-Smtp-Source: APXvYqwgKPAiKPh4/oDucKoJE99py5tvjjmNh7xj3Ro36cyP8rcDSvDmKgGagEBCejxlXm/fB8I6 X-Received: by 2002:aa7:8e46:: with SMTP id d6mr79875346pfr.91.1560260886547; Tue, 11 Jun 2019 06:48:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560260886; cv=none; d=google.com; s=arc-20160816; b=qGOndFWigri4oLHpc8jIWhIDG3VELVEKYn3Y/FOZU5V/yt2E8hww/R0W0ovNL3fc0D o7fLVRrZCy0Cmy6wC5qK1QGs2dO5GSkSeseUfjZ0VeeLMVhCVDPamzrtADDV5xQpz3Ji tnbNuZ/mIft6slfC5Q3/jImnRq2ruOmk1JlrNSDk/2JfhdBP9dFZxUwnhalI2ueS769J ywT+LB2y5g9cxX53LUm5e4imfr2NFXNM6ZMpaK9pVoEVZdc2HVe3pMQ4TLzwELPSd9Fz qiLQAefKgjBk4f1EON+pkIEBI0SYw6zs0N5WSc7n+4RxcBKtDMAX7RNWIUyguTVjdDPz nvTA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=kT6Xg5Xf2axXUbcSIqWmO5mOnGwail91z2JesUght8Y=; b=A0/ZCxTssy/MViuRlGz6DTnF6g4xWSSVEA/aoFl7ftyA9fotc9xbYVT8VK/6/HUjLL UvuuEM3Hor4Nn8wJbb8TFYkULiiSst3XTWRZrm6KOOMrKmfNcrL3huzGMgfTpnbUIDIN Z4usrodJLoW85lG++KWgMoAlgzzSoYbXKSAt/jYh7SYMQnyNF/G/JyqN7RdyhODGvbaN s4b8HT6jineFYfncTH+0IaxNQPwEBSXY+YTsW1ok9dUn39kV5DfVIy2Gh1pYGF4RaOQM EPzljAdkl6d61eHYNdySKzmm7eRmKgG6aMgZQgZP1VWiw3+JPVVv1k2L2M62biGd1aq4 hVEg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=xImDbJc1; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w127si14336788pfw.200.2019.06.11.06.48.06; Tue, 11 Jun 2019 06:48:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=xImDbJc1; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388299AbfFKNsF (ORCPT + 3 others); Tue, 11 Jun 2019 09:48:05 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:52230 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390248AbfFKNsF (ORCPT ); Tue, 11 Jun 2019 09:48:05 -0400 Received: by mail-wm1-f66.google.com with SMTP id s3so3056962wms.2 for ; Tue, 11 Jun 2019 06:48:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=kT6Xg5Xf2axXUbcSIqWmO5mOnGwail91z2JesUght8Y=; b=xImDbJc1mqM4oRFysaYy1zwvIVWJ8Dt2fwYw3tTQjzWrZk5zouvhoWhyFFBjBSTkFi Vsp4cv68m1jcIJJkstPP20meC4rBC/C+rmt0kIv+7rsnkeuJ+b0VBIdCOsr2sub1GWp1 4vrtLdMHVmVy49XDBv9DRdeLiUfYiAbll/1rpL3+/m3UM9nrGRwzMe9W0wwyoD3U7+nf Ay3DdT44sZNbUbWBoEOUsVuZfVS7E8Se7CLWtqtPWJkFt8Ui5uFeyTgxV2/lF+hi3Ybq Ur+SZvlokIvokzSm5ZmT8+Q79WV+7g9oFWz1y0lFN7hzYHXG7+kCa4AVzV3FJw3X2n4c 7EvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kT6Xg5Xf2axXUbcSIqWmO5mOnGwail91z2JesUght8Y=; b=TBgLo140J34doxphtwX9qdY8EOtcAHBZFo0wZzv4u2um4nn1J+zcvH6Lol2juYa5Sw 6bUL1RZrjD8HmmyUb1S5H9gUrhCSVX1SMned9zj9FecRKhSAaXR2pphlAOD4tBDmzTtt W1ezOBLA0+e0Wy/IK5hNx9yYQkAI25/7kY7WtVL5DQRVKwecMqSdabrcGldwGHOQjvTa Oie1X01keY9n77TROXIWmJ2UUAdd1L4wAoU8nvwk4Wk4FJSrsRlh2UCjdwIhoSPXzYH1 pDgD5shYfkjCwSwEBoa8HK1PzetwphUy4x7Egx7CbyTcYfG9DrufW/fsqgcE+uw4fKeF NCAA== X-Gm-Message-State: APjAAAXvnkE6Wnwm1hsuQGofrMQiBsDIjegJsQOIOXzo3SubeyGCEVjg BFNcoNiY8KEn9KBfv0n43OuMLOqgeulgX2YN X-Received: by 2002:a7b:c313:: with SMTP id k19mr7092704wmj.2.1560260882190; Tue, 11 Jun 2019 06:48:02 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id o126sm3964305wmo.31.2019.06.11.06.48.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 06:48:01 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg , linux-ppp@vger.kernel.org, Paul Mackerras Subject: [PATCH v3 6/7] ppp: mppe: switch to RC4 library interface Date: Tue, 11 Jun 2019 15:47:49 +0200 Message-Id: <20190611134750.2974-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611134750.2974-1-ard.biesheuvel@linaro.org> References: <20190611134750.2974-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The MPPE code uses the sync skcipher to invoke the