Lines Matching refs:drbg
194 static int drbg_uninstantiate(struct drbg_state *drbg);
255 static void drbg_kcapi_symsetkey(struct drbg_state *drbg,
257 static int drbg_kcapi_sym(struct drbg_state *drbg, unsigned char *outval,
259 static int drbg_init_sym_kernel(struct drbg_state *drbg);
260 static int drbg_fini_sym_kernel(struct drbg_state *drbg);
261 static int drbg_kcapi_sym_ctr(struct drbg_state *drbg,
267 static int drbg_ctr_bcc(struct drbg_state *drbg, in drbg_ctr_bcc() argument
276 drbg_string_fill(&data, out, drbg_blocklen(drbg)); in drbg_ctr_bcc()
279 drbg_kcapi_symsetkey(drbg, key); in drbg_ctr_bcc()
286 if (drbg_blocklen(drbg) == cnt) { in drbg_ctr_bcc()
288 ret = drbg_kcapi_sym(drbg, out, &data); in drbg_ctr_bcc()
300 ret = drbg_kcapi_sym(drbg, out, &data); in drbg_ctr_bcc()
345 static int drbg_ctr_df(struct drbg_state *drbg, in drbg_ctr_df() argument
354 unsigned char *pad = df_data + drbg_statelen(drbg); in drbg_ctr_df()
355 unsigned char *iv = pad + drbg_blocklen(drbg); in drbg_ctr_df()
356 unsigned char *temp = iv + drbg_blocklen(drbg); in drbg_ctr_df()
372 memset(pad, 0, drbg_blocklen(drbg)); in drbg_ctr_df()
373 memset(iv, 0, drbg_blocklen(drbg)); in drbg_ctr_df()
390 padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg)); in drbg_ctr_df()
393 padlen = drbg_blocklen(drbg) - padlen; in drbg_ctr_df()
403 drbg_string_fill(&S1, iv, drbg_blocklen(drbg)); in drbg_ctr_df()
412 while (templen < (drbg_keylen(drbg) + (drbg_blocklen(drbg)))) { in drbg_ctr_df()
420 ret = drbg_ctr_bcc(drbg, temp + templen, K, &bcc_list); in drbg_ctr_df()
425 templen += drbg_blocklen(drbg); in drbg_ctr_df()
429 X = temp + (drbg_keylen(drbg)); in drbg_ctr_df()
430 drbg_string_fill(&cipherin, X, drbg_blocklen(drbg)); in drbg_ctr_df()
435 drbg_kcapi_symsetkey(drbg, temp); in drbg_ctr_df()
443 ret = drbg_kcapi_sym(drbg, X, &cipherin); in drbg_ctr_df()
446 blocklen = (drbg_blocklen(drbg) < in drbg_ctr_df()
448 drbg_blocklen(drbg) : in drbg_ctr_df()
458 memset(iv, 0, drbg_blocklen(drbg)); in drbg_ctr_df()
459 memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg)); in drbg_ctr_df()
460 memset(pad, 0, drbg_blocklen(drbg)); in drbg_ctr_df()
479 static int drbg_ctr_update(struct drbg_state *drbg, struct list_head *seed, in drbg_ctr_update() argument
484 unsigned char *temp = drbg->scratchpad; in drbg_ctr_update()
485 unsigned char *df_data = drbg->scratchpad + drbg_statelen(drbg) + in drbg_ctr_update()
486 drbg_blocklen(drbg); in drbg_ctr_update()
489 memset(df_data, 0, drbg_statelen(drbg)); in drbg_ctr_update()
499 crypto_inc(drbg->V, drbg_blocklen(drbg)); in drbg_ctr_update()
501 ret = crypto_skcipher_setkey(drbg->ctr_handle, drbg->C, in drbg_ctr_update()
502 drbg_keylen(drbg)); in drbg_ctr_update()
509 ret = drbg_ctr_df(drbg, df_data, drbg_statelen(drbg), seed); in drbg_ctr_update()
514 ret = drbg_kcapi_sym_ctr(drbg, df_data, drbg_statelen(drbg), in drbg_ctr_update()
515 temp, drbg_statelen(drbg)); in drbg_ctr_update()
520 ret = crypto_skcipher_setkey(drbg->ctr_handle, temp, in drbg_ctr_update()
521 drbg_keylen(drbg)); in drbg_ctr_update()
525 memcpy(drbg->V, temp + drbg_keylen(drbg), drbg_blocklen(drbg)); in drbg_ctr_update()
527 crypto_inc(drbg->V, drbg_blocklen(drbg)); in drbg_ctr_update()
531 memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg)); in drbg_ctr_update()
533 memset(df_data, 0, drbg_statelen(drbg)); in drbg_ctr_update()
542 static int drbg_ctr_generate(struct drbg_state *drbg, in drbg_ctr_generate() argument
551 ret = drbg_ctr_update(drbg, addtl, 2); in drbg_ctr_generate()
557 ret = drbg_kcapi_sym_ctr(drbg, NULL, 0, buf, len); in drbg_ctr_generate()
562 ret = drbg_ctr_update(drbg, NULL, 3); in drbg_ctr_generate()
582 static int drbg_kcapi_hash(struct drbg_state *drbg, unsigned char *outval,
584 static void drbg_kcapi_hmacsetkey(struct drbg_state *drbg,
586 static int drbg_init_hash_kernel(struct drbg_state *drbg);
587 static int drbg_fini_hash_kernel(struct drbg_state *drbg);
602 static int drbg_hmac_update(struct drbg_state *drbg, struct list_head *seed, in drbg_hmac_update() argument
613 memset(drbg->V, 1, drbg_statelen(drbg)); in drbg_hmac_update()
614 drbg_kcapi_hmacsetkey(drbg, drbg->C); in drbg_hmac_update()
617 drbg_string_fill(&seed1, drbg->V, drbg_statelen(drbg)); in drbg_hmac_update()
626 drbg_string_fill(&vdata, drbg->V, drbg_statelen(drbg)); in drbg_hmac_update()
635 ret = drbg_kcapi_hash(drbg, drbg->C, &seedlist); in drbg_hmac_update()
638 drbg_kcapi_hmacsetkey(drbg, drbg->C); in drbg_hmac_update()
641 ret = drbg_kcapi_hash(drbg, drbg->V, &vdatalist); in drbg_hmac_update()
654 static int drbg_hmac_generate(struct drbg_state *drbg, in drbg_hmac_generate() argument
666 ret = drbg_hmac_update(drbg, addtl, 1); in drbg_hmac_generate()
671 drbg_string_fill(&data, drbg->V, drbg_statelen(drbg)); in drbg_hmac_generate()
676 ret = drbg_kcapi_hash(drbg, drbg->V, &datalist); in drbg_hmac_generate()
679 outlen = (drbg_blocklen(drbg) < (buflen - len)) ? in drbg_hmac_generate()
680 drbg_blocklen(drbg) : (buflen - len); in drbg_hmac_generate()
683 memcpy(buf + len, drbg->V, outlen); in drbg_hmac_generate()
689 ret = drbg_hmac_update(drbg, addtl, 1); in drbg_hmac_generate()
691 ret = drbg_hmac_update(drbg, NULL, 1); in drbg_hmac_generate()
769 static int drbg_hash_df(struct drbg_state *drbg, in drbg_hash_df() argument
776 unsigned char *tmp = drbg->scratchpad + drbg_statelen(drbg); in drbg_hash_df()
791 ret = drbg_kcapi_hash(drbg, tmp, entropylist); in drbg_hash_df()
796 blocklen = (drbg_blocklen(drbg) < (outlen - len)) ? in drbg_hash_df()
797 drbg_blocklen(drbg) : (outlen - len); in drbg_hash_df()
803 memset(tmp, 0, drbg_blocklen(drbg)); in drbg_hash_df()
