[linux.git] / crypto / cbc.c

// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * CBC: Cipher Block Chaining mode
 *
 * Copyright (c) 2006-2016 Herbert Xu <[email protected]>
 */

#include <crypto/internal/skcipher.h>
#include <linux/err.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/log2.h>
#include <linux/module.h>

static int crypto_cbc_encrypt_segment(struct crypto_lskcipher *tfm,
				      const u8 *src, u8 *dst, unsigned nbytes,
				      u8 *iv)
{
	unsigned int bsize = crypto_lskcipher_blocksize(tfm);

	for (; nbytes >= bsize; src += bsize, dst += bsize, nbytes -= bsize) {
		crypto_xor(iv, src, bsize);
		crypto_lskcipher_encrypt(tfm, iv, dst, bsize, NULL);
		memcpy(iv, dst, bsize);
	}

	return nbytes;
}

static int crypto_cbc_encrypt_inplace(struct crypto_lskcipher *tfm,
				      u8 *src, unsigned nbytes, u8 *oiv)
{
	unsigned int bsize = crypto_lskcipher_blocksize(tfm);
	u8 *iv = oiv;

	if (nbytes < bsize)
		goto out;

	do {
		crypto_xor(src, iv, bsize);
		crypto_lskcipher_encrypt(tfm, src, src, bsize, NULL);
		iv = src;

		src += bsize;
	} while ((nbytes -= bsize) >= bsize);

	memcpy(oiv, iv, bsize);

out:
	return nbytes;
}

static int crypto_cbc_encrypt(struct crypto_lskcipher *tfm, const u8 *src,
			      u8 *dst, unsigned len, u8 *iv, u32 flags)
{
	struct crypto_lskcipher **ctx = crypto_lskcipher_ctx(tfm);
	bool final = flags & CRYPTO_LSKCIPHER_FLAG_FINAL;
	struct crypto_lskcipher *cipher = *ctx;
	int rem;

	if (src == dst)
		rem = crypto_cbc_encrypt_inplace(cipher, dst, len, iv);
	else
		rem = crypto_cbc_encrypt_segment(cipher, src, dst, len, iv);

	return rem && final ? -EINVAL : rem;
}

static int crypto_cbc_decrypt_segment(struct crypto_lskcipher *tfm,
				      const u8 *src, u8 *dst, unsigned nbytes,
				      u8 *oiv)
{
	unsigned int bsize = crypto_lskcipher_blocksize(tfm);
	const u8 *iv = oiv;

	if (nbytes < bsize)
		goto out;

	do {
		crypto_lskcipher_decrypt(tfm, src, dst, bsize, NULL);
		crypto_xor(dst, iv, bsize);
		iv = src;

		src += bsize;
		dst += bsize;
	} while ((nbytes -= bsize) >= bsize);

	memcpy(oiv, iv, bsize);

out:
	return nbytes;
}

static int crypto_cbc_decrypt_inplace(struct crypto_lskcipher *tfm,
				      u8 *src, unsigned nbytes, u8 *iv)
{
	unsigned int bsize = crypto_lskcipher_blocksize(tfm);
	u8 last_iv[MAX_CIPHER_BLOCKSIZE];

	if (nbytes < bsize)
		goto out;

	/* Start of the last block. */
	src += nbytes - (nbytes & (bsize - 1)) - bsize;
	memcpy(last_iv, src, bsize);

	for (;;) {
		crypto_lskcipher_decrypt(tfm, src, src, bsize, NULL);
		if ((nbytes -= bsize) < bsize)
			break;
		crypto_xor(src, src - bsize, bsize);
		src -= bsize;
	}

	crypto_xor(src, iv, bsize);
	memcpy(iv, last_iv, bsize);

out:
	return nbytes;
}

static int crypto_cbc_decrypt(struct crypto_lskcipher *tfm, const u8 *src,
			      u8 *dst, unsigned len, u8 *iv, u32 flags)
{
	struct crypto_lskcipher **ctx = crypto_lskcipher_ctx(tfm);
	bool final = flags & CRYPTO_LSKCIPHER_FLAG_FINAL;
	struct crypto_lskcipher *cipher = *ctx;
	int rem;

	if (src == dst)
		rem = crypto_cbc_decrypt_inplace(cipher, dst, len, iv);
	else
		rem = crypto_cbc_decrypt_segment(cipher, src, dst, len, iv);

	return rem && final ? -EINVAL : rem;
}

static int crypto_cbc_create(struct crypto_template *tmpl, struct rtattr **tb)
{
	struct lskcipher_instance *inst;
	int err;

	inst = lskcipher_alloc_instance_simple(tmpl, tb);
	if (IS_ERR(inst))
		return PTR_ERR(inst);

	err = -EINVAL;
	if (!is_power_of_2(inst->alg.co.base.cra_blocksize))
		goto out_free_inst;

	if (inst->alg.co.statesize)
		goto out_free_inst;

