Lines Matching refs:drbg
196 static int drbg_uninstantiate(struct drbg_state *drbg);
243 static int drbg_fips_continuous_test(struct drbg_state *drbg, in drbg_fips_continuous_test() argument
246 unsigned short entropylen = drbg_sec_strength(drbg->core->flags); in drbg_fips_continuous_test()
253 if (list_empty(&drbg->test_data.list)) in drbg_fips_continuous_test()
259 if (!drbg->fips_primed) { in drbg_fips_continuous_test()
261 memcpy(drbg->prev, entropy, entropylen); in drbg_fips_continuous_test()
262 drbg->fips_primed = true; in drbg_fips_continuous_test()
266 ret = memcmp(drbg->prev, entropy, entropylen); in drbg_fips_continuous_test()
269 memcpy(drbg->prev, entropy, entropylen); in drbg_fips_continuous_test()
308 static void drbg_kcapi_symsetkey(struct drbg_state *drbg,
310 static int drbg_kcapi_sym(struct drbg_state *drbg, unsigned char *outval,
312 static int drbg_init_sym_kernel(struct drbg_state *drbg);
313 static int drbg_fini_sym_kernel(struct drbg_state *drbg);
314 static int drbg_kcapi_sym_ctr(struct drbg_state *drbg,
320 static int drbg_ctr_bcc(struct drbg_state *drbg, in drbg_ctr_bcc() argument
329 drbg_string_fill(&data, out, drbg_blocklen(drbg)); in drbg_ctr_bcc()
332 drbg_kcapi_symsetkey(drbg, key); in drbg_ctr_bcc()
339 if (drbg_blocklen(drbg) == cnt) { in drbg_ctr_bcc()
341 ret = drbg_kcapi_sym(drbg, out, &data); in drbg_ctr_bcc()
353 ret = drbg_kcapi_sym(drbg, out, &data); in drbg_ctr_bcc()
398 static int drbg_ctr_df(struct drbg_state *drbg, in drbg_ctr_df() argument
407 unsigned char *pad = df_data + drbg_statelen(drbg); in drbg_ctr_df()
408 unsigned char *iv = pad + drbg_blocklen(drbg); in drbg_ctr_df()
409 unsigned char *temp = iv + drbg_blocklen(drbg); in drbg_ctr_df()
425 memset(pad, 0, drbg_blocklen(drbg)); in drbg_ctr_df()
426 memset(iv, 0, drbg_blocklen(drbg)); in drbg_ctr_df()
443 padlen = (inputlen + sizeof(L_N) + 1) % (drbg_blocklen(drbg)); in drbg_ctr_df()
446 padlen = drbg_blocklen(drbg) - padlen; in drbg_ctr_df()
456 drbg_string_fill(&S1, iv, drbg_blocklen(drbg)); in drbg_ctr_df()
465 while (templen < (drbg_keylen(drbg) + (drbg_blocklen(drbg)))) { in drbg_ctr_df()
473 ret = drbg_ctr_bcc(drbg, temp + templen, K, &bcc_list); in drbg_ctr_df()
478 templen += drbg_blocklen(drbg); in drbg_ctr_df()
482 X = temp + (drbg_keylen(drbg)); in drbg_ctr_df()
483 drbg_string_fill(&cipherin, X, drbg_blocklen(drbg)); in drbg_ctr_df()
488 drbg_kcapi_symsetkey(drbg, temp); in drbg_ctr_df()
496 ret = drbg_kcapi_sym(drbg, X, &cipherin); in drbg_ctr_df()
499 blocklen = (drbg_blocklen(drbg) < in drbg_ctr_df()
501 drbg_blocklen(drbg) : in drbg_ctr_df()
511 memset(iv, 0, drbg_blocklen(drbg)); in drbg_ctr_df()
512 memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg)); in drbg_ctr_df()
513 memset(pad, 0, drbg_blocklen(drbg)); in drbg_ctr_df()
532 static int drbg_ctr_update(struct drbg_state *drbg, struct list_head *seed, in drbg_ctr_update() argument
537 unsigned char *temp = drbg->scratchpad; in drbg_ctr_update()
538 unsigned char *df_data = drbg->scratchpad + drbg_statelen(drbg) + in drbg_ctr_update()
539 drbg_blocklen(drbg); in drbg_ctr_update()
542 memset(df_data, 0, drbg_statelen(drbg)); in drbg_ctr_update()
552 crypto_inc(drbg->V, drbg_blocklen(drbg)); in drbg_ctr_update()
554 ret = crypto_skcipher_setkey(drbg->ctr_handle, drbg->C, in drbg_ctr_update()
555 drbg_keylen(drbg)); in drbg_ctr_update()
562 ret = drbg_ctr_df(drbg, df_data, drbg_statelen(drbg), seed); in drbg_ctr_update()
567 ret = drbg_kcapi_sym_ctr(drbg, df_data, drbg_statelen(drbg), in drbg_ctr_update()
568 temp, drbg_statelen(drbg)); in drbg_ctr_update()
573 ret = crypto_skcipher_setkey(drbg->ctr_handle, temp, in drbg_ctr_update()
574 drbg_keylen(drbg)); in drbg_ctr_update()
578 memcpy(drbg->V, temp + drbg_keylen(drbg), drbg_blocklen(drbg)); in drbg_ctr_update()
580 crypto_inc(drbg->V, drbg_blocklen(drbg)); in drbg_ctr_update()
584 memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg)); in drbg_ctr_update()
586 memset(df_data, 0, drbg_statelen(drbg)); in drbg_ctr_update()
595 static int drbg_ctr_generate(struct drbg_state *drbg, in drbg_ctr_generate() argument
604 ret = drbg_ctr_update(drbg, addtl, 2); in drbg_ctr_generate()
610 ret = drbg_kcapi_sym_ctr(drbg, NULL, 0, buf, len); in drbg_ctr_generate()
615 ret = drbg_ctr_update(drbg, NULL, 3); in drbg_ctr_generate()
635 static int drbg_kcapi_hash(struct drbg_state *drbg, unsigned char *outval,
637 static void drbg_kcapi_hmacsetkey(struct drbg_state *drbg,
639 static int drbg_init_hash_kernel(struct drbg_state *drbg);
640 static int drbg_fini_hash_kernel(struct drbg_state *drbg);
655 static int drbg_hmac_update(struct drbg_state *drbg, struct list_head *seed, in drbg_hmac_update() argument
666 memset(drbg->V, 1, drbg_statelen(drbg)); in drbg_hmac_update()
667 drbg_kcapi_hmacsetkey(drbg, drbg->C); in drbg_hmac_update()
670 drbg_string_fill(&seed1, drbg->V, drbg_statelen(drbg)); in drbg_hmac_update()
679 drbg_string_fill(&vdata, drbg->V, drbg_statelen(drbg)); in drbg_hmac_update()
688 ret = drbg_kcapi_hash(drbg, drbg->C, &seedlist); in drbg_hmac_update()
691 drbg_kcapi_hmacsetkey(drbg, drbg->C); in drbg_hmac_update()
694 ret = drbg_kcapi_hash(drbg, drbg->V, &vdatalist); in drbg_hmac_update()
707 static int drbg_hmac_generate(struct drbg_state *drbg, in drbg_hmac_generate() argument
719 ret = drbg_hmac_update(drbg, addtl, 1); in drbg_hmac_generate()
724 drbg_string_fill(&data, drbg->V, drbg_statelen(drbg)); in drbg_hmac_generate()
729 ret = drbg_kcapi_hash(drbg, drbg->V, &datalist); in drbg_hmac_generate()
732 outlen = (drbg_blocklen(drbg) < (buflen - len)) ? in drbg_hmac_generate()
733 drbg_blocklen(drbg) : (buflen - len); in drbg_hmac_generate()
736 memcpy(buf + len, drbg->V, outlen); in drbg_hmac_generate()
742 ret = drbg_hmac_update(drbg, addtl, 1); in drbg_hmac_generate()
744 ret = drbg_hmac_update(drbg, NULL, 1); in drbg_hmac_generate()
822 static int drbg_hash_df(struct drbg_state *drbg, in drbg_hash_df() argument