808 static int drbg_hash_update(struct drbg_state *drbg, struct list_head *seed, in drbg_hash_update() argument
815 unsigned char *V = drbg->scratchpad; in drbg_hash_update()
823 memcpy(V, drbg->V, drbg_statelen(drbg)); in drbg_hash_update()
826 drbg_string_fill(&data2, V, drbg_statelen(drbg)); in drbg_hash_update()
832 ret = drbg_hash_df(drbg, drbg->V, drbg_statelen(drbg), &datalist); in drbg_hash_update()
840 drbg_string_fill(&data2, drbg->V, drbg_statelen(drbg)); in drbg_hash_update()
843 ret = drbg_hash_df(drbg, drbg->C, drbg_statelen(drbg), &datalist2); in drbg_hash_update()
846 memset(drbg->scratchpad, 0, drbg_statelen(drbg)); in drbg_hash_update()
851 static int drbg_hash_process_addtl(struct drbg_state *drbg, in drbg_hash_process_addtl() argument
865 drbg_string_fill(&data2, drbg->V, drbg_statelen(drbg)); in drbg_hash_process_addtl()
869 ret = drbg_kcapi_hash(drbg, drbg->scratchpad, &datalist); in drbg_hash_process_addtl()
874 drbg_add_buf(drbg->V, drbg_statelen(drbg), in drbg_hash_process_addtl()
875 drbg->scratchpad, drbg_blocklen(drbg)); in drbg_hash_process_addtl()
878 memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); in drbg_hash_process_addtl()
883 static int drbg_hash_hashgen(struct drbg_state *drbg, in drbg_hash_hashgen() argument
889 unsigned char *src = drbg->scratchpad; in drbg_hash_hashgen()
890 unsigned char *dst = drbg->scratchpad + drbg_statelen(drbg); in drbg_hash_hashgen()
895 memcpy(src, drbg->V, drbg_statelen(drbg)); in drbg_hash_hashgen()
897 drbg_string_fill(&data, src, drbg_statelen(drbg)); in drbg_hash_hashgen()
902 ret = drbg_kcapi_hash(drbg, dst, &datalist); in drbg_hash_hashgen()
907 outlen = (drbg_blocklen(drbg) < (buflen - len)) ? in drbg_hash_hashgen()
908 drbg_blocklen(drbg) : (buflen - len); in drbg_hash_hashgen()
914 crypto_inc(src, drbg_statelen(drbg)); in drbg_hash_hashgen()
918 memset(drbg->scratchpad, 0, in drbg_hash_hashgen()
919 (drbg_statelen(drbg) + drbg_blocklen(drbg))); in drbg_hash_hashgen()
924 static int drbg_hash_generate(struct drbg_state *drbg, in drbg_hash_generate() argument
939 ret = drbg_hash_process_addtl(drbg, addtl); in drbg_hash_generate()
943 len = drbg_hash_hashgen(drbg, buf, buflen); in drbg_hash_generate()
949 drbg_string_fill(&data2, drbg->V, drbg_statelen(drbg)); in drbg_hash_generate()
951 ret = drbg_kcapi_hash(drbg, drbg->scratchpad, &datalist); in drbg_hash_generate()
958 drbg_add_buf(drbg->V, drbg_statelen(drbg), in drbg_hash_generate()
959 drbg->scratchpad, drbg_blocklen(drbg)); in drbg_hash_generate()
960 drbg_add_buf(drbg->V, drbg_statelen(drbg), in drbg_hash_generate()
961 drbg->C, drbg_statelen(drbg)); in drbg_hash_generate()
962 u.req_int = cpu_to_be64(drbg->reseed_ctr); in drbg_hash_generate()
963 drbg_add_buf(drbg->V, drbg_statelen(drbg), u.req, 8); in drbg_hash_generate()