ecb(arc4) skcipher, of which only a single generic C code implementation exists. This means that going through all the trouble of using scatterlists etc buys us very little, and we're better off just invoking the arc4 library directly. Note that the SHA1 shash used by this driver has several accelerated implementations for various architectures, so retaining that part does make sense. Cc: linux-ppp@vger.kernel.org Cc: Paul Mackerras Signed-off-by: Ard Biesheuvel --- drivers/net/ppp/Kconfig | 3 +- drivers/net/ppp/ppp_mppe.c | 95 +++----------------- 2 files changed, 14 insertions(+), 84 deletions(-) -- 2.20.1 diff --git a/drivers/net/ppp/Kconfig b/drivers/net/ppp/Kconfig index bf395df3bb37..1a2e2f7629f3 100644 --- a/drivers/net/ppp/Kconfig +++ b/drivers/net/ppp/Kconfig @@ -87,8 +87,7 @@ config PPP_MPPE depends on PPP select CRYPTO select CRYPTO_SHA1 - select CRYPTO_ARC4 - select CRYPTO_ECB + select CRYPTO_LIB_ARC4 ---help--- Support for the MPPE Encryption protocol, as employed by the Microsoft Point-to-Point Tunneling Protocol. diff --git a/drivers/net/ppp/ppp_mppe.c b/drivers/net/ppp/ppp_mppe.c index ff61dd8748de..a2040a156f40 100644 --- a/drivers/net/ppp/ppp_mppe.c +++ b/drivers/net/ppp/ppp_mppe.c @@ -42,9 +42,10 @@ * deprecated in 2.6 */ +#include #include -#include #include +#include #include #include #include @@ -65,13 +66,6 @@ MODULE_LICENSE("Dual BSD/GPL"); MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); MODULE_VERSION("1.0.2"); -static unsigned int -setup_sg(struct scatterlist *sg, const void *address, unsigned int length) -{ - sg_set_buf(sg, address, length); - return length; -} - #define SHA1_PAD_SIZE 40 /* @@ -95,7 +89,7 @@ static inline void sha_pad_init(struct sha_pad *shapad) * State for an MPPE (de)compressor. */ struct ppp_mppe_state { - struct crypto_sync_skcipher *arc4; + struct arc4_ctx arc4; struct shash_desc *sha1; unsigned char *sha1_digest; unsigned char master_key[MPPE_MAX_KEY_LEN]; @@ -154,24 +148,11 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state) */ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) { - struct scatterlist sg_in[1], sg_out[1]; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - get_new_key_from_sha(state); if (!initial_key) { - crypto_sync_skcipher_setkey(state->arc4, state->sha1_digest, - state->keylen); - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, state->sha1_digest, state->keylen); - setup_sg(sg_out, state->session_key, state->keylen); - skcipher_request_set_crypt(req, sg_in, sg_out, state->keylen, - NULL); - if (crypto_skcipher_encrypt(req)) - printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); + arc4_setkey(&state->arc4, state->sha1_digest, state->keylen); + arc4_crypt(&state->arc4, state->session_key, state->sha1_digest, + state->keylen); } else { memcpy(state->session_key, state->sha1_digest, state->keylen); } @@ -181,9 +162,7 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) state->session_key[1] = 0x26; state->session_key[2] = 0x9e; } - crypto_sync_skcipher_setkey(state->arc4, state->session_key, - state->keylen); - skcipher_request_zero(req); + arc4_setkey(&state->arc4, state->session_key, state->keylen); } /* @@ -196,7 +175,8 @@ static void *mppe_alloc(unsigned char *options, int optlen) unsigned int digestsize; if (optlen != CILEN_MPPE + sizeof(state->master_key) || - options[0] != CI_MPPE || options[1] != CILEN_MPPE) + options[0] != CI_MPPE || options[1] != CILEN_MPPE || + fips_enabled) goto out; state = kzalloc(sizeof(*state), GFP_KERNEL); @@ -204,12 +184,6 @@ static void *mppe_alloc(unsigned char *options, int optlen) goto out; - state->arc4 = crypto_alloc_sync_skcipher("ecb(arc4)", 0, 0); - if (IS_ERR(state->arc4)) { - state->arc4 = NULL; - goto out_free; - } - shash = crypto_alloc_shash("sha1", 0, 0); if (IS_ERR(shash)) goto out_free; @@ -250,7 +224,6 @@ static void *mppe_alloc(unsigned char *options, int optlen) crypto_free_shash(state->sha1->tfm); kzfree(state->sha1); } - crypto_free_sync_skcipher(state->arc4); kfree(state); out: return NULL; @@ -266,7 +239,6 @@ static void mppe_free(void *arg) kfree(state->sha1_digest); crypto_free_shash(state->sha1->tfm); kzfree(state->sha1); - crypto_free_sync_skcipher(state->arc4); kfree(state); } } @@ -366,10 +338,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, int isize, int osize) { struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); int proto; - int err; - struct scatterlist sg_in[1], sg_out[1]; /* * Check that the protocol is in the range we handle. @@ -420,21 +389,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, ibuf += 2; /* skip to proto field */ isize -= 2; - /* Encrypt packet */ - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, ibuf, isize); - setup_sg(sg_out, obuf, osize); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, sg_in, sg_out, isize, NULL); - err = crypto_skcipher_encrypt(req); - skcipher_request_zero(req); - if (err) { - printk(KERN_DEBUG "crypto_cypher_encrypt failed\n"); - return -1; - } + arc4_crypt(&state->arc4, obuf, ibuf, isize); state->stats.unc_bytes += isize; state->stats.unc_packets++; @@ -480,10 +435,8 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, int osize) { struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); unsigned ccount; int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED; - struct scatterlist sg_in[1], sg_out[1]; if (isize <= PPP_HDRLEN + MPPE_OVHD) { if (state->debug) @@ -610,19 +563,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, * Decrypt the first byte in order to check if it is * a compressed or uncompressed protocol field. */ - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, ibuf, 1); - setup_sg(sg_out, obuf, 1); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, sg_in, sg_out, 1, NULL); - if (crypto_skcipher_decrypt(req)) { - printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); - osize = DECOMP_ERROR; - goto out_zap_req; - } + arc4_crypt(&state->arc4, obuf, ibuf, 1); /* * Do PFC decompression. @@ -637,14 +578,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, } /* And finally, decrypt the rest of the packet. */ - setup_sg(sg_in, ibuf + 1, isize - 1); - setup_sg(sg_out, obuf + 1, osize - 1); - skcipher_request_set_crypt(req, sg_in, sg_out, isize - 1, NULL); - if (crypto_skcipher_decrypt(req)) { - printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); - osize = DECOMP_ERROR; - goto out_zap_req; - } + arc4_crypt(&state->arc4, obuf + 1, ibuf + 1, isize - 1); state->stats.unc_bytes += osize; state->stats.unc_packets++; @@ -654,8 +588,6 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, /* good packet credit */ state->sanity_errors >>= 1; -out_zap_req: - skcipher_request_zero(req); return osize; sanity_error: @@ -728,8 +660,7 @@ static struct compressor ppp_mppe = { static int __init ppp_mppe_init(void) { int answer; - if (!(crypto_has_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) && - crypto_has_ahash("sha1", 0, CRYPTO_ALG_ASYNC))) + if (!crypto_has_ahash("sha1", 0, CRYPTO_ALG_ASYNC)) return -ENODEV; sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL); From patchwork Tue Jun 11 13:47:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166457 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2387915ilk; Tue, 11 Jun 2019 06:48:06 -0700 (PDT) X-Google-Smtp-Source: APXvYqx9z0o++od2FFYS0k2pzdxqquPa7NaEkkf0DA5oTP/zHjWPUuhyjmPWvWP9tYTh0xYgV3of X-Received: by 2002:aa7:8752:: with SMTP id g18mr8852277pfo.201.1560260886812; Tue, 11 Jun 2019 06:48:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560260886; cv=none; d=google.com; s=arc-20160816; b=ZY/NGUswp9BR3CexY3Vqs0kSheHelvvpzpn3e6+D2MLCvzlCvwEVQIS9qG9Tj/ZpWV H53z2s5Eyp80yNwQTQCMeO/bw+Q0Q8CCUZbJgm2WWcDT5oG8dv7J+Rb7c39sgSX5beQh etmOytPxElSGpF5RiDPdkMG3dDVG1JTQula4xAxEuUr3/n3l17L0RpViG9xJn/7Iy5xA naSe3yxs4pAUUaP9uAoOeLsmJR4TN9R0xXAQBqvuNOM1tASxF8CW1iDXAeMG/U/flNcO 5smMGG/fPE5wh4+9udR2G1TbaetYKjmXW9pRGhICzbuJBuUHykTWqAwC/q1TPIT+VwCP TonA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=2CZ7XNP6ncpKBw0YJudQO1JgyRd0fuR40ry6DWOpcj4=; b=pESuni2kx810EJuj53aGGoEEWFmqM5+T2u/Zj5EQTw14bo5aLUM2V87Q0LY2Q7Tr2p EAl+ydy2wHKeScjiQxSnQ0/Gu2imUNJCRLy4uy6HZshLV0lSihpP2wNJk1xpDTdoDxFP meOuB9gA+A3nazSCVvGd7HZaKjDZD73RGBG/YHSIKV4GDXvTJv0cYCFEGxMiGBC6qHdF /FTdMK12Ey4h7rj66Z2zu3A065HMwQQOIOglz6qu18SZETOXfV2gcQeE69x7o1/FQckE Qb7h2M4yBwdNDn8bDkJGhOLF8tvxDLxDeKTv4rDN5FSr7Axi8T203Qtm94VRs7x4JIym o0uA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Jpyybqlu; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w127si14336788pfw.200.2019.06.11.06.48.06; Tue, 11 Jun 2019 06:48:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Jpyybqlu; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2403948AbfFKNsF (ORCPT + 3 others); Tue, 11 Jun 2019 09:48:05 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:53839 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389298AbfFKNsF (ORCPT ); Tue, 11 Jun 2019 09:48:05 -0400 Received: by mail-wm1-f65.google.com with SMTP id x15so3042347wmj.3 for ; Tue, 11 Jun 2019 06:48:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=2CZ7XNP6ncpKBw0YJudQO1JgyRd0fuR40ry6DWOpcj4=; b=Jpyybqlurfd8p8HkRweWx9A0ZRZRilrim08I8+62egJ0xAS8tiahGPiVz7xuNNXCBg 6nCHBPnqGNKdvljtQN9d1ojCYrj5nfQwrvCnKva3USqRdCqmYd3Komp1ou8KiqViYDQp Y47OauyVN8Fzy4YQxyG90+u2pC9mcRjt7BiKS0kTyG9Sk8HZQ/8dbxiGdoKRWVu7HaxD tQiw4lsxthogrO0uShmlz2yz68rPA2p/vNfA55oQAH/nTEEte46iJRn3S+Zbj5aU+4Ve V+AclEU688L+c2wmvK445FKZBCHYQCq3jMQKNoYDWdskNjbYLPJj+NY61LIH1l1/gZC3 RMIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=2CZ7XNP6ncpKBw0YJudQO1JgyRd0fuR40ry6DWOpcj4=; b=ETJoBgDFZCyzFi/XmnOOPe4zOWag7meXRrwR/VYFPdDD5dA2AXrT0m5jSqKjlMXuRL 9OktVwMZKg9OLOoj8Lm3kE/vHf6dkK2llbCvMygac8mDjC/+V0Xw28YVbRWi+5qIx/h9 wtxn89iK/MZu7PEkSvw0JYx50g6z/ZTFQSOwgE1J4hureau0nj6eY7qJ4z+migdds2lI do9EWc9LDkuIw4GR5+aWlBycdD3sXlrFz8dwmQZ6oHV0S77dcfAhMCocX+67GJSEj61F MNZVV3ivmA1lAzt4KF6K2s3wzY2+M43rXRpwUugXZi5tT3UE7nTS519H3uLZBIY824Gi 5Bog== X-Gm-Message-State: APjAAAWbI6XP2p7I5qTcMRRe+M4BuqAlf5g1P9lNyrkdGKgzTLZmbANZ Rvfmx08tdXZqkA52QQ9VuzTkweWkAB3aLF9H X-Received: by 2002:a1c:2e09:: with SMTP id u9mr18173175wmu.137.1560260883273; Tue, 11 Jun 2019 06:48:03 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id o126sm3964305wmo.31.2019.06.11.06.48.