From patchwork Sat May 2 05:31:03 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 11523687 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 386BF1984 for ; Sat, 2 May 2020 05:33:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2189C20643 for ; Sat, 2 May 2020 05:33:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588397614; bh=Xy09gJgOkkbJ0ZYrb6dZNClW7tkDv1nBUg2GeKdk1cQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=09oAGUl48GnHI1mhZGx/9cqpQbC8XzyzHVTAJqAG0bVyhLEdxvgExcgUPmaiQPQ9U VGKOVKBtSlLCgpBkbwm6znDBfy1jvCh8BaqbgVmIoMtNRAg5WxGroQOtahnjRpqkYN v6OH7KVIAghBW5sFKGURYJ3n6f5PQk/Zi4tK8l+s= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727092AbgEBFdc (ORCPT ); Sat, 2 May 2020 01:33:32 -0400 Received: from mail.kernel.org ([198.145.29.99]:39030 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726058AbgEBFdb (ORCPT ); Sat, 2 May 2020 01:33:31 -0400 Received: from sol.hsd1.ca.comcast.net (c-107-3-166-239.hsd1.ca.comcast.net [107.3.166.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 40D182184D; Sat, 2 May 2020 05:33:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588397610; bh=Xy09gJgOkkbJ0ZYrb6dZNClW7tkDv1nBUg2GeKdk1cQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=lAXfGF92DERufghwz00F/QIgqNab18uegXgVsfl+gbihI7P/p7oBkSo2b7SRYemMo leI+9L+LpjxypzBwDoEDHo1kF1Vsv7aU4ikYmzDLr8A4ucNa1VtsvN0WpnFizpRcYI 5y9cBCWx62jX8rIidTrAwvjSxsV+xDpN0LwZDndU= From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: Cheng-Yi Chiang , ecryptfs@vger.kernel.org, Enric Balletbo i Serra , Gilad Ben-Yossef , Guenter Roeck , Jesper Nilsson , Kamil Konieczny , keyrings@vger.kernel.org, Krzysztof Kozlowski , Krzysztof Opasiak , Lars Persson , linux-bluetooth@vger.kernel.org, linux-mtd@lists.infradead.org, linux-nfs@vger.kernel.org, linux-sctp@vger.kernel.org, Robert Baldyga , Tom Lendacky , Vladimir Zapolskiy , Zaibo Xu Subject: [PATCH 01/20] crypto: hash - introduce crypto_shash_tfm_digest() Date: Fri, 1 May 2020 22:31:03 -0700 Message-Id: <20200502053122.995648-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200502053122.995648-1-ebiggers@kernel.org> References: <20200502053122.995648-1-ebiggers@kernel.org> MIME-Version: 1.0 Sender: keyrings-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Eric Biggers Currently the simplest use of the shash API is to use crypto_shash_digest() to digest a whole buffer. However, this still requires allocating a hash descriptor (struct shash_desc). Many users don't really want to preallocate one and instead just use a one-off descriptor on the stack like the following: { SHASH_DESC_ON_STACK(desc, tfm); int err; desc->tfm = tfm; err = crypto_shash_digest(desc, data, len, out); shash_desc_zero(desc); } Wrap this in a new helper function crypto_shash_tfm_digest() that can be used instead of the above. Signed-off-by: Eric Biggers --- crypto/shash.c | 16 ++++++++++++++++ include/crypto/hash.h | 19 +++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/crypto/shash.c b/crypto/shash.c index c075b26c2a1d9f..e6a4b5f39b8c64 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -206,6 +206,22 @@ int crypto_shash_digest(struct shash_desc *desc, const u8 *data, } EXPORT_SYMBOL_GPL(crypto_shash_digest); +int crypto_shash_tfm_digest(struct crypto_shash *tfm, const u8 *data, + unsigned int len, u8 *out) +{ + SHASH_DESC_ON_STACK(desc, tfm); + int err; + + desc->tfm = tfm; + + err = crypto_shash_digest(desc, data, len, out); + + shash_desc_zero(desc); + + return err; +} +EXPORT_SYMBOL_GPL(crypto_shash_tfm_digest); + static int shash_default_export(struct shash_desc *desc, void *out) { memcpy(out, shash_desc_ctx(desc), crypto_shash_descsize(desc->tfm)); diff --git a/include/crypto/hash.h b/include/crypto/hash.h index cee446c59497c6..4829d2367eda87 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -855,6 +855,25 @@ int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, int crypto_shash_digest(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *out); +/** + * crypto_shash_tfm_digest() - calculate message digest for buffer + * @tfm: hash transformation object + * @data: see crypto_shash_update() + * @len: see crypto_shash_update() + * @out: see crypto_shash_final() + * + * This is a simplified version of crypto_shash_digest() for users who don't + * want to allocate their own hash descriptor (shash_desc). Instead, + * crypto_shash_tfm_digest() takes a hash transformation object (crypto_shash) + * directly, and it allocates a hash descriptor on the stack internally. + * Note that this stack allocation may be fairly large. + * + * Context: Any context. + * Return: 0 on success; < 0 if an error occurred. + */ +int crypto_shash_tfm_digest(struct crypto_shash *tfm, const u8 *data, + unsigned int len, u8 *out); + /** * crypto_shash_export() - extract operational state for message digest * @desc: reference to the operational state handle whose state is exported From patchwork Sat May 2 05:31:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 11523725 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4BFEE81 for ; Sat, 2 May 2020 05:33:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2AD2F2071E for ; Sat, 2 May 2020 05:33:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588397630; bh=m9tJRaC/xdkq2x9xEKERQDzme5WlAEgGO8kez0ERpKg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=qn2hJoZPK+EAY+c/Ez6J22pZGkzT7THWa4e6W/UPKQ0htgLZbFJwz9ZMZUPA3QqYM bNtB5yL0b5p1FlJE/HH7fXj2BDP6QjggK2UselbZac0JYUxB+pTgtBUe5brIQXsW7w WF+VjJlLvU86sJsxlswQc3KBm1g55kzDoNO0cMOA= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727818AbgEBFdt (ORCPT ); Sat, 2 May 2020 01:33:49 -0400 Received: from mail.kernel.org ([198.145.29.99]:39220 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727832AbgEBFdq (ORCPT ); Sat, 2 May 2020 01:33:46 -0400 Received: from sol.hsd1.ca.comcast.net (c-107-3-166-239.hsd1.ca.comcast.net [107.3.166.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 2451C2495B; Sat, 2 May 2020 05:33:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588397626; bh=m9tJRaC/xdkq2x9xEKERQDzme5WlAEgGO8kez0ERpKg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SElL3uHFWuIiPX2XYV1j5cAPwHYTomeoDZNdTWNxvO1T6CViwnDRIzlHoC8yYzrKo 9vTCU8q8hXm55jXssqRx3kGe3C557tQ6glI3+mdiHo7/f+SYT+yNj5rfM8n+knD9qE F2U+IrJH3LqLvKMPwfctO6NrzAGdULBWAaXsY69s= From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: keyrings@vger.kernel.org Subject: [PATCH 19/20] KEYS: encrypted: use crypto_shash_tfm_digest() Date: Fri, 1 May 2020 22:31:21 -0700 Message-Id: <20200502053122.995648-20-ebiggers@kernel.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200502053122.995648-1-ebiggers@kernel.org> References: <20200502053122.995648-1-ebiggers@kernel.org> MIME-Version: 1.0 Sender: keyrings-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: keyrings@vger.kernel.org From: Eric Biggers Instead of manually allocating a 'struct shash_desc' on the stack and calling crypto_shash_digest(), switch to using the new helper function crypto_shash_tfm_digest() which does this for us. Cc: keyrings@vger.kernel.org Signed-off-by: Eric Biggers --- security/keys/encrypted-keys/encrypted.c | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c index f6797ba44bf716..14cf81d1a30b14 100644 --- a/security/keys/encrypted-keys/encrypted.c +++ b/security/keys/encrypted-keys/encrypted.c @@ -323,19 +323,6 @@ static struct key *request_user_key(const char *master_desc, const u8 **master_k return ukey; } -static int calc_hash(struct crypto_shash *tfm, u8 *digest, - const u8 *buf, unsigned int buflen) -{ - SHASH_DESC_ON_STACK(desc, tfm); - int err; - - desc->tfm = tfm; - - err = crypto_shash_digest(desc, buf, buflen, digest); - shash_desc_zero(desc); - return err; -} - static int calc_hmac(u8 *digest, const u8 *key, unsigned int keylen, const u8 *buf, unsigned int buflen) { @@ -351,7 +338,7 @@ static int calc_hmac(u8 *digest, const u8 *key, unsigned int keylen, err = crypto_shash_setkey(tfm, key, keylen); if (!err) - err = calc_hash(tfm, digest, buf, buflen); + err = crypto_shash_tfm_digest(tfm, buf, buflen, digest); crypto_free_shash(tfm); return err; } @@ -381,7 +368,8 @@ static int get_derived_key(u8 *derived_key, enum derived_key_type key_type, memcpy(derived_buf + strlen(derived_buf) + 1, master_key, master_keylen); - ret = calc_hash(hash_tfm, derived_key, derived_buf, derived_buf_len); + ret = crypto_shash_tfm_digest(hash_tfm, derived_buf, derived_buf_len, + derived_key); kzfree(derived_buf); return ret; }