966 memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); in drbg_hash_generate()
986 static inline int __drbg_seed(struct drbg_state *drbg, struct list_head *seed, in __drbg_seed() argument
989 int ret = drbg->d_ops->update(drbg, seed, reseed); in __drbg_seed()
994 drbg->seeded = true; in __drbg_seed()
996 drbg->reseed_ctr = 1; in __drbg_seed()
1005 struct drbg_state *drbg = container_of(work, struct drbg_state, in drbg_async_seed() local
1007 unsigned int entropylen = drbg_sec_strength(drbg->core->flags); in drbg_async_seed()
1017 mutex_lock(&drbg->drbg_mutex); in drbg_async_seed()
1020 crypto_free_rng(drbg->jent); in drbg_async_seed()
1021 drbg->jent = NULL; in drbg_async_seed()
1026 drbg->seeded = false; in drbg_async_seed()
1028 __drbg_seed(drbg, &seedlist, true); in drbg_async_seed()
1030 if (drbg->seeded) in drbg_async_seed()
1031 drbg->reseed_threshold = drbg_max_requests(drbg); in drbg_async_seed()
1033 mutex_unlock(&drbg->drbg_mutex); in drbg_async_seed()
1049 static int drbg_seed(struct drbg_state *drbg, struct drbg_string *pers, in drbg_seed() argument
1054 unsigned int entropylen = drbg_sec_strength(drbg->core->flags); in drbg_seed()
1059 if (pers && pers->len > (drbg_max_addtl(drbg))) { in drbg_seed()
1065 if (list_empty(&drbg->test_data.list)) { in drbg_seed()
1066 drbg_string_fill(&data1, drbg->test_data.buf, in drbg_seed()
1067 drbg->test_data.len); in drbg_seed()
1086 if (!drbg->jent) { in drbg_seed()
1092 ret = crypto_rng_get_bytes(drbg->jent, in drbg_seed()
1118 memset(drbg->V, 0, drbg_statelen(drbg)); in drbg_seed()
1119 memset(drbg->C, 0, drbg_statelen(drbg)); in drbg_seed()
1122 ret = __drbg_seed(drbg, &seedlist, reseed); in drbg_seed()
1130 static inline void drbg_dealloc_state(struct drbg_state *drbg) in drbg_dealloc_state() argument
1132 if (!drbg) in drbg_dealloc_state()
1134 kzfree(drbg->Vbuf); in drbg_dealloc_state()
1135 drbg->Vbuf = NULL; in drbg_dealloc_state()
1136 drbg->V = NULL; in drbg_dealloc_state()
1137 kzfree(drbg->Cbuf); in drbg_dealloc_state()
1138 drbg->Cbuf = NULL; in drbg_dealloc_state()
1139 drbg->C = NULL; in drbg_dealloc_state()
1140 kzfree(drbg->scratchpadbuf); in drbg_dealloc_state()
1141 drbg->scratchpadbuf = NULL; in drbg_dealloc_state()
1142 drbg->reseed_ctr = 0; in drbg_dealloc_state()
1143 drbg->d_ops = NULL; in drbg_dealloc_state()
1144 drbg->core = NULL; in drbg_dealloc_state()
1151 static inline int drbg_alloc_state(struct drbg_state *drbg) in drbg_alloc_state() argument
1156 switch (drbg->core->flags & DRBG_TYPE_MASK) { in drbg_alloc_state()
1159 drbg->d_ops = &drbg_hmac_ops; in drbg_alloc_state()
1164 drbg->d_ops = &drbg_hash_ops; in drbg_alloc_state()
1169 drbg->d_ops = &drbg_ctr_ops; in drbg_alloc_state()
1177 ret = drbg->d_ops->crypto_init(drbg); in drbg_alloc_state()
1181 drbg->Vbuf = kmalloc(drbg_statelen(drbg) + ret, GFP_KERNEL); in drbg_alloc_state()
1182 if (!drbg->Vbuf) { in drbg_alloc_state()
1186 drbg->V = PTR_ALIGN(drbg->Vbuf, ret + 1); in drbg_alloc_state()
1187 drbg->Cbuf = kmalloc(drbg_statelen(drbg) + ret, GFP_KERNEL); in drbg_alloc_state()
1188 if (!drbg->Cbuf) { in drbg_alloc_state()
1192 drbg->C = PTR_ALIGN(drbg->Cbuf, ret + 1); in drbg_alloc_state()
1194 if (drbg->core->flags & DRBG_HMAC) in drbg_alloc_state()
1196 else if (drbg->core->flags & DRBG_CTR) in drbg_alloc_state()
1197 sb_size = drbg_statelen(drbg) + drbg_blocklen(drbg) + /* temp */ in drbg_alloc_state()
1198 drbg_statelen(drbg) + /* df_data */ in drbg_alloc_state()
1199 drbg_blocklen(drbg) + /* pad */ in drbg_alloc_state()
1200 drbg_blocklen(drbg) + /* iv */ in drbg_alloc_state()
1201 drbg_statelen(drbg) + drbg_blocklen(drbg); /* temp */ in drbg_alloc_state()
1203 sb_size = drbg_statelen(drbg) + drbg_blocklen(drbg); in drbg_alloc_state()
1206 drbg->scratchpadbuf = kzalloc(sb_size + ret, GFP_KERNEL); in drbg_alloc_state()
1207 if (!drbg->scratchpadbuf) { in drbg_alloc_state()
1211 drbg->scratchpad = PTR_ALIGN(drbg->scratchpadbuf, ret + 1); in drbg_alloc_state()
1217 drbg->d_ops->crypto_fini(drbg); in drbg_alloc_state()
1219 drbg_dealloc_state(drbg); in drbg_alloc_state()
1243 static int drbg_generate(struct drbg_state *drbg, in drbg_generate() argument
1250 if (!drbg->core) { in drbg_generate()
1265 if (buflen > (drbg_max_request_bytes(drbg))) { in drbg_generate()
1274 if (addtl && addtl->len > (drbg_max_addtl(drbg))) { in drbg_generate()
1285 if (drbg->reseed_threshold < drbg->reseed_ctr) in drbg_generate()
1286 drbg->seeded = false; in drbg_generate()
1288 if (drbg->pr || !drbg->seeded) { in drbg_generate()
1291 drbg->pr ? "true" : "false", in drbg_generate()
1292 drbg->seeded ? "seeded" : "unseeded"); in drbg_generate()
1294 len = drbg_seed(drbg, addtl, true); in drbg_generate()
1304 len = drbg->d_ops->generate(drbg, buf, buflen, &addtllist); in drbg_generate()
1307 drbg->reseed_ctr++; in drbg_generate()
1327 if (drbg->reseed_ctr && !(drbg->reseed_ctr % 4096)) { in drbg_generate()
1330 if (drbg->core->flags & DRBG_HMAC) in drbg_generate()
1333 else if (drbg->core->flags & DRBG_CTR) in drbg_generate()
1345 drbg_uninstantiate(drbg); in drbg_generate()
1370 static int drbg_generate_long(struct drbg_state *drbg, in drbg_generate_long() argument
1379 slice = ((buflen - len) / drbg_max_request_bytes(drbg)); in drbg_generate_long()
1380 chunk = slice ? drbg_max_request_bytes(drbg) : (buflen - len); in drbg_generate_long()
1381 mutex_lock(&drbg->drbg_mutex); in drbg_generate_long()
1382 err = drbg_generate(drbg, buf + len, chunk, addtl); in drbg_generate_long()
1383 mutex_unlock(&drbg->drbg_mutex); in drbg_generate_long()
1393 struct drbg_state *drbg = container_of(rdy, struct drbg_state, in drbg_schedule_async_seed() local