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 06:48:02 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg , linux-cifs@vger.kernel.org, Steve French Subject: [PATCH v3 7/7] fs: cifs: switch to RC4 library interface Date: Tue, 11 Jun 2019 15:47:50 +0200 Message-Id: <20190611134750.2974-8-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611134750.2974-1-ard.biesheuvel@linaro.org> References: <20190611134750.2974-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The CIFS code uses the sync skcipher API to invoke the ecb(arc4) skcipher, of which only a single generic C code implementation exists. This means that going through all the trouble of using scatterlists etc buys us very little, and we're better off just invoking the arc4 library directly. Cc: linux-cifs@vger.kernel.org Cc: Steve French Signed-off-by: Ard Biesheuvel --- fs/cifs/Kconfig | 2 +- fs/cifs/cifsencrypt.c | 53 ++++++-------------- 2 files changed, 16 insertions(+), 39 deletions(-) -- 2.20.1 diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index aae2b8b2adf5..523e9ea78a28 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig @@ -10,7 +10,7 @@ config CIFS select CRYPTO_SHA512 select CRYPTO_CMAC select CRYPTO_HMAC - select CRYPTO_ARC4 + select CRYPTO_LIB_ARC4 select CRYPTO_AEAD2 select CRYPTO_CCM select CRYPTO_ECB diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index d2a05e46d6f5..3b7b5e83493d 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -33,7 +33,8 @@ #include #include #include -#include +#include +#include #include int __cifs_calc_signature(struct smb_rqst *rqst, @@ -772,11 +773,12 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp) int calc_seckey(struct cifs_ses *ses) { - int rc; - struct crypto_skcipher *tfm_arc4; - struct scatterlist sgin, sgout; - struct skcipher_request *req; + struct arc4_ctx *ctx_arc4; unsigned char *sec_key; + int rc = 0; + + if (fips_enabled) + return -ENODEV; sec_key = kmalloc(CIFS_SESS_KEY_SIZE, GFP_KERNEL); if (sec_key == NULL) @@ -784,49 +786,24 @@ calc_seckey(struct cifs_ses *ses) get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE); - tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC); - if (IS_ERR(tfm_arc4)) { - rc = PTR_ERR(tfm_arc4); - cifs_dbg(VFS, "could not allocate crypto API arc4\n"); - goto out; - } - - rc = crypto_skcipher_setkey(tfm_arc4, ses->auth_key.response, - CIFS_SESS_KEY_SIZE); - if (rc) { - cifs_dbg(VFS, "%s: Could not set response as a key\n", - __func__); - goto out_free_cipher; - } - - req = skcipher_request_alloc(tfm_arc4, GFP_KERNEL); - if (!req) { + ctx_arc4 = kmalloc(sizeof(*ctx_arc4), GFP_KERNEL); + if (!ctx_arc4) { rc = -ENOMEM; - cifs_dbg(VFS, "could not allocate crypto API arc4 request\n"); - goto out_free_cipher; + cifs_dbg(VFS, "could not allocate arc4 context\n"); + goto out; } - sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); - sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); - - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, &sgin, &sgout, CIFS_CPHTXT_SIZE, NULL); - - rc = crypto_skcipher_encrypt(req); - skcipher_request_free(req); - if (rc) { - cifs_dbg(VFS, "could not encrypt session key rc: %d\n", rc); - goto out_free_cipher; - } + arc4_setkey(ctx_arc4, ses->auth_key.response, CIFS_SESS_KEY_SIZE); + arc4_crypt(ctx_arc4, ses->ntlmssp->ciphertext, sec_key, + CIFS_CPHTXT_SIZE); /* make secondary_key/nonce as session key */ memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE); /* and make len as that of session key only */ ses->auth_key.len = CIFS_SESS_KEY_SIZE; -out_free_cipher: - crypto_free_skcipher(tfm_arc4); out: + kfree(ctx_arc4); kfree(sec_key); return rc; }