* GNU General Public License for more details.
******************************************************************************/
+#include <crypto/hash.h>
#include <linux/string.h>
#include <linux/kthread.h>
-#include <linux/crypto.h>
#include <linux/completion.h>
#include <linux/module.h>
#include <linux/vmalloc.h>
}
static u32 iscsit_do_crypto_hash_sg(
- struct hash_desc *hash,
+ struct ahash_request *hash,
struct iscsi_cmd *cmd,
u32 data_offset,
u32 data_length,
struct scatterlist *sg;
unsigned int page_off;
- crypto_hash_init(hash);
+ crypto_ahash_init(hash);
sg = cmd->first_data_sg;
page_off = cmd->first_data_sg_off;
while (data_length) {
u32 cur_len = min_t(u32, data_length, (sg->length - page_off));
- crypto_hash_update(hash, sg, cur_len);
+ ahash_request_set_crypt(hash, sg, NULL, cur_len);
+ crypto_ahash_update(hash);
data_length -= cur_len;
page_off = 0;
struct scatterlist pad_sg;
sg_init_one(&pad_sg, pad_bytes, padding);
- crypto_hash_update(hash, &pad_sg, padding);
+ ahash_request_set_crypt(hash, &pad_sg, (u8 *)&data_crc,
+ padding);
+ crypto_ahash_finup(hash);
+ } else {
+ ahash_request_set_crypt(hash, NULL, (u8 *)&data_crc, 0);
+ crypto_ahash_final(hash);
}
- crypto_hash_final(hash, (u8 *) &data_crc);
return data_crc;
}
static void iscsit_do_crypto_hash_buf(
- struct hash_desc *hash,
+ struct ahash_request *hash,
const void *buf,
u32 payload_length,
u32 padding,
u8 *pad_bytes,
u8 *data_crc)
{
- struct scatterlist sg;
+ struct scatterlist sg[2];
- crypto_hash_init(hash);
+ sg_init_table(sg, ARRAY_SIZE(sg));
+ sg_set_buf(sg, buf, payload_length);
+ sg_set_buf(sg + 1, pad_bytes, padding);
- sg_init_one(&sg, buf, payload_length);
- crypto_hash_update(hash, &sg, payload_length);
+ ahash_request_set_crypt(hash, sg, data_crc, payload_length + padding);
- if (padding) {
- sg_init_one(&sg, pad_bytes, padding);
- crypto_hash_update(hash, &sg, padding);
- }
- crypto_hash_final(hash, data_crc);
+ crypto_ahash_digest(hash);
}
int
if (conn->conn_ops->DataDigest) {
u32 data_crc;
- data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd,
+ data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd,
be32_to_cpu(hdr->offset),
payload_length, padding,
cmd->pad_bytes);
}
if (conn->conn_ops->DataDigest) {
- iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,
+ iscsit_do_crypto_hash_buf(conn->conn_rx_hash,
ping_data, payload_length,
padding, cmd->pad_bytes,
(u8 *)&data_crc);
goto reject;
if (conn->conn_ops->DataDigest) {
- iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,
+ iscsit_do_crypto_hash_buf(conn->conn_rx_hash,
text_in, payload_length,
padding, (u8 *)&pad_bytes,
(u8 *)&data_crc);
if (conn->conn_ops->DataDigest) {
u32 data_crc;
- data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd,
+ data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd,
cmd->write_data_done, length, padding,
cmd->pad_bytes);
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
cmd->tx_size += ISCSI_CRC_LEN;
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->pdu,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
iov[0].iov_len += ISCSI_CRC_LEN;
cmd->padding);
}
if (conn->conn_ops->DataDigest) {
- cmd->data_crc = iscsit_do_crypto_hash_sg(&conn->conn_tx_hash, cmd,
+ cmd->data_crc = iscsit_do_crypto_hash_sg(conn->conn_tx_hash, cmd,
