From: Ilya Dryomov <idryomov@gmail.com>
To: ceph-devel@vger.kernel.org
Subject: [PATCH 08/15] libceph: switch ceph_x_decrypt() to ceph_crypt()
Date: Mon, 12 Dec 2016 21:48:53 +0100 [thread overview]
Message-ID: <1481575740-1834-9-git-send-email-idryomov@gmail.com> (raw)
In-Reply-To: <1481575740-1834-1-git-send-email-idryomov@gmail.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
---
net/ceph/auth_x.c | 78 +++++++++++++++++++++++--------------------------------
1 file changed, 32 insertions(+), 46 deletions(-)
diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index a13ce443073b..b216131915e7 100644
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -69,32 +69,28 @@ static int ceph_x_encrypt(struct ceph_crypto_key *secret, void *buf,
return sizeof(u32) + ciphertext_len;
}
-static int ceph_x_decrypt(struct ceph_crypto_key *secret,
- void **p, void *end, void **obuf, size_t olen)
+static int ceph_x_decrypt(struct ceph_crypto_key *secret, void **p, void *end)
{
- struct ceph_x_encrypt_header head;
- size_t head_len = sizeof(head);
- int len, ret;
-
- len = ceph_decode_32(p);
- if (*p + len > end)
- return -EINVAL;
+ struct ceph_x_encrypt_header *hdr = *p + sizeof(u32);
+ int ciphertext_len, plaintext_len;
+ int ret;
- dout("ceph_x_decrypt len %d\n", len);
- if (*obuf == NULL) {
- *obuf = kmalloc(len, GFP_NOFS);
- if (!*obuf)
- return -ENOMEM;
- olen = len;
- }
+ ceph_decode_32_safe(p, end, ciphertext_len, e_inval);
+ ceph_decode_need(p, end, ciphertext_len, e_inval);
- ret = ceph_decrypt2(secret, &head, &head_len, *obuf, &olen, *p, len);
+ ret = ceph_crypt(secret, false, *p, end - *p, ciphertext_len,
+ &plaintext_len);
if (ret)
return ret;
- if (head.struct_v != 1 || le64_to_cpu(head.magic) != CEPHX_ENC_MAGIC)
+
+ if (hdr->struct_v != 1 || le64_to_cpu(hdr->magic) != CEPHX_ENC_MAGIC)
return -EPERM;
- *p += len;
- return olen;
+
+ *p += ciphertext_len;
+ return plaintext_len - sizeof(struct ceph_x_encrypt_header);
+
+e_inval:
+ return -EINVAL;
}
/*
@@ -149,12 +145,10 @@ static int process_one_ticket(struct ceph_auth_client *ac,
int type;
u8 tkt_struct_v, blob_struct_v;
struct ceph_x_ticket_handler *th;
- void *dbuf = NULL;
void *dp, *dend;
int dlen;
char is_enc;
struct timespec validity;
- void *ticket_buf = NULL;
void *tp, *tpend;
void **ptp;
struct ceph_crypto_key new_session_key;
@@ -179,14 +173,12 @@ static int process_one_ticket(struct ceph_auth_client *ac,
}
/* blob for me */
- dlen = ceph_x_decrypt(secret, p, end, &dbuf, 0);
- if (dlen <= 0) {
- ret = dlen;
+ dp = *p + ceph_x_encrypt_offset();
+ ret = ceph_x_decrypt(secret, p, end);
+ if (ret < 0)
goto out;
- }
- dout(" decrypted %d bytes\n", dlen);
- dp = dbuf;
- dend = dp + dlen;
+ dout(" decrypted %d bytes\n", ret);
+ dend = dp + ret;
tkt_struct_v = ceph_decode_8(&dp);
if (tkt_struct_v != 1)
@@ -207,15 +199,13 @@ static int process_one_ticket(struct ceph_auth_client *ac,
ceph_decode_8_safe(p, end, is_enc, bad);
if (is_enc) {
/* encrypted */
- dout(" encrypted ticket\n");
- dlen = ceph_x_decrypt(&th->session_key, p, end, &ticket_buf, 0);
- if (dlen < 0) {
- ret = dlen;
+ tp = *p + ceph_x_encrypt_offset();
+ ret = ceph_x_decrypt(&th->session_key, p, end);
+ if (ret < 0)