1396 schedule_work(&drbg->seed_work); in drbg_schedule_async_seed()
1399 static int drbg_prepare_hrng(struct drbg_state *drbg) in drbg_prepare_hrng() argument
1404 if (list_empty(&drbg->test_data.list)) in drbg_prepare_hrng()
1407 INIT_WORK(&drbg->seed_work, drbg_async_seed); in drbg_prepare_hrng()
1409 drbg->random_ready.owner = THIS_MODULE; in drbg_prepare_hrng()
1410 drbg->random_ready.func = drbg_schedule_async_seed; in drbg_prepare_hrng()
1412 err = add_random_ready_callback(&drbg->random_ready); in drbg_prepare_hrng()
1423 drbg->random_ready.func = NULL; in drbg_prepare_hrng()
1427 drbg->jent = crypto_alloc_rng("jitterentropy_rng", 0, 0); in drbg_prepare_hrng()
1433 drbg->reseed_threshold = 50; in drbg_prepare_hrng()
1455 static int drbg_instantiate(struct drbg_state *drbg, struct drbg_string *pers, in drbg_instantiate() argument
1463 mutex_lock(&drbg->drbg_mutex); in drbg_instantiate()
1475 if (!drbg->core) { in drbg_instantiate()
1476 drbg->core = &drbg_cores[coreref]; in drbg_instantiate()
1477 drbg->pr = pr; in drbg_instantiate()
1478 drbg->seeded = false; in drbg_instantiate()
1479 drbg->reseed_threshold = drbg_max_requests(drbg); in drbg_instantiate()
1481 ret = drbg_alloc_state(drbg); in drbg_instantiate()
1485 ret = drbg_prepare_hrng(drbg); in drbg_instantiate()
1489 if (IS_ERR(drbg->jent)) { in drbg_instantiate()
1490 ret = PTR_ERR(drbg->jent); in drbg_instantiate()
1491 drbg->jent = NULL; in drbg_instantiate()
1500 ret = drbg_seed(drbg, pers, reseed); in drbg_instantiate()
1505 mutex_unlock(&drbg->drbg_mutex); in drbg_instantiate()
1509 mutex_unlock(&drbg->drbg_mutex); in drbg_instantiate()
1513 mutex_unlock(&drbg->drbg_mutex); in drbg_instantiate()
1514 drbg_uninstantiate(drbg); in drbg_instantiate()
1527 static int drbg_uninstantiate(struct drbg_state *drbg) in drbg_uninstantiate() argument
1529 if (drbg->random_ready.func) { in drbg_uninstantiate()
1530 del_random_ready_callback(&drbg->random_ready); in drbg_uninstantiate()
1531 cancel_work_sync(&drbg->seed_work); in drbg_uninstantiate()
1532 crypto_free_rng(drbg->jent); in drbg_uninstantiate()
1533 drbg->jent = NULL; in drbg_uninstantiate()
1536 if (drbg->d_ops) in drbg_uninstantiate()
1537 drbg->d_ops->crypto_fini(drbg); in drbg_uninstantiate()
1538 drbg_dealloc_state(drbg); in drbg_uninstantiate()
1553 struct drbg_state *drbg = crypto_rng_ctx(tfm); in drbg_kcapi_set_entropy() local
1555 mutex_lock(&drbg->drbg_mutex); in drbg_kcapi_set_entropy()
1556 drbg_string_fill(&drbg->test_data, data, len); in drbg_kcapi_set_entropy()
1557 mutex_unlock(&drbg->drbg_mutex); in drbg_kcapi_set_entropy()
1570 static int drbg_init_hash_kernel(struct drbg_state *drbg) in drbg_init_hash_kernel() argument
1575 tfm = crypto_alloc_shash(drbg->core->backend_cra_name, 0, 0); in drbg_init_hash_kernel()
1578 drbg->core->backend_cra_name); in drbg_init_hash_kernel()
1581 BUG_ON(drbg_blocklen(drbg) != crypto_shash_digestsize(tfm)); in drbg_init_hash_kernel()
1591 drbg->priv_data = sdesc; in drbg_init_hash_kernel()
1596 static int drbg_fini_hash_kernel(struct drbg_state *drbg) in drbg_fini_hash_kernel() argument
1598 struct sdesc *sdesc = (struct sdesc *)drbg->priv_data; in drbg_fini_hash_kernel()
1603 drbg->priv_data = NULL; in drbg_fini_hash_kernel()
1607 static void drbg_kcapi_hmacsetkey(struct drbg_state *drbg, in drbg_kcapi_hmacsetkey() argument
1610 struct sdesc *sdesc = (struct sdesc *)drbg->priv_data; in drbg_kcapi_hmacsetkey()
1612 crypto_shash_setkey(sdesc->shash.tfm, key, drbg_statelen(drbg)); in drbg_kcapi_hmacsetkey()
1615 static int drbg_kcapi_hash(struct drbg_state *drbg, unsigned char *outval, in drbg_kcapi_hash() argument
1618 struct sdesc *sdesc = (struct sdesc *)drbg->priv_data; in drbg_kcapi_hash()
1629 static int drbg_fini_sym_kernel(struct drbg_state *drbg) in drbg_fini_sym_kernel() argument
1632 (struct crypto_cipher *)drbg->priv_data; in drbg_fini_sym_kernel()
1635 drbg->priv_data = NULL; in drbg_fini_sym_kernel()
1637 if (drbg->ctr_handle) in drbg_fini_sym_kernel()
1638 crypto_free_skcipher(drbg->ctr_handle); in drbg_fini_sym_kernel()
1639 drbg->ctr_handle = NULL; in drbg_fini_sym_kernel()
1641 if (drbg->ctr_req) in drbg_fini_sym_kernel()
1642 skcipher_request_free(drbg->ctr_req); in drbg_fini_sym_kernel()
1643 drbg->ctr_req = NULL; in drbg_fini_sym_kernel()
1645 kfree(drbg->outscratchpadbuf); in drbg_fini_sym_kernel()
1646 drbg->outscratchpadbuf = NULL; in drbg_fini_sym_kernel()
1651 static int drbg_init_sym_kernel(struct drbg_state *drbg) in drbg_init_sym_kernel() argument
1659 tfm = crypto_alloc_cipher(drbg->core->backend_cra_name, 0, 0); in drbg_init_sym_kernel()
1662 drbg->core->backend_cra_name); in drbg_init_sym_kernel()
1665 BUG_ON(drbg_blocklen(drbg) != crypto_cipher_blocksize(tfm)); in drbg_init_sym_kernel()
1666 drbg->priv_data = tfm; in drbg_init_sym_kernel()
1669 drbg->core->backend_cra_name) >= CRYPTO_MAX_ALG_NAME) { in drbg_init_sym_kernel()
1670 drbg_fini_sym_kernel(drbg); in drbg_init_sym_kernel()
1677 drbg_fini_sym_kernel(drbg); in drbg_init_sym_kernel()
1680 drbg->ctr_handle = sk_tfm; in drbg_init_sym_kernel()
1681 crypto_init_wait(&drbg->ctr_wait); in drbg_init_sym_kernel()
1686 drbg_fini_sym_kernel(drbg); in drbg_init_sym_kernel()
1689 drbg->ctr_req = req; in drbg_init_sym_kernel()
1692 crypto_req_done, &drbg->ctr_wait); in drbg_init_sym_kernel()
1695 drbg->outscratchpadbuf = kmalloc(DRBG_OUTSCRATCHLEN + alignmask, in drbg_init_sym_kernel()
1697 if (!drbg->outscratchpadbuf) { in drbg_init_sym_kernel()
1698 drbg_fini_sym_kernel(drbg); in drbg_init_sym_kernel()
1701 drbg->outscratchpad = (u8 *)PTR_ALIGN(drbg->outscratchpadbuf, in drbg_init_sym_kernel()
