[PATCH 1/2] crypto: authenc - Use correct ahash complete functions

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH 1/2] crypto: authenc - Use correct ahash complete functions
@ 2010-02-23  6:21 Steffen Klassert
  2010-02-23  6:22 ` [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request Steffen Klassert
  2010-03-02 14:08 ` [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Herbert Xu
  0 siblings, 2 replies; 6+ messages in thread
From: Steffen Klassert @ 2010-02-23  6:21 UTC (permalink / raw)
  To: Herbert Xu; +Cc: linux-crypto

We accidentally assigned the ahash update complete function to
the wrong function pointer in crypto_authenc_verify.
This patch fixes this.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 crypto/authenc.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/crypto/authenc.c b/crypto/authenc.c
index 1887090..6287cfd 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -454,7 +454,7 @@ static int crypto_authenc_verify(struct aead_request *req,
 	unsigned int authsize;
 
 	areq_ctx->complete = authenc_verify_ahash_done;
-	areq_ctx->complete = authenc_verify_ahash_update_done;
+	areq_ctx->update_complete = authenc_verify_ahash_update_done;
 
 	ohash = authenc_ahash_fn(req, CRYPTO_TFM_REQ_MAY_SLEEP);
 	if (IS_ERR(ohash))
-- 
1.5.6.5


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request
  2010-02-23  6:21 [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Steffen Klassert
@ 2010-02-23  6:22 ` Steffen Klassert
  2010-03-02 14:10   ` Herbert Xu
  2010-03-02 14:08 ` [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Herbert Xu
  1 sibling, 1 reply; 6+ messages in thread
From: Steffen Klassert @ 2010-02-23  6:22 UTC (permalink / raw)
  To: Herbert Xu; +Cc: linux-crypto

In crypto_authenc_encrypt() we save the IV behind the ablkcipher
request. To save space on the request, we overwrite the ablkcipher
request with a ahash request after encryption. So the IV may be
overwritten by the ahash request. This patch fixes this by placing
the IV in front of the ablkcipher/ahash request.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 crypto/authenc.c |   25 ++++++++++++++-----------
 1 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/crypto/authenc.c b/crypto/authenc.c
index 6287cfd..2bb7348 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -386,11 +386,13 @@ static int crypto_authenc_encrypt(struct aead_request *req)
 {
 	struct crypto_aead *authenc = crypto_aead_reqtfm(req);
 	struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
-	struct ablkcipher_request *abreq = aead_request_ctx(req);
+	struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
 	struct crypto_ablkcipher *enc = ctx->enc;
 	struct scatterlist *dst = req->dst;
 	unsigned int cryptlen = req->cryptlen;
-	u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc);
+	struct ablkcipher_request *abreq = (void *)(areq_ctx->tail
+						    + ctx->reqoff);
+	u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(enc);
 	int err;
 
 	ablkcipher_request_set_tfm(abreq, enc);
@@ -546,10 +548,6 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
 	if (IS_ERR(auth))
 		return PTR_ERR(auth);
 
-	ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
-			    crypto_ahash_alignmask(auth),
-			    crypto_ahash_alignmask(auth) + 1);
-
 	enc = crypto_spawn_skcipher(&ictx->enc);
 	err = PTR_ERR(enc);
 	if (IS_ERR(enc))
@@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
 	ctx->auth = auth;
 	ctx->enc = enc;
 
-	tfm->crt_aead.reqsize = max_t(unsigned int,
-				crypto_ahash_reqsize(auth) + ctx->reqoff +
-				sizeof(struct authenc_request_ctx) +
+	ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
+			    crypto_ahash_alignmask(auth),
+			    crypto_ahash_alignmask(auth) + 1) +
+		      crypto_ablkcipher_ivsize(enc);
+
+	tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
+				ctx->reqoff +
+				max_t(unsigned int,
+				crypto_ahash_reqsize(auth) +
 				sizeof(struct ahash_request),
 				sizeof(struct skcipher_givcrypt_request) +
-				crypto_ablkcipher_reqsize(enc) +
-				crypto_ablkcipher_ivsize(enc));
+				crypto_ablkcipher_reqsize(enc));
 
 	return 0;
 
