* [PATCH 1/2] crypto: authenc - Use correct ahash complete functions
@ 2010-02-23 6:21 Steffen Klassert
2010-02-23 6:22 ` [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request Steffen Klassert
2010-03-02 14:08 ` [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Herbert Xu
0 siblings, 2 replies; 6+ messages in thread
From: Steffen Klassert @ 2010-02-23 6:21 UTC (permalink / raw)
To: Herbert Xu; +Cc: linux-crypto
We accidentally assigned the ahash update complete function to
the wrong function pointer in crypto_authenc_verify.
This patch fixes this.
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
crypto/authenc.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 1887090..6287cfd 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -454,7 +454,7 @@ static int crypto_authenc_verify(struct aead_request *req,
unsigned int authsize;
areq_ctx->complete = authenc_verify_ahash_done;
- areq_ctx->complete = authenc_verify_ahash_update_done;
+ areq_ctx->update_complete = authenc_verify_ahash_update_done;
ohash = authenc_ahash_fn(req, CRYPTO_TFM_REQ_MAY_SLEEP);
if (IS_ERR(ohash))
--
1.5.6.5
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request
2010-02-23 6:21 [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Steffen Klassert
@ 2010-02-23 6:22 ` Steffen Klassert
2010-03-02 14:10 ` Herbert Xu
2010-03-02 14:08 ` [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Herbert Xu
1 sibling, 1 reply; 6+ messages in thread
From: Steffen Klassert @ 2010-02-23 6:22 UTC (permalink / raw)
To: Herbert Xu; +Cc: linux-crypto
In crypto_authenc_encrypt() we save the IV behind the ablkcipher
request. To save space on the request, we overwrite the ablkcipher
request with a ahash request after encryption. So the IV may be
overwritten by the ahash request. This patch fixes this by placing
the IV in front of the ablkcipher/ahash request.
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
crypto/authenc.c | 25 ++++++++++++++-----------
1 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/crypto/authenc.c b/crypto/authenc.c
index 6287cfd..2bb7348 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -386,11 +386,13 @@ static int crypto_authenc_encrypt(struct aead_request *req)
{
struct crypto_aead *authenc = crypto_aead_reqtfm(req);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
- struct ablkcipher_request *abreq = aead_request_ctx(req);
+ struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
struct crypto_ablkcipher *enc = ctx->enc;
struct scatterlist *dst = req->dst;
unsigned int cryptlen = req->cryptlen;
- u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc);
+ struct ablkcipher_request *abreq = (void *)(areq_ctx->tail
+ + ctx->reqoff);
+ u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(enc);
int err;
ablkcipher_request_set_tfm(abreq, enc);
@@ -546,10 +548,6 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
if (IS_ERR(auth))
return PTR_ERR(auth);
- ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
- crypto_ahash_alignmask(auth),
- crypto_ahash_alignmask(auth) + 1);
-
enc = crypto_spawn_skcipher(&ictx->enc);
err = PTR_ERR(enc);
if (IS_ERR(enc))
@@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
ctx->auth = auth;
ctx->enc = enc;
- tfm->crt_aead.reqsize = max_t(unsigned int,
- crypto_ahash_reqsize(auth) + ctx->reqoff +
- sizeof(struct authenc_request_ctx) +
+ ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
+ crypto_ahash_alignmask(auth),
+ crypto_ahash_alignmask(auth) + 1) +
+ crypto_ablkcipher_ivsize(enc);
+
+ tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
+ ctx->reqoff +
+ max_t(unsigned int,
+ crypto_ahash_reqsize(auth) +
sizeof(struct ahash_request),
sizeof(struct skcipher_givcrypt_request) +
- crypto_ablkcipher_reqsize(enc) +
- crypto_ablkcipher_ivsize(enc));
+ crypto_ablkcipher_reqsize(enc));
return 0;
--
1.5.6.5
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] crypto: authenc - Use correct ahash complete functions
2010-02-23 6:21 [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Steffen Klassert
2010-02-23 6:22 ` [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request Steffen Klassert
@ 2010-03-02 14:08 ` Herbert Xu
1 sibling, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2010-03-02 14:08 UTC (permalink / raw)
To: Steffen Klassert; +Cc: linux-crypto
On Tue, Feb 23, 2010 at 07:21:09AM +0100, Steffen Klassert wrote:
> We accidentally assigned the ahash update complete function to
> the wrong function pointer in crypto_authenc_verify.
> This patch fixes this.
>
> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Patch applied. Thanks!
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request
2010-02-23 6:22 ` [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request Steffen Klassert
@ 2010-03-02 14:10 ` Herbert Xu
2010-03-03 6:58 ` Steffen Klassert
0 siblings, 1 reply; 6+ messages in thread
From: Herbert Xu @ 2010-03-02 14:10 UTC (permalink / raw)
To: Steffen Klassert; +Cc: linux-crypto
On Tue, Feb 23, 2010 at 07:22:37AM +0100, Steffen Klassert wrote:
>
> @@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
> ctx->auth = auth;
> ctx->enc = enc;
>
> - tfm->crt_aead.reqsize = max_t(unsigned int,
> - crypto_ahash_reqsize(auth) + ctx->reqoff +
> - sizeof(struct authenc_request_ctx) +
> + ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
> + crypto_ahash_alignmask(auth),
> + crypto_ahash_alignmask(auth) + 1) +
> + crypto_ablkcipher_ivsize(enc);
> +
> + tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
> + ctx->reqoff +
> + max_t(unsigned int,
> + crypto_ahash_reqsize(auth) +
> sizeof(struct ahash_request),
> sizeof(struct skcipher_givcrypt_request) +
> - crypto_ablkcipher_reqsize(enc) +
> - crypto_ablkcipher_ivsize(enc));
> + crypto_ablkcipher_reqsize(enc));
Hmm, I just noticed that both before and after the patch we're
only including the hash request size for the encrypt case, and
not the givencrypt case. Is there a reason for this?
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request
2010-03-02 14:10 ` Herbert Xu
@ 2010-03-03 6:58 ` Steffen Klassert
2010-03-03 14:41 ` Herbert Xu
0 siblings, 1 reply; 6+ messages in thread
From: Steffen Klassert @ 2010-03-03 6:58 UTC (permalink / raw)
To: Herbert Xu; +Cc: linux-crypto
On Tue, Mar 02, 2010 at 10:10:49PM +0800, Herbert Xu wrote:
>
> Hmm, I just noticed that both before and after the patch we're
> only including the hash request size for the encrypt case, and
> not the givencrypt case. Is there a reason for this?
>
Hm, for the moment I don't see what's missing. The ahash request
size should be the same for both cases. Do you have a hint?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request
2010-03-03 6:58 ` Steffen Klassert
@ 2010-03-03 14:41 ` Herbert Xu
0 siblings, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2010-03-03 14:41 UTC (permalink / raw)
To: Steffen Klassert; +Cc: linux-crypto
On Wed, Mar 03, 2010 at 07:58:40AM +0100, Steffen Klassert wrote:
> On Tue, Mar 02, 2010 at 10:10:49PM +0800, Herbert Xu wrote:
> >
> > Hmm, I just noticed that both before and after the patch we're
> > only including the hash request size for the encrypt case, and
> > not the givencrypt case. Is there a reason for this?
> >
>
> Hm, for the moment I don't see what's missing. The ahash request
> size should be the same for both cases. Do you have a hint?
Oh I misinterpreted what the max was trying to do. I'll apply
you patch.
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2010-03-03 14:41 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-02-23 6:21 [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Steffen Klassert
2010-02-23 6:22 ` [PATCH 2/2] crypto: authenc - move saved IV in front of the ablkcipher request Steffen Klassert
2010-03-02 14:10 ` Herbert Xu
2010-03-03 6:58 ` Steffen Klassert
2010-03-03 14:41 ` Herbert Xu
2010-03-02 14:08 ` [PATCH 1/2] crypto: authenc - Use correct ahash complete functions Herbert Xu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.