Re: [PATCH 15/26] Bluetooth: Use skcipher and hash
Hi Herbert, > This patch replaces uses of blkcipher with skcipher and the long > obsolete hash interface with shash. > > Signed-off-by: Herbert Xu Acked-by: Marcel Holtmann > --- > > net/bluetooth/smp.c | 135 > > 1 file changed, 63 insertions(+), 72 deletions(-) Regards Marcel -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 15/26] Bluetooth: Use skcipher and hash
Hi Herbert, [auto build test ERROR on net/master] [also build test ERROR on v4.4 next-20160122] [if your patch is applied to the wrong git tree, please drop us a note to help improving the system] url: https://github.com/0day-ci/linux/commits/Herbert-Xu/crypto-Use-skcipher-and-ahash-shash-where-possible/20160124-212323 config: x86_64-randconfig-x014-201604 (attached as .config) reproduce: # save the attached .config to linux build tree make ARCH=x86_64 All errors (new ones prefixed by >>): net/bluetooth/smp.c: In function 'aes_cmac': >> net/bluetooth/smp.c:201:2: error: implicit declaration of function >> 'shash_desc_zero' [-Werror=implicit-function-declaration] shash_desc_zero(desc); ^ net/bluetooth/smp.c: In function 'smp_e': >> net/bluetooth/smp.c:397:2: error: implicit declaration of function >> 'skcipher_request_zero' [-Werror=implicit-function-declaration] skcipher_request_zero(req); ^ cc1: some warnings being treated as errors vim +/shash_desc_zero +201 net/bluetooth/smp.c 195 if (err) { 196 BT_ERR("cipher setkey failed: %d", err); 197 return err; 198 } 199 200 err = crypto_shash_digest(desc, msg_msb, len, mac_msb); > 201 shash_desc_zero(desc); 202 if (err) { 203 BT_ERR("Hash computation error %d", err); 204 return err; 205 } 206 207 swap_buf(mac_msb, mac, 16); 208 209 SMP_DBG("mac %16phN", mac); 210 211 return 0; 212 } 213 214 static int smp_f4(struct crypto_shash *tfm_cmac, const u8 u[32], 215const u8 v[32], const u8 x[16], u8 z, u8 res[16]) 216 { 217 u8 m[65]; 218 int err; 219 220 SMP_DBG("u %32phN", u); 221 SMP_DBG("v %32phN", v); 222 SMP_DBG("x %16phN z %02x", x, z); 223 224 m[0] = z; 225 memcpy(m + 1, v, 32); 226 memcpy(m + 33, u, 32); 227 228 err = aes_cmac(tfm_cmac, x, m, sizeof(m), res); 229 if (err) 230 return err; 231 232 SMP_DBG("res %16phN", res); 233 234 return err; 235 } 236 237 static int smp_f5(struct crypto_shash *tfm_cmac, const u8 w[32], 238const u8 n1[16], const u8 n2[16], const u8 a1[7], 239const u8 a2[7], u8 mackey[16], u8 ltk[16]) 240 { 241 /* The btle, salt and length "magic" values are as defined in 242 * the SMP section of the Bluetooth core specification. In ASCII 243 * the btle value ends up being 'btle'. The salt is just a 244 * random number whereas length is the value 256 in little 245 * endian format. 246 */ 247 const u8 btle[4] = { 0x65, 0x6c, 0x74, 0x62 }; 248 const u8 salt[16] = { 0xbe, 0x83, 0x60, 0x5a, 0xdb, 0x0b, 0x37, 0x60, 2490x38, 0xa5, 0xf5, 0xaa, 0x91, 0x83, 0x88, 0x6c }; 250 const u8 length[2] = { 0x00, 0x01 }; 251 u8 m[53], t[16]; 252 int err; 253 254 SMP_DBG("w %32phN", w); 255 SMP_DBG("n1 %16phN n2 %16phN", n1, n2); 256 SMP_DBG("a1 %7phN a2 %7phN", a1, a2); 257 258 err = aes_cmac(tfm_cmac, salt, w, 32, t); 259 if (err) 260 return err; 261 262 SMP_DBG("t %16phN", t); 263 264 memcpy(m, length, 2); 265 memcpy(m + 2, a2, 7); 266 memcpy(m + 9, a1, 7); 267 memcpy(m + 16, n2, 16); 268 memcpy(m + 32, n1, 16); 269 memcpy(m + 48, btle, 4); 270 271 m[52] = 0; /* Counter */ 272 273 err = aes_cmac(tfm_cmac, t, m, sizeof(m), mackey); 274 if (err) 275 return err; 276 277 SMP_DBG("mackey %16phN", mackey); 278 279 m[52] = 1; /* Counter */ 280 281 err = aes_cmac(tfm_cmac, t, m, sizeof(m), ltk); 282 if (err) 283 return err; 284 285 SMP_DBG("ltk %16phN", ltk); 286 287 return 0; 288 } 289 290 static int smp_f6(struct crypto_shash *tfm_cmac, const u8 w[16], 291const u8 n1[16], const u8 n2[16], const u8 r[16], 292const u8 io_cap[3], const u8 a1[7], const u8 a2[7], 293u8 res[16]) 294 { 295 u8 m[65]; 296 int err; 297 298 SMP_DBG("w %16phN", w); 299 SMP_DBG("n1 %16phN n2 %16phN", n1, n2); 300 SMP_DBG("r %16phN io_cap %3phN a1 %7phN a2 %7phN", r, io_cap, a1, a2); 301 302 memcpy(m, a2, 7); 303 memcpy(m + 7, a1, 7); 304
