crypto: hash - annotate algorithms taking optional key
authorEric Biggers <ebiggers@google.com>
Wed, 3 Jan 2018 19:16:26 +0000 (11:16 -0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sun, 25 Feb 2018 10:05:43 +0000 (11:05 +0100)
commitb392a53b11f325b30b7d54e575352a8cac4c300d
tree85b20e72a7e17f25431c9dab8865a9589c282a23
parenteb9c7c7d9542a33011b1e217e5a283ebf94fac01
crypto: hash - annotate algorithms taking optional key

commit a208fa8f33031b9e0aba44c7d1b7e68eb0cbd29e upstream.

We need to consistently enforce that keyed hashes cannot be used without
setting the key.  To do this we need a reliable way to determine whether
a given hash algorithm is keyed or not.  AF_ALG currently does this by
checking for the presence of a ->setkey() method.  However, this is
actually slightly broken because the CRC-32 algorithms implement
->setkey() but can also be used without a key.  (The CRC-32 "key" is not
actually a cryptographic key but rather represents the initial state.
If not overridden, then a default initial state is used.)

Prepare to fix this by introducing a flag CRYPTO_ALG_OPTIONAL_KEY which
indicates that the algorithm has a ->setkey() method, but it is not
required to be called.  Then set it on all the CRC-32 algorithms.

The same also applies to the Adler-32 implementation in Lustre.

Also, the cryptd and mcryptd templates have to pass through the flag
from their underlying algorithm.

Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
13 files changed:
arch/arm64/crypto/crc32-arm64.c
arch/powerpc/crypto/crc32c-vpmsum_glue.c
arch/s390/crypto/crc32-vx.c
arch/sparc/crypto/crc32c_glue.c
arch/x86/crypto/crc32-pclmul_glue.c
arch/x86/crypto/crc32c-intel_glue.c
crypto/crc32_generic.c
crypto/crc32c_generic.c
crypto/cryptd.c
crypto/mcryptd.c
drivers/crypto/bfin_crc.c
drivers/staging/lustre/lnet/libcfs/linux/linux-crypto-adler.c
include/linux/crypto.h