summaryrefslogtreecommitdiff
path: root/include/linux/crypto.h
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2018-01-03 11:16:26 -0800
committerHerbert Xu <herbert@gondor.apana.org.au>2018-01-12 23:03:35 +1100
commita208fa8f33031b9e0aba44c7d1b7e68eb0cbd29e (patch)
treee700ec232c2831a0471ce788552c69db8cc6c949 /include/linux/crypto.h
parenta16e772e664b9a261424107784804cffc8894977 (diff)
downloadlwn-a208fa8f33031b9e0aba44c7d1b7e68eb0cbd29e.tar.gz
lwn-a208fa8f33031b9e0aba44c7d1b7e68eb0cbd29e.zip
crypto: hash - annotate algorithms taking optional key
We need to consistently enforce that keyed hashes cannot be used without setting the key. To do this we need a reliable way to determine whether a given hash algorithm is keyed or not. AF_ALG currently does this by checking for the presence of a ->setkey() method. However, this is actually slightly broken because the CRC-32 algorithms implement ->setkey() but can also be used without a key. (The CRC-32 "key" is not actually a cryptographic key but rather represents the initial state. If not overridden, then a default initial state is used.) Prepare to fix this by introducing a flag CRYPTO_ALG_OPTIONAL_KEY which indicates that the algorithm has a ->setkey() method, but it is not required to be called. Then set it on all the CRC-32 algorithms. The same also applies to the Adler-32 implementation in Lustre. Also, the cryptd and mcryptd templates have to pass through the flag from their underlying algorithm. Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/linux/crypto.h')
-rw-r--r--include/linux/crypto.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 231e59f90d32..d2e33a90825b 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -107,6 +107,12 @@
#define CRYPTO_ALG_INTERNAL 0x00002000
/*
+ * Set if the algorithm has a ->setkey() method but can be used without
+ * calling it first, i.e. there is a default key.
+ */
+#define CRYPTO_ALG_OPTIONAL_KEY 0x00004000
+
+/*
* Transform masks and values (for crt_flags).
*/
#define CRYPTO_TFM_REQ_MASK 0x000fff00