This patch adds a new tailsize attribute to skcipher and lskcipher algorithms. This will be used by algorithms such as CTS which may need to withhold a number of blocks until the end has been reached. When issuing a NOTFINAL request, the user must ensure that at least tailsize bytes will be supplied later on a final request. Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> --- crypto/lskcipher.c | 1 + crypto/skcipher.c | 16 ++++++++++++++- include/crypto/internal/skcipher.h | 1 + include/crypto/skcipher.h | 33 ++++++++++++++++++++++++++++++ 4 files changed, 50 insertions(+), 1 deletion(-) diff --git a/crypto/lskcipher.c b/crypto/lskcipher.c index 0b6dd8aa21f2..2a602911f4fc 100644 --- a/crypto/lskcipher.c +++ b/crypto/lskcipher.c @@ -300,6 +300,7 @@ static void __maybe_unused crypto_lskcipher_show( seq_printf(m, "ivsize : %u\n", skcipher->co.ivsize); seq_printf(m, "chunksize : %u\n", skcipher->co.chunksize); seq_printf(m, "statesize : %u\n", skcipher->co.statesize); + seq_printf(m, "tailsize : %u\n", skcipher->co.tailsize); } static int __maybe_unused crypto_lskcipher_report( diff --git a/crypto/skcipher.c b/crypto/skcipher.c index bc70e159d27d..600ec5735ce0 100644 --- a/crypto/skcipher.c +++ b/crypto/skcipher.c @@ -368,10 +368,21 @@ static int skcipher_walk_next(struct skcipher_walk *walk) SKCIPHER_WALK_DIFF); n = walk->total; - bsize = min(walk->stride, max(n, walk->blocksize)); + + bsize = max(n, walk->blocksize); + if (n > walk->tailsize) + bsize = min(walk->stride, bsize); + n = scatterwalk_clamp(&walk->in, n); n = scatterwalk_clamp(&walk->out, n); + /* Retain tail if necessary. */ + if (walk->tailsize < walk->total && walk->total - n < walk->tailsize) { + /* Process at least one block. */ + n = min(n, bsize); + n = max(n, walk->total - walk->tailsize); + } + if (unlikely(n < bsize)) { if (unlikely(walk->total < walk->blocksize)) return skcipher_walk_done(walk, -EINVAL); @@ -487,6 +498,7 @@ static int skcipher_walk_skcipher(struct skcipher_walk *walk, walk->blocksize = crypto_skcipher_blocksize(tfm); walk->ivsize = crypto_skcipher_ivsize(tfm); walk->alignmask = crypto_skcipher_alignmask(tfm); + walk->tailsize = crypto_skcipher_tailsize(tfm); if (alg->co.base.cra_type != &crypto_skcipher_type) walk->stride = alg->co.chunksize; @@ -824,6 +836,7 @@ static void crypto_skcipher_show(struct seq_file *m, struct crypto_alg *alg) seq_printf(m, "chunksize : %u\n", skcipher->chunksize); seq_printf(m, "walksize : %u\n", skcipher->walksize); seq_printf(m, "statesize : %u\n", skcipher->statesize); + seq_printf(m, "tailsize : %u\n", skcipher->tailsize); } static int __maybe_unused crypto_skcipher_report( @@ -939,6 +952,7 @@ int skcipher_prepare_alg_common(struct skcipher_alg_common *alg) struct crypto_alg *base = &alg->base; if (alg->ivsize > PAGE_SIZE / 8 || alg->chunksize > PAGE_SIZE / 8 || + alg->tailsize > PAGE_SIZE / 8 || alg->statesize > PAGE_SIZE / 2 || (alg->ivsize + alg->statesize) > PAGE_SIZE / 2) return -EINVAL; diff --git a/include/crypto/internal/skcipher.h b/include/crypto/internal/skcipher.h index 7ae42afdcf3e..1e35e7719b22 100644 --- a/include/crypto/internal/skcipher.h +++ b/include/crypto/internal/skcipher.h @@ -86,6 +86,7 @@ struct skcipher_walk { int flags; unsigned int blocksize; unsigned int stride; + unsigned int tailsize; unsigned int alignmask; }; diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h index c8857d7bdb37..6223d81fed76 100644 --- a/include/crypto/skcipher.h +++ b/include/crypto/skcipher.h @@ -103,6 +103,8 @@ struct crypto_istat_cipher { * @chunksize: Equal to the block size except for stream ciphers such as * CTR where it is set to the underlying block size. * @statesize: Size of the internal state for the algorithm. + * @tailsize: Minimum number of bytes to withhold until the end of operation. + * Used by algorithms such as CTS to support chaining. * @stat: Statistics for cipher algorithm * @base: Definition of a generic crypto algorithm. */ @@ -112,6 +114,7 @@ struct crypto_istat_cipher { unsigned int ivsize; \ unsigned int chunksize; \ unsigned int statesize; \ + unsigned int tailsize; \ \ SKCIPHER_ALG_COMMON_STAT \ \ @@ -543,6 +546,36 @@ static inline unsigned int crypto_lskcipher_statesize( return crypto_lskcipher_alg(tfm)->co.statesize; } +/** + * crypto_skcipher_tailsize() - obtain tail size + * @tfm: cipher handle + * + * Some algorithms need to withhold a number of blocks until the end. + * The tail size specifies how many bytes to withhold. + * + * Return: tail size in bytes + */ +static inline unsigned int crypto_skcipher_tailsize( + struct crypto_skcipher *tfm) +{ + return crypto_skcipher_alg_common(tfm)->tailsize; +} + +/** + * crypto_lskcipher_tailsize() - obtain tail size + * @tfm: cipher handle + * + * Some algorithms need to withhold a number of blocks until the end. + * The tail size specifies how many bytes to withhold. + * + * Return: tail size in bytes + */ +static inline unsigned int crypto_lskcipher_tailsize( + struct crypto_lskcipher *tfm) +{ + return crypto_lskcipher_alg(tfm)->co.tailsize; +} + static inline unsigned int crypto_sync_skcipher_blocksize( struct crypto_sync_skcipher *tfm) { -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt