We accidentally assigned the ahash update complete function to
the wrong function pointer in crypto_authenc_verify.
This patch fixes this.
Signed-off-by: Steffen Klassert <[email protected]>
---
crypto/authenc.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 1887090..6287cfd 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -454,7 +454,7 @@ static int crypto_authenc_verify(struct aead_request *req,
unsigned int authsize;
areq_ctx->complete = authenc_verify_ahash_done;
- areq_ctx->complete = authenc_verify_ahash_update_done;
+ areq_ctx->update_complete = authenc_verify_ahash_update_done;
ohash = authenc_ahash_fn(req, CRYPTO_TFM_REQ_MAY_SLEEP);
if (IS_ERR(ohash))
--
1.5.6.5
In crypto_authenc_encrypt() we save the IV behind the ablkcipher
request. To save space on the request, we overwrite the ablkcipher
request with a ahash request after encryption. So the IV may be
overwritten by the ahash request. This patch fixes this by placing
the IV in front of the ablkcipher/ahash request.
Signed-off-by: Steffen Klassert <[email protected]>
---
crypto/authenc.c | 25 ++++++++++++++-----------
1 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 6287cfd..2bb7348 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -386,11 +386,13 @@ static int crypto_authenc_encrypt(struct aead_request *req)
{
struct crypto_aead *authenc = crypto_aead_reqtfm(req);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
- struct ablkcipher_request *abreq = aead_request_ctx(req);
+ struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
struct crypto_ablkcipher *enc = ctx->enc;
struct scatterlist *dst = req->dst;
unsigned int cryptlen = req->cryptlen;
- u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc);
+ struct ablkcipher_request *abreq = (void *)(areq_ctx->tail
+ + ctx->reqoff);
+ u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(enc);
int err;
ablkcipher_request_set_tfm(abreq, enc);
@@ -546,10 +548,6 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
if (IS_ERR(auth))
return PTR_ERR(auth);
- ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
- crypto_ahash_alignmask(auth),
- crypto_ahash_alignmask(auth) + 1);
-
enc = crypto_spawn_skcipher(&ictx->enc);
err = PTR_ERR(enc);
if (IS_ERR(enc))
@@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
ctx->auth = auth;
ctx->enc = enc;
- tfm->crt_aead.reqsize = max_t(unsigned int,
- crypto_ahash_reqsize(auth) + ctx->reqoff +
- sizeof(struct authenc_request_ctx) +
+ ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
+ crypto_ahash_alignmask(auth),
+ crypto_ahash_alignmask(auth) + 1) +
+ crypto_ablkcipher_ivsize(enc);
+
+ tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
+ ctx->reqoff +
+ max_t(unsigned int,
+ crypto_ahash_reqsize(auth) +
sizeof(struct ahash_request),
sizeof(struct skcipher_givcrypt_request) +
- crypto_ablkcipher_reqsize(enc) +
- crypto_ablkcipher_ivsize(enc));
+ crypto_ablkcipher_reqsize(enc));
return 0;
--
1.5.6.5
On Tue, Feb 23, 2010 at 07:21:09AM +0100, Steffen Klassert wrote:
> We accidentally assigned the ahash update complete function to
> the wrong function pointer in crypto_authenc_verify.
> This patch fixes this.
>
> Signed-off-by: Steffen Klassert <[email protected]>
Patch applied. Thanks!
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Tue, Feb 23, 2010 at 07:22:37AM +0100, Steffen Klassert wrote:
>
> @@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
> ctx->auth = auth;
> ctx->enc = enc;
>
> - tfm->crt_aead.reqsize = max_t(unsigned int,
> - crypto_ahash_reqsize(auth) + ctx->reqoff +
> - sizeof(struct authenc_request_ctx) +
> + ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
> + crypto_ahash_alignmask(auth),
> + crypto_ahash_alignmask(auth) + 1) +
> + crypto_ablkcipher_ivsize(enc);
> +
> + tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
> + ctx->reqoff +
> + max_t(unsigned int,
> + crypto_ahash_reqsize(auth) +
> sizeof(struct ahash_request),
> sizeof(struct skcipher_givcrypt_request) +
> - crypto_ablkcipher_reqsize(enc) +
> - crypto_ablkcipher_ivsize(enc));
> + crypto_ablkcipher_reqsize(enc));
Hmm, I just noticed that both before and after the patch we're
only including the hash request size for the encrypt case, and
not the givencrypt case. Is there a reason for this?
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Tue, Mar 02, 2010 at 10:10:49PM +0800, Herbert Xu wrote:
>
> Hmm, I just noticed that both before and after the patch we're
> only including the hash request size for the encrypt case, and
> not the givencrypt case. Is there a reason for this?
>
Hm, for the moment I don't see what's missing. The ahash request
size should be the same for both cases. Do you have a hint?
On Wed, Mar 03, 2010 at 07:58:40AM +0100, Steffen Klassert wrote:
> On Tue, Mar 02, 2010 at 10:10:49PM +0800, Herbert Xu wrote:
> >
> > Hmm, I just noticed that both before and after the patch we're
> > only including the hash request size for the encrypt case, and
> > not the givencrypt case. Is there a reason for this?
> >
>
> Hm, for the moment I don't see what's missing. The ahash request
> size should be the same for both cases. Do you have a hint?
Oh I misinterpreted what the max was trying to do. I'll apply
you patch.
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt