Commit 50beceba authored by Steffen Klassert's avatar Steffen Klassert Committed by Herbert Xu

crypto: authenc - Move saved IV in front of the ablkcipher request

In crypto_authenc_encrypt() we save the IV behind the ablkcipher
request. To save space on the request, we overwrite the ablkcipher
request with a ahash request after encryption. So the IV may be
overwritten by the ahash request. This patch fixes this by placing
the IV in front of the ablkcipher/ahash request.
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent cbb9bf65
...@@ -386,11 +386,13 @@ static int crypto_authenc_encrypt(struct aead_request *req) ...@@ -386,11 +386,13 @@ static int crypto_authenc_encrypt(struct aead_request *req)
{ {
struct crypto_aead *authenc = crypto_aead_reqtfm(req); struct crypto_aead *authenc = crypto_aead_reqtfm(req);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc); struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
struct ablkcipher_request *abreq = aead_request_ctx(req); struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
struct crypto_ablkcipher *enc = ctx->enc; struct crypto_ablkcipher *enc = ctx->enc;
struct scatterlist *dst = req->dst; struct scatterlist *dst = req->dst;
unsigned int cryptlen = req->cryptlen; unsigned int cryptlen = req->cryptlen;
u8 *iv = (u8 *)(abreq + 1) + crypto_ablkcipher_reqsize(enc); struct ablkcipher_request *abreq = (void *)(areq_ctx->tail
+ ctx->reqoff);
u8 *iv = (u8 *)abreq - crypto_ablkcipher_ivsize(enc);
int err; int err;
ablkcipher_request_set_tfm(abreq, enc); ablkcipher_request_set_tfm(abreq, enc);
...@@ -546,10 +548,6 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm) ...@@ -546,10 +548,6 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
if (IS_ERR(auth)) if (IS_ERR(auth))
return PTR_ERR(auth); return PTR_ERR(auth);
ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
crypto_ahash_alignmask(auth),
crypto_ahash_alignmask(auth) + 1);
enc = crypto_spawn_skcipher(&ictx->enc); enc = crypto_spawn_skcipher(&ictx->enc);
err = PTR_ERR(enc); err = PTR_ERR(enc);
if (IS_ERR(enc)) if (IS_ERR(enc))
...@@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm) ...@@ -558,13 +556,18 @@ static int crypto_authenc_init_tfm(struct crypto_tfm *tfm)
ctx->auth = auth; ctx->auth = auth;
ctx->enc = enc; ctx->enc = enc;
tfm->crt_aead.reqsize = max_t(unsigned int, ctx->reqoff = ALIGN(2 * crypto_ahash_digestsize(auth) +
crypto_ahash_reqsize(auth) + ctx->reqoff + crypto_ahash_alignmask(auth),
sizeof(struct authenc_request_ctx) + crypto_ahash_alignmask(auth) + 1) +
crypto_ablkcipher_ivsize(enc);
tfm->crt_aead.reqsize = sizeof(struct authenc_request_ctx) +
ctx->reqoff +
max_t(unsigned int,
crypto_ahash_reqsize(auth) +
sizeof(struct ahash_request), sizeof(struct ahash_request),
sizeof(struct skcipher_givcrypt_request) + sizeof(struct skcipher_givcrypt_request) +
crypto_ablkcipher_reqsize(enc) + crypto_ablkcipher_reqsize(enc));
crypto_ablkcipher_ivsize(enc));
return 0; return 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment