diff options
author | Miloslav Trmač <mitr@redhat.com> | 2010-08-27 07:59:04 +0200 |
---|---|---|
committer | Miloslav Trmač <mitr@redhat.com> | 2010-08-27 08:39:18 +0200 |
commit | 114f42fe23152f6726144fe82eb62f400cfe1dba (patch) | |
tree | f4aec8010194b81f2d81593b9f4e256059115868 | |
parent | 5ec167e240a8002bba3cc37e22553c888c7d4133 (diff) | |
download | kernel-crypto-114f42fe23152f6726144fe82eb62f400cfe1dba.tar.gz kernel-crypto-114f42fe23152f6726144fe82eb62f400cfe1dba.tar.xz kernel-crypto-114f42fe23152f6726144fe82eb62f400cfe1dba.zip |
Add support for changing IVs in sessions
-rw-r--r-- | crypto.4 | 4 | ||||
-rw-r--r-- | ncr-sessions.c | 19 |
2 files changed, 23 insertions, 0 deletions
@@ -571,6 +571,10 @@ member. The following input attributes are recognized: .RS +.IP \fBNCR_ATTR_IV\fP +Only used for some operations and algorithms. +Optional, +IV from session initialization or left from last update is used if not present. .IP \fBNCR_ATTR_UPDATE_INPUT_DATA\fP A .B struct ncr_session_input_data diff --git a/ncr-sessions.c b/ncr-sessions.c index 41f8a4c9000..460df6f637c 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -661,6 +661,7 @@ static int get_userbuf2(struct session_item_st *ses, struct nlattr *tb[], static int _ncr_session_update(struct ncr_lists *lists, ncr_session_t ses, struct nlattr *tb[], int compat) { + const struct nlattr *nla; int ret; struct session_item_st* sess; struct scatterlist *isg = NULL; @@ -703,6 +704,15 @@ static int _ncr_session_update(struct ncr_lists *lists, ncr_session_t ses, goto fail; } + if (sess->algorithm->is_symmetric + && sess->algorithm->needs_iv) { + nla = tb[NCR_ATTR_IV]; + if (nla != NULL) + cryptodev_cipher_set_iv(&sess->cipher, + nla_data(nla), + nla_len(nla)); + } + ret = _ncr_session_encrypt(sess, isg, isg_cnt, isg_size, osg, osg_cnt, &osg_size); if (ret < 0) { @@ -731,6 +741,15 @@ static int _ncr_session_update(struct ncr_lists *lists, ncr_session_t ses, goto fail; } + if (sess->algorithm->is_symmetric + && sess->algorithm->needs_iv) { + nla = tb[NCR_ATTR_IV]; + if (nla != NULL) + cryptodev_cipher_set_iv(&sess->cipher, + nla_data(nla), + nla_len(nla)); + } + ret = _ncr_session_decrypt(sess, isg, isg_cnt, isg_size, osg, osg_cnt, &osg_size); if (ret < 0) { |