	inst->alg.encrypt = crypto_cbc_encrypt;
	inst->alg.decrypt = crypto_cbc_decrypt;

	err = lskcipher_register_instance(tmpl, inst);
	if (err) {
out_free_inst:
		inst->free(inst);
	}

	return err;
}

static struct crypto_template crypto_cbc_tmpl = {
	.name = "cbc",
	.create = crypto_cbc_create,
	.module = THIS_MODULE,
};

static int __init crypto_cbc_module_init(void)
{
	return crypto_register_template(&crypto_cbc_tmpl);
}

static void __exit crypto_cbc_module_exit(void)
{
	crypto_unregister_template(&crypto_cbc_tmpl);
}

subsys_initcall(crypto_cbc_module_init);
module_exit(crypto_cbc_module_exit);

MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("CBC block cipher mode of operation");
MODULE_ALIAS_CRYPTO("cbc");
Commit	Line	Data
2874c5fd	1	// SPDX-License-Identifier: GPL-2.0-or-later
db131ef9 HX	2	/*
	3	* CBC: Cipher Block Chaining mode
	4	*
cc868d82	5	* Copyright (c) 2006-2016 Herbert Xu <[email protected]>
db131ef9 HX	6	*/
db131ef9 HX	7
79c65d17	8	#include <crypto/internal/skcipher.h>
db131ef9 HX	9	#include <linux/err.h>
	10	#include <linux/init.h>
	11	#include <linux/kernel.h>
50b6544e	12	#include <linux/log2.h>
db131ef9	13	#include <linux/module.h>
db131ef9	14
705b52fe HX	15	static int crypto_cbc_encrypt_segment(struct crypto_lskcipher *tfm,
	16	const u8 src, u8 dst, unsigned nbytes,
	17	u8 *iv)
79c65d17	18	{
705b52fe	19	unsigned int bsize = crypto_lskcipher_blocksize(tfm);
5f254dd4	20
705b52fe	21	for (; nbytes >= bsize; src += bsize, dst += bsize, nbytes -= bsize) {
5f254dd4	22	crypto_xor(iv, src, bsize);
705b52fe	23	crypto_lskcipher_encrypt(tfm, iv, dst, bsize, NULL);
5f254dd4	24	memcpy(iv, dst, bsize);
705b52fe	25	}
5f254dd4 HX	26
	27	return nbytes;
	28	}
	29
705b52fe HX	30	static int crypto_cbc_encrypt_inplace(struct crypto_lskcipher *tfm,
705b52fe HX	31	u8 src, unsigned nbytes, u8 oiv)
5f254dd4	32	{
705b52fe HX	33	unsigned int bsize = crypto_lskcipher_blocksize(tfm);
	34	u8 *iv = oiv;
	35
	36	if (nbytes < bsize)
	37	goto out;
5f254dd4 HX	38
	39	do {
	40	crypto_xor(src, iv, bsize);
705b52fe	41	crypto_lskcipher_encrypt(tfm, src, src, bsize, NULL);
5f254dd4 HX	42	iv = src;
	43
	44	src += bsize;
	45	} while ((nbytes -= bsize) >= bsize);
	46
705b52fe	47	memcpy(oiv, iv, bsize);
5f254dd4	48
705b52fe	49	out:
5f254dd4	50	return nbytes;
79c65d17 HX	51	}
79c65d17 HX	52
705b52fe	53	static int crypto_cbc_encrypt(struct crypto_lskcipher tfm, const u8 src,
0ae4dcc1	54	u8 dst, unsigned len, u8 iv, u32 flags)
db131ef9	55	{
705b52fe	56	struct crypto_lskcipher **ctx = crypto_lskcipher_ctx(tfm);
0ae4dcc1	57	bool final = flags & CRYPTO_LSKCIPHER_FLAG_FINAL;
705b52fe HX	58	struct crypto_lskcipher cipher = ctx;
705b52fe HX	59	int rem;
5f254dd4	60
705b52fe HX	61	if (src == dst)
	62	rem = crypto_cbc_encrypt_inplace(cipher, dst, len, iv);
	63	else
	64	rem = crypto_cbc_encrypt_segment(cipher, src, dst, len, iv);
5f254dd4	65
705b52fe	66	return rem && final ? -EINVAL : rem;
5f254dd4 HX	67	}
5f254dd4 HX	68
705b52fe HX	69	static int crypto_cbc_decrypt_segment(struct crypto_lskcipher *tfm,
	70	const u8 src, u8 dst, unsigned nbytes,
	71	u8 *oiv)
5f254dd4	72	{
705b52fe HX	73	unsigned int bsize = crypto_lskcipher_blocksize(tfm);
	74	const u8 *iv = oiv;
	75
	76	if (nbytes < bsize)
	77	goto out;
5f254dd4 HX	78
5f254dd4 HX	79	do {
705b52fe	80	crypto_lskcipher_decrypt(tfm, src, dst, bsize, NULL);