-- 
1.5.6.5


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH 1/2] crypto: authenc - Use correct ahash complete functions
  2010-02-23  6:21 [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Steffen Klassert
  2010-02-23  6:22 ` [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request Steffen Klassert
@ 2010-03-02 14:08 ` Herbert Xu
  1 sibling, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2010-03-02 14:08 UTC (permalink / raw)
  To: Steffen Klassert; +Cc: linux-crypto

On Tue, Feb 23, 2010 at 07:21:09AM +0100, Steffen Klassert wrote:
> We accidentally assigned the ahash update complete function to
> the wrong function pointer in crypto_authenc_verify.
> This patch fixes this.
> 
> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

Patch applied.  Thanks!
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request
  2010-02-23  6:22 ` [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request Steffen Klassert
@ 2010-03-02 14:10   ` Herbert Xu
  2010-03-03  6:58     ` Steffen Klassert
  0 siblings, 1 reply; 6+ messages in thread
From: Herbert Xu @ 2010-03-02 14:10 UTC (permalink / raw)
  To: Steffen Klassert; +Cc: linux-crypto

On Tue, Feb 23, 2010 at 07:22:37AM +0100, Steffen Klassert wrote:
>
> @@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
>  	ctx->auth = auth;
>  	ctx->enc = enc;
>  
> -	tfm->crt_aead.reqsize = max_t(unsigned int,
> -				crypto_ahash_reqsize(auth) + ctx->reqoff +
> -				sizeof(struct authenc_request_ctx) +
> +	ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
> +			    crypto_ahash_alignmask(auth),
> +			    crypto_ahash_alignmask(auth) + 1) +
> +		      crypto_ablkcipher_ivsize(enc);
> +
> +	tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
> +				ctx->reqoff +
> +				max_t(unsigned int,
> +				crypto_ahash_reqsize(auth) +
>  				sizeof(struct ahash_request),
>  				sizeof(struct skcipher_givcrypt_request) +
> -				crypto_ablkcipher_reqsize(enc) +
> -				crypto_ablkcipher_ivsize(enc));
> +				crypto_ablkcipher_reqsize(enc));

Hmm, I just noticed that both before and after the patch we're
only including the hash request size for the encrypt case, and
not the givencrypt case.  Is there a reason for this?

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request
  2010-03-02 14:10   ` Herbert Xu
@ 2010-03-03  6:58     ` Steffen Klassert
  2010-03-03 14:41       ` Herbert Xu
  0 siblings, 1 reply; 6+ messages in thread
From: Steffen Klassert @ 2010-03-03  6:58 UTC (permalink / raw)
  To: Herbert Xu; +Cc: linux-crypto

On Tue, Mar 02, 2010 at 10:10:49PM +0800, Herbert Xu wrote:
> 
> Hmm, I just noticed that both before and after the patch we're
> only including the hash request size for the encrypt case, and
> not the givencrypt case.  Is there a reason for this?
> 

Hm, for the moment I don't see what's missing. The ahash request
size should be the same for both cases. Do you have a hint?


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request
  2010-03-03  6:58     ` Steffen Klassert
@ 2010-03-03 14:41       ` Herbert Xu
  0 siblings, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2010-03-03 14:41 UTC (permalink / raw)
  To: Steffen Klassert; +Cc: linux-crypto

On Wed, Mar 03, 2010 at 07:58:40AM +0100, Steffen Klassert wrote:
> On Tue, Mar 02, 2010 at 10:10:49PM +0800, Herbert Xu wrote:
> > 
> > Hmm, I just noticed that both before and after the patch we're
> > only including the hash request size for the encrypt case, and
> > not the givencrypt case.  Is there a reason for this?
> > 
> 
> Hm, for the moment I don't see what's missing. The ahash request
> size should be the same for both cases. Do you have a hint?

Oh I misinterpreted what the max was trying to do.  I'll apply
you patch.

Thanks,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2010-03-03 14:41 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-02-23  6:21 [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Steffen Klassert
2010-02-23  6:22 ` [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request Steffen Klassert
2010-03-02 14:10   ` Herbert Xu
2010-03-03  6:58     ` Steffen Klassert
2010-03-03 14:41       ` Herbert Xu
2010-03-02 14:08 ` [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Herbert Xu

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.