From patchwork Fri Jun 7 14:49:43 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166152 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp732361ili; Fri, 7 Jun 2019 07:50:38 -0700 (PDT) X-Google-Smtp-Source: APXvYqwhEZWxP+CGudzTlUvEnR3TSA8c3t2uY4gyCjkU2GygGBeyY+WxEVCt9ZE1i6JzDV/EO1YK X-Received: by 2002:a17:902:542:: with SMTP id 60mr34033833plf.68.1559919038845; Fri, 07 Jun 2019 07:50:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559919038; cv=none; d=google.com; s=arc-20160816; b=Bd1Fhd+bVaxkHzdi2FG7/gO3Fjijn7F23ORQy23+waRd8NKCxiZfZ11r6GyN7wnKDR xjU1uTD/HtDSnU0d285syxz74gLeooQxLQJiq9ZEBYrPSFB51HXZB/o9fpf+8O2KAYXZ 8EmNAunr23DdQY0X6zs3pC7KeVXVqlds4E2E9GXQvNSnZ7kV87uRSAkp2Si4+3M97syT vy/ZApVALIGOn3zaCNyUKwK/nh5d8/t7Ljg78ZOECBlRsKzgV5jNP9DF/Ma1cNzWRfoj Hlos3H5odVuHu+jDW875XmYuyJEVE+20gGlQNK6OD24W4da8aC73yAKqRrRXPb8sazrB YOWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Z6Wy0LB17Cj8+QFhDjq+MOW1OHqvbDIBczgJ5kYrrbI=; b=Nvfxt6LlOJ4rNEE6ltNts7TxYHJwLuE1us8G5PKxWrkOzpH5jvt11XqeDM/FteXayA G59trR9WtEEAiMzrtu596zTQJxAu+zye+ffDjPUdLBb4FIHqdU++G+tpzJoyXn2MHXX6 q7nbF30ICFdpF213YTygpWdiT5fb4j+lrvJWDCTGJw87JZl2X6wIFEDigDXhrnJRuLNm ANrN1V/0EbPAehd7diLXX3qeARIpv9PtdIqKvJtaEDYFhQrXcoPjInZn5fPfdYvu0Wmf fueITCDLVIwBtViSUuCKT+VIg5g/OVMgS4q2Otq6yabVVaJP0v5SgzaOy2rJGrChka8S aq7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=xzaE+3nR; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g15si1840113pgk.260.2019.06.07.07.50.38; Fri, 07 Jun 2019 07:50:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=xzaE+3nR; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729342AbfFGOuh (ORCPT + 3 others); Fri, 7 Jun 2019 10:50:37 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:40900 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729213AbfFGOuf (ORCPT ); Fri, 7 Jun 2019 10:50:35 -0400 Received: by mail-wm1-f67.google.com with SMTP id v19so2205366wmj.5 for ; Fri, 07 Jun 2019 07:50:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Z6Wy0LB17Cj8+QFhDjq+MOW1OHqvbDIBczgJ5kYrrbI=; b=xzaE+3nRMJcAfiRFheJgq7ol8JYf2GZx2t/sk5NVe5j9CnldAHgP4s/Xz+Px6ZEz7X xGWKPQEEn4kDOJ+pKVrFNbvTsgIS/umEIQxDx8MbIpVlm5yU/d5ch7Z9/ojPCtMfOTR2 RdCmaqud8/nO4QcdMTk5rD9ZYtzler0FRiC9sJ+KKr/Y4qg1HS14MC56w5tJzCmQfAeh q9Tra4gXU0dByQrHkPq7ksV6rxHvru13Tg2PmZcEzqaTWgK1bRPSXNELZuNWKVEPX4FO ArHQ2wGTRjh/rv/RmVmOrrPA1Sm0CDTt+Fp6hBIjoFOEAAjnc4DA0i/HU6jNZJh0T3kv hpNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Z6Wy0LB17Cj8+QFhDjq+MOW1OHqvbDIBczgJ5kYrrbI=; b=ns3+M43WrOOSDAY10BUWTIn7tlRauvrYmmw3Mv0YUUZTZ5+JHS6Uaplpv5WqIdQ+O1 tKHP7080EPM597k+4F3keiR1UmsmjW+rRsftv6wu+wMeS1Dm5SFhUr8r6TzULLiKM3kd 7B1NoCQsALjh2zHxWN/zRn168UIv1/om9gQ5KJCIjg0DfOC12PERlYJjZrq7UFPUS680 gc+YHKpA4Gt6jsBkYK1giAf8osO6ir8xWPKOUpH1vM0KegEjvRM1bvOn4btFkY1+M4gj z+vxLastlVXHDYrS6/3DSKwWg4+CFo1GJsKrI/BtmMAoRwV9m03kca9h3bJSc7+VKkGN /SkQ== X-Gm-Message-State: APjAAAUMXOA0YhT/QjaVe9zfINdURmtGN1EvFLfzRGRIMhdUR9dKmtCt CinfLuKH71IcVPFZZH/eCl7Gob4iLcCdpw== X-Received: by 2002:a1c:1bc9:: with SMTP id b192mr3942201wmb.152.1559919033813; Fri, 07 Jun 2019 07:50:33 -0700 (PDT) Received: from localhost.localdomain (aaubervilliers-681-1-126-188.w90-88.abo.wanadoo.fr. [90.88.7.188]) by smtp.gmail.com with ESMTPSA id t13sm4129354wra.81.2019.06.07.07.50.32 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 07 Jun 2019 07:50:33 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, johannes@sipsolutions.net, linux-wireless@vger.kernel.org, davem@davemloft.net, Ard Biesheuvel Subject: [RFC PATCH 2/3] lib80211/tkip: switch to skcipher interface for arc4 Date: Fri, 7 Jun 2019 16:49:43 +0200 Message-Id: <20190607144944.13485-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190607144944.13485-1-ard.biesheuvel@linaro.org> References: <20190607144944.13485-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The TKIP code uses the arc4 cipher interface, and invokes it byte by byte. This is rather inefficient, and since the cipher interface in general is not really suitable for use outside of the crypto subsystem, move this code to use the skcipher interface instead. Given that the only driver that provides a RC4 cipher also provides a skcipher implementation, this is guaranteed to work. (Note that ARC4_BLOCK_SIZE is #define'd as 1 so ecb(arc4) behaves as a stream cipher, as is required in this case) Signed-off-by: Ard Biesheuvel --- net/wireless/lib80211_crypt_tkip.c | 61 ++++++++++++++------ 1 file changed, 42 insertions(+), 19 deletions(-) -- 2.20.1 diff --git a/net/wireless/lib80211_crypt_tkip.c b/net/wireless/lib80211_crypt_tkip.c index 11eaa5956f00..456c85b03b32 100644 --- a/net/wireless/lib80211_crypt_tkip.c +++ b/net/wireless/lib80211_crypt_tkip.c @@ -30,6 +30,7 @@ #include #include +#include #include #include @@ -64,9 +65,11 @@ struct lib80211_tkip_data { int key_idx; - struct crypto_cipher *rx_tfm_arc4; + struct crypto_skcipher *rx_tfm_arc4; + struct skcipher_request *rx_req_arc4; struct crypto_shash *rx_tfm_michael; - struct crypto_cipher *tx_tfm_arc4; + struct crypto_skcipher *tx_tfm_arc4; + struct skcipher_request *tx_req_arc4; struct crypto_shash *tx_tfm_michael; /* scratch buffers for virt_to_page() (crypto API) */ @@ -99,7 +102,8 @@ static void *lib80211_tkip_init(int key_idx) priv->key_idx = key_idx; - priv->tx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); + priv->tx_tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, + CRYPTO_ALG_ASYNC); if (IS_ERR(priv->tx_tfm_arc4)) { priv->tx_tfm_arc4 = NULL; goto fail; @@ -111,7 +115,8 @@ static void *lib80211_tkip_init(int key_idx) goto fail; } - priv->rx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); + priv->rx_tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, + CRYPTO_ALG_ASYNC); if (IS_ERR(priv->rx_tfm_arc4)) { priv->rx_tfm_arc4 = NULL; goto fail; @@ -123,14 +128,26 @@ static void *lib80211_tkip_init(int key_idx) goto fail; } + priv->tx_req_arc4 = skcipher_request_alloc(priv->tx_tfm_arc4, + GFP_KERNEL); + if (!priv->tx_req_arc4) + goto fail; + + priv->rx_req_arc4 = skcipher_request_alloc(priv->rx_tfm_arc4, + GFP_KERNEL); + if (!priv->rx_req_arc4) + goto fail; + return priv; fail: if (priv) { + skcipher_request_free(priv->tx_req_arc4); + skcipher_request_free(priv->rx_req_arc4); crypto_free_shash(priv->tx_tfm_michael); - crypto_free_cipher(priv->tx_tfm_arc4); + crypto_free_skcipher(priv->tx_tfm_arc4); crypto_free_shash(priv->rx_tfm_michael); - crypto_free_cipher(priv->rx_tfm_arc4); + crypto_free_skcipher(priv->rx_tfm_arc4); kfree(priv); } @@ -141,10 +158,12 @@ static void lib80211_tkip_deinit(void *priv) { struct lib80211_tkip_data *_priv = priv; if (_priv) { + skcipher_request_free(_priv->tx_req_arc4); + skcipher_request_free(_priv->rx_req_arc4); crypto_free_shash(_priv->tx_tfm_michael); - crypto_free_cipher(_priv->tx_tfm_arc4); + crypto_free_skcipher(_priv->tx_tfm_arc4); crypto_free_shash(_priv->rx_tfm_michael); - crypto_free_cipher(_priv->rx_tfm_arc4); + crypto_free_skcipher(_priv->rx_tfm_arc4); } kfree(priv); } @@ -342,10 +361,10 @@ static int lib80211_tkip_hdr(struct sk_buff *skb, int hdr_len, static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) { struct lib80211_tkip_data *tkey = priv; + struct scatterlist sg; int len; u8 rc4key[16], *pos, *icv; u32 crc; - int i; if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; @@ -370,10 +389,11 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(tkey->tx_tfm_arc4, rc4key, 16); - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(tkey->tx_tfm_arc4, pos + i, pos + i); - return 0; + crypto_skcipher_setkey(tkey->tx_tfm_arc4, rc4key, 16); + sg_init_one(&sg, pos, len + 4); + skcipher_request_set_crypt(tkey->tx_req_arc4, &sg, &sg, len + 4, NULL); + + return crypto_skcipher_encrypt(tkey->tx_req_arc4); } /* @@ -392,6 +412,7 @@ static inline int tkip_replay_check(u32 iv32_n, u16 iv16_n, static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) { struct lib80211_tkip_data *tkey = priv; + struct scatterlist sg; u8 rc4key[16]; u8 keyidx, *pos; u32 iv32; @@ -400,7 +421,6 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) u8 icv[4]; u32 crc; int plen; - int i; hdr = (struct ieee80211_hdr *)skb->data; @@ -453,9 +473,12 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) plen = skb->len - hdr_len - 12; - crypto_cipher_setkey(tkey->rx_tfm_arc4, rc4key, 16); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(tkey->rx_tfm_arc4, pos + i, pos + i); + crypto_skcipher_setkey(tkey->rx_tfm_arc4, rc4key, 16); + sg_init_one(&sg, pos, plen + 4); + skcipher_request_set_crypt(tkey->rx_req_arc4, &sg, &sg, plen + 4, NULL); + + if (crypto_skcipher_decrypt(tkey->rx_req_arc4)) + return -7; crc = ~crc32_le(~0, pos, plen); icv[0] = crc; @@ -640,9 +663,9 @@ static int lib80211_tkip_set_key(void *key, int len, u8 * seq, void *priv) struct lib80211_tkip_data *tkey = priv; int keyidx; struct crypto_shash *tfm = tkey->tx_tfm_michael; - struct crypto_cipher *tfm2 = tkey->tx_tfm_arc4; + struct crypto_skcipher *tfm2 = tkey->tx_tfm_arc4; struct crypto_shash *tfm3 = tkey->rx_tfm_michael; - struct crypto_cipher *tfm4 = tkey->rx_tfm_arc4; + struct crypto_skcipher *tfm4 = tkey->rx_tfm_arc4; keyidx = tkey->key_idx; memset(tkey, 0, sizeof(*tkey)); From patchwork Fri Jun 7 14:49:44 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166151 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp732385ili; Fri, 7 Jun 2019 07:50:39 -0700 (PDT) X-Google-Smtp-Source: APXvYqyoE1vVFZ57HeQxMjFRUByWSJ2kMYfXdAzHmIS5TzlNPrDNBnzHLO6ST0FLIr5f+lR/Tx13 X-Received: by 2002:a62:2e46:: with SMTP id u67mr58951086pfu.206.1559919039780; Fri, 07 Jun 2019 07:50:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559919039; cv=none; d=google.com; s=arc-20160816; b=hEHeV+Pj6R70LFvZOCfKkwKslaTl91XhxrU7+NWMuX7EYmqb4HCxp6lOEzZSLMRhgm L6RZxZQjnAk2wNsadRDdfRYPpPjKiVsZWXq/thC2ORz2N//Mdu9ejWodDrNZT7hnuKYM CiyDoPSeTrwOpCEetjUBCt0yHq/LBQYq4Pj2cR4rVSkh4hR+8o9FPhlj9uLcgGgEySdE 1YcTRkOvD1XBV3ZDC/tCCL/4AP/mLS3Q+TXL+WT09yMQlKOQSlfQvNa8TjpHoqq9FSao HfQVvFgvNs3EWRIgk2+EyfCAv2GfPZlxf7Mv0Gj9n89PyTr4YX7NWPHG6O1GeZ5X52jO ifSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=9n8YJM2aN2Tojwoz4xxKnfvlttLhNaxdXPyMxomRKLg=; b=xwcLKNq6s9aLyR2rmlHPYAe8f5oKLW7HDVDgI0VgwZ1Q0sM0/8AehQkOuhsExtTLlR bTuTmgF6JP7orL92DpQXgI+QLBwmK6NTNWv/L7NciMc979bP0LDIo0oxEYcXMhbEfZO/ 2MVpSBMt3BkBEjPE5hwJtNqK+61HGtsPcoU1wtmZ7a4I3SlXfyc7mvmzlZr6cuALDJ+z xfXgqW6Urq1URXDlh03/63Br0i3ptfXIN0EFaDB3MMqB0A1e2/I4qrKtBag3wBGfdgH7 Cx4Dl6YbttQnKZw3MyZ4iIt+cSKriA6y/T/wt8DrTaDkesXxeo+xCVQncWEyoFgVJZDV G7PQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=PUiwLSAc; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g15si1840113pgk.260.2019.06.07.07.50.39; Fri, 07 Jun 2019 07:50:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=PUiwLSAc; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729172AbfFGOui (ORCPT + 3 others); Fri, 7 Jun 2019 10:50:38 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:42490 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729193AbfFGOuh (ORCPT ); Fri, 7 Jun 2019 10:50:37 -0400 Received: by mail-wr1-f65.google.com with SMTP id x17so2449625wrl.9 for ; Fri, 07 Jun 2019 07:50:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=9n8YJM2aN2Tojwoz4xxKnfvlttLhNaxdXPyMxomRKLg=; b=PUiwLSAco3hmTp+31PViC1LfHPHcDGVR3bNcQjgSgRJjL5nJRypoQcMaOu6BfKV9d9 +aR/g1qclXtfM5JL40LECuhW9xZLo8lSFghvrCruHvVCtZurzrGCz89+ANOrEnSwL6T+ BeQ264VKH7RvNB0dITMAfuDM7Evf7M2uvMz4s9RbQ1j13G1pE6obWzlInoyeobaUq5yE zI3ngdTy1ShFwn2bUWYQTT9qHfAHz81dlbC7TnYE7qTyMvkRA0WtxoKmbdZZf0sIaCp0 ajAjfg4bB+IV00Qr0ODUYFnlqW81uXfG6zq5Bb/Jym8ZyZiowcHzpSWzplWN8B7YJbc7 KFag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9n8YJM2aN2Tojwoz4xxKnfvlttLhNaxdXPyMxomRKLg=; b=Su6QwfEOmiUJSy73K4kt/ISzLTOzIoFZ/11bDvy2UxgXxnGL2ZCGsXPFM7ttpG1iVO lmWxkPV2D+q9+9R6w6Q5RZnsq6xulUXcTMQWPLJH/HJ60cHHrgGbCQ1fz1EJ4mJjeGZM EWPJIbjKMQvtG4M14XPTHBACCrrUU7TTO2SOfxzsa44jp3x5Y0Q/wCgwnpSZ84pCNHSH Wr+Et2D38KBmQ0ZQoHdIfq5jdvGEsIYJKFIQNNj0D2/0ekJD7Vi0e7mcq4BCL21koPiq ulvclECSzcdSwLUqLmzhiOw9/EJPYmSrc79bOJDq88xmCNECIx3AaaVR1nZ1UZfkWqCb BfGg== X-Gm-Message-State: APjAAAWFtrnRUgp3nVI6UIEHMmUmjtB+S4pjTXEsroXC2Mb/BL5/G55L 4ZPOEnQ0piNC8U2fUMpIUPQ/ZGmQKIIWzg== X-Received: by 2002:adf:eb42:: with SMTP id u2mr32550695wrn.80.1559919034855; Fri, 07 Jun 2019 07:50:34 -0700 (PDT) Received: from localhost.localdomain (aaubervilliers-681-1-126-188.w90-88.abo.wanadoo.fr. [90.88.7.188]) by smtp.gmail.com with ESMTPSA id t13sm4129354wra.81.2019.06.07.07.50.33 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 07 Jun 2019 07:50:34 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: herbert@gondor.apana.org.au, ebiggers@kernel.org, johannes@sipsolutions.net, linux-wireless@vger.kernel.org, davem@davemloft.net, Ard Biesheuvel Subject: [RFC PATCH 3/3] lib80211/wep: switch to skcipher interface for arc4 Date: Fri, 7 Jun 2019 16:49:44 +0200 Message-Id: <20190607144944.13485-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190607144944.13485-1-ard.biesheuvel@linaro.org> References: <20190607144944.13485-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The WEP code uses the arc4 cipher interface, and invokes it byte by byte. This is rather inefficient, and since the cipher interface in general is not really suitable for use outside of the crypto subsystem, move this code to use the skcipher interface instead. Given that the only driver that provides a RC4 cipher also provides a skcipher implementation, this is guaranteed to work. (Note that ARC4_BLOCK_SIZE is #define'd as 1 so ecb(arc4) behaves as a stream cipher, as is required in this case) Signed-off-by: Ard Biesheuvel --- net/wireless/lib80211_crypt_wep.c | 52 ++++++++++++++------ 1 file changed, 36 insertions(+), 16 deletions(-) -- 2.20.1 diff --git a/net/wireless/lib80211_crypt_wep.c b/net/wireless/lib80211_crypt_wep.c index 20c1ad63ad44..461f94afe6e9 100644 --- a/net/wireless/lib80211_crypt_wep.c +++ b/net/wireless/lib80211_crypt_wep.c @@ -23,6 +23,7 @@ #include #include +#include #include MODULE_AUTHOR("Jouni Malinen"); @@ -35,8 +36,10 @@ struct lib80211_wep_data { u8 key[WEP_KEY_LEN + 1]; u8 key_len; u8 key_idx; - struct crypto_cipher *tx_tfm; - struct crypto_cipher *rx_tfm; + struct crypto_skcipher *tx_tfm; + struct crypto_skcipher *rx_tfm; + struct skcipher_request *tx_req; + struct skcipher_request *rx_req; }; static void *lib80211_wep_init(int keyidx) @@ -48,17 +51,26 @@ static void *lib80211_wep_init(int keyidx) goto fail; priv->key_idx = keyidx; - priv->tx_tfm = crypto_alloc_cipher("arc4", 0, 0); + priv->tx_tfm = crypto_alloc_skcipher("ecb(arc4)", 0, 0); if (IS_ERR(priv->tx_tfm)) { priv->tx_tfm = NULL; goto fail; } - priv->rx_tfm = crypto_alloc_cipher("arc4", 0, 0); + priv->rx_tfm = crypto_alloc_skcipher("arc4", 0, 0); if (IS_ERR(priv->rx_tfm)) { priv->rx_tfm = NULL; goto fail; } + + priv->tx_req = skcipher_request_alloc(priv->tx_tfm, GFP_KERNEL); + if (!priv->tx_req) + goto fail; + + priv->rx_req = skcipher_request_alloc(priv->rx_tfm, GFP_KERNEL); + if (!priv->tx_req) + goto fail; + /* start WEP IV from a random value */ get_random_bytes(&priv->iv, 4); @@ -66,8 +78,10 @@ static void *lib80211_wep_init(int keyidx) fail: if (priv) { - crypto_free_cipher(priv->tx_tfm); - crypto_free_cipher(priv->rx_tfm); + skcipher_request_free(priv->tx_req); + skcipher_request_free(priv->rx_req); + crypto_free_skcipher(priv->tx_tfm); + crypto_free_skcipher(priv->rx_tfm); kfree(priv); } return NULL; @@ -77,8 +91,10 @@ static void lib80211_wep_deinit(void *priv) { struct lib80211_wep_data *_priv = priv; if (_priv) { - crypto_free_cipher(_priv->tx_tfm); - crypto_free_cipher(_priv->rx_tfm); + skcipher_request_free(_priv->tx_req); + skcipher_request_free(_priv->rx_req); + crypto_free_skcipher(_priv->tx_tfm); + crypto_free_skcipher(_priv->rx_tfm); } kfree(priv); } @@ -129,10 +145,10 @@ static int lib80211_wep_build_iv(struct sk_buff *skb, int hdr_len, static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) { struct lib80211_wep_data *wep = priv; + struct scatterlist sg; u32 crc, klen, len; u8 *pos, *icv; u8 key[WEP_KEY_LEN + 3]; - int i; /* other checks are in lib80211_wep_build_iv */ if (skb_tailroom(skb) < 4) @@ -160,10 +176,11 @@ static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(wep->tx_tfm, key, klen); - - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(wep->tx_tfm, pos + i, pos + i); + crypto_skcipher_setkey(wep->tx_tfm, key, klen); + sg_init_one(&sg, pos, len + 4); + skcipher_request_set_crypt(wep->tx_req, &sg, &sg, len + 4, NULL); + if (crypto_skcipher_encrypt(wep->tx_req) < 0) + return -1; return 0; } @@ -178,6 +195,7 @@ static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv) { struct lib80211_wep_data *wep = priv; + struct scatterlist sg; u32 crc, klen, plen; u8 key[WEP_KEY_LEN + 3]; u8 keyidx, *pos, icv[4]; @@ -202,9 +220,11 @@ static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv) /* Apply RC4 to data and compute CRC32 over decrypted data */ plen = skb->len - hdr_len - 8; - crypto_cipher_setkey(wep->rx_tfm, key, klen); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(wep->rx_tfm, pos + i, pos + i); + crypto_skcipher_setkey(wep->rx_tfm, key, klen); + sg_init_one(&sg, pos, plen + 4); + skcipher_request_set_crypt(wep->rx_req, &sg, &sg, plen + 4, NULL); + if (crypto_skcipher_decrypt(wep->rx_req) < 0) + return -1; crc = ~crc32_le(~0, pos, plen); icv[0] = crc;