5f254dd4 HX	81	crypto_xor(dst, iv, bsize);
	82	iv = src;
	83
	84	src += bsize;
	85	dst += bsize;
	86	} while ((nbytes -= bsize) >= bsize);
	87
705b52fe	88	memcpy(oiv, iv, bsize);
5f254dd4	89
705b52fe	90	out:
5f254dd4	91	return nbytes;
79c65d17 HX	92	}
79c65d17 HX	93
705b52fe HX	94	static int crypto_cbc_decrypt_inplace(struct crypto_lskcipher *tfm,
705b52fe HX	95	u8 src, unsigned nbytes, u8 iv)
79c65d17	96	{
705b52fe	97	unsigned int bsize = crypto_lskcipher_blocksize(tfm);
5f254dd4	98	u8 last_iv[MAX_CIPHER_BLOCKSIZE];
5f254dd4	99
705b52fe HX	100	if (nbytes < bsize)
705b52fe HX	101	goto out;
5f254dd4 HX	102
	103	/* Start of the last block. */
	104	src += nbytes - (nbytes & (bsize - 1)) - bsize;
	105	memcpy(last_iv, src, bsize);
	106
	107	for (;;) {
705b52fe	108	crypto_lskcipher_decrypt(tfm, src, src, bsize, NULL);
5f254dd4 HX	109	if ((nbytes -= bsize) < bsize)
	110	break;
	111	crypto_xor(src, src - bsize, bsize);
	112	src -= bsize;
	113	}
	114
705b52fe HX	115	crypto_xor(src, iv, bsize);
705b52fe HX	116	memcpy(iv, last_iv, bsize);
5f254dd4	117
705b52fe	118	out:
5f254dd4	119	return nbytes;
79c65d17 HX	120	}
79c65d17 HX	121
705b52fe	122	static int crypto_cbc_decrypt(struct crypto_lskcipher tfm, const u8 src,
0ae4dcc1	123	u8 dst, unsigned len, u8 iv, u32 flags)
79c65d17	124	{
705b52fe	125	struct crypto_lskcipher **ctx = crypto_lskcipher_ctx(tfm);
0ae4dcc1	126	bool final = flags & CRYPTO_LSKCIPHER_FLAG_FINAL;
705b52fe HX	127	struct crypto_lskcipher cipher = ctx;
705b52fe HX	128	int rem;
db131ef9	129
705b52fe HX	130	if (src == dst)
	131	rem = crypto_cbc_decrypt_inplace(cipher, dst, len, iv);
	132	else
	133	rem = crypto_cbc_decrypt_segment(cipher, src, dst, len, iv);
db131ef9	134
705b52fe	135	return rem && final ? -EINVAL : rem;
db131ef9 HX	136	}
db131ef9 HX	137
79c65d17 HX	138	static int crypto_cbc_create(struct crypto_template tmpl, struct rtattr *tb)
79c65d17 HX	139	{
705b52fe	140	struct lskcipher_instance *inst;
ebc610e5 HX	141	int err;
ebc610e5 HX	142
705b52fe	143	inst = lskcipher_alloc_instance_simple(tmpl, tb);
a5a84a9d EB	144	if (IS_ERR(inst))
a5a84a9d EB	145	return PTR_ERR(inst);
50b6544e	146
79c65d17	147	err = -EINVAL;
705b52fe	148	if (!is_power_of_2(inst->alg.co.base.cra_blocksize))
a5a84a9d	149	goto out_free_inst;
db131ef9	150
69fba378 HX	151	if (inst->alg.co.statesize)
	152	goto out_free_inst;
	153
79c65d17 HX	154	inst->alg.encrypt = crypto_cbc_encrypt;
79c65d17 HX	155	inst->alg.decrypt = crypto_cbc_decrypt;
db131ef9	156
705b52fe	157	err = lskcipher_register_instance(tmpl, inst);
b3c16bfc	158	if (err) {
a5a84a9d	159	out_free_inst:
b3c16bfc HX	160	inst->free(inst);
	161	}
	162
a5a84a9d	163	return err;
db131ef9 HX	164	}
	165
	166	static struct crypto_template crypto_cbc_tmpl = {
	167	.name = "cbc",
79c65d17	168	.create = crypto_cbc_create,
db131ef9 HX	169	.module = THIS_MODULE,
	170	};
	171
	172	static int __init crypto_cbc_module_init(void)
	173	{
	174	return crypto_register_template(&crypto_cbc_tmpl);
	175	}
	176
	177	static void __exit crypto_cbc_module_exit(void)
	178	{
	179	crypto_unregister_template(&crypto_cbc_tmpl);
	180	}
	181
c4741b23	182	subsys_initcall(crypto_cbc_module_init);
db131ef9 HX	183	module_exit(crypto_cbc_module_exit);
	184
	185	MODULE_LICENSE("GPL");
a5a84a9d	186	MODULE_DESCRIPTION("CBC block cipher mode of operation");
4943ba16	187	MODULE_ALIAS_CRYPTO("cbc");