goto out;
- }
- tp = ticket_buf;
+ dout(" encrypted ticket, decrypted %d bytes\n", ret);
ptp = &tp;
- tpend = *ptp + dlen;
+ tpend = tp + ret;
} else {
/* unencrypted */
ptp = p;
@@ -246,8 +236,6 @@ static int process_one_ticket(struct ceph_auth_client *ac,
xi->have_keys |= th->service;
out:
- kfree(ticket_buf);
- kfree(dbuf);
return ret;
bad:
@@ -638,24 +626,22 @@ static int ceph_x_verify_authorizer_reply(struct ceph_auth_client *ac,
struct ceph_authorizer *a, size_t len)
{
struct ceph_x_authorizer *au = (void *)a;
- int ret = 0;
- struct ceph_x_authorize_reply reply;
- void *preply = &reply;
void *p = au->enc_buf;
+ struct ceph_x_authorize_reply *reply = p + ceph_x_encrypt_offset();
+ int ret;
- ret = ceph_x_decrypt(&au->session_key, &p, p + CEPHX_AU_ENC_BUF_LEN,
- &preply, sizeof(reply));
+ ret = ceph_x_decrypt(&au->session_key, &p, p + CEPHX_AU_ENC_BUF_LEN);
if (ret < 0)
return ret;
- if (ret != sizeof(reply))
+ if (ret != sizeof(*reply))
return -EPERM;
- if (au->nonce + 1 != le64_to_cpu(reply.nonce_plus_one))
+ if (au->nonce + 1 != le64_to_cpu(reply->nonce_plus_one))
ret = -EPERM;
else
ret = 0;
dout("verify_authorizer_reply nonce %llx got %llx ret %d\n",
- au->nonce, le64_to_cpu(reply.nonce_plus_one), ret);
+ au->nonce, le64_to_cpu(reply->nonce_plus_one), ret);
return ret;
}
--
2.4.3
next prev parent reply other threads:[~2016-12-12 20:50 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-12 20:48 [PATCH 00/15] wip-crypto Ilya Dryomov
2016-12-12 20:48 ` [PATCH 01/15] libceph: ceph_x_encrypt_buflen() takes in_len Ilya Dryomov
2016-12-12 20:48 ` [PATCH 02/15] libceph: old_key in process_one_ticket() is redundant Ilya Dryomov
2016-12-12 20:48 ` [PATCH 03/15] libceph: introduce ceph_x_encrypt_offset() Ilya Dryomov
2016-12-12 20:48 ` [PATCH 04/15] libceph: introduce ceph_crypt() for in-place en/decryption Ilya Dryomov
2016-12-12 21:11 ` Sage Weil
2016-12-12 21:15 ` Ilya Dryomov
2016-12-12 20:48 ` [PATCH 05/15] libceph: rename and align ceph_x_authorizer::reply_buf Ilya Dryomov
2016-12-12 20:48 ` [PATCH 06/15] libceph: tweak calcu_signature() a little Ilya Dryomov
2016-12-12 20:48 ` [PATCH 07/15] libceph: switch ceph_x_encrypt() to ceph_crypt() Ilya Dryomov
2016-12-12 20:48 ` Ilya Dryomov [this message]
2016-12-12 20:48 ` [PATCH 09/15] libceph: remove now unused ceph_*{en,de}crypt*() functions Ilya Dryomov
2016-12-12 20:48 ` [PATCH 10/15] libceph: uninline ceph_crypto_key_destroy() Ilya Dryomov
2016-12-12 20:48 ` [PATCH 11/15] libceph: stop allocating a new cipher on every crypto request Ilya Dryomov
2016-12-12 20:48 ` [PATCH 12/15] libceph: no need for GFP_NOFS in ceph_monc_init() Ilya Dryomov
2016-12-12 20:48 ` [PATCH 13/15] libceph: verify authorize reply on connect Ilya Dryomov
2016-12-12 20:48 ` [PATCH 14/15] libceph: drop len argument of *verify_authorizer_reply() Ilya Dryomov
2016-12-12 20:49 ` [PATCH 15/15] libceph: no need to drop con->mutex for ->get_authorizer() Ilya Dryomov
2016-12-12 22:04 ` [PATCH 00/15] wip-crypto Sage Weil
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1481575740-1834-9-git-send-email-idryomov@gmail.com \
--to=idryomov@gmail.com \
--cc=ceph-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.