This series makes some simplifications to the skcipher algorithm type
that are possible now that blkcipher and ablkcipher (and hence also the
compatibility code to expose them via the skcipher API) were removed.
Eric Biggers (6):
crypto: skcipher - remove crypto_skcipher::ivsize
crypto: skcipher - remove crypto_skcipher::keysize
crypto: skcipher - remove crypto_skcipher::setkey
crypto: skcipher - remove crypto_skcipher::encrypt
crypto: skcipher - remove crypto_skcipher::decrypt
crypto: skcipher - remove crypto_skcipher_extsize()
crypto/skcipher.c | 22 ++++++----------------
crypto/testmgr.c | 10 ++++++----
fs/ecryptfs/crypto.c | 2 +-
fs/ecryptfs/keystore.c | 4 ++--
include/crypto/skcipher.h | 20 +++++---------------
5 files changed, 20 insertions(+), 38 deletions(-)
--
2.24.0
From: Eric Biggers <[email protected]>
Due to the removal of the blkcipher and ablkcipher algorithm types,
crypto_skcipher::setkey now always points to skcipher_setkey().
Simplify by removing this function pointer and instead just making
skcipher_setkey() be crypto_skcipher_setkey() directly.
Signed-off-by: Eric Biggers <[email protected]>
---
crypto/skcipher.c | 4 ++--
include/crypto/skcipher.h | 9 ++-------
2 files changed, 4 insertions(+), 9 deletions(-)
diff --git a/crypto/skcipher.c b/crypto/skcipher.c
index 6cfafd80c7e6..4197b5ed57c4 100644
--- a/crypto/skcipher.c
+++ b/crypto/skcipher.c
@@ -610,7 +610,7 @@ static int skcipher_setkey_unaligned(struct crypto_skcipher *tfm,
return ret;
}
-static int skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key,
+int crypto_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key,
unsigned int keylen)
{
struct skcipher_alg *cipher = crypto_skcipher_alg(tfm);
@@ -635,6 +635,7 @@ static int skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key,
crypto_skcipher_clear_flags(tfm, CRYPTO_TFM_NEED_KEY);
return 0;
}
+EXPORT_SYMBOL_GPL(crypto_skcipher_setkey);
int crypto_skcipher_encrypt(struct skcipher_request *req)
{
@@ -683,7 +684,6 @@ static int crypto_skcipher_init_tfm(struct crypto_tfm *tfm)
struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
struct skcipher_alg *alg = crypto_skcipher_alg(skcipher);
- skcipher->setkey = skcipher_setkey;
skcipher->encrypt = alg->encrypt;
skcipher->decrypt = alg->decrypt;
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
index d8c28c8186a4..ea94cc422b94 100644
--- a/include/crypto/skcipher.h
+++ b/include/crypto/skcipher.h
@@ -35,8 +35,6 @@ struct skcipher_request {
};
struct crypto_skcipher {
- int (*setkey)(struct crypto_skcipher *tfm, const u8 *key,
- unsigned int keylen);
int (*encrypt)(struct skcipher_request *req);
int (*decrypt)(struct skcipher_request *req);
@@ -364,11 +362,8 @@ static inline void crypto_sync_skcipher_clear_flags(
*
* Return: 0 if the setting of the key was successful; < 0 if an error occurred
*/
-static inline int crypto_skcipher_setkey(struct crypto_skcipher *tfm,
- const u8 *key, unsigned int keylen)
-{
- return tfm->setkey(tfm, key, keylen);
-}
+int crypto_skcipher_setkey(struct crypto_skcipher *tfm,
+ const u8 *key, unsigned int keylen);
static inline int crypto_sync_skcipher_setkey(struct crypto_sync_skcipher *tfm,
const u8 *key, unsigned int keylen)
--
2.24.0
From: Eric Biggers <[email protected]>
Due to the removal of the blkcipher and ablkcipher algorithm types,
crypto_skcipher_extsize() now simply calls crypto_alg_extsize(). So
remove it and just use crypto_alg_extsize().
