[net-next-2.6.git] / net / ceph / crypto.c


#include <linux/ceph/ceph_debug.h>

#include <linux/err.h>
#include <linux/scatterlist.h>
#include <linux/slab.h>
#include <crypto/hash.h>

#include <linux/ceph/decode.h>
#include "crypto.h"

int ceph_crypto_key_encode(struct ceph_crypto_key *key, void **p, void *end)
{
	if (*p + sizeof(u16) + sizeof(key->created) +
	    sizeof(u16) + key->len > end)
		return -ERANGE;
	ceph_encode_16(p, key->type);
	ceph_encode_copy(p, &key->created, sizeof(key->created));
	ceph_encode_16(p, key->len);
	ceph_encode_copy(p, key->key, key->len);
	return 0;
}

int ceph_crypto_key_decode(struct ceph_crypto_key *key, void **p, void *end)
{
	ceph_decode_need(p, end, 2*sizeof(u16) + sizeof(key->created), bad);
	key->type = ceph_decode_16(p);
	ceph_decode_copy(p, &key->created, sizeof(key->created));
	key->len = ceph_decode_16(p);
	ceph_decode_need(p, end, key->len, bad);
	key->key = kmalloc(key->len, GFP_NOFS);
	if (!key->key)
		return -ENOMEM;
	ceph_decode_copy(p, key->key, key->len);
	return 0;

bad:
	dout("failed to decode crypto key\n");
	return -EINVAL;
}

int ceph_crypto_key_unarmor(struct ceph_crypto_key *key, const char *inkey)
{
	int inlen = strlen(inkey);
	int blen = inlen * 3 / 4;
	void *buf, *p;
	int ret;

	dout("crypto_key_unarmor %s\n", inkey);
	buf = kmalloc(blen, GFP_NOFS);
	if (!buf)
		return -ENOMEM;
	blen = ceph_unarmor(buf, inkey, inkey+inlen);
	if (blen < 0) {
		kfree(buf);
		return blen;
	}

	p = buf;
	ret = ceph_crypto_key_decode(key, &p, p + blen);
	kfree(buf);
	if (ret)
		return ret;
	dout("crypto_key_unarmor key %p type %d len %d\n", key,
	     key->type, key->len);
	return 0;
}


#define AES_KEY_SIZE 16

static struct crypto_blkcipher *ceph_crypto_alloc_cipher(void)
{
	return crypto_alloc_blkcipher("cbc(aes)", 0, CRYPTO_ALG_ASYNC);
}

static const u8 *aes_iv = (u8 *)CEPH_AES_IV;

static int ceph_aes_encrypt(const void *key, int key_len,
			    void *dst, size_t *dst_len,
			    const void *src, size_t src_len)
{
	struct scatterlist sg_in[2], sg_out[1];
	struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
	struct blkcipher_desc desc = { .tfm = tfm, .flags = 0 };
	int ret;
	void *iv;
	int ivsize;
	size_t zero_padding = (0x10 - (src_len & 0x0f));
	char pad[16];

	if (IS_ERR(tfm))
		return PTR_ERR(tfm);

	memset(pad, zero_padding, zero_padding);

	*dst_len = src_len + zero_padding;

	crypto_blkcipher_setkey((void *)tfm, key, key_len);
	sg_init_table(sg_in, 2);
	sg_set_buf(&sg_in[0], src, src_len);
	sg_set_buf(&sg_in[1], pad, zero_padding);
	sg_init_table(sg_out, 1);
	sg_set_buf(sg_out, dst, *dst_len);
	iv = crypto_blkcipher_crt(tfm)->iv;
	ivsize = crypto_blkcipher_ivsize(tfm);

	memcpy(iv, aes_iv, ivsize);
	/*
	print_hex_dump(KERN_ERR, "enc key: ", DUMP_PREFIX_NONE, 16, 1,
		       key, key_len, 1);
	print_hex_dump(KERN_ERR, "enc src: ", DUMP_PREFIX_NONE, 16, 1,
			src, src_len, 1);
	print_hex_dump(KERN_ERR, "enc pad: ", DUMP_PREFIX_NONE, 16, 1,
			pad, zero_padding, 1);
	*/
	ret = crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
				     src_len + zero_padding);
	crypto_free_blkcipher(tfm);
	if (ret < 0)
		pr_err("ceph_aes_crypt failed %d\n", ret);
	/*
	print_hex_dump(KERN_ERR, "enc out: ", DUMP_PREFIX_NONE, 16, 1,
		       dst, *dst_len, 1);
	*/
	return 0;
}

static int ceph_aes_encrypt2(const void *key, int key_len, void *dst,
			     size_t *dst_len,
			     const void *src1, size_t src1_len,
			     const void *src2, size_t src2_len)
{
	struct scatterlist sg_in[3], sg_out[1];
	struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
	struct blkcipher_desc desc = { .tfm = tfm, .flags = 0 };
	int ret;
	void *iv;
	int ivsize;
	size_t zero_padding = (0x10 - ((src1_len + src2_len) & 0x0f));
	char pad[16];

	if (IS_ERR(tfm))
		return PTR_ERR(tfm);

	memset(pad, zero_padding, zero_padding);

	*dst_len = src1_len + src2_len + zero_padding;

	crypto_blkcipher_setkey((void *)tfm, key, key_len);
	sg_init_table(sg_in, 3);
	sg_set_buf(&sg_in[0], src1, src1_len);
	sg_set_buf(&sg_in[1], src2, src2_len);
	sg_set_buf(&sg_in[2], pad, zero_padding);
	sg_init_table(sg_out, 1);
	sg_set_buf(sg_out, dst, *dst_len);
	iv = crypto_blkcipher_crt(tfm)->iv;
	ivsize = crypto_blkcipher_ivsize(tfm);

	memcpy(iv, aes_iv, ivsize);
	/*
	print_hex_dump(KERN_ERR, "enc  key: ", DUMP_PREFIX_NONE, 16, 1,
		       key, key_len, 1);
	print_hex_dump(KERN_ERR, "enc src1: ", DUMP_PREFIX_NONE, 16, 1,
			src1, src1_len, 1);
	print_hex_dump(KERN_ERR, "enc src2: ", DUMP_PREFIX_NONE, 16, 1,
			src2, src2_len, 1);
	print_hex_dump(KERN_ERR, "enc  pad: ", DUMP_PREFIX_NONE, 16, 1,
			pad, zero_padding, 1);
	*/
	ret = crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
				     src1_len + src2_len + zero_padding);
	crypto_free_blkcipher(tfm);
	if (ret < 0)
		pr_err("ceph_aes_crypt2 failed %d\n", ret);
	/*
	print_hex_dump(KERN_ERR, "enc  out: ", DUMP_PREFIX_NONE, 16, 1,
		       dst, *dst_len, 1);
	*/
	return 0;
}

static int ceph_aes_decrypt(const void *key, int key_len,
			    void *dst, size_t *dst_len,
			    const void *src, size_t src_len)
{
	struct scatterlist sg_in[1], sg_out[2];
	struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
	struct blkcipher_desc desc = { .tfm = tfm };
	char pad[16];
	void *iv;
	int ivsize;
	int ret;
	int last_byte;

	if (IS_ERR(tfm))
		return PTR_ERR(tfm);

	crypto_blkcipher_setkey((void *)tfm, key, key_len);
	sg_init_table(sg_in, 1);
	sg_init_table(sg_out, 2);
	sg_set_buf(sg_in, src, src_len);
	sg_set_buf(&sg_out[0], dst, *dst_len);
	sg_set_buf(&sg_out[1], pad, sizeof(pad));

	iv = crypto_blkcipher_crt(tfm)->iv;
	ivsize = crypto_blkcipher_ivsize(tfm);

	memcpy(iv, aes_iv, ivsize);

	/*
	print_hex_dump(KERN_ERR, "dec key: ", DUMP_PREFIX_NONE, 16, 1,
		       key, key_len, 1);
	print_hex_dump(KERN_ERR, "dec  in: ", DUMP_PREFIX_NONE, 16, 1,
		       src, src_len, 1);
	*/

	ret = crypto_blkcipher_decrypt(&desc, sg_out, sg_in, src_len);
	crypto_free_blkcipher(tfm);
	if (ret < 0) {
		pr_err("ceph_aes_decrypt failed %d\n", ret);
		return ret;
	}

	if (src_len <= *dst_len)
		last_byte = ((char *)dst)[src_len - 1];
	else
		last_byte = pad[src_len - *dst_len - 1];
	if (last_byte <= 16 && src_len >= last_byte) {
		*dst_len = src_len - last_byte;
	} else {
		pr_err("ceph_aes_decrypt got bad padding %d on src len %d\n",
		       last_byte, (int)src_len);
		return -EPERM;  /* bad padding */
	}
	/*
	print_hex_dump(KERN_ERR, "dec out: ", DUMP_PREFIX_NONE, 16, 1,
		       dst, *dst_len, 1);
	*/
	return 0;
}

static int ceph_aes_decrypt2(const void *key, int key_len,
			     void *dst1, size_t *dst1_len,
			     void *dst2, size_t *dst2_len,
			     const void *src, size_t src_len)
{
	struct scatterlist sg_in[1], sg_out[3];
	struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
	struct blkcipher_desc desc = { .tfm = tfm };
	char pad[16];
	void *iv;
	int ivsize;
	int ret;
	int last_byte;

	if (IS_ERR(tfm))
		return PTR_ERR(tfm);

	sg_init_table(sg_in, 1);
	sg_set_buf(sg_in, src, src_len);
	sg_init_table(sg_out, 3);
	sg_set_buf(&sg_out[0], dst1, *dst1_len);
	sg_set_buf(&sg_out[1], dst2, *dst2_len);
	sg_set_buf(&sg_out[2], pad, sizeof(pad));

	crypto_blkcipher_setkey((void *)tfm, key, key_len);
	iv = crypto_blkcipher_crt(tfm)->iv;
	ivsize = crypto_blkcipher_ivsize(tfm);

	memcpy(iv, aes_iv, ivsize);

	/*
	print_hex_dump(KERN_ERR, "dec  key: ", DUMP_PREFIX_NONE, 16, 1,
		       key, key_len, 1);
	print_hex_dump(KERN_ERR, "dec   in: ", DUMP_PREFIX_NONE, 16, 1,
		       src, src_len, 1);
	*/

	ret = crypto_blkcipher_decrypt(&desc, sg_out, sg_in, src_len);
	crypto_free_blkcipher(tfm);
	if (ret < 0) {
		pr_err("ceph_aes_decrypt failed %d\n", ret);
		return ret;
	}

	if (src_len <= *dst1_len)
		last_byte = ((char *)dst1)[src_len - 1];
	else if (src_len <= *dst1_len + *dst2_len)
		last_byte = ((char *)dst2)[src_len - *dst1_len - 1];
	else
		last_byte = pad[src_len - *dst1_len - *dst2_len - 1];
	if (last_byte <= 16 && src_len >= last_byte) {
		src_len -= last_byte;
	} else {
		pr_err("ceph_aes_decrypt got bad padding %d on src len %d\n",
		       last_byte, (int)src_len);
		return -EPERM;  /* bad padding */
	}

	if (src_len < *dst1_len) {
		*dst1_len = src_len;
		*dst2_len = 0;
	} else {
		*dst2_len = src_len - *dst1_len;
	}
	/*
	print_hex_dump(KERN_ERR, "dec  out1: ", DUMP_PREFIX_NONE, 16, 1,
		       dst1, *dst1_len, 1);
	print_hex_dump(KERN_ERR, "dec  out2: ", DUMP_PREFIX_NONE, 16, 1,
		       dst2, *dst2_len, 1);
	*/

	return 0;
}


int ceph_decrypt(struct ceph_crypto_key *secret, void *dst, size_t *dst_len,
		 const void *src, size_t src_len)
{
	switch (secret->type) {
	case CEPH_CRYPTO_NONE:
		if (*dst_len < src_len)
			return -ERANGE;
		memcpy(dst, src, src_len);
		*dst_len = src_len;
		return 0;

	case CEPH_CRYPTO_AES:
		return ceph_aes_decrypt(secret->key, secret->len, dst,
					dst_len, src, src_len);

	default:
		return -EINVAL;
	}
}

int ceph_decrypt2(struct ceph_crypto_key *secret,
			void *dst1, size_t *dst1_len,
			void *dst2, size_t *dst2_len,
			const void *src, size_t src_len)
{
	size_t t;

	switch (secret->type) {
	case CEPH_CRYPTO_NONE:
		if (*dst1_len + *dst2_len < src_len)
			return -ERANGE;
		t = min(*dst1_len, src_len);
		memcpy(dst1, src, t);
		*dst1_len = t;
		src += t;
		src_len -= t;
		if (src_len) {
			t = min(*dst2_len, src_len);
			memcpy(dst2, src, t);
			*dst2_len = t;
		}
		return 0;

	case CEPH_CRYPTO_AES:
		return ceph_aes_decrypt2(secret->key, secret->len,
					 dst1, dst1_len, dst2, dst2_len,
					 src, src_len);

	default:
		return -EINVAL;
	}
}

int ceph_encrypt(struct ceph_crypto_key *secret, void *dst, size_t *dst_len,
		 const void *src, size_t src_len)
{
	switch (secret->type) {
	case CEPH_CRYPTO_NONE:
		if (*dst_len < src_len)
			return -ERANGE;
		memcpy(dst, src, src_len);
		*dst_len = src_len;
		return 0;

	case CEPH_CRYPTO_AES:
		return ceph_aes_encrypt(secret->key, secret->len, dst,
					dst_len, src, src_len);

	default:
		return -EINVAL;
	}
}

int ceph_encrypt2(struct ceph_crypto_key *secret, void *dst, size_t *dst_len,
		  const void *src1, size_t src1_len,
		  const void *src2, size_t src2_len)
{
	switch (secret->type) {
	case CEPH_CRYPTO_NONE:
		if (*dst_len < src1_len + src2_len)
			return -ERANGE;
		memcpy(dst, src1, src1_len);
		memcpy(dst + src1_len, src2, src2_len);
		*dst_len = src1_len + src2_len;
		return 0;

	case CEPH_CRYPTO_AES:
		return ceph_aes_encrypt2(secret->key, secret->len, dst, dst_len,
					 src1, src1_len, src2, src2_len);

	default:
		return -EINVAL;
	}
}
Commit	Line	Data
8b6e4f2d	1
3d14c5d2	2	#include <linux/ceph/ceph_debug.h>
8b6e4f2d SW	3
	4	#include <linux/err.h>
	5	#include <linux/scatterlist.h>
5a0e3ad6	6	#include <linux/slab.h>
8b6e4f2d SW	7	#include <crypto/hash.h>
8b6e4f2d SW	8
3d14c5d2	9	#include <linux/ceph/decode.h>
8b6e4f2d	10	#include "crypto.h"
8b6e4f2d SW	11
	12	int ceph_crypto_key_encode(struct ceph_crypto_key key, void p, void end)
	13	{
	14	if (*p + sizeof(u16) + sizeof(key->created) +
	15	sizeof(u16) + key->len > end)
	16	return -ERANGE;
	17	ceph_encode_16(p, key->type);
	18	ceph_encode_copy(p, &key->created, sizeof(key->created));
	19	ceph_encode_16(p, key->len);
	20	ceph_encode_copy(p, key->key, key->len);
	21	return 0;
	22	}
	23
	24	int ceph_crypto_key_decode(struct ceph_crypto_key key, void p, void end)
	25	{
	26	ceph_decode_need(p, end, 2*sizeof(u16) + sizeof(key->created), bad);
	27	key->type = ceph_decode_16(p);
	28	ceph_decode_copy(p, &key->created, sizeof(key->created));
	29	key->len = ceph_decode_16(p);
	30	ceph_decode_need(p, end, key->len, bad);
	31	key->key = kmalloc(key->len, GFP_NOFS);
	32	if (!key->key)
	33	return -ENOMEM;
	34	ceph_decode_copy(p, key->key, key->len);
	35	return 0;
	36
	37	bad:
	38	dout("failed to decode crypto key\n");
	39	return -EINVAL;
	40	}
	41
	42	int ceph_crypto_key_unarmor(struct ceph_crypto_key key, const char inkey)
	43	{
	44	int inlen = strlen(inkey);
	45	int blen = inlen * 3 / 4;
	46	void buf, p;
	47	int ret;
	48
	49	dout("crypto_key_unarmor %s\n", inkey);
	50	buf = kmalloc(blen, GFP_NOFS);
	51	if (!buf)
	52	return -ENOMEM;
	53	blen = ceph_unarmor(buf, inkey, inkey+inlen);
	54	if (blen < 0) {
	55	kfree(buf);
	56	return blen;
	57	}
	58
	59	p = buf;
	60	ret = ceph_crypto_key_decode(key, &p, p + blen);
	61	kfree(buf);
	62	if (ret)
	63	return ret;
	64	dout("crypto_key_unarmor key %p type %d len %d\n", key,
	65	key->type, key->len);
	66	return 0;
	67	}
	68
	69
	70
	71	#define AES_KEY_SIZE 16
	72
	73	static struct crypto_blkcipher *ceph_crypto_alloc_cipher(void)
	74	{
75	return crypto_alloc_blkcipher("cbc(aes)", 0, CRYPTO_ALG_ASYNC);
76	}
77
cbbfe499	78	static const u8 aes_iv = (u8 )CEPH_AES_IV;
8b6e4f2d	79
cd84db6e YS	80	static int ceph_aes_encrypt(const void *key, int key_len,
	81	void dst, size_t dst_len,
	82	const void *src, size_t src_len)
8b6e4f2d SW	83	{
	84	struct scatterlist sg_in[2], sg_out[1];
	85	struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
	86	struct blkcipher_desc desc = { .tfm = tfm, .flags = 0 };
	87	int ret;
	88	void *iv;
	89	int ivsize;
	90	size_t zero_padding = (0x10 - (src_len & 0x0f));
	91	char pad[16];
	92
	93	if (IS_ERR(tfm))
	94	return PTR_ERR(tfm);
	95
	96	memset(pad, zero_padding, zero_padding);
	97
	98	*dst_len = src_len + zero_padding;
	99
	100	crypto_blkcipher_setkey((void *)tfm, key, key_len);
	101	sg_init_table(sg_in, 2);
	102	sg_set_buf(&sg_in[0], src, src_len);
	103	sg_set_buf(&sg_in[1], pad, zero_padding);
	104	sg_init_table(sg_out, 1);
	105	sg_set_buf(sg_out, dst, *dst_len);
	106	iv = crypto_blkcipher_crt(tfm)->iv;
	107	ivsize = crypto_blkcipher_ivsize(tfm);
	108
	109	memcpy(iv, aes_iv, ivsize);
	110	/*
	111	print_hex_dump(KERN_ERR, "enc key: ", DUMP_PREFIX_NONE, 16, 1,
	112	key, key_len, 1);
	113	print_hex_dump(KERN_ERR, "enc src: ", DUMP_PREFIX_NONE, 16, 1,
	114	src, src_len, 1);
	115	print_hex_dump(KERN_ERR, "enc pad: ", DUMP_PREFIX_NONE, 16, 1,
	116	pad, zero_padding, 1);
	117	*/
	118	ret = crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
	119	src_len + zero_padding);
	120	crypto_free_blkcipher(tfm);
	121	if (ret < 0)
	122	pr_err("ceph_aes_crypt failed %d\n", ret);
	123	/*
	124	print_hex_dump(KERN_ERR, "enc out: ", DUMP_PREFIX_NONE, 16, 1,
	125	dst, *dst_len, 1);
	126	*/
	127	return 0;
	128	}
	129
cd84db6e YS	130	static int ceph_aes_encrypt2(const void key, int key_len, void dst,
	131	size_t *dst_len,
	132	const void *src1, size_t src1_len,
	133	const void *src2, size_t src2_len)
8b6e4f2d SW	134	{
	135	struct scatterlist sg_in[3], sg_out[1];
	136	struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
	137	struct blkcipher_desc desc = { .tfm = tfm, .flags = 0 };
	138	int ret;
	139	void *iv;
	140	int ivsize;
	141	size_t zero_padding = (0x10 - ((src1_len + src2_len) & 0x0f));
	142	char pad[16];
	143
	144	if (IS_ERR(tfm))
	145	return PTR_ERR(tfm);
	146
	147	memset(pad, zero_padding, zero_padding);
	148
	149	*dst_len = src1_len + src2_len + zero_padding;
	150
	151	crypto_blkcipher_setkey((void *)tfm, key, key_len);
	152	sg_init_table(sg_in, 3);
	153	sg_set_buf(&sg_in[0], src1, src1_len);
	154	sg_set_buf(&sg_in[1], src2, src2_len);
	155	sg_set_buf(&sg_in[2], pad, zero_padding);
	156	sg_init_table(sg_out, 1);
	157	sg_set_buf(sg_out, dst, *dst_len);
	158	iv = crypto_blkcipher_crt(tfm)->iv;
	159	ivsize = crypto_blkcipher_ivsize(tfm);
	160
	161	memcpy(iv, aes_iv, ivsize);
	162	/*
	163	print_hex_dump(KERN_ERR, "enc key: ", DUMP_PREFIX_NONE, 16, 1,
	164	key, key_len, 1);
	165	print_hex_dump(KERN_ERR, "enc src1: ", DUMP_PREFIX_NONE, 16, 1,
	166	src1, src1_len, 1);
	167	print_hex_dump(KERN_ERR, "enc src2: ", DUMP_PREFIX_NONE, 16, 1,
	168	src2, src2_len, 1);
	169	print_hex_dump(KERN_ERR, "enc pad: ", DUMP_PREFIX_NONE, 16, 1,
	170	pad, zero_padding, 1);
	171	*/
	172	ret = crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
	173	src1_len + src2_len + zero_padding);
	174	crypto_free_blkcipher(tfm);
	175	if (ret < 0)
	176	pr_err("ceph_aes_crypt2 failed %d\n", ret);
	177	/*
	178	print_hex_dump(KERN_ERR, "enc out: ", DUMP_PREFIX_NONE, 16, 1,
	179	dst, *dst_len, 1);
	180	*/
	181	return 0;
	182	}
	183
cd84db6e YS	184	static int ceph_aes_decrypt(const void *key, int key_len,
	185	void dst, size_t dst_len,
	186	const void *src, size_t src_len)
8b6e4f2d SW	187	{
	188	struct scatterlist sg_in[1], sg_out[2];
	189	struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