[PATCH 15/26] Bluetooth: Use skcipher and hash
This patch replaces uses of blkcipher with skcipher and the long obsolete hash interface with shash. Signed-off-by: Herbert Xu --- net/bluetooth/smp.c | 135 1 file changed, 63 insertions(+), 72 deletions(-) diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index ffed8a1..78ad7d6 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -21,9 +21,10 @@ */ #include -#include #include #include +#include +#include #include #include @@ -87,8 +88,8 @@ struct smp_dev { u8 min_key_size; u8 max_key_size; - struct crypto_blkcipher *tfm_aes; - struct crypto_hash *tfm_cmac; + struct crypto_skcipher *tfm_aes; + struct crypto_shash *tfm_cmac; }; struct smp_chan { @@ -126,8 +127,8 @@ struct smp_chan { u8 dhkey[32]; u8 mackey[16]; - struct crypto_blkcipher *tfm_aes; - struct crypto_hash *tfm_cmac; + struct crypto_skcipher *tfm_aes; + struct crypto_shash *tfm_cmac; }; /* These debug key values are defined in the SMP section of the core @@ -165,12 +166,11 @@ static inline void swap_buf(const u8 *src, u8 *dst, size_t len) * AES-CMAC, f4, f5, f6, g2 and h6. */ -static int aes_cmac(struct crypto_hash *tfm, const u8 k[16], const u8 *m, +static int aes_cmac(struct crypto_shash *tfm, const u8 k[16], const u8 *m, size_t len, u8 mac[16]) { uint8_t tmp[16], mac_msb[16], msg_msb[CMAC_MSG_MAX]; - struct hash_desc desc; - struct scatterlist sg; + SHASH_DESC_ON_STACK(desc, tfm); int err; if (len > CMAC_MSG_MAX) @@ -181,10 +181,8 @@ static int aes_cmac(struct crypto_hash *tfm, const u8 k[16], const u8 *m, return -EINVAL; } - desc.tfm = tfm; - desc.flags = 0; - - crypto_hash_init(&desc); + desc->tfm = tfm; + desc->flags = 0; /* Swap key and message from LSB to MSB */ swap_buf(k, tmp, 16); @@ -193,23 +191,16 @@ static int aes_cmac(struct crypto_hash *tfm, const u8 k[16], const u8 *m, SMP_DBG("msg (len %zu) %*phN", len, (int) len, m); SMP_DBG("key %16phN", k); - err = crypto_hash_setkey(tfm, tmp, 16); + err = crypto_shash_setkey(tfm, tmp, 16); if (err) { BT_ERR("cipher setkey failed: %d", err); return err; } - sg_init_one(&sg, msg_msb, len); - - err = crypto_hash_update(&desc, &sg, len); + err = crypto_shash_digest(desc, msg_msb, len, mac_msb); + shash_desc_zero(desc); if (err) { - BT_ERR("Hash update error %d", err); - return err; - } - - err = crypto_hash_final(&desc, mac_msb); - if (err) { - BT_ERR("Hash final error %d", err); + BT_ERR("Hash computation error %d", err); return err; } @@ -220,8 +211,8 @@ static int aes_cmac(struct crypto_hash *tfm, const u8 k[16], const u8 *m, return 0; } -static int smp_f4(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32], - const u8 x[16], u8 z, u8 res[16]) +static int smp_f4(struct crypto_shash *tfm_cmac, const u8 u[32], + const u8 v[32], const u8 x[16], u8 z, u8 res[16]) { u8 m[65]; int err; @@ -243,7 +234,7 @@ static int smp_f4(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32], return err; } -static int smp_f5(struct crypto_hash *tfm_cmac, const u8 w[32], +static int smp_f5(struct crypto_shash *tfm_cmac, const u8 w[32], const u8 n1[16], const u8 n2[16], const u8 a1[7], const u8 a2[7], u8 mackey[16], u8 ltk[16]) { @@ -296,7 +287,7 @@ static int smp_f5(struct crypto_hash *tfm_cmac, const u8 w[32], return 0; } -static int smp_f6(struct crypto_hash *tfm_cmac, const u8 w[16], +static int smp_f6(struct crypto_shash *tfm_cmac, const u8 w[16], const u8 n1[16], const u8 n2[16], const u8 r[16], const u8 io_cap[3], const u8 a1[7], const u8 a2[7], u8 res[16]) @@ -324,7 +315,7 @@ static int smp_f6(struct crypto_hash *tfm_cmac, const u8 w[16], return err; } -static int smp_g2(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32], +static int smp_g2(struct crypto_shash *tfm_cmac, const u8 u[32], const u8 v[32], const u8 x[16], const u8 y[16], u32 *val) { u8 m[80], tmp[16]; @@ -350,7 +341,7 @@ static int smp_g2(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32], return 0; } -static int smp_h6(struct crypto_hash *tfm_cmac, const u8 w[16], +static int smp_h6(struct crypto_shash *tfm_cmac, const u8 w[16], const u8 key_id[4], u8 res[16]) { int err; @@ -370,9 +361,9 @@ static int smp_h6(struct crypt