Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_oneplus_msm8996 / 8323c3aa74cd92465350294567142d12ffdcc963 / . / net / ceph / crypto.c
blob: 75f0893fa11fcf999d6ec9efec8e90b8dc08e04e [file] [log] [blame]
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]1
Yehuda Sadeh3d14c5d2010-04-06 15:14:15 -0700[diff] [blame]2#include <linux/ceph/ceph_debug.h>
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]3
4#include <linux/err.h>
5#include <linux/scatterlist.h>
Tejun Heo5a0e3ad2010-03-24 17:04:11 +0900[diff] [blame]6#include <linux/slab.h>
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]7#include <crypto/hash.h>
8
Yehuda Sadeh3d14c5d2010-04-06 15:14:15 -0700[diff] [blame]9#include <linux/ceph/decode.h>
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]10#include "crypto.h"
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]11
Tommi Virtanen8323c3a2011-03-25 16:32:57 -0700[diff] [blame^]12int ceph_crypto_key_clone(struct ceph_crypto_key *dst,
13 const struct ceph_crypto_key *src)
14{
15 memcpy(dst, src, sizeof(struct ceph_crypto_key));
16 dst->key = kmalloc(src->len, GFP_NOFS);
17 if (!dst->key)
18 return -ENOMEM;
19 memcpy(dst->key, src->key, src->len);
20 return 0;
21}
22
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]23int ceph_crypto_key_encode(struct ceph_crypto_key *key, void **p, void *end)
24{
25 if (*p + sizeof(u16) + sizeof(key->created) +
26 sizeof(u16) + key->len > end)
27 return -ERANGE;
28 ceph_encode_16(p, key->type);
29 ceph_encode_copy(p, &key->created, sizeof(key->created));
30 ceph_encode_16(p, key->len);
31 ceph_encode_copy(p, key->key, key->len);
32 return 0;
33}
34
35int ceph_crypto_key_decode(struct ceph_crypto_key *key, void **p, void *end)
36{
37 ceph_decode_need(p, end, 2*sizeof(u16) + sizeof(key->created), bad);
38 key->type = ceph_decode_16(p);
39 ceph_decode_copy(p, &key->created, sizeof(key->created));
40 key->len = ceph_decode_16(p);
41 ceph_decode_need(p, end, key->len, bad);
42 key->key = kmalloc(key->len, GFP_NOFS);
43 if (!key->key)
44 return -ENOMEM;
45 ceph_decode_copy(p, key->key, key->len);
46 return 0;
47
48bad:
49 dout("failed to decode crypto key\n");
50 return -EINVAL;
51}
52
53int ceph_crypto_key_unarmor(struct ceph_crypto_key *key, const char *inkey)
54{
55 int inlen = strlen(inkey);
56 int blen = inlen * 3 / 4;
57 void *buf, *p;
58 int ret;
59
60 dout("crypto_key_unarmor %s\n", inkey);
61 buf = kmalloc(blen, GFP_NOFS);
62 if (!buf)
63 return -ENOMEM;
64 blen = ceph_unarmor(buf, inkey, inkey+inlen);
65 if (blen < 0) {
66 kfree(buf);
67 return blen;
68 }
69
70 p = buf;
71 ret = ceph_crypto_key_decode(key, &p, p + blen);
72 kfree(buf);
73 if (ret)
74 return ret;
75 dout("crypto_key_unarmor key %p type %d len %d\n", key,
76 key->type, key->len);
77 return 0;
78}
79
80
81
82#define AES_KEY_SIZE 16
83
84static struct crypto_blkcipher *ceph_crypto_alloc_cipher(void)
85{
86 return crypto_alloc_blkcipher("cbc(aes)", 0, CRYPTO_ALG_ASYNC);
87}
88
Sage Weilcbbfe492010-08-02 15:48:23 -0700[diff] [blame]89static const u8 *aes_iv = (u8 *)CEPH_AES_IV;
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]90
Yehuda Sadehcd84db62010-06-11 16:58:48 -0700[diff] [blame]91static int ceph_aes_encrypt(const void *key, int key_len,
92 void *dst, size_t *dst_len,
93 const void *src, size_t src_len)
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]94{
95 struct scatterlist sg_in[2], sg_out[1];
96 struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
97 struct blkcipher_desc desc = { .tfm = tfm, .flags = 0 };
98 int ret;
99 void *iv;
100 int ivsize;
101 size_t zero_padding = (0x10 - (src_len & 0x0f));
102 char pad[16];
103
104 if (IS_ERR(tfm))
105 return PTR_ERR(tfm);
106
107 memset(pad, zero_padding, zero_padding);
108
109 *dst_len = src_len + zero_padding;
110
111 crypto_blkcipher_setkey((void *)tfm, key, key_len);
112 sg_init_table(sg_in, 2);
113 sg_set_buf(&sg_in[0], src, src_len);
114 sg_set_buf(&sg_in[1], pad, zero_padding);
115 sg_init_table(sg_out, 1);
116 sg_set_buf(sg_out, dst, *dst_len);
117 iv = crypto_blkcipher_crt(tfm)->iv;
118 ivsize = crypto_blkcipher_ivsize(tfm);
119
120 memcpy(iv, aes_iv, ivsize);
121 /*
122 print_hex_dump(KERN_ERR, "enc key: ", DUMP_PREFIX_NONE, 16, 1,
123 key, key_len, 1);
124 print_hex_dump(KERN_ERR, "enc src: ", DUMP_PREFIX_NONE, 16, 1,
125 src, src_len, 1);
126 print_hex_dump(KERN_ERR, "enc pad: ", DUMP_PREFIX_NONE, 16, 1,
127 pad, zero_padding, 1);
128 */
129 ret = crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
130 src_len + zero_padding);
131 crypto_free_blkcipher(tfm);
132 if (ret < 0)
133 pr_err("ceph_aes_crypt failed %d\n", ret);
134 /*
135 print_hex_dump(KERN_ERR, "enc out: ", DUMP_PREFIX_NONE, 16, 1,
136 dst, *dst_len, 1);
137 */
138 return 0;
139}
140
Yehuda Sadehcd84db62010-06-11 16:58:48 -0700[diff] [blame]141static int ceph_aes_encrypt2(const void *key, int key_len, void *dst,
142 size_t *dst_len,
143 const void *src1, size_t src1_len,
144 const void *src2, size_t src2_len)
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]145{
146 struct scatterlist sg_in[3], sg_out[1];
147 struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
148 struct blkcipher_desc desc = { .tfm = tfm, .flags = 0 };
149 int ret;
150 void *iv;
151 int ivsize;
152 size_t zero_padding = (0x10 - ((src1_len + src2_len) & 0x0f));
153 char pad[16];
154
155 if (IS_ERR(tfm))
156 return PTR_ERR(tfm);
157
158 memset(pad, zero_padding, zero_padding);
159
160 *dst_len = src1_len + src2_len + zero_padding;
161
162 crypto_blkcipher_setkey((void *)tfm, key, key_len);
163 sg_init_table(sg_in, 3);
164 sg_set_buf(&sg_in[0], src1, src1_len);
165 sg_set_buf(&sg_in[1], src2, src2_len);
166 sg_set_buf(&sg_in[2], pad, zero_padding);
167 sg_init_table(sg_out, 1);
168 sg_set_buf(sg_out, dst, *dst_len);
169 iv = crypto_blkcipher_crt(tfm)->iv;
170 ivsize = crypto_blkcipher_ivsize(tfm);
171
172 memcpy(iv, aes_iv, ivsize);
173 /*
174 print_hex_dump(KERN_ERR, "enc key: ", DUMP_PREFIX_NONE, 16, 1,
175 key, key_len, 1);
176 print_hex_dump(KERN_ERR, "enc src1: ", DUMP_PREFIX_NONE, 16, 1,
177 src1, src1_len, 1);
178 print_hex_dump(KERN_ERR, "enc src2: ", DUMP_PREFIX_NONE, 16, 1,
179 src2, src2_len, 1);
180 print_hex_dump(KERN_ERR, "enc pad: ", DUMP_PREFIX_NONE, 16, 1,
181 pad, zero_padding, 1);
182 */
183 ret = crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
184 src1_len + src2_len + zero_padding);
185 crypto_free_blkcipher(tfm);
186 if (ret < 0)
187 pr_err("ceph_aes_crypt2 failed %d\n", ret);
188 /*
189 print_hex_dump(KERN_ERR, "enc out: ", DUMP_PREFIX_NONE, 16, 1,
190 dst, *dst_len, 1);
191 */
192 return 0;
193}
194
Yehuda Sadehcd84db62010-06-11 16:58:48 -0700[diff] [blame]195static int ceph_aes_decrypt(const void *key, int key_len,
196 void *dst, size_t *dst_len,
197 const void *src, size_t src_len)
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]198{
199 struct scatterlist sg_in[1], sg_out[2];
200 struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
201 struct blkcipher_desc desc = { .tfm = tfm };
202 char pad[16];
203 void *iv;
204 int ivsize;
205 int ret;
206 int last_byte;
207
208 if (IS_ERR(tfm))
209 return PTR_ERR(tfm);
210
211 crypto_blkcipher_setkey((void *)tfm, key, key_len);
212 sg_init_table(sg_in, 1);
213 sg_init_table(sg_out, 2);
214 sg_set_buf(sg_in, src, src_len);
215 sg_set_buf(&sg_out[0], dst, *dst_len);
216 sg_set_buf(&sg_out[1], pad, sizeof(pad));
217
218 iv = crypto_blkcipher_crt(tfm)->iv;
219 ivsize = crypto_blkcipher_ivsize(tfm);
220
221 memcpy(iv, aes_iv, ivsize);
222
223 /*
224 print_hex_dump(KERN_ERR, "dec key: ", DUMP_PREFIX_NONE, 16, 1,
225 key, key_len, 1);
226 print_hex_dump(KERN_ERR, "dec in: ", DUMP_PREFIX_NONE, 16, 1,
227 src, src_len, 1);
228 */
229
230 ret = crypto_blkcipher_decrypt(&desc, sg_out, sg_in, src_len);
231 crypto_free_blkcipher(tfm);
232 if (ret < 0) {
233 pr_err("ceph_aes_decrypt failed %d\n", ret);
234 return ret;
235 }
236
237 if (src_len <= *dst_len)
238 last_byte = ((char *)dst)[src_len - 1];
239 else
240 last_byte = pad[src_len - *dst_len - 1];
241 if (last_byte <= 16 && src_len >= last_byte) {
242 *dst_len = src_len - last_byte;
243 } else {
244 pr_err("ceph_aes_decrypt got bad padding %d on src len %d\n",
245 last_byte, (int)src_len);
246 return -EPERM; /* bad padding */
247 }
248 /*
249 print_hex_dump(KERN_ERR, "dec out: ", DUMP_PREFIX_NONE, 16, 1,
250 dst, *dst_len, 1);
251 */
252 return 0;
253}
254
Yehuda Sadehcd84db62010-06-11 16:58:48 -0700[diff] [blame]255static int ceph_aes_decrypt2(const void *key, int key_len,
256 void *dst1, size_t *dst1_len,
257 void *dst2, size_t *dst2_len,
258 const void *src, size_t src_len)
Sage Weil8b6e4f22010-02-02 16:07:07 -0800[diff] [blame]259{
260 struct scatterlist sg_in[1], sg_out[3];
261 struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
262 struct blkcipher_desc desc = { .tfm = tfm };
263 char pad[16];
264 void *iv;
265 int ivsize;
266 int ret;
267 int last_byte;
268
269 if (IS_ERR(tfm))
270 return PTR_ERR(tfm);
271
272 sg_init_table(sg_in, 1);
273 sg_set_buf(sg_in, src, src_len);
274 sg_init_table(sg_out, 3);
275 sg_set_buf(&sg_out[0], dst1, *dst1_len);
276 sg_set_buf(&sg_out[1], dst2, *dst2_len);
277 sg_set_buf(&sg_out[2], pad, sizeof(pad));
278
279 crypto_blkcipher_setkey((void *)tfm, key, key_len);
280 iv = crypto_blkcipher_crt(tfm)->iv;
281 ivsize = crypto_blkcipher_ivsize(tfm);
282
283 memcpy(iv, aes_iv, ivsize);
284
285 /*
286 print_hex_dump(KERN_ERR, "dec key: ", DUMP_PREFIX_NONE, 16, 1,
287 key, key_len, 1);
288 print_hex_dump(KERN_ERR, "dec in: ", DUMP_PREFIX_NONE, 16, 1,
289 src, src_len, 1);
290 */
291
292 ret = crypto_blkcipher_decrypt(&desc, sg_out, sg_in, src_len);
293 crypto_free_blkcipher(tfm);
294 if (ret < 0) {
295 pr_err("ceph_aes_decrypt failed %d\n", ret);
296 return ret;
297 }
298
299 if (src_len <= *dst1_len)
300 last_byte = ((char *)dst1)[src_len - 1];
301 else if (src_len <= *dst1_len + *dst2_len)
302 last_byte = ((char *)dst2)[src_len - *dst1_len - 1];
303 else
304 last_byte = pad[src_len - *dst1_len - *dst2_len - 1];
305 if (last_byte <= 16 && src_len >= last_byte) {
306 src_len -= last_byte;
307 } else {
308 pr_err("ceph_aes_decrypt got bad padding %d on src len %d\n",
309 last_byte, (int)src_len);
310 return -EPERM; /* bad padding */
311 }
312
313 if (src_len < *dst1_len) {
314 *dst1_len = src_len;
315 *dst2_len = 0;
316 } else {
317 *dst2_len = src_len - *dst1_len;
318 }
319 /*
320 print_hex_dump(KERN_ERR, "dec out1: ", DUMP_PREFIX_NONE, 16, 1,
321 dst1, *dst1_len, 1);
322 print_hex_dump(KERN_ERR, "dec out2: ", DUMP_PREFIX_NONE, 16, 1,
323 dst2, *dst2_len, 1);
324 */
325
326 return 0;
327}
328
329
330int ceph_decrypt(struct ceph_crypto_key *secret, void *dst, size_t *dst_len,
331 const void *src, size_t src_len)
332{
333 switch (secret->type) {
334 case CEPH_CRYPTO_NONE:
335 if (*dst_len < src_len)
336 return -ERANGE;
337 memcpy(dst, src, src_len);
338 *dst_len = src_len;
339 return 0;
340
341 case CEPH_CRYPTO_AES:
342 return ceph_aes_decrypt(secret->key, secret->len, dst,
343 dst_len, src, src_len);
344
345 default:
346 return -EINVAL;
347 }
348}
349
350int ceph_decrypt2(struct ceph_crypto_key *secret,
351 void *dst1, size_t *dst1_len,
352 void *dst2, size_t *dst2_len,
353 const void *src, size_t src_len)
354{
355 size_t t;
356
357 switch (secret->type) {
358 case CEPH_CRYPTO_NONE:
359 if (*dst1_len + *dst2_len < src_len)
360 return -ERANGE;
361 t = min(*dst1_len, src_len);
362 memcpy(dst1, src, t);
363 *dst1_len = t;
364 src += t;
365 src_len -= t;
366 if (src_len) {
367 t = min(*dst2_len, src_len);
368 memcpy(dst2, src, t);
369 *dst2_len = t;
370 }
371 return 0;
372
373 case CEPH_CRYPTO_AES:
374 return ceph_aes_decrypt2(secret->key, secret->len,
375 dst1, dst1_len, dst2, dst2_len,
376 src, src_len);
377
378 default:
379 return -EINVAL;
380 }
381}
382
383int ceph_encrypt(struct ceph_crypto_key *secret, void *dst, size_t *dst_len,
384 const void *src, size_t src_len)
385{
386 switch (secret->type) {
387 case CEPH_CRYPTO_NONE:
388 if (*dst_len < src_len)
389 return -ERANGE;
390 memcpy(dst, src, src_len);
391 *dst_len = src_len;
392 return 0;
393
394 case CEPH_CRYPTO_AES:
395 return ceph_aes_encrypt(secret->key, secret->len, dst,
396 dst_len, src, src_len);
397
398 default:
399 return -EINVAL;
400 }
401}
402
403int ceph_encrypt2(struct ceph_crypto_key *secret, void *dst, size_t *dst_len,
404 const void *src1, size_t src1_len,
405 const void *src2, size_t src2_len)
406{
407 switch (secret->type) {
408 case CEPH_CRYPTO_NONE:
409 if (*dst_len < src1_len + src2_len)
410 return -ERANGE;
411 memcpy(dst, src1, src1_len);
412 memcpy(dst + src1_len, src2, src2_len);
413 *dst_len = src1_len + src2_len;
414 return 0;
415
416 case CEPH_CRYPTO_AES:
417 return ceph_aes_encrypt2(secret->key, secret->len, dst, dst_len,
418 src1, src1_len, src2, src2_len);
419
420 default:
421 return -EINVAL;
422 }
423}