829 unsigned char *tmp = drbg->scratchpad + drbg_statelen(drbg); in drbg_hash_df()
844 ret = drbg_kcapi_hash(drbg, tmp, entropylist); in drbg_hash_df()
849 blocklen = (drbg_blocklen(drbg) < (outlen - len)) ? in drbg_hash_df()
850 drbg_blocklen(drbg) : (outlen - len); in drbg_hash_df()
856 memset(tmp, 0, drbg_blocklen(drbg)); in drbg_hash_df()
861 static int drbg_hash_update(struct drbg_state *drbg, struct list_head *seed, in drbg_hash_update() argument
868 unsigned char *V = drbg->scratchpad; in drbg_hash_update()
876 memcpy(V, drbg->V, drbg_statelen(drbg)); in drbg_hash_update()
879 drbg_string_fill(&data2, V, drbg_statelen(drbg)); in drbg_hash_update()
885 ret = drbg_hash_df(drbg, drbg->V, drbg_statelen(drbg), &datalist); in drbg_hash_update()
893 drbg_string_fill(&data2, drbg->V, drbg_statelen(drbg)); in drbg_hash_update()
896 ret = drbg_hash_df(drbg, drbg->C, drbg_statelen(drbg), &datalist2); in drbg_hash_update()
899 memset(drbg->scratchpad, 0, drbg_statelen(drbg)); in drbg_hash_update()
904 static int drbg_hash_process_addtl(struct drbg_state *drbg, in drbg_hash_process_addtl() argument
918 drbg_string_fill(&data2, drbg->V, drbg_statelen(drbg)); in drbg_hash_process_addtl()
922 ret = drbg_kcapi_hash(drbg, drbg->scratchpad, &datalist); in drbg_hash_process_addtl()
927 drbg_add_buf(drbg->V, drbg_statelen(drbg), in drbg_hash_process_addtl()
928 drbg->scratchpad, drbg_blocklen(drbg)); in drbg_hash_process_addtl()
931 memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); in drbg_hash_process_addtl()
936 static int drbg_hash_hashgen(struct drbg_state *drbg, in drbg_hash_hashgen() argument
942 unsigned char *src = drbg->scratchpad; in drbg_hash_hashgen()
943 unsigned char *dst = drbg->scratchpad + drbg_statelen(drbg); in drbg_hash_hashgen()
948 memcpy(src, drbg->V, drbg_statelen(drbg)); in drbg_hash_hashgen()
950 drbg_string_fill(&data, src, drbg_statelen(drbg)); in drbg_hash_hashgen()
955 ret = drbg_kcapi_hash(drbg, dst, &datalist); in drbg_hash_hashgen()
960 outlen = (drbg_blocklen(drbg) < (buflen - len)) ? in drbg_hash_hashgen()
961 drbg_blocklen(drbg) : (buflen - len); in drbg_hash_hashgen()
967 crypto_inc(src, drbg_statelen(drbg)); in drbg_hash_hashgen()
971 memset(drbg->scratchpad, 0, in drbg_hash_hashgen()
972 (drbg_statelen(drbg) + drbg_blocklen(drbg))); in drbg_hash_hashgen()
977 static int drbg_hash_generate(struct drbg_state *drbg, in drbg_hash_generate() argument
992 ret = drbg_hash_process_addtl(drbg, addtl); in drbg_hash_generate()
996 len = drbg_hash_hashgen(drbg, buf, buflen); in drbg_hash_generate()
1002 drbg_string_fill(&data2, drbg->V, drbg_statelen(drbg)); in drbg_hash_generate()
1004 ret = drbg_kcapi_hash(drbg, drbg->scratchpad, &datalist); in drbg_hash_generate()
1011 drbg_add_buf(drbg->V, drbg_statelen(drbg), in drbg_hash_generate()
1012 drbg->scratchpad, drbg_blocklen(drbg)); in drbg_hash_generate()
1013 drbg_add_buf(drbg->V, drbg_statelen(drbg), in drbg_hash_generate()
