From d6ebf5286f8f94a254a8c90d4b9f2a8b076a8634 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Sun, 2 Jun 2019 22:40:57 -0700 Subject: crypto: make all generic algorithms set cra_driver_name Most generic crypto algorithms declare a driver name ending in "-generic". The rest don't declare a driver name and instead rely on the crypto API automagically appending "-generic" upon registration. Having multiple conventions is unnecessarily confusing and makes it harder to grep for all generic algorithms in the kernel source tree. But also, allowing NULL driver names is problematic because sometimes people fail to set it, e.g. the case fixed by commit 417980364300 ("crypto: cavium/zip - fix collision with generic cra_driver_name"). Of course, people can also incorrectly name their drivers "-generic". But that's much easier to notice / grep for. Therefore, let's make cra_driver_name mandatory. In preparation for this, this patch makes all generic algorithms set cra_driver_name. Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- crypto/arc4.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'crypto/arc4.c') diff --git a/crypto/arc4.c b/crypto/arc4.c index 2233d36456e2..b78dcb390a7e 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -115,6 +115,7 @@ static int ecb_arc4_crypt(struct skcipher_request *req) static struct crypto_alg arc4_cipher = { .cra_name = "arc4", + .cra_driver_name = "arc4-generic", .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = ARC4_BLOCK_SIZE, .cra_ctxsize = sizeof(struct arc4_ctx), @@ -132,6 +133,7 @@ static struct crypto_alg arc4_cipher = { static struct skcipher_alg arc4_skcipher = { .base.cra_name = "ecb(arc4)", + .base.cra_driver_name = "ecb(arc4)-generic", .base.cra_priority = 100, .base.cra_blocksize = ARC4_BLOCK_SIZE, .base.cra_ctxsize = sizeof(struct arc4_ctx), -- cgit From dc51f25752bfcb5f1edbac1ca4ce16af7b3bd507 Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Wed, 12 Jun 2019 18:19:53 +0200 Subject: crypto: arc4 - refactor arc4 core code into separate library Refactor the core rc4 handling so we can move most users to a library interface, permitting us to drop the cipher interface entirely in a future patch. This is part of an effort to simplify the crypto API and improve its robustness against incorrect use. Signed-off-by: Ard Biesheuvel Signed-off-by: Herbert Xu --- crypto/arc4.c | 60 +---------------------------------------------------------- 1 file changed, 1 insertion(+), 59 deletions(-) (limited to 'crypto/arc4.c') diff --git a/crypto/arc4.c b/crypto/arc4.c index b78dcb390a7e..d303b7ff1fed 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -18,33 +18,12 @@ #include #include -struct arc4_ctx { - u32 S[256]; - u32 x, y; -}; - static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len) { struct arc4_ctx *ctx = crypto_tfm_ctx(tfm); - int i, j = 0, k = 0; - - ctx->x = 1; - ctx->y = 0; - for (i = 0; i < 256; i++) - ctx->S[i] = i; - - for (i = 0; i < 256; i++) { - u32 a = ctx->S[i]; - j = (j + in_key[k] + a) & 0xff; - ctx->S[i] = ctx->S[j]; - ctx->S[j] = a; - if (++k >= key_len) - k = 0; - } - - return 0; + return arc4_setkey(ctx, in_key, key_len); } static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, @@ -53,43 +32,6 @@ static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, return arc4_set_key(&tfm->base, in_key, key_len); } -static void arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, - unsigned int len) -{ - u32 *const S = ctx->S; - u32 x, y, a, b; - u32 ty, ta, tb; - - if (len == 0) - return; - - x = ctx->x; - y = ctx->y; - - a = S[x]; - y = (y + a) & 0xff; - b = S[y]; - - do { - S[y] = a; - a = (a + b) & 0xff; - S[x] = b; - x = (x + 1) & 0xff; - ta = S[x]; - ty = (y + ta) & 0xff; - tb = S[ty]; - *out++ = *in++ ^ S[a]; - if (--len == 0) - break; - y = ty; - a = ta; - b = tb; - } while (true); - - ctx->x = x; - ctx->y = y; -} - static void arc4_crypt_one(struct crypto_tfm *tfm, u8 *out, const u8 *in) { arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); -- cgit From 611a23c2d3961d2ec72f42582ee88755f9a03cee Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Wed, 12 Jun 2019 18:19:57 +0200 Subject: crypto: arc4 - remove cipher implementation There are no remaining users of the cipher implementation, and there are no meaningful ways in which the arc4 cipher can be combined with templates other than ECB (and the way we do provide that combination is highly dubious to begin with). So let's drop the arc4 cipher altogether, and only keep the ecb(arc4) skcipher, which is used in various places in the kernel. Signed-off-by: Ard Biesheuvel Signed-off-by: Herbert Xu --- crypto/arc4.c | 65 ++++++++++++++--------------------------------------------- 1 file changed, 15 insertions(+), 50 deletions(-) (limited to 'crypto/arc4.c') diff --git a/crypto/arc4.c b/crypto/arc4.c index d303b7ff1fed..dbb1f8b65396 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -18,26 +18,15 @@ #include #include -static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key, - unsigned int key_len) +static int crypto_arc4_setkey(struct crypto_skcipher *tfm, const u8 *in_key, + unsigned int key_len) { - struct arc4_ctx *ctx = crypto_tfm_ctx(tfm); + struct arc4_ctx *ctx = crypto_skcipher_ctx(tfm); return arc4_setkey(ctx, in_key, key_len); } -static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, - unsigned int key_len) -{ - return arc4_set_key(&tfm->base, in_key, key_len); -} - -static void arc4_crypt_one(struct crypto_tfm *tfm, u8 *out, const u8 *in) -{ - arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); -} - -static int ecb_arc4_crypt(struct skcipher_request *req) +static int crypto_arc4_crypt(struct skcipher_request *req) { struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct arc4_ctx *ctx = crypto_skcipher_ctx(tfm); @@ -55,25 +44,11 @@ static int ecb_arc4_crypt(struct skcipher_request *req) return err; } -static struct crypto_alg arc4_cipher = { - .cra_name = "arc4", - .cra_driver_name = "arc4-generic", - .cra_flags = CRYPTO_ALG_TYPE_CIPHER, - .cra_blocksize = ARC4_BLOCK_SIZE, - .cra_ctxsize = sizeof(struct arc4_ctx), - .cra_module = THIS_MODULE, - .cra_u = { - .cipher = { - .cia_min_keysize = ARC4_MIN_KEY_SIZE, - .cia_max_keysize = ARC4_MAX_KEY_SIZE, - .cia_setkey = arc4_set_key, - .cia_encrypt = arc4_crypt_one, - .cia_decrypt = arc4_crypt_one, - }, - }, -}; - -static struct skcipher_alg arc4_skcipher = { +static struct skcipher_alg arc4_alg = { + /* + * For legacy reasons, this is named "ecb(arc4)", not "arc4". + * Nevertheless it's actually a stream cipher, not a block cipher. + */ .base.cra_name = "ecb(arc4)", .base.cra_driver_name = "ecb(arc4)-generic", .base.cra_priority = 100, @@ -82,29 +57,19 @@ static struct skcipher_alg arc4_skcipher = { .base.cra_module = THIS_MODULE, .min_keysize = ARC4_MIN_KEY_SIZE, .max_keysize = ARC4_MAX_KEY_SIZE, - .setkey = arc4_set_key_skcipher, - .encrypt = ecb_arc4_crypt, - .decrypt = ecb_arc4_crypt, + .setkey = crypto_arc4_setkey, + .encrypt = crypto_arc4_crypt, + .decrypt = crypto_arc4_crypt, }; static int __init arc4_init(void) { - int err; - - err = crypto_register_alg(&arc4_cipher); - if (err) - return err; - - err = crypto_register_skcipher(&arc4_skcipher); - if (err) - crypto_unregister_alg(&arc4_cipher); - return err; + return crypto_register_skcipher(&arc4_alg); } static void __exit arc4_exit(void) { - crypto_unregister_alg(&arc4_cipher); - crypto_unregister_skcipher(&arc4_skcipher); + crypto_unregister_skcipher(&arc4_alg); } subsys_initcall(arc4_init); @@ -113,4 +78,4 @@ module_exit(arc4_exit); MODULE_LICENSE("GPL"); MODULE_DESCRIPTION("ARC4 Cipher Algorithm"); MODULE_AUTHOR("Jon Oberheide "); -MODULE_ALIAS_CRYPTO("arc4"); +MODULE_ALIAS_CRYPTO("ecb(arc4)"); -- cgit