From: Milan Broz <gmazyland@gmail.com>
To: dm-devel@redhat.com
Cc: Milan Broz <gmazyland@gmail.com>
Subject: [PATCH 4/7] dm-crypt: Compute HMAC key size in a separate function.
Date: Thu, 16 Mar 2017 15:39:41 +0100 [thread overview]
Message-ID: <20170316143944.19843-5-gmazyland@gmail.com> (raw)
In-Reply-To: <20170316143944.19843-1-gmazyland@gmail.com>
In-Reply-To: <cover.1483551181.git.gmazyland@gmail.com>
For composed authenticated modes with HMAC (length-preserving encryption
mode like a XTS and HMAC as an authenticator) we have to calculate
HMAC digest size (the separate authentication key is as the same size
as the HMAC digest).
This patch introduces workaround to parse crypto API string to get
HMAC algorithm and retrieve digest size from it.
Signed-off-by: Milan Broz <gmazyland@gmail.com>
---
drivers/md/dm-crypt.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 49 insertions(+), 1 deletion(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 0c7d07e17b81..48e8dfe91c53 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -2293,6 +2293,45 @@ static int crypt_ctr_blkdev_cipher(struct crypt_config *cc)
return 0;
}
+/*
+ * Workaround to parse HMAC algorithm from AEAD crypto API spec.
+ * The HMAC is needed to calculate tag size (HMAC digest size).
+ * This should be probably done by crypto-api calls (once available...)
+ */
+static int crypt_ctr_auth_cipher(struct crypt_config *cc, char *cipher_api)
+{
+ char *start, *end, *mac_alg = NULL;
+ struct crypto_ahash *mac;
+
+ if (!strstarts(cipher_api, "authenc("))
+ return 0;
+
+ start = strchr(cipher_api, '(');
+ end = strchr(cipher_api, ',');
+ if (!start || !end || ++start > end)
+ return -EINVAL;
+
+ mac_alg = kzalloc(end - start + 1, GFP_KERNEL);
+ if (!mac_alg)
+ return -ENOMEM;
+ strncpy(mac_alg, start, end - start);
+
+ mac = crypto_alloc_ahash(mac_alg, 0, 0);
+ kfree(mac_alg);
+
+ if (IS_ERR(mac))
+ return PTR_ERR(mac);
+
+ cc->key_mac_size = crypto_ahash_digestsize(mac);
+ crypto_free_ahash(mac);
+
+ cc->authenc_key = kmalloc(crypt_authenckey_size(cc), GFP_KERNEL);
+ if (!cc->authenc_key)
+ return -ENOMEM;
+
+ return 0;
+}
+
static int crypt_ctr_cipher_new(struct dm_target *ti, char *cipher_in, char *key,
char **ivmode, char **ivopts)
{
@@ -2323,7 +2362,16 @@ static int crypt_ctr_cipher_new(struct dm_target *ti, char *cipher_in, char *key
return ret;
}
- cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc));
+ /* Alloc AEAD, can be used only in new format. */
+ if (crypt_integrity_aead(cc)) {
+ ret = crypt_ctr_auth_cipher(cc, cipher_api);
+ if (ret < 0) {
+ ti->error = "Invalid AEAD cipher spec";
+ return -ENOMEM;
+ }
+ cc->iv_size = crypto_aead_ivsize(any_tfm_aead(cc));
+ } else
+ cc->iv_size = crypto_skcipher_ivsize(any_tfm(cc));
ret = crypt_ctr_blkdev_cipher(cc);
if (ret < 0) {
--
2.11.0
next prev parent reply other threads:[~2017-03-16 14:39 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-04 19:23 [RFC PATCH 0/4] Data integrity protection with dm-integrity and dm-crypt Milan Broz
2017-01-04 19:23 ` [RFC PATCH 1/4] dm-table: Add flag to allow own target handling of integrity metadata Milan Broz
2017-01-04 19:23 ` [RFC PATCH 2/4] Add sector start offset to dm-bufio interface Milan Broz
2017-01-04 19:23 ` [RFC PATCH 3/4] Add the dm-integrity target Milan Broz
2017-01-04 19:23 ` [RFC PATCH 4/4] Add cryptographic data integrity protection (authenticated encryption) to dm-crypt Milan Broz
2017-03-16 14:39 ` [PATCH 0/7] Data integrity protection with dm-integrity and dm-crypt Milan Broz
2017-03-16 19:12 ` Mike Snitzer
2017-03-16 14:39 ` [PATCH 1/7] dm-crypt: Fix documentation of integrity table option Milan Broz
2017-03-16 14:39 ` [PATCH 2/7] dm-crypt: Move IV constructor to separate function Milan Broz
2017-03-16 14:39 ` [PATCH 3/7] dm-crypt: Introduce new format of cipher with capi: prefix Milan Broz
2017-03-16 14:39 ` Milan Broz [this message]
2017-03-16 14:39 ` [PATCH 5/7] dm-crypt: Parse cipher specification according to AEAD flag Milan Broz
2017-03-16 14:39 ` [PATCH 6/7] dm-crypt: Remove obsolete integrity_mode function Milan Broz
2017-03-16 14:39 ` [PATCH 7/7] dm-crypt: optionally support larger encryption sector size Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170316143944.19843-5-gmazyland@gmail.com \
--to=gmazyland@gmail.com \
--cc=dm-devel@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.