diff mbox series

[net-next,17/17] tls: get cipher_name from cipher_desc in tls_set_sw_offload

Message ID 53d021d80138aa125a9cef4468aa5ce531975a7b.1692977948.git.sd@queasysnail.net (mailing list archive)
State Accepted
Commit f3e444e31f9fa45ad59cc2d0e0c1bcc86eef4780
Delegated to: Netdev Maintainers
Headers show
Series tls: expand tls_cipher_size_desc to simplify getsockopt/setsockopt | expand

Checks

Context Check Description
netdev/series_format fail Series longer than 15 patches (and no cover letter)
netdev/tree_selection success Clearly marked for net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 1330 this patch: 1330
netdev/cc_maintainers warning 3 maintainers not CCed: pabeni@redhat.com edumazet@google.com davem@davemloft.net
netdev/build_clang success Errors and warnings before: 1353 this patch: 1353
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 1353 this patch: 1353
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 51 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Sabrina Dubroca Aug. 25, 2023, 9:35 p.m. UTC 
tls_cipher_desc also contains the algorithm name needed by
crypto_alloc_aead, use it.

Finally, use get_cipher_desc to check if the cipher_type coming from
userspace is valid, and remove the cipher_type switch.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
---
 net/tls/tls_sw.c | 29 ++++-------------------------
 1 file changed, 4 insertions(+), 25 deletions(-)
diff mbox series

Patch

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 9c18ddf0d568..1ed4a611631f 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -2591,7 +2591,7 @@  int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
 	struct cipher_context *cctx;
 	struct crypto_aead **aead;
 	struct crypto_tfm *tfm;
-	char *iv, *rec_seq, *key, *salt, *cipher_name;
+	char *iv, *rec_seq, *key, *salt;
 	const struct tls_cipher_desc *cipher_desc;
 	u16 nonce_size;
 	int rc = 0;
@@ -2647,33 +2647,12 @@  int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
 		aead = &sw_ctx_rx->aead_recv;
 	}
 
-	switch (crypto_info->cipher_type) {
-	case TLS_CIPHER_AES_GCM_128:
-	case TLS_CIPHER_AES_GCM_256:
-		cipher_name = "gcm(aes)";
-		break;
-	case TLS_CIPHER_AES_CCM_128:
-		cipher_name = "ccm(aes)";
-		break;
-	case TLS_CIPHER_CHACHA20_POLY1305:
-		cipher_name = "rfc7539(chacha20,poly1305)";
-		break;
-	case TLS_CIPHER_SM4_GCM:
-		cipher_name = "gcm(sm4)";
-		break;
-	case TLS_CIPHER_SM4_CCM:
-		cipher_name = "ccm(sm4)";
-		break;
-	case TLS_CIPHER_ARIA_GCM_128:
-	case TLS_CIPHER_ARIA_GCM_256:
-		cipher_name = "gcm(aria)";
-		break;
-	default:
+	cipher_desc = get_cipher_desc(crypto_info->cipher_type);
+	if (!cipher_desc) {
 		rc = -EINVAL;
 		goto free_priv;
 	}
 
-	cipher_desc = get_cipher_desc(crypto_info->cipher_type);
 	nonce_size = cipher_desc->nonce;
 
 	iv = crypto_info_iv(crypto_info, cipher_desc);
@@ -2721,7 +2700,7 @@  int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
 	}
 
 	if (!*aead) {
-		*aead = crypto_alloc_aead(cipher_name, 0, 0);
+		*aead = crypto_alloc_aead(cipher_desc->cipher_name, 0, 0);
 		if (IS_ERR(*aead)) {
 			rc = PTR_ERR(*aead);
 			*aead = NULL;