datain.offset, datain.length, cmd->padding, cmd->pad_bytes);
iov[iov_count].iov_base = &cmd->data_crc;
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, &cmd->pdu[0],
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, &cmd->pdu[0],
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
iov[0].iov_len += ISCSI_CRC_LEN;
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
tx_size += ISCSI_CRC_LEN;
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
iov[0].iov_len += ISCSI_CRC_LEN;
" padding bytes.\n", padding);
}
if (conn->conn_ops->DataDigest) {
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash,
cmd->buf_ptr, cmd->buf_ptr_size,
padding, (u8 *)&cmd->pad_bytes,
(u8 *)&cmd->data_crc);
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN;
}
if (conn->conn_ops->DataDigest) {
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash,
cmd->sense_buffer,
(cmd->se_cmd.scsi_sense_length + padding),
0, NULL, (u8 *)&cmd->data_crc);
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->pdu,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
iov[0].iov_len += ISCSI_CRC_LEN;
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN;
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
iov[0].iov_len += ISCSI_CRC_LEN;
}
if (conn->conn_ops->DataDigest) {
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash,
cmd->buf_ptr, text_length,
0, NULL, (u8 *)&cmd->data_crc);
if (conn->conn_ops->HeaderDigest) {
u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,
ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);
iov[0].iov_len += ISCSI_CRC_LEN;
}
if (conn->conn_ops->DataDigest) {
- iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->buf_ptr,
+ iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->buf_ptr,
ISCSI_HDR_LEN, 0, NULL, (u8 *)&cmd->data_crc);
iov[iov_count].iov_base = &cmd->data_crc;
goto transport_err;
}
- iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,
+ iscsit_do_crypto_hash_buf(conn->conn_rx_hash,
buffer, ISCSI_HDR_LEN,
0, NULL, (u8 *)&checksum);
*/
iscsit_check_conn_usage_count(conn);
- if (conn->conn_rx_hash.tfm)
- crypto_free_hash(conn->conn_rx_hash.tfm);
- if (conn->conn_tx_hash.tfm)
- crypto_free_hash(conn->conn_tx_hash.tfm);
+ ahash_request_free(conn->conn_tx_hash);
+ if (conn->conn_rx_hash) {
+ struct crypto_ahash *tfm;
+
+ tfm = crypto_ahash_reqtfm(conn->conn_rx_hash);
+ ahash_request_free(conn->conn_rx_hash);
+ crypto_free_ahash(tfm);
+ }
free_cpumask_var(conn->conn_cpumask);
* GNU General Public License for more details.
******************************************************************************/
+#include <crypto/hash.h>
#include <linux/kernel.h>
#include <linux/string.h>
-#include <linux/crypto.h>
#include <linux/err.h>
#include <linux/scatterlist.h>
unsigned char chap_n[MAX_CHAP_N_SIZE], chap_r[MAX_RESPONSE_LENGTH];
size_t compare_len;
struct iscsi_chap *chap = conn->auth_protocol;
- struct crypto_hash *tfm;
- struct hash_desc desc;
- struct scatterlist sg;
+ struct crypto_shash *tfm = NULL;
+ struct shash_desc *desc = NULL;
int auth_ret = -1, ret, challenge_len;
memset(identifier, 0, 10);
pr_debug("[server] Got CHAP_R=%s\n", chap_r);
chap_string_to_hex(client_digest, chap_r, strlen(chap_r));
- tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
+ tfm = crypto_alloc_shash("md5", 0, 0);
if (IS_ERR(tfm)) {
- pr_err("Unable to allocate struct crypto_hash\n");
+ tfm = NULL;
+ pr_err("Unable to allocate struct crypto_shash\n");
goto out;
}
- desc.tfm = tfm;
- desc.flags = 0;
- ret = crypto_hash_init(&desc);
- if (ret < 0) {
- pr_err("crypto_hash_init() failed\n");
- crypto_free_hash(tfm);
+ desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL);
+ if (!desc) {
+ pr_err("Unable to allocate struct shash_desc\n");
goto out;
}
- sg_init_one(&sg, &chap->id, 1);
- ret = crypto_hash_update(&desc, &sg, 1);
+ desc->tfm = tfm;
+ desc->flags = 0;
+
+ ret = crypto_shash_init(desc);
if (ret < 0) {
- pr_err("crypto_hash_update() failed for id\n");
- crypto_free_hash(tfm);
+ pr_err("crypto_shash_init() failed\n");
goto out;
}
- sg_init_one(&sg, &auth->password, strlen(auth->password));
- ret = crypto_hash_update(&desc, &sg, strlen(auth->password));
+ ret = crypto_shash_update(desc, &chap->id, 1);
if (ret < 0) {
- pr_err("crypto_hash_update() failed for password\n");
- crypto_free_hash(tfm);
+ pr_err("crypto_shash_update() failed for id\n");
goto out;
}
- sg_init_one(&sg, chap->challenge, CHAP_CHALLENGE_LENGTH);
- ret = crypto_hash_update(&desc, &sg, CHAP_CHALLENGE_LENGTH);
+ ret = crypto_shash_update(desc, (char *)&auth->password,
+ strlen(auth->password));
if (ret < 0) {
- pr_err("crypto_hash_update() failed for challenge\n");
- crypto_free_hash(tfm);
+ pr_err("crypto_shash_update() failed for password\n");
goto out;
}
- ret = crypto_hash_final(&desc, server_digest);
+ ret = crypto_shash_finup(desc, chap->challenge,
+ CHAP_CHALLENGE_LENGTH, server_digest);
if (ret < 0) {
- pr_err("crypto_hash_final() failed for server digest\n");
- crypto_free_hash(tfm);
+ pr_err("crypto_shash_finup() failed for challenge\n");
goto out;
}
- crypto_free_hash(tfm);
chap_binaryhex_to_asciihex(response, server_digest, MD5_SIGNATURE_SIZE);
pr_debug("[server] MD5 Server Digest: %s\n", response);
* authentication is not enabled.
*/
if (!auth->authenticate_target) {
- kfree(challenge);
- kfree(challenge_binhex);
- return 0;
+ auth_ret = 0;
+ goto out;
}
/*
* Get CHAP_I.
/*
* Generate CHAP_N and CHAP_R for mutual authentication.
*/
- tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
- if (IS_ERR(tfm)) {
- pr_err("Unable to allocate struct crypto_hash\n");
- goto out;
- }
- desc.tfm = tfm;
- desc.flags = 0;
-
- ret = crypto_hash_init(&desc);
+ ret = crypto_shash_init(desc);
if (ret < 0) {
- pr_err("crypto_hash_init() failed\n");
- crypto_free_hash(tfm);
+ pr_err("crypto_shash_init() failed\n");
goto out;
}
/* To handle both endiannesses */
id_as_uchar = id;
- sg_init_one(&sg, &id_as_uchar, 1);
- ret = crypto_hash_update(&desc, &sg, 1);
+ ret = crypto_shash_update(desc, &id_as_uchar, 1);
if (ret < 0) {
- pr_err("crypto_hash_update() failed for id\n");
- crypto_free_hash(tfm);
+ pr_err("crypto_shash_update() failed for id\n");
goto out;
}
- sg_init_one(&sg, auth->password_mutual,
- strlen(auth->password_mutual));
- ret = crypto_hash_update(&desc, &sg, strlen(auth->password_mutual));
+ ret = crypto_shash_update(desc, auth->password_mutual,
+ strlen(auth->password_mutual));
if (ret < 0) {
- pr_err("crypto_hash_update() failed for"
+ pr_err("crypto_shash_update() failed for"
" password_mutual\n");
- crypto_free_hash(tfm);
goto out;
}
/*
* Convert received challenge to binary hex.
*/
- sg_init_one(&sg, challenge_binhex, challenge_len);
- ret = crypto_hash_update(&desc, &sg, challenge_len);
+ ret = crypto_shash_finup(desc, challenge_binhex, challenge_len,
+ digest);
if (ret < 0) {
- pr_err("crypto_hash_update() failed for ma challenge\n");
- crypto_free_hash(tfm);
+ pr_err("crypto_shash_finup() failed for ma challenge\n");
goto out;
}
- ret = crypto_hash_final(&desc, digest);
- if (ret < 0) {
- pr_err("crypto_hash_final() failed for ma digest\n");
- crypto_free_hash(tfm);
- goto out;
- }
- crypto_free_hash(tfm);
/*
* Generate CHAP_N and CHAP_R.
*/
pr_debug("[server] Sending CHAP_R=0x%s\n", response);
auth_ret = 0;
out:
+ kzfree(desc);
+ crypto_free_shash(tfm);
kfree(challenge);
kfree(challenge_binhex);
return auth_ret;
* GNU General Public License for more details.
******************************************************************************/
+#include <crypto/hash.h>
#include <linux/string.h>
#include <linux/kthread.h>
-#include <linux/crypto.h>
#include <linux/idr.h>
#include <scsi/iscsi_proto.h>
#include <target/target_core_base.h>
*/
int iscsi_login_setup_crypto(struct iscsi_conn *conn)
{
+ struct crypto_ahash *tfm;
+
/*
* Setup slicing by CRC32C algorithm for RX and TX libcrypto contexts
* which will default to crc32c_intel.ko for cpu_has_xmm4_2, or fallback
* to software 1x8 byte slicing from crc32c.ko
*/
- conn->conn_rx_hash.flags = 0;
- conn->conn_rx_hash.tfm = crypto_alloc_hash("crc32c", 0,
- CRYPTO_ALG_ASYNC);
- if (IS_ERR(conn->conn_rx_hash.tfm)) {
- pr_err("crypto_alloc_hash() failed for conn_rx_tfm\n");
+ tfm = crypto_alloc_ahash("crc32c", 0, CRYPTO_ALG_ASYNC);
+ if (IS_ERR(tfm)) {
+ pr_err("crypto_alloc_ahash() failed\n");
return -ENOMEM;
}
- conn->conn_tx_hash.flags = 0;
- conn->conn_tx_hash.tfm = crypto_alloc_hash("crc32c", 0,
- CRYPTO_ALG_ASYNC);
- if (IS_ERR(conn->conn_tx_hash.tfm)) {
- pr_err("crypto_alloc_hash() failed for conn_tx_tfm\n");
- crypto_free_hash(conn->conn_rx_hash.tfm);
+ conn->conn_rx_hash = ahash_request_alloc(tfm, GFP_KERNEL);
+ if (!conn->conn_rx_hash) {
+ pr_err("ahash_request_alloc() failed for conn_rx_hash\n");
+ crypto_free_ahash(tfm);
+ return -ENOMEM;
+ }
+ ahash_request_set_callback(conn->conn_rx_hash, 0, NULL, NULL);
+
+ conn->conn_tx_hash = ahash_request_alloc(tfm, GFP_KERNEL);
+ if (!conn->conn_tx_hash) {
+ pr_err("ahash_request_alloc() failed for conn_tx_hash\n");
+ ahash_request_free(conn->conn_rx_hash);
+ conn->conn_rx_hash = NULL;
+ crypto_free_ahash(tfm);
return -ENOMEM;
}
+ ahash_request_set_callback(conn->conn_tx_hash, 0, NULL, NULL);
return 0;
}
iscsit_dec_session_usage_count(conn->sess);
}
- if (!IS_ERR(conn->conn_rx_hash.tfm))
- crypto_free_hash(conn->conn_rx_hash.tfm);
- if (!IS_ERR(conn->conn_tx_hash.tfm))
- crypto_free_hash(conn->conn_tx_hash.tfm);
+ ahash_request_free(conn->conn_tx_hash);
+ if (conn->conn_rx_hash) {
+ struct crypto_ahash *tfm;
+
+ tfm = crypto_ahash_reqtfm(conn->conn_rx_hash);
+ ahash_request_free(conn->conn_rx_hash);
+ crypto_free_ahash(tfm);
+ }
free_cpumask_var(conn->conn_cpumask);