1704 sg_init_table(&drbg->sg_in, 1); in drbg_init_sym_kernel()
1705 sg_init_one(&drbg->sg_out, drbg->outscratchpad, DRBG_OUTSCRATCHLEN); in drbg_init_sym_kernel()
1710 static void drbg_kcapi_symsetkey(struct drbg_state *drbg, in drbg_kcapi_symsetkey() argument
1714 (struct crypto_cipher *)drbg->priv_data; in drbg_kcapi_symsetkey()
1716 crypto_cipher_setkey(tfm, key, (drbg_keylen(drbg))); in drbg_kcapi_symsetkey()
1719 static int drbg_kcapi_sym(struct drbg_state *drbg, unsigned char *outval, in drbg_kcapi_sym() argument
1723 (struct crypto_cipher *)drbg->priv_data; in drbg_kcapi_sym()
1726 BUG_ON(in->len < drbg_blocklen(drbg)); in drbg_kcapi_sym()
1731 static int drbg_kcapi_sym_ctr(struct drbg_state *drbg, in drbg_kcapi_sym_ctr() argument
1735 struct scatterlist *sg_in = &drbg->sg_in, *sg_out = &drbg->sg_out; in drbg_kcapi_sym_ctr()
1745 memset(drbg->outscratchpad, 0, scratchpad_use); in drbg_kcapi_sym_ctr()
1746 sg_set_buf(sg_in, drbg->outscratchpad, scratchpad_use); in drbg_kcapi_sym_ctr()
1753 skcipher_request_set_crypt(drbg->ctr_req, sg_in, sg_out, in drbg_kcapi_sym_ctr()
1754 cryptlen, drbg->V); in drbg_kcapi_sym_ctr()
1755 ret = crypto_wait_req(crypto_skcipher_encrypt(drbg->ctr_req), in drbg_kcapi_sym_ctr()
1756 &drbg->ctr_wait); in drbg_kcapi_sym_ctr()
1760 crypto_init_wait(&drbg->ctr_wait); in drbg_kcapi_sym_ctr()
1762 memcpy(outbuf, drbg->outscratchpad, cryptlen); in drbg_kcapi_sym_ctr()
1763 memzero_explicit(drbg->outscratchpad, cryptlen); in drbg_kcapi_sym_ctr()
1821 struct drbg_state *drbg = crypto_tfm_ctx(tfm); in drbg_kcapi_init() local
1823 mutex_init(&drbg->drbg_mutex); in drbg_kcapi_init()
1846 struct drbg_state *drbg = crypto_rng_ctx(tfm); in drbg_kcapi_random() local
1856 return drbg_generate_long(drbg, dst, dlen, addtl); in drbg_kcapi_random()
1865 struct drbg_state *drbg = crypto_rng_ctx(tfm); in drbg_kcapi_seed() local
1879 return drbg_instantiate(drbg, seed_string, coreref, pr); in drbg_kcapi_seed()
1901 struct drbg_state *drbg = NULL; in drbg_healthcheck_sanity() local
1921 drbg = kzalloc(sizeof(struct drbg_state), GFP_KERNEL); in drbg_healthcheck_sanity()
1922 if (!drbg) in drbg_healthcheck_sanity()
1925 mutex_init(&drbg->drbg_mutex); in drbg_healthcheck_sanity()
1926 drbg->core = &drbg_cores[coreref]; in drbg_healthcheck_sanity()
1927 drbg->reseed_threshold = drbg_max_requests(drbg); in drbg_healthcheck_sanity()
1937 max_addtllen = drbg_max_addtl(drbg); in drbg_healthcheck_sanity()
1938 max_request_bytes = drbg_max_request_bytes(drbg); in drbg_healthcheck_sanity()
1941 len = drbg_generate(drbg, buf, OUTBUFLEN, &addtl); in drbg_healthcheck_sanity()
1944 len = drbg_generate(drbg, buf, (max_request_bytes + 1), NULL); in drbg_healthcheck_sanity()
1948 ret = drbg_seed(drbg, &addtl, false); in drbg_healthcheck_sanity()
1956 kfree(drbg); in drbg_healthcheck_sanity()