[linux.git] / crypto / cbc.c

// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * CBC: Cipher Block Chaining mode
 *
 * Copyright (c) 2006-2016 Herbert Xu <[email protected]>
 */

#include <crypto/algapi.h>
#include <crypto/internal/cipher.h>
#include <crypto/internal/skcipher.h>
#include <linux/err.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/log2.h>
#include <linux/module.h>

static int crypto_cbc_encrypt_segment(struct skcipher_walk *walk,
				      struct crypto_skcipher *skcipher)
{
	unsigned int bsize = crypto_skcipher_blocksize(skcipher);
	void (*fn)(struct crypto_tfm *, u8 *, const u8 *);
	unsigned int nbytes = walk->nbytes;
	u8 *src = walk->src.virt.addr;
	u8 *dst = walk->dst.virt.addr;
	struct crypto_cipher *cipher;
	struct crypto_tfm *tfm;
	u8 *iv = walk->iv;

	cipher = skcipher_cipher_simple(skcipher);
	tfm = crypto_cipher_tfm(cipher);
	fn = crypto_cipher_alg(cipher)->cia_encrypt;

	do {
		crypto_xor(iv, src, bsize);
		fn(tfm, dst, iv);
		memcpy(iv, dst, bsize);

		src += bsize;
		dst += bsize;
	} while ((nbytes -= bsize) >= bsize);

	return nbytes;
}

static int crypto_cbc_encrypt_inplace(struct skcipher_walk *walk,
				      struct crypto_skcipher *skcipher)
{
	unsigned int bsize = crypto_skcipher_blocksize(skcipher);
	void (*fn)(struct crypto_tfm *, u8 *, const u8 *);
	unsigned int nbytes = walk->nbytes;
	u8 *src = walk->src.virt.addr;
	struct crypto_cipher *cipher;
	struct crypto_tfm *tfm;
	u8 *iv = walk->iv;

	cipher = skcipher_cipher_simple(skcipher);
	tfm = crypto_cipher_tfm(cipher);
	fn = crypto_cipher_alg(cipher)->cia_encrypt;

	do {
		crypto_xor(src, iv, bsize);
		fn(tfm, src, src);
		iv = src;

		src += bsize;
	} while ((nbytes -= bsize) >= bsize);

	memcpy(walk->iv, iv, bsize);

	return nbytes;
}

static int crypto_cbc_encrypt(struct skcipher_request *req)
{
	struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
	struct skcipher_walk walk;
	int err;

	err = skcipher_walk_virt(&walk, req, false);

	while (walk.nbytes) {
		if (walk.src.virt.addr == walk.dst.virt.addr)
			err = crypto_cbc_encrypt_inplace(&walk, skcipher);
		else
			err = crypto_cbc_encrypt_segment(&walk, skcipher);
		err = skcipher_walk_done(&walk, err);
	}

	return err;
}

static int crypto_cbc_decrypt_segment(struct skcipher_walk *walk,
				      struct crypto_skcipher *skcipher)
{
	unsigned int bsize = crypto_skcipher_blocksize(skcipher);
	void (*fn)(struct crypto_tfm *, u8 *, const u8 *);
	unsigned int nbytes = walk->nbytes;
	u8 *src = walk->src.virt.addr;
	u8 *dst = walk->dst.virt.addr;
	struct crypto_cipher *cipher;
	struct crypto_tfm *tfm;
	u8 *iv = walk->iv;

	cipher = skcipher_cipher_simple(skcipher);
	tfm = crypto_cipher_tfm(cipher);
	fn = crypto_cipher_alg(cipher)->cia_decrypt;

	do {
		fn(tfm, dst, src);
		crypto_xor(dst, iv, bsize);
		iv = src;

		src += bsize;
		dst += bsize;
	} while ((nbytes -= bsize) >= bsize);

	memcpy(walk->iv, iv, bsize);

	return nbytes;
}

static int crypto_cbc_decrypt_inplace(struct skcipher_walk *walk,
				      struct crypto_skcipher *skcipher)
{
	unsigned int bsize = crypto_skcipher_blocksize(skcipher);
	void (*fn)(struct crypto_tfm *, u8 *, const u8 *);
	unsigned int nbytes = walk->nbytes;
	u8 *src = walk->src.virt.addr;
	u8 last_iv[MAX_CIPHER_BLOCKSIZE];
	struct crypto_cipher *cipher;
	struct crypto_tfm *tfm;

	cipher = skcipher_cipher_simple(skcipher);
	tfm = crypto_cipher_tfm(cipher);
	fn = crypto_cipher_alg(cipher)->cia_decrypt;

	/* Start of the last block. */
	src += nbytes - (nbytes & (bsize - 1)) - bsize;
	memcpy(last_iv, src, bsize);

	for (;;) {
		fn(tfm, src, src);
		if ((nbytes -= bsize) < bsize)
			break;
		crypto_xor(src, src - bsize, bsize);
		src -= bsize;
	}

	crypto_xor(src, walk->iv, bsize);
	memcpy(walk->iv, last_iv, bsize);

	return nbytes;
}

static int crypto_cbc_decrypt(struct skcipher_request *req)
{
	struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
	struct skcipher_walk walk;
	int err;

	err = skcipher_walk_virt(&walk, req, false);

	while (walk.nbytes) {
		if (walk.src.virt.addr == walk.dst.virt.addr)
			err = crypto_cbc_decrypt_inplace(&walk, skcipher);
		else
			err = crypto_cbc_decrypt_segment(&walk, skcipher);
		err = skcipher_walk_done(&walk, err);
	}

	return err;
}

static int crypto_cbc_create(struct crypto_template *tmpl, struct rtattr **tb)
{
	struct skcipher_instance *inst;
	struct crypto_alg *alg;
	int err;

	inst = skcipher_alloc_instance_simple(tmpl, tb);
	if (IS_ERR(inst))
		return PTR_ERR(inst);

	alg = skcipher_ialg_simple(inst);

	err = -EINVAL;
	if (!is_power_of_2(alg->cra_blocksize))
		goto out_free_inst;

	inst->alg.encrypt = crypto_cbc_encrypt;
	inst->alg.decrypt = crypto_cbc_decrypt;

	err = skcipher_register_instance(tmpl, inst);
	if (err) {
out_free_inst:
		inst->free(inst);
	}

	return err;
}

static struct crypto_template crypto_cbc_tmpl = {
	.name = "cbc",
	.create = crypto_cbc_create,
	.module = THIS_MODULE,
};

static int __init crypto_cbc_module_init(void)
{
	return crypto_register_template(&crypto_cbc_tmpl);
}

static void __exit crypto_cbc_module_exit(void)
{
	crypto_unregister_template(&crypto_cbc_tmpl);
}

subsys_initcall(crypto_cbc_module_init);
module_exit(crypto_cbc_module_exit);

MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("CBC block cipher mode of operation");
MODULE_ALIAS_CRYPTO("cbc");
Commit	Line	Data
2874c5fd	1	// SPDX-License-Identifier: GPL-2.0-or-later
db131ef9 HX	2	/*
	3	* CBC: Cipher Block Chaining mode
	4	*
cc868d82	5	* Copyright (c) 2006-2016 Herbert Xu <[email protected]>
db131ef9 HX	6	*/
db131ef9 HX	7
e6c2e65c	8	#include <crypto/algapi.h>
0eb76ba2	9	#include <crypto/internal/cipher.h>
79c65d17	10	#include <crypto/internal/skcipher.h>
db131ef9 HX	11	#include <linux/err.h>
	12	#include <linux/init.h>
	13	#include <linux/kernel.h>
50b6544e	14	#include <linux/log2.h>
db131ef9	15	#include <linux/module.h>
db131ef9	16
5f254dd4 HX	17	static int crypto_cbc_encrypt_segment(struct skcipher_walk *walk,
5f254dd4 HX	18	struct crypto_skcipher *skcipher)
79c65d17	19	{
5f254dd4 HX	20	unsigned int bsize = crypto_skcipher_blocksize(skcipher);
	21	void (fn)(struct crypto_tfm , u8 , const u8 );
	22	unsigned int nbytes = walk->nbytes;
	23	u8 *src = walk->src.virt.addr;
	24	u8 *dst = walk->dst.virt.addr;
	25	struct crypto_cipher *cipher;
	26	struct crypto_tfm *tfm;
	27	u8 *iv = walk->iv;
	28
	29	cipher = skcipher_cipher_simple(skcipher);
	30	tfm = crypto_cipher_tfm(cipher);
	31	fn = crypto_cipher_alg(cipher)->cia_encrypt;
	32
	33	do {
	34	crypto_xor(iv, src, bsize);
	35	fn(tfm, dst, iv);
	36	memcpy(iv, dst, bsize);
	37
	38	src += bsize;
	39	dst += bsize;
	40	} while ((nbytes -= bsize) >= bsize);
	41
	42	return nbytes;
	43	}
	44
	45	static int crypto_cbc_encrypt_inplace(struct skcipher_walk *walk,
	46	struct crypto_skcipher *skcipher)
	47	{
	48	unsigned int bsize = crypto_skcipher_blocksize(skcipher);
	49	void (fn)(struct crypto_tfm , u8 , const u8 );
	50	unsigned int nbytes = walk->nbytes;
	51	u8 *src = walk->src.virt.addr;
	52	struct crypto_cipher *cipher;
	53	struct crypto_tfm *tfm;
	54	u8 *iv = walk->iv;
	55
	56	cipher = skcipher_cipher_simple(skcipher);
	57	tfm = crypto_cipher_tfm(cipher);
	58	fn = crypto_cipher_alg(cipher)->cia_encrypt;
	59
	60	do {
	61	crypto_xor(src, iv, bsize);
	62	fn(tfm, src, src);
	63	iv = src;
	64
	65	src += bsize;
	66	} while ((nbytes -= bsize) >= bsize);
	67
	68	memcpy(walk->iv, iv, bsize);
	69
	70	return nbytes;
79c65d17 HX	71	}
	72
	73	static int crypto_cbc_encrypt(struct skcipher_request *req)
db131ef9	74	{
5f254dd4 HX	75	struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
	76	struct skcipher_walk walk;
	77	int err;
	78
	79	err = skcipher_walk_virt(&walk, req, false);
	80
	81	while (walk.nbytes) {
	82	if (walk.src.virt.addr == walk.dst.virt.addr)
	83	err = crypto_cbc_encrypt_inplace(&walk, skcipher);
	84	else
	85	err = crypto_cbc_encrypt_segment(&walk, skcipher);
	86	err = skcipher_walk_done(&walk, err);
	87	}
	88
	89	return err;
	90	}
	91
	92	static int crypto_cbc_decrypt_segment(struct skcipher_walk *walk,
	93	struct crypto_skcipher *skcipher)
	94	{
	95	unsigned int bsize = crypto_skcipher_blocksize(skcipher);
	96	void (fn)(struct crypto_tfm , u8 , const u8 );
	97	unsigned int nbytes = walk->nbytes;
	98	u8 *src = walk->src.virt.addr;
	99	u8 *dst = walk->dst.virt.addr;
	100	struct crypto_cipher *cipher;
	101	struct crypto_tfm *tfm;
	102	u8 *iv = walk->iv;
	103
	104	cipher = skcipher_cipher_simple(skcipher);
	105	tfm = crypto_cipher_tfm(cipher);
	106	fn = crypto_cipher_alg(cipher)->cia_decrypt;
	107
	108	do {
	109	fn(tfm, dst, src);
	110	crypto_xor(dst, iv, bsize);