1014 drbg->C, drbg_statelen(drbg)); in drbg_hash_generate()
1015 u.req_int = cpu_to_be64(drbg->reseed_ctr); in drbg_hash_generate()
1016 drbg_add_buf(drbg->V, drbg_statelen(drbg), u.req, 8); in drbg_hash_generate()
1019 memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); in drbg_hash_generate()
1039 static inline int __drbg_seed(struct drbg_state *drbg, struct list_head *seed, in __drbg_seed() argument
1042 int ret = drbg->d_ops->update(drbg, seed, reseed); in __drbg_seed()
1047 drbg->seeded = new_seed_state; in __drbg_seed()
1048 drbg->last_seed_time = jiffies; in __drbg_seed()
1050 drbg->reseed_ctr = 1; in __drbg_seed()
1052 switch (drbg->seeded) { in __drbg_seed()
1061 drbg->reseed_threshold = 50; in __drbg_seed()
1069 drbg->reseed_threshold = drbg_max_requests(drbg); in __drbg_seed()
1076 static inline int drbg_get_random_bytes(struct drbg_state *drbg, in drbg_get_random_bytes() argument
1084 ret = drbg_fips_continuous_test(drbg, entropy); in drbg_get_random_bytes()
1092 static int drbg_seed_from_random(struct drbg_state *drbg) in drbg_seed_from_random() argument
1096 unsigned int entropylen = drbg_sec_strength(drbg->core->flags); in drbg_seed_from_random()
1106 ret = drbg_get_random_bytes(drbg, entropy, entropylen); in drbg_seed_from_random()
1110 ret = __drbg_seed(drbg, &seedlist, true, DRBG_SEED_STATE_FULL); in drbg_seed_from_random()
1117 static bool drbg_nopr_reseed_interval_elapsed(struct drbg_state *drbg) in drbg_nopr_reseed_interval_elapsed() argument
1122 if (list_empty(&drbg->test_data.list)) in drbg_nopr_reseed_interval_elapsed()
1133 next_reseed = drbg->last_seed_time + 300 * HZ; in drbg_nopr_reseed_interval_elapsed()
1148 static int drbg_seed(struct drbg_state *drbg, struct drbg_string *pers, in drbg_seed() argument
1153 unsigned int entropylen = drbg_sec_strength(drbg->core->flags); in drbg_seed()
1159 if (pers && pers->len > (drbg_max_addtl(drbg))) { in drbg_seed()
1165 if (list_empty(&drbg->test_data.list)) { in drbg_seed()
1166 drbg_string_fill(&data1, drbg->test_data.buf, in drbg_seed()
1167 drbg->test_data.len); in drbg_seed()
1187 ret = drbg_get_random_bytes(drbg, entropy, entropylen); in drbg_seed()
1191 if (!drbg->jent) { in drbg_seed()
1200 ret = crypto_rng_get_bytes(drbg->jent, in drbg_seed()
1242 memset(drbg->V, 0, drbg_statelen(drbg)); in drbg_seed()
1243 memset(drbg->C, 0, drbg_statelen(drbg)); in drbg_seed()
1246 ret = __drbg_seed(drbg, &seedlist, reseed, new_seed_state); in drbg_seed()
1255 static inline void drbg_dealloc_state(struct drbg_state *drbg) in drbg_dealloc_state() argument
1257 if (!drbg) in drbg_dealloc_state()
1259 kfree_sensitive(drbg->Vbuf); in drbg_dealloc_state()
1260 drbg->Vbuf = NULL; in drbg_dealloc_state()
1261 drbg->V = NULL; in drbg_dealloc_state()
1262 kfree_sensitive(drbg->Cbuf); in drbg_dealloc_state()
1263 drbg->Cbuf = NULL; in drbg_dealloc_state()
1264 drbg->C = NULL; in drbg_dealloc_state()
1265 kfree_sensitive(drbg->scratchpadbuf); in drbg_dealloc_state()