Signed-off-by: Eric Biggers <[email protected]>
---
crypto/skcipher.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/crypto/skcipher.c b/crypto/skcipher.c
index e4e4a445dc66..39a718d99220 100644
--- a/crypto/skcipher.c
+++ b/crypto/skcipher.c
@@ -578,11 +578,6 @@ int skcipher_walk_aead_decrypt(struct skcipher_walk *walk,
}
EXPORT_SYMBOL_GPL(skcipher_walk_aead_decrypt);
-static unsigned int crypto_skcipher_extsize(struct crypto_alg *alg)
-{
- return crypto_alg_extsize(alg);
-}
-
static void skcipher_set_needkey(struct crypto_skcipher *tfm)
{
if (crypto_skcipher_max_keysize(tfm) != 0)
@@ -749,7 +744,7 @@ static int crypto_skcipher_report(struct sk_buff *skb, struct crypto_alg *alg)
#endif
static const struct crypto_type crypto_skcipher_type = {
- .extsize = crypto_skcipher_extsize,
+ .extsize = crypto_alg_extsize,
.init_tfm = crypto_skcipher_init_tfm,
.free = crypto_skcipher_free_instance,
#ifdef CONFIG_PROC_FS
--
2.24.0
From: Eric Biggers <[email protected]>
Due to the removal of the blkcipher and ablkcipher algorithm types,
crypto_skcipher::encrypt is now redundant since it always equals
crypto_skcipher_alg(tfm)->encrypt.
Remove it and update crypto_skcipher_encrypt() accordingly.
Signed-off-by: Eric Biggers <[email protected]>
---
crypto/skcipher.c | 3 +--
include/crypto/skcipher.h | 1 -
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/crypto/skcipher.c b/crypto/skcipher.c
index 4197b5ed57c4..926295ce1b07 100644
--- a/crypto/skcipher.c
+++ b/crypto/skcipher.c
@@ -648,7 +648,7 @@ int crypto_skcipher_encrypt(struct skcipher_request *req)
if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
ret = -ENOKEY;
else
- ret = tfm->encrypt(req);
+ ret = crypto_skcipher_alg(tfm)->encrypt(req);
crypto_stats_skcipher_encrypt(cryptlen, ret, alg);
return ret;
}
@@ -684,7 +684,6 @@ static int crypto_skcipher_init_tfm(struct crypto_tfm *tfm)
struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
struct skcipher_alg *alg = crypto_skcipher_alg(skcipher);
- skcipher->encrypt = alg->encrypt;
skcipher->decrypt = alg->decrypt;
skcipher_set_needkey(skcipher);
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
index ea94cc422b94..694215a59719 100644
--- a/include/crypto/skcipher.h
+++ b/include/crypto/skcipher.h
@@ -35,7 +35,6 @@ struct skcipher_request {
};
struct crypto_skcipher {
- int (*encrypt)(struct skcipher_request *req);
int (*decrypt)(struct skcipher_request *req);
unsigned int reqsize;
--
2.24.0
From: Eric Biggers <[email protected]>
Due to the removal of the blkcipher and ablkcipher algorithm types,
crypto_skcipher::keysize is now redundant since it always equals
crypto_skcipher_alg(tfm)->max_keysize.
Remove it and update crypto_skcipher_default_keysize() accordingly.
Also rename crypto_skcipher_default_keysize() to
crypto_skcipher_max_keysize() to clarify that it specifically returns
the maximum key size, not some unspecified "default".
