As it stands cts cannot do chaining. That is, it always performs the cipher-text stealing at the end of a request. This patch adds support for chaining when the CRYPTO_TM_REQ_MORE flag is set. It also sets fcsize so that data can be withheld by the caller to enable correct processing at the true end of a request. Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> --- crypto/cts.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/crypto/cts.c b/crypto/cts.c index 5e005c4f02215..3cca3112e7dca 100644 --- a/crypto/cts.c +++ b/crypto/cts.c @@ -100,7 +100,7 @@ static int cts_cbc_encrypt(struct skcipher_request *req) struct crypto_cts_reqctx *rctx = skcipher_request_ctx(req); struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct skcipher_request *subreq = &rctx->subreq; - int bsize = crypto_skcipher_blocksize(tfm); + int bsize = crypto_skcipher_chunksize(tfm); u8 d[MAX_CIPHER_BLOCKSIZE * 2] __aligned(__alignof__(u32)); struct scatterlist *sg; unsigned int offset; @@ -146,7 +146,7 @@ static int crypto_cts_encrypt(struct skcipher_request *req) struct crypto_cts_reqctx *rctx = skcipher_request_ctx(req); struct crypto_cts_ctx *ctx = crypto_skcipher_ctx(tfm); struct skcipher_request *subreq = &rctx->subreq; - int bsize = crypto_skcipher_blocksize(tfm); + int bsize = crypto_skcipher_chunksize(tfm); unsigned int nbytes = req->cryptlen; unsigned int offset; @@ -155,7 +155,7 @@ static int crypto_cts_encrypt(struct skcipher_request *req) if (nbytes < bsize) return -EINVAL; - if (nbytes == bsize) { + if (nbytes == bsize || req->base.flags & CRYPTO_TFM_REQ_MORE) { skcipher_request_set_callback(subreq, req->base.flags, req->base.complete, req->base.data); @@ -181,7 +181,7 @@ static int cts_cbc_decrypt(struct skcipher_request *req) struct crypto_cts_reqctx *rctx = skcipher_request_ctx(req); struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct skcipher_request *subreq = &rctx->subreq; - int bsize = crypto_skcipher_blocksize(tfm); + int bsize = crypto_skcipher_chunksize(tfm); u8 d[MAX_CIPHER_BLOCKSIZE * 2] __aligned(__alignof__(u32)); struct scatterlist *sg; unsigned int offset; @@ -240,7 +240,7 @@ static int crypto_cts_decrypt(struct skcipher_request *req) struct crypto_cts_reqctx *rctx = skcipher_request_ctx(req); struct crypto_cts_ctx *ctx = crypto_skcipher_ctx(tfm); struct skcipher_request *subreq = &rctx->subreq; - int bsize = crypto_skcipher_blocksize(tfm); + int bsize = crypto_skcipher_chunksize(tfm); unsigned int nbytes = req->cryptlen; unsigned int offset; u8 *space; @@ -250,7 +250,7 @@ static int crypto_cts_decrypt(struct skcipher_request *req) if (nbytes < bsize) return -EINVAL; - if (nbytes == bsize) { + if (nbytes == bsize || req->base.flags & CRYPTO_TFM_REQ_MORE) { skcipher_request_set_callback(subreq, req->base.flags, req->base.complete, req->base.data); @@ -297,7 +297,7 @@ static int crypto_cts_init_tfm(struct crypto_skcipher *tfm) ctx->child = cipher; align = crypto_skcipher_alignmask(tfm); - bsize = crypto_skcipher_blocksize(cipher); + bsize = crypto_skcipher_chunksize(cipher); reqsize = ALIGN(sizeof(struct crypto_cts_reqctx) + crypto_skcipher_reqsize(cipher), crypto_tfm_ctx_alignment()) + @@ -366,11 +366,12 @@ static int crypto_cts_create(struct crypto_template *tmpl, struct rtattr **tb) inst->alg.base.cra_flags = alg->base.cra_flags & CRYPTO_ALG_ASYNC; inst->alg.base.cra_priority = alg->base.cra_priority; - inst->alg.base.cra_blocksize = alg->base.cra_blocksize; + inst->alg.base.cra_blocksize = 1; inst->alg.base.cra_alignmask = alg->base.cra_alignmask; inst->alg.ivsize = alg->base.cra_blocksize; - inst->alg.chunksize = crypto_skcipher_alg_chunksize(alg); + inst->alg.chunksize = alg->base.cra_blocksize; + inst->alg.fcsize = inst->alg.chunksize * 2; inst->alg.min_keysize = crypto_skcipher_alg_min_keysize(alg); inst->alg.max_keysize = crypto_skcipher_alg_max_keysize(alg);