1266 drbg->scratchpadbuf = NULL; in drbg_dealloc_state()
1267 drbg->reseed_ctr = 0; in drbg_dealloc_state()
1268 drbg->d_ops = NULL; in drbg_dealloc_state()
1269 drbg->core = NULL; in drbg_dealloc_state()
1271 kfree_sensitive(drbg->prev); in drbg_dealloc_state()
1272 drbg->prev = NULL; in drbg_dealloc_state()
1273 drbg->fips_primed = false; in drbg_dealloc_state()
1281 static inline int drbg_alloc_state(struct drbg_state *drbg) in drbg_alloc_state() argument
1286 switch (drbg->core->flags & DRBG_TYPE_MASK) { in drbg_alloc_state()
1289 drbg->d_ops = &drbg_hmac_ops; in drbg_alloc_state()
1294 drbg->d_ops = &drbg_hash_ops; in drbg_alloc_state()
1299 drbg->d_ops = &drbg_ctr_ops; in drbg_alloc_state()
1307 ret = drbg->d_ops->crypto_init(drbg); in drbg_alloc_state()
1311 drbg->Vbuf = kmalloc(drbg_statelen(drbg) + ret, GFP_KERNEL); in drbg_alloc_state()
1312 if (!drbg->Vbuf) { in drbg_alloc_state()
1316 drbg->V = PTR_ALIGN(drbg->Vbuf, ret + 1); in drbg_alloc_state()
1317 drbg->Cbuf = kmalloc(drbg_statelen(drbg) + ret, GFP_KERNEL); in drbg_alloc_state()
1318 if (!drbg->Cbuf) { in drbg_alloc_state()
1322 drbg->C = PTR_ALIGN(drbg->Cbuf, ret + 1); in drbg_alloc_state()
1324 if (drbg->core->flags & DRBG_HMAC) in drbg_alloc_state()
1326 else if (drbg->core->flags & DRBG_CTR) in drbg_alloc_state()
1327 sb_size = drbg_statelen(drbg) + drbg_blocklen(drbg) + /* temp */ in drbg_alloc_state()
1328 drbg_statelen(drbg) + /* df_data */ in drbg_alloc_state()
1329 drbg_blocklen(drbg) + /* pad */ in drbg_alloc_state()
1330 drbg_blocklen(drbg) + /* iv */ in drbg_alloc_state()
1331 drbg_statelen(drbg) + drbg_blocklen(drbg); /* temp */ in drbg_alloc_state()
1333 sb_size = drbg_statelen(drbg) + drbg_blocklen(drbg); in drbg_alloc_state()
1336 drbg->scratchpadbuf = kzalloc(sb_size + ret, GFP_KERNEL); in drbg_alloc_state()
1337 if (!drbg->scratchpadbuf) { in drbg_alloc_state()
1341 drbg->scratchpad = PTR_ALIGN(drbg->scratchpadbuf, ret + 1); in drbg_alloc_state()
1345 drbg->prev = kzalloc(drbg_sec_strength(drbg->core->flags), in drbg_alloc_state()
1347 if (!drbg->prev) { in drbg_alloc_state()
1351 drbg->fips_primed = false; in drbg_alloc_state()
1357 drbg->d_ops->crypto_fini(drbg); in drbg_alloc_state()
1359 drbg_dealloc_state(drbg); in drbg_alloc_state()
1383 static int drbg_generate(struct drbg_state *drbg, in drbg_generate() argument
1390 if (!drbg->core) { in drbg_generate()
1405 if (buflen > (drbg_max_request_bytes(drbg))) { in drbg_generate()
1414 if (addtl && addtl->len > (drbg_max_addtl(drbg))) { in drbg_generate()
1425 if (drbg->reseed_threshold < drbg->reseed_ctr) in drbg_generate()
1426 drbg->seeded = DRBG_SEED_STATE_UNSEEDED; in drbg_generate()
1428 if (drbg->pr || drbg->seeded == DRBG_SEED_STATE_UNSEEDED) { in drbg_generate()
1431 drbg->pr ? "true" : "false", in drbg_generate()
1432 (drbg->seeded == DRBG_SEED_STATE_FULL ? in drbg_generate()
1435 len = drbg_seed(drbg, addtl, true); in drbg_generate()
1441 (drbg->seeded == DRBG_SEED_STATE_PARTIAL || in drbg_generate()
1442 drbg_nopr_reseed_interval_elapsed(drbg))) { in drbg_generate()
1443 len = drbg_seed_from_random(drbg); in drbg_generate()
1451 len = drbg->d_ops->generate(drbg, buf, buflen, &addtllist); in drbg_generate()
1454 drbg->reseed_ctr++; in drbg_generate()
1474 if (drbg->reseed_ctr && !(drbg->reseed_ctr % 4096)) { in drbg_generate()
1477 if (drbg->core->flags & DRBG_HMAC) in drbg_generate()
1480 else if (drbg->core->flags & DRBG_CTR) in drbg_generate()
1492 drbg_uninstantiate(drbg); in drbg_generate()
1517 static int drbg_generate_long(struct drbg_state *drbg, in drbg_generate_long() argument
1526 slice = ((buflen - len) / drbg_max_request_bytes(drbg)); in drbg_generate_long()
1527 chunk = slice ? drbg_max_request_bytes(drbg) : (buflen - len); in drbg_generate_long()
1528 mutex_lock(&drbg->drbg_mutex); in drbg_generate_long()
1529 err = drbg_generate(drbg, buf + len, chunk, addtl); in drbg_generate_long()
1530 mutex_unlock(&drbg->drbg_mutex); in drbg_generate_long()
1538 static int drbg_prepare_hrng(struct drbg_state *drbg) in drbg_prepare_hrng() argument
1541 if (list_empty(&drbg->test_data.list)) in drbg_prepare_hrng()
1544 drbg->jent = crypto_alloc_rng("jitterentropy_rng", 0, 0); in drbg_prepare_hrng()
1545 if (IS_ERR(drbg->jent)) { in drbg_prepare_hrng()
1546 const int err = PTR_ERR(drbg->jent); in drbg_prepare_hrng()
1548 drbg->jent = NULL; in drbg_prepare_hrng()
1574 static int drbg_instantiate(struct drbg_state *drbg, struct drbg_string *pers, in drbg_instantiate() argument
1582 mutex_lock(&drbg->drbg_mutex); in drbg_instantiate()
1594 if (!drbg->core) { in drbg_instantiate()
1595 drbg->core = &drbg_cores[coreref]; in drbg_instantiate()
1596 drbg->pr = pr; in drbg_instantiate()
1597 drbg->seeded = DRBG_SEED_STATE_UNSEEDED; in drbg_instantiate()
1598 drbg->last_seed_time = 0; in drbg_instantiate()
1599 drbg->reseed_threshold = drbg_max_requests(drbg); in drbg_instantiate()
1601 ret = drbg_alloc_state(drbg); in drbg_instantiate()
1605 ret = drbg_prepare_hrng(drbg); in drbg_instantiate()
1612 ret = drbg_seed(drbg, pers, reseed); in drbg_instantiate()
1617 mutex_unlock(&drbg->drbg_mutex); in drbg_instantiate()
1621 mutex_unlock(&drbg->drbg_mutex); in drbg_instantiate()
1625 mutex_unlock(&drbg->drbg_mutex); in drbg_instantiate()
1626 drbg_uninstantiate(drbg); in drbg_instantiate()
1639 static int drbg_uninstantiate(struct drbg_state *drbg) in drbg_uninstantiate() argument
1641 if (!IS_ERR_OR_NULL(drbg->jent)) in drbg_uninstantiate()
1642 crypto_free_rng(drbg->jent); in drbg_uninstantiate()
1643 drbg->jent = NULL; in drbg_uninstantiate()
1645 if (drbg->d_ops) in drbg_uninstantiate()
1646 drbg->d_ops->crypto_fini(drbg); in drbg_uninstantiate()
1647 drbg_dealloc_state(drbg); in drbg_uninstantiate()
1662 struct drbg_state *drbg = crypto_rng_ctx(tfm); in drbg_kcapi_set_entropy() local
1664 mutex_lock(&drbg->drbg_mutex); in drbg_kcapi_set_entropy()
1665 drbg_string_fill(&drbg->test_data, data, len); in drbg_kcapi_set_entropy()
1666 mutex_unlock(&drbg->drbg_mutex); in drbg_kcapi_set_entropy()
1679 static int drbg_init_hash_kernel(struct drbg_state *drbg) in drbg_init_hash_kernel() argument
1684 tfm = crypto_alloc_shash(drbg->core->backend_cra_name, 0, 0); in drbg_init_hash_kernel()
1687 drbg->core->backend_cra_name); in drbg_init_hash_kernel()
1690 BUG_ON(drbg_blocklen(drbg) != crypto_shash_digestsize(tfm)); in drbg_init_hash_kernel()
1699 drbg->priv_data = sdesc; in drbg_init_hash_kernel()
1704 static int drbg_fini_hash_kernel(struct drbg_state *drbg) in drbg_fini_hash_kernel() argument
1706 struct sdesc *sdesc = drbg->priv_data; in drbg_fini_hash_kernel()
1711 drbg->priv_data = NULL; in drbg_fini_hash_kernel()
1715 static void drbg_kcapi_hmacsetkey(struct drbg_state *drbg, in drbg_kcapi_hmacsetkey() argument
1718 struct sdesc *sdesc = drbg->priv_data; in drbg_kcapi_hmacsetkey()
1720 crypto_shash_setkey(sdesc->shash.tfm, key, drbg_statelen(drbg)); in drbg_kcapi_hmacsetkey()
1723 static int drbg_kcapi_hash(struct drbg_state *drbg, unsigned char *outval, in drbg_kcapi_hash() argument
1726 struct sdesc *sdesc = drbg->priv_data; in drbg_kcapi_hash()
1737 static int drbg_fini_sym_kernel(struct drbg_state *drbg) in drbg_fini_sym_kernel() argument
1740 (struct crypto_cipher *)drbg->priv_data; in drbg_fini_sym_kernel()
1743 drbg->priv_data = NULL; in drbg_fini_sym_kernel()
1745 if (drbg->ctr_handle) in drbg_fini_sym_kernel()
1746 crypto_free_skcipher(drbg->ctr_handle); in drbg_fini_sym_kernel()
1747 drbg->ctr_handle = NULL; in drbg_fini_sym_kernel()
1749 if (drbg->ctr_req) in drbg_fini_sym_kernel()
1750 skcipher_request_free(drbg->ctr_req); in drbg_fini_sym_kernel()
1751 drbg->ctr_req = NULL; in drbg_fini_sym_kernel()
1753 kfree(drbg->outscratchpadbuf); in drbg_fini_sym_kernel()
1754 drbg->outscratchpadbuf = NULL; in drbg_fini_sym_kernel()
1759 static int drbg_init_sym_kernel(struct drbg_state *drbg) in drbg_init_sym_kernel() argument
1767 tfm = crypto_alloc_cipher(drbg->core->backend_cra_name, 0, 0); in drbg_init_sym_kernel()
1770 drbg->core->backend_cra_name); in drbg_init_sym_kernel()
1773 BUG_ON(drbg_blocklen(drbg) != crypto_cipher_blocksize(tfm)); in drbg_init_sym_kernel()
1774 drbg->priv_data = tfm; in drbg_init_sym_kernel()
1777 drbg->core->backend_cra_name) >= CRYPTO_MAX_ALG_NAME) { in drbg_init_sym_kernel()
1778 drbg_fini_sym_kernel(drbg); in drbg_init_sym_kernel()
1785 drbg_fini_sym_kernel(drbg); in drbg_init_sym_kernel()
1788 drbg->ctr_handle = sk_tfm; in drbg_init_sym_kernel()
1789 crypto_init_wait(&drbg->ctr_wait); in drbg_init_sym_kernel()
1794 drbg_fini_sym_kernel(drbg); in drbg_init_sym_kernel()
1797 drbg->ctr_req = req; in drbg_init_sym_kernel()
1800 crypto_req_done, &drbg->ctr_wait); in drbg_init_sym_kernel()
1803 drbg->outscratchpadbuf = kmalloc(DRBG_OUTSCRATCHLEN + alignmask, in drbg_init_sym_kernel()
1805 if (!drbg->outscratchpadbuf) { in drbg_init_sym_kernel()
1806 drbg_fini_sym_kernel(drbg); in drbg_init_sym_kernel()
1809 drbg->outscratchpad = (u8 *)PTR_ALIGN(drbg->outscratchpadbuf, in drbg_init_sym_kernel()
1812 sg_init_table(&drbg->sg_in, 1); in drbg_init_sym_kernel()
1813 sg_init_one(&drbg->sg_out, drbg->outscratchpad, DRBG_OUTSCRATCHLEN); in drbg_init_sym_kernel()
1818 static void drbg_kcapi_symsetkey(struct drbg_state *drbg, in drbg_kcapi_symsetkey() argument
1821 struct crypto_cipher *tfm = drbg->priv_data; in drbg_kcapi_symsetkey()
1823 crypto_cipher_setkey(tfm, key, (drbg_keylen(drbg))); in drbg_kcapi_symsetkey()
1826 static int drbg_kcapi_sym(struct drbg_state *drbg, unsigned char *outval, in drbg_kcapi_sym() argument
1829 struct crypto_cipher *tfm = drbg->priv_data; in drbg_kcapi_sym()
1832 BUG_ON(in->len < drbg_blocklen(drbg)); in drbg_kcapi_sym()
1837 static int drbg_kcapi_sym_ctr(struct drbg_state *drbg, in drbg_kcapi_sym_ctr() argument
1841 struct scatterlist *sg_in = &drbg->sg_in, *sg_out = &drbg->sg_out; in drbg_kcapi_sym_ctr()
1851 memset(drbg->outscratchpad, 0, scratchpad_use); in drbg_kcapi_sym_ctr()
1852 sg_set_buf(sg_in, drbg->outscratchpad, scratchpad_use); in drbg_kcapi_sym_ctr()
1859 skcipher_request_set_crypt(drbg->ctr_req, sg_in, sg_out, in drbg_kcapi_sym_ctr()
1860 cryptlen, drbg->V); in drbg_kcapi_sym_ctr()
1861 ret = crypto_wait_req(crypto_skcipher_encrypt(drbg->ctr_req), in drbg_kcapi_sym_ctr()
1862 &drbg->ctr_wait); in drbg_kcapi_sym_ctr()
1866 crypto_init_wait(&drbg->ctr_wait); in drbg_kcapi_sym_ctr()
1868 memcpy(outbuf, drbg->outscratchpad, cryptlen); in drbg_kcapi_sym_ctr()
1869 memzero_explicit(drbg->outscratchpad, cryptlen); in drbg_kcapi_sym_ctr()
1927 struct drbg_state *drbg = crypto_tfm_ctx(tfm); in drbg_kcapi_init() local
1929 mutex_init(&drbg->drbg_mutex); in drbg_kcapi_init()
1952 struct drbg_state *drbg = crypto_rng_ctx(tfm); in drbg_kcapi_random() local
1962 return drbg_generate_long(drbg, dst, dlen, addtl); in drbg_kcapi_random()
1971 struct drbg_state *drbg = crypto_rng_ctx(tfm); in drbg_kcapi_seed() local
1985 return drbg_instantiate(drbg, seed_string, coreref, pr); in drbg_kcapi_seed()
2007 struct drbg_state *drbg = NULL; in drbg_healthcheck_sanity() local
2027 drbg = kzalloc(sizeof(struct drbg_state), GFP_KERNEL); in drbg_healthcheck_sanity()
2028 if (!drbg) in drbg_healthcheck_sanity()
2031 mutex_init(&drbg->drbg_mutex); in drbg_healthcheck_sanity()
2032 drbg->core = &drbg_cores[coreref]; in drbg_healthcheck_sanity()
2033 drbg->reseed_threshold = drbg_max_requests(drbg); in drbg_healthcheck_sanity()
2043 max_addtllen = drbg_max_addtl(drbg); in drbg_healthcheck_sanity()
2044 max_request_bytes = drbg_max_request_bytes(drbg); in drbg_healthcheck_sanity()
2047 len = drbg_generate(drbg, buf, OUTBUFLEN, &addtl); in drbg_healthcheck_sanity()
2050 len = drbg_generate(drbg, buf, (max_request_bytes + 1), NULL); in drbg_healthcheck_sanity()
2054 ret = drbg_seed(drbg, &addtl, false); in drbg_healthcheck_sanity()
2062 kfree(drbg); in drbg_healthcheck_sanity()