Signed-off-by: Eric Biggers <[email protected]>
---
crypto/skcipher.c | 3 +--
crypto/testmgr.c | 10 ++++++----
fs/ecryptfs/crypto.c | 2 +-
fs/ecryptfs/keystore.c | 4 ++--
include/crypto/skcipher.h | 5 ++---
5 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/crypto/skcipher.c b/crypto/skcipher.c
index 7d2e722e82af..6cfafd80c7e6 100644
--- a/crypto/skcipher.c
+++ b/crypto/skcipher.c
@@ -585,7 +585,7 @@ static unsigned int crypto_skcipher_extsize(struct crypto_alg *alg)
static void skcipher_set_needkey(struct crypto_skcipher *tfm)
{
- if (tfm->keysize)
+ if (crypto_skcipher_max_keysize(tfm) != 0)
crypto_skcipher_set_flags(tfm, CRYPTO_TFM_NEED_KEY);
}
@@ -686,7 +686,6 @@ static int crypto_skcipher_init_tfm(struct crypto_tfm *tfm)
skcipher->setkey = skcipher_setkey;
skcipher->encrypt = alg->encrypt;
skcipher->decrypt = alg->decrypt;
- skcipher->keysize = alg->max_keysize;
skcipher_set_needkey(skcipher);
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 82513b6b0abd..85d720a57bb0 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2647,7 +2647,7 @@ static void generate_random_cipher_testvec(struct skcipher_request *req,
char *name, size_t max_namelen)
{
struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
- const unsigned int maxkeysize = tfm->keysize;
+ const unsigned int maxkeysize = crypto_skcipher_max_keysize(tfm);
const unsigned int ivsize = crypto_skcipher_ivsize(tfm);
struct scatterlist src, dst;
u8 iv[MAX_IVLEN];
@@ -2693,6 +2693,7 @@ static int test_skcipher_vs_generic_impl(const char *driver,
struct cipher_test_sglists *tsgls)
{
struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
+ const unsigned int maxkeysize = crypto_skcipher_max_keysize(tfm);
const unsigned int ivsize = crypto_skcipher_ivsize(tfm);
const unsigned int blocksize = crypto_skcipher_blocksize(tfm);
const unsigned int maxdatasize = (2 * PAGE_SIZE) - TESTMGR_POISON_LEN;
@@ -2751,9 +2752,10 @@ static int test_skcipher_vs_generic_impl(const char *driver,
/* Check the algorithm properties for consistency. */
- if (tfm->keysize != generic_tfm->keysize) {
+ if (maxkeysize != crypto_skcipher_max_keysize(generic_tfm)) {
pr_err("alg: skcipher: max keysize for %s (%u) doesn't match generic impl (%u)\n",
- driver, tfm->keysize, generic_tfm->keysize);
+ driver, maxkeysize,
+ crypto_skcipher_max_keysize(generic_tfm));
err = -EINVAL;
goto out;
}
@@ -2778,7 +2780,7 @@ static int test_skcipher_vs_generic_impl(const char *driver,
* the other implementation against them.
*/
- vec.key = kmalloc(tfm->keysize, GFP_KERNEL);
+ vec.key = kmalloc(maxkeysize, GFP_KERNEL);
vec.iv = kmalloc(ivsize, GFP_KERNEL);
vec.ptext = kmalloc(maxdatasize, GFP_KERNEL);
vec.ctext = kmalloc(maxdatasize, GFP_KERNEL);
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index f91db24bbf3b..db1ef144c63a 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -1586,7 +1586,7 @@ ecryptfs_process_key_cipher(struct crypto_skcipher **key_tfm,
}
crypto_skcipher_set_flags(*key_tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS);
if (*key_size == 0)
- *key_size = crypto_skcipher_default_keysize(*key_tfm);
+ *key_size = crypto_skcipher_max_keysize(*key_tfm);
get_random_bytes(dummy_key, *key_size);
rc = crypto_skcipher_setkey(*key_tfm, dummy_key, *key_size);
if (rc) {
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 216fbe6a4837..7d326aa0308e 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -2204,9 +2204,9 @@ write_tag_3_packet(char *dest, size_t *remaining_bytes,
if (mount_crypt_stat->global_default_cipher_key_size == 0) {
printk(KERN_WARNING "No key size specified at mount; "
"defaulting to [%d]\n",
- crypto_skcipher_default_keysize(tfm));
+ crypto_skcipher_max_keysize(tfm));
mount_crypt_stat->global_default_cipher_key_size =
- crypto_skcipher_default_keysize(tfm);
+ crypto_skcipher_max_keysize(tfm);
}
if (crypt_stat->key_size == 0)
crypt_stat->key_size =
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
index bf656a97cb65..d8c28c8186a4 100644
--- a/include/crypto/skcipher.h
+++ b/include/crypto/skcipher.h
@@ -41,7 +41,6 @@ struct crypto_skcipher {
int (*decrypt)(struct skcipher_request *req);
unsigned int reqsize;
- unsigned int keysize;
struct crypto_tfm base;
};
@@ -377,10 +376,10 @@ static inline int crypto_sync_skcipher_setkey(struct crypto_sync_skcipher *tfm,
return crypto_skcipher_setkey(&tfm->base, key, keylen);
}
-static inline unsigned int crypto_skcipher_default_keysize(
+static inline unsigned int crypto_skcipher_max_keysize(
struct crypto_skcipher *tfm)
{
- return tfm->keysize;
+ return crypto_skcipher_alg(tfm)->max_keysize;
}
/**
--
2.24.0
From: Eric Biggers <[email protected]>
Due to the removal of the blkcipher and ablkcipher algorithm types,
crypto_skcipher::decrypt is now redundant since it always equals
crypto_skcipher_alg(tfm)->decrypt.