	111	iv = src;
	112
	113	src += bsize;
	114	dst += bsize;
	115	} while ((nbytes -= bsize) >= bsize);
	116
	117	memcpy(walk->iv, iv, bsize);
	118
	119	return nbytes;
79c65d17 HX	120	}
79c65d17 HX	121
5f254dd4 HX	122	static int crypto_cbc_decrypt_inplace(struct skcipher_walk *walk,
5f254dd4 HX	123	struct crypto_skcipher *skcipher)
79c65d17	124	{
5f254dd4 HX	125	unsigned int bsize = crypto_skcipher_blocksize(skcipher);
	126	void (fn)(struct crypto_tfm , u8 , const u8 );
	127	unsigned int nbytes = walk->nbytes;
	128	u8 *src = walk->src.virt.addr;
	129	u8 last_iv[MAX_CIPHER_BLOCKSIZE];
	130	struct crypto_cipher *cipher;
	131	struct crypto_tfm *tfm;
	132
	133	cipher = skcipher_cipher_simple(skcipher);
	134	tfm = crypto_cipher_tfm(cipher);
	135	fn = crypto_cipher_alg(cipher)->cia_decrypt;
	136
	137	/* Start of the last block. */
	138	src += nbytes - (nbytes & (bsize - 1)) - bsize;
	139	memcpy(last_iv, src, bsize);
	140
	141	for (;;) {
	142	fn(tfm, src, src);
	143	if ((nbytes -= bsize) < bsize)
	144	break;
	145	crypto_xor(src, src - bsize, bsize);
	146	src -= bsize;
	147	}
	148
	149	crypto_xor(src, walk->iv, bsize);
	150	memcpy(walk->iv, last_iv, bsize);
	151
	152	return nbytes;
79c65d17 HX	153	}
	154
	155	static int crypto_cbc_decrypt(struct skcipher_request *req)
	156	{
5f254dd4	157	struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
79c65d17	158	struct skcipher_walk walk;
db131ef9 HX	159	int err;
db131ef9 HX	160
79c65d17	161	err = skcipher_walk_virt(&walk, req, false);
db131ef9	162
79c65d17	163	while (walk.nbytes) {
5f254dd4 HX	164	if (walk.src.virt.addr == walk.dst.virt.addr)
	165	err = crypto_cbc_decrypt_inplace(&walk, skcipher);
	166	else
	167	err = crypto_cbc_decrypt_segment(&walk, skcipher);
79c65d17	168	err = skcipher_walk_done(&walk, err);
db131ef9 HX	169	}
	170
	171	return err;
	172	}
	173
79c65d17 HX	174	static int crypto_cbc_create(struct crypto_template tmpl, struct rtattr *tb)
	175	{
	176	struct skcipher_instance *inst;
db131ef9	177	struct crypto_alg *alg;
ebc610e5 HX	178	int err;
ebc610e5 HX	179
b3c16bfc	180	inst = skcipher_alloc_instance_simple(tmpl, tb);
a5a84a9d EB	181	if (IS_ERR(inst))
a5a84a9d EB	182	return PTR_ERR(inst);
50b6544e	183
b3c16bfc HX	184	alg = skcipher_ialg_simple(inst);
b3c16bfc HX	185
79c65d17 HX	186	err = -EINVAL;
79c65d17 HX	187	if (!is_power_of_2(alg->cra_blocksize))
a5a84a9d	188	goto out_free_inst;
db131ef9	189
79c65d17 HX	190	inst->alg.encrypt = crypto_cbc_encrypt;
79c65d17 HX	191	inst->alg.decrypt = crypto_cbc_decrypt;
db131ef9	192
79c65d17	193	err = skcipher_register_instance(tmpl, inst);
b3c16bfc	194	if (err) {
a5a84a9d	195	out_free_inst:
b3c16bfc HX	196	inst->free(inst);
	197	}
	198
a5a84a9d	199	return err;
db131ef9 HX	200	}
	201
	202	static struct crypto_template crypto_cbc_tmpl = {
	203	.name = "cbc",
79c65d17	204	.create = crypto_cbc_create,
db131ef9 HX	205	.module = THIS_MODULE,
	206	};
	207
	208	static int __init crypto_cbc_module_init(void)
	209	{
	210	return crypto_register_template(&crypto_cbc_tmpl);
	211	}
	212
	213	static void __exit crypto_cbc_module_exit(void)
	214	{
	215	crypto_unregister_template(&crypto_cbc_tmpl);
	216	}
	217
c4741b23	218	subsys_initcall(crypto_cbc_module_init);
db131ef9 HX	219	module_exit(crypto_cbc_module_exit);
	220
	221	MODULE_LICENSE("GPL");
a5a84a9d	222	MODULE_DESCRIPTION("CBC block cipher mode of operation");
4943ba16	223	MODULE_ALIAS_CRYPTO("cbc");