	190	struct blkcipher_desc desc = { .tfm = tfm };
	191	char pad[16];
	192	void *iv;
	193	int ivsize;
	194	int ret;
	195	int last_byte;
	196
	197	if (IS_ERR(tfm))
	198	return PTR_ERR(tfm);
	199
	200	crypto_blkcipher_setkey((void *)tfm, key, key_len);
	201	sg_init_table(sg_in, 1);
	202	sg_init_table(sg_out, 2);
	203	sg_set_buf(sg_in, src, src_len);
	204	sg_set_buf(&sg_out[0], dst, *dst_len);
	205	sg_set_buf(&sg_out[1], pad, sizeof(pad));
	206
	207	iv = crypto_blkcipher_crt(tfm)->iv;
	208	ivsize = crypto_blkcipher_ivsize(tfm);
	209
	210	memcpy(iv, aes_iv, ivsize);
	211
	212	/*
	213	print_hex_dump(KERN_ERR, "dec key: ", DUMP_PREFIX_NONE, 16, 1,
	214	key, key_len, 1);
	215	print_hex_dump(KERN_ERR, "dec in: ", DUMP_PREFIX_NONE, 16, 1,
	216	src, src_len, 1);
	217	*/
	218
	219	ret = crypto_blkcipher_decrypt(&desc, sg_out, sg_in, src_len);
	220	crypto_free_blkcipher(tfm);
	221	if (ret < 0) {
	222	pr_err("ceph_aes_decrypt failed %d\n", ret);
	223	return ret;
	224	}
	225
	226	if (src_len <= *dst_len)
	227	last_byte = ((char *)dst)[src_len - 1];
	228	else
	229	last_byte = pad[src_len - *dst_len - 1];
	230	if (last_byte <= 16 && src_len >= last_byte) {
	231	*dst_len = src_len - last_byte;
	232	} else {
	233	pr_err("ceph_aes_decrypt got bad padding %d on src len %d\n",
	234	last_byte, (int)src_len);
	235	return -EPERM; /* bad padding */
	236	}
	237	/*
	238	print_hex_dump(KERN_ERR, "dec out: ", DUMP_PREFIX_NONE, 16, 1,
	239	dst, *dst_len, 1);
	240	*/
	241	return 0;
	242	}
	243
cd84db6e YS	244	static int ceph_aes_decrypt2(const void *key, int key_len,
	245	void dst1, size_t dst1_len,
	246	void dst2, size_t dst2_len,
	247	const void *src, size_t src_len)
8b6e4f2d SW	248	{
	249	struct scatterlist sg_in[1], sg_out[3];
	250	struct crypto_blkcipher *tfm = ceph_crypto_alloc_cipher();
	251	struct blkcipher_desc desc = { .tfm = tfm };
	252	char pad[16];
	253	void *iv;
	254	int ivsize;
	255	int ret;
	256	int last_byte;
	257
	258	if (IS_ERR(tfm))
	259	return PTR_ERR(tfm);
	260
	261	sg_init_table(sg_in, 1);
	262	sg_set_buf(sg_in, src, src_len);
	263	sg_init_table(sg_out, 3);
	264	sg_set_buf(&sg_out[0], dst1, *dst1_len);
	265	sg_set_buf(&sg_out[1], dst2, *dst2_len);
	266	sg_set_buf(&sg_out[2], pad, sizeof(pad));
	267
	268	crypto_blkcipher_setkey((void *)tfm, key, key_len);
	269	iv = crypto_blkcipher_crt(tfm)->iv;
	270	ivsize = crypto_blkcipher_ivsize(tfm);
	271
	272	memcpy(iv, aes_iv, ivsize);
	273
	274	/*
	275	print_hex_dump(KERN_ERR, "dec key: ", DUMP_PREFIX_NONE, 16, 1,
	276	key, key_len, 1);
	277	print_hex_dump(KERN_ERR, "dec in: ", DUMP_PREFIX_NONE, 16, 1,
	278	src, src_len, 1);
	279	*/
	280
	281	ret = crypto_blkcipher_decrypt(&desc, sg_out, sg_in, src_len);
	282	crypto_free_blkcipher(tfm);
	283	if (ret < 0) {
	284	pr_err("ceph_aes_decrypt failed %d\n", ret);
	285	return ret;
	286	}
	287
	288	if (src_len <= *dst1_len)
	289	last_byte = ((char *)dst1)[src_len - 1];
	290	else if (src_len <= dst1_len + dst2_len)
	291	last_byte = ((char )dst2)[src_len - dst1_len - 1];
	292	else
	293	last_byte = pad[src_len - dst1_len - dst2_len - 1];
	294	if (last_byte <= 16 && src_len >= last_byte) {
	295	src_len -= last_byte;
	296	} else {
	297	pr_err("ceph_aes_decrypt got bad padding %d on src len %d\n",
	298	last_byte, (int)src_len);
	299	return -EPERM; /* bad padding */
	300	}
	301
	302	if (src_len < *dst1_len) {
	303	*dst1_len = src_len;
	304	*dst2_len = 0;
	305	} else {
	306	dst2_len = src_len - dst1_len;
	307	}
	308	/*
	309	print_hex_dump(KERN_ERR, "dec out1: ", DUMP_PREFIX_NONE, 16, 1,
	310	dst1, *dst1_len, 1);
	311	print_hex_dump(KERN_ERR, "dec out2: ", DUMP_PREFIX_NONE, 16, 1,
312	dst2, *dst2_len, 1);
313	*/
314
315	return 0;
316	}
317
318
319	int ceph_decrypt(struct ceph_crypto_key secret, void dst, size_t *dst_len,
320	const void *src, size_t src_len)
321	{
322	switch (secret->type) {
323	case CEPH_CRYPTO_NONE:
324	if (*dst_len < src_len)
325	return -ERANGE;
326	memcpy(dst, src, src_len);
327	*dst_len = src_len;
328	return 0;
329
330	case CEPH_CRYPTO_AES:
331	return ceph_aes_decrypt(secret->key, secret->len, dst,
332	dst_len, src, src_len);
333
334	default:
335	return -EINVAL;
336	}
337	}
338
339	int ceph_decrypt2(struct ceph_crypto_key *secret,
340	void dst1, size_t dst1_len,
341	void dst2, size_t dst2_len,
342	const void *src, size_t src_len)
343	{
344	size_t t;
345
346	switch (secret->type) {
347	case CEPH_CRYPTO_NONE:
348	if (dst1_len + dst2_len < src_len)
349	return -ERANGE;
350	t = min(*dst1_len, src_len);
351	memcpy(dst1, src, t);
352	*dst1_len = t;
353	src += t;
354	src_len -= t;
355	if (src_len) {
356	t = min(*dst2_len, src_len);
357	memcpy(dst2, src, t);
358	*dst2_len = t;
359	}
360	return 0;
361
362	case CEPH_CRYPTO_AES:
363	return ceph_aes_decrypt2(secret->key, secret->len,
364	dst1, dst1_len, dst2, dst2_len,
365	src, src_len);
366
367	default:
368	return -EINVAL;
369	}
370	}
371
372	int ceph_encrypt(struct ceph_crypto_key secret, void dst, size_t *dst_len,
373	const void *src, size_t src_len)
374	{
375	switch (secret->type) {
376	case CEPH_CRYPTO_NONE:
377	if (*dst_len < src_len)
378	return -ERANGE;
379	memcpy(dst, src, src_len);
380	*dst_len = src_len;
381	return 0;
382
383	case CEPH_CRYPTO_AES:
384	return ceph_aes_encrypt(secret->key, secret->len, dst,
385	dst_len, src, src_len);
386
387	default:
388	return -EINVAL;
389	}
390	}
391
392	int ceph_encrypt2(struct ceph_crypto_key secret, void dst, size_t *dst_len,
393	const void *src1, size_t src1_len,
394	const void *src2, size_t src2_len)
395	{
396	switch (secret->type) {
397	case CEPH_CRYPTO_NONE:
398	if (*dst_len < src1_len + src2_len)
399	return -ERANGE;
400	memcpy(dst, src1, src1_len);
401	memcpy(dst + src1_len, src2, src2_len);
402	*dst_len = src1_len + src2_len;
403	return 0;
404
405	case CEPH_CRYPTO_AES:
406	return ceph_aes_encrypt2(secret->key, secret->len, dst, dst_len,
407	src1, src1_len, src2, src2_len);
408
409	default:
410	return -EINVAL;
411	}
412	}