Remove it and update crypto_skcipher_decrypt() accordingly.
Signed-off-by: Eric Biggers <[email protected]>
---
crypto/skcipher.c | 4 +---
include/crypto/skcipher.h | 2 --
2 files changed, 1 insertion(+), 5 deletions(-)
diff --git a/crypto/skcipher.c b/crypto/skcipher.c
index 926295ce1b07..e4e4a445dc66 100644
--- a/crypto/skcipher.c
+++ b/crypto/skcipher.c
@@ -665,7 +665,7 @@ int crypto_skcipher_decrypt(struct skcipher_request *req)
if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
ret = -ENOKEY;
else
- ret = tfm->decrypt(req);
+ ret = crypto_skcipher_alg(tfm)->decrypt(req);
crypto_stats_skcipher_decrypt(cryptlen, ret, alg);
return ret;
}
@@ -684,8 +684,6 @@ static int crypto_skcipher_init_tfm(struct crypto_tfm *tfm)
struct crypto_skcipher *skcipher = __crypto_skcipher_cast(tfm);
struct skcipher_alg *alg = crypto_skcipher_alg(skcipher);
- skcipher->decrypt = alg->decrypt;
-
skcipher_set_needkey(skcipher);
if (alg->exit)
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
index 694215a59719..8ebf4167632b 100644
--- a/include/crypto/skcipher.h
+++ b/include/crypto/skcipher.h
@@ -35,8 +35,6 @@ struct skcipher_request {
};
struct crypto_skcipher {
- int (*decrypt)(struct skcipher_request *req);
-
unsigned int reqsize;
struct crypto_tfm base;
--
2.24.0
On Fri, 29 Nov 2019 at 18:24, Eric Biggers <[email protected]> wrote:
>
> This series makes some simplifications to the skcipher algorithm type
> that are possible now that blkcipher and ablkcipher (and hence also the
> compatibility code to expose them via the skcipher API) were removed.
>
> Eric Biggers (6):
> crypto: skcipher - remove crypto_skcipher::ivsize
> crypto: skcipher - remove crypto_skcipher::keysize
> crypto: skcipher - remove crypto_skcipher::setkey
> crypto: skcipher - remove crypto_skcipher::encrypt
> crypto: skcipher - remove crypto_skcipher::decrypt
> crypto: skcipher - remove crypto_skcipher_extsize()
>
For the series,
Reviewed-by: Ard Biesheuvel <[email protected]>
> crypto/skcipher.c | 22 ++++++----------------
> crypto/testmgr.c | 10 ++++++----
> fs/ecryptfs/crypto.c | 2 +-
> fs/ecryptfs/keystore.c | 4 ++--
> include/crypto/skcipher.h | 20 +++++---------------
> 5 files changed, 20 insertions(+), 38 deletions(-)
>
> --
> 2.24.0
>
Eric Biggers <[email protected]> wrote:
> This series makes some simplifications to the skcipher algorithm type
> that are possible now that blkcipher and ablkcipher (and hence also the
> compatibility code to expose them via the skcipher API) were removed.
>
> Eric Biggers (6):
> crypto: skcipher - remove crypto_skcipher::ivsize
> crypto: skcipher - remove crypto_skcipher::keysize
> crypto: skcipher - remove crypto_skcipher::setkey
> crypto: skcipher - remove crypto_skcipher::encrypt
> crypto: skcipher - remove crypto_skcipher::decrypt
> crypto: skcipher - remove crypto_skcipher_extsize()
>
> crypto/skcipher.c | 22 ++++++----------------
> crypto/testmgr.c | 10 ++++++----
> fs/ecryptfs/crypto.c | 2 +-
> fs/ecryptfs/keystore.c | 4 ++--
> include/crypto/skcipher.h | 20 +++++---------------
> 5 files changed, 20 insertions(+), 38 deletions(-)
All applied. Thanks.
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt