crypto: skcipher - Add separate walker for AEAD decryption
authorHerbert Xu <herbert@gondor.apana.org.au>
Wed, 30 Nov 2016 13:14:07 +0000 (21:14 +0800)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 1 Dec 2016 13:06:17 +0000 (21:06 +0800)
The AEAD decrypt interface includes the authentication tag in
req->cryptlen.  Therefore we need to exlucde that when doing
a walk over it.

This patch adds separate walker functions for AEAD encryption
and decryption.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
crypto/skcipher.c
include/crypto/internal/skcipher.h

index 5367f817b40ec6efbe23abae6cd13fb7b9b33937..aca07c643d4147a29cf817f1ccf1f69b6172dcfc 100644 (file)
@@ -500,8 +500,8 @@ int skcipher_walk_async(struct skcipher_walk *walk,
 }
 EXPORT_SYMBOL_GPL(skcipher_walk_async);
 
-int skcipher_walk_aead(struct skcipher_walk *walk, struct aead_request *req,
-                      bool atomic)
+static int skcipher_walk_aead_common(struct skcipher_walk *walk,
+                                    struct aead_request *req, bool atomic)
 {
        struct crypto_aead *tfm = crypto_aead_reqtfm(req);
        int err;
@@ -514,7 +514,6 @@ int skcipher_walk_aead(struct skcipher_walk *walk, struct aead_request *req,
        scatterwalk_copychunks(NULL, &walk->in, req->assoclen, 2);
        scatterwalk_copychunks(NULL, &walk->out, req->assoclen, 2);
 
-       walk->total = req->cryptlen;
        walk->iv = req->iv;
        walk->oiv = req->iv;
 
@@ -535,8 +534,36 @@ int skcipher_walk_aead(struct skcipher_walk *walk, struct aead_request *req,
 
        return err;
 }
+
+int skcipher_walk_aead(struct skcipher_walk *walk, struct aead_request *req,
+                      bool atomic)
+{
+       walk->total = req->cryptlen;
+
+       return skcipher_walk_aead_common(walk, req, atomic);
+}
 EXPORT_SYMBOL_GPL(skcipher_walk_aead);
 
+int skcipher_walk_aead_encrypt(struct skcipher_walk *walk,
+                              struct aead_request *req, bool atomic)
+{
+       walk->total = req->cryptlen;
+
+       return skcipher_walk_aead_common(walk, req, atomic);
+}
+EXPORT_SYMBOL_GPL(skcipher_walk_aead_encrypt);
+
+int skcipher_walk_aead_decrypt(struct skcipher_walk *walk,
+                              struct aead_request *req, bool atomic)
+{
+       struct crypto_aead *tfm = crypto_aead_reqtfm(req);
+
+       walk->total = req->cryptlen - crypto_aead_authsize(tfm);
+
+       return skcipher_walk_aead_common(walk, req, atomic);
+}
+EXPORT_SYMBOL_GPL(skcipher_walk_aead_decrypt);
+
 static unsigned int crypto_skcipher_extsize(struct crypto_alg *alg)
 {
        if (alg->cra_type == &crypto_blkcipher_type)
index d55041f45899955e557769077919cf8082653594..8735979ed341b89542baacabf395885355365934 100644 (file)
@@ -149,6 +149,10 @@ int skcipher_walk_async(struct skcipher_walk *walk,
                        struct skcipher_request *req);
 int skcipher_walk_aead(struct skcipher_walk *walk, struct aead_request *req,
                       bool atomic);
+int skcipher_walk_aead_encrypt(struct skcipher_walk *walk,
+                              struct aead_request *req, bool atomic);
+int skcipher_walk_aead_decrypt(struct skcipher_walk *walk,
+                              struct aead_request *req, bool atomic);
 void skcipher_walk_complete(struct skcipher_walk *walk, int err);
 
 static inline void ablkcipher_request_complete(struct ablkcipher_request *req,