Re: [PATCH] crypto: algif_skcipher - Use chunksize instead of blocksize

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 10 Sep 2019 at 02:42, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
>
> When algif_skcipher does a partial operation it always process data
> that is a multiple of blocksize.  However, for algorithms such as
> CTR this is wrong because even though it can process any number of
> bytes overall, the partial block must come at the very end and not
> in the middle.
>
> This is exactly what chunksize is meant to describe so this patch
> changes blocksize to chunksize.
>
> Fixes: 8ff590903d5f ("crypto: algif_skcipher - User-space...")
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Acked-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>

>
> diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
> index c1601edd70e3..e2c8ab408bed 100644
> --- a/crypto/algif_skcipher.c
> +++ b/crypto/algif_skcipher.c
> @@ -56,7 +56,7 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg,
>         struct alg_sock *pask = alg_sk(psk);
>         struct af_alg_ctx *ctx = ask->private;
>         struct crypto_skcipher *tfm = pask->private;
> -       unsigned int bs = crypto_skcipher_blocksize(tfm);
> +       unsigned int bs = crypto_skcipher_chunksize(tfm);
>         struct af_alg_async_req *areq;
>         int err = 0;
>         size_t len = 0;
> diff --git a/include/crypto/internal/skcipher.h b/include/crypto/internal/skcipher.h
> index 734b6f7081b8..3175dfeaed2c 100644
> --- a/include/crypto/internal/skcipher.h
> +++ b/include/crypto/internal/skcipher.h
> @@ -205,19 +205,6 @@ static inline unsigned int crypto_skcipher_alg_max_keysize(
>         return alg->max_keysize;
>  }
>
> -static inline unsigned int crypto_skcipher_alg_chunksize(
> -       struct skcipher_alg *alg)
> -{
> -       if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) ==
> -           CRYPTO_ALG_TYPE_BLKCIPHER)
> -               return alg->base.cra_blocksize;
> -
> -       if (alg->base.cra_ablkcipher.encrypt)
> -               return alg->base.cra_blocksize;
> -
> -       return alg->chunksize;
> -}
> -
>  static inline unsigned int crypto_skcipher_alg_walksize(
>         struct skcipher_alg *alg)
>  {
> @@ -231,23 +218,6 @@ static inline unsigned int crypto_skcipher_alg_walksize(
>         return alg->walksize;
>  }
>
> -/**
> - * crypto_skcipher_chunksize() - obtain chunk size
> - * @tfm: cipher handle
> - *
> - * The block size is set to one for ciphers such as CTR.  However,
> - * you still need to provide incremental updates in multiples of
> - * the underlying block size as the IV does not have sub-block
> - * granularity.  This is known in this API as the chunk size.
> - *
> - * Return: chunk size in bytes
> - */
> -static inline unsigned int crypto_skcipher_chunksize(
> -       struct crypto_skcipher *tfm)
> -{
> -       return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm));
> -}
> -
>  /**
>   * crypto_skcipher_walksize() - obtain walk size
>   * @tfm: cipher handle
> diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
> index 37c164234d97..aada87916918 100644
> --- a/include/crypto/skcipher.h
> +++ b/include/crypto/skcipher.h
> @@ -304,6 +304,36 @@ static inline unsigned int crypto_skcipher_blocksize(
>         return crypto_tfm_alg_blocksize(crypto_skcipher_tfm(tfm));
>  }
>
> +static inline unsigned int crypto_skcipher_alg_chunksize(
> +       struct skcipher_alg *alg)
> +{
> +       if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) ==
> +           CRYPTO_ALG_TYPE_BLKCIPHER)
> +               return alg->base.cra_blocksize;
> +
> +       if (alg->base.cra_ablkcipher.encrypt)
> +               return alg->base.cra_blocksize;
> +
> +       return alg->chunksize;
> +}
> +
> +/**
> + * crypto_skcipher_chunksize() - obtain chunk size
> + * @tfm: cipher handle
> + *
> + * The block size is set to one for ciphers such as CTR.  However,
> + * you still need to provide incremental updates in multiples of
> + * the underlying block size as the IV does not have sub-block
> + * granularity.  This is known in this API as the chunk size.
> + *
> + * Return: chunk size in bytes
> + */
> +static inline unsigned int crypto_skcipher_chunksize(
> +       struct crypto_skcipher *tfm)
> +{
> +       return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm));
> +}
> +
>  static inline unsigned int crypto_sync_skcipher_blocksize(
>         struct crypto_sync_skcipher *tfm)
>  {
> --
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux