iscsi-target: Use shash and ahash

 * GNU General Public License for more details.

 ******************************************************************************/

#include <crypto/hash.h>

#include <linux/string.h>

#include <linux/kthread.h>

#include <linux/crypto.h>

#include <linux/completion.h>

#include <linux/module.h>

#include <linux/vmalloc.h>

}

static u32 iscsit_do_crypto_hash_sg(

	struct hash_desc *hash,

	struct ahash_request *hash,

	struct iscsi_cmd *cmd,

	u32 data_offset,

	u32 data_length,

	struct scatterlist *sg;

	unsigned int page_off;

	crypto_hash_init(hash);

	crypto_ahash_init(hash);

	sg = cmd->first_data_sg;

	page_off = cmd->first_data_sg_off;

	while (data_length) {

		u32 cur_len = min_t(u32, data_length, (sg->length - page_off));

		crypto_hash_update(hash, sg, cur_len);

		ahash_request_set_crypt(hash, sg, NULL, cur_len);

		crypto_ahash_update(hash);

		data_length -= cur_len;

		page_off = 0;

		struct scatterlist pad_sg;

		sg_init_one(&pad_sg, pad_bytes, padding);

		crypto_hash_update(hash, &pad_sg, padding);

		ahash_request_set_crypt(hash, &pad_sg, (u8 *)&data_crc,

					padding);

		crypto_ahash_finup(hash);

	} else {

		ahash_request_set_crypt(hash, NULL, (u8 *)&data_crc, 0);

		crypto_ahash_final(hash);

	}

	crypto_hash_final(hash, (u8 *) &data_crc);

	return data_crc;

}

static void iscsit_do_crypto_hash_buf(

	struct hash_desc *hash,

	struct ahash_request *hash,

	const void *buf,

	u32 payload_length,

	u32 padding,

	u8 *pad_bytes,

	u8 *data_crc)

{

	struct scatterlist sg;

	struct scatterlist sg[2];

	crypto_hash_init(hash);

	sg_init_table(sg, ARRAY_SIZE(sg));

	sg_set_buf(sg, buf, payload_length);

	sg_set_buf(sg + 1, pad_bytes, padding);

	sg_init_one(&sg, buf, payload_length);

	crypto_hash_update(hash, &sg, payload_length);

	ahash_request_set_crypt(hash, sg, data_crc, payload_length + padding);

	if (padding) {

		sg_init_one(&sg, pad_bytes, padding);

		crypto_hash_update(hash, &sg, padding);

	}

	crypto_hash_final(hash, data_crc);

	crypto_ahash_digest(hash);

}

int

	if (conn->conn_ops->DataDigest) {

		u32 data_crc;

		data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd,

		data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd,

						    be32_to_cpu(hdr->offset),

						    payload_length, padding,

						    cmd->pad_bytes);

		}

		if (conn->conn_ops->DataDigest) {

			iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,

			iscsit_do_crypto_hash_buf(conn->conn_rx_hash,

					ping_data, payload_length,

					padding, cmd->pad_bytes,

					(u8 *)&data_crc);

			goto reject;

		if (conn->conn_ops->DataDigest) {

			iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,

			iscsit_do_crypto_hash_buf(conn->conn_rx_hash,

					text_in, payload_length,

					padding, (u8 *)&pad_bytes,

					(u8 *)&data_crc);

	if (conn->conn_ops->DataDigest) {

		u32 data_crc;

		data_crc = iscsit_do_crypto_hash_sg(&conn->conn_rx_hash, cmd,

		data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd,

						    cmd->write_data_done, length, padding,

						    cmd->pad_bytes);

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		cmd->tx_size += ISCSI_CRC_LEN;

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->pdu,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		iov[0].iov_len += ISCSI_CRC_LEN;

				cmd->padding);

	}

	if (conn->conn_ops->DataDigest) {

		cmd->data_crc = iscsit_do_crypto_hash_sg(&conn->conn_tx_hash, cmd,

		cmd->data_crc = iscsit_do_crypto_hash_sg(conn->conn_tx_hash, cmd,

			 datain.offset, datain.length, cmd->padding, cmd->pad_bytes);

		iov[iov_count].iov_base	= &cmd->data_crc;

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, &cmd->pdu[0],

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, &cmd->pdu[0],

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		iov[0].iov_len += ISCSI_CRC_LEN;

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		tx_size += ISCSI_CRC_LEN;

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		iov[0].iov_len += ISCSI_CRC_LEN;

				" padding bytes.\n", padding);

		}

		if (conn->conn_ops->DataDigest) {

			iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,

			iscsit_do_crypto_hash_buf(conn->conn_tx_hash,

				cmd->buf_ptr, cmd->buf_ptr_size,

				padding, (u8 *)&cmd->pad_bytes,

				(u8 *)&cmd->data_crc);

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN;

		}

		if (conn->conn_ops->DataDigest) {

			iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,

			iscsit_do_crypto_hash_buf(conn->conn_tx_hash,

				cmd->sense_buffer,

				(cmd->se_cmd.scsi_sense_length + padding),

				0, NULL, (u8 *)&cmd->data_crc);

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->pdu,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->pdu,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		iov[0].iov_len += ISCSI_CRC_LEN;

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		cmd->iov_misc[0].iov_len += ISCSI_CRC_LEN;

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		iov[0].iov_len += ISCSI_CRC_LEN;

	}

	if (conn->conn_ops->DataDigest) {

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash,

				cmd->buf_ptr, text_length,

				0, NULL, (u8 *)&cmd->data_crc);

	if (conn->conn_ops->HeaderDigest) {

		u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, hdr,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)header_digest);

		iov[0].iov_len += ISCSI_CRC_LEN;

	}

	if (conn->conn_ops->DataDigest) {

		iscsit_do_crypto_hash_buf(&conn->conn_tx_hash, cmd->buf_ptr,

		iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->buf_ptr,

				ISCSI_HDR_LEN, 0, NULL, (u8 *)&cmd->data_crc);

		iov[iov_count].iov_base = &cmd->data_crc;

				goto transport_err;

			}

			iscsit_do_crypto_hash_buf(&conn->conn_rx_hash,

			iscsit_do_crypto_hash_buf(conn->conn_rx_hash,

					buffer, ISCSI_HDR_LEN,

					0, NULL, (u8 *)&checksum);

	 */

	iscsit_check_conn_usage_count(conn);

	if (conn->conn_rx_hash.tfm)

		crypto_free_hash(conn->conn_rx_hash.tfm);

	if (conn->conn_tx_hash.tfm)

		crypto_free_hash(conn->conn_tx_hash.tfm);

	ahash_request_free(conn->conn_tx_hash);

	if (conn->conn_rx_hash) {

		struct crypto_ahash *tfm;

		tfm = crypto_ahash_reqtfm(conn->conn_rx_hash);

		ahash_request_free(conn->conn_rx_hash);

		crypto_free_ahash(tfm);

	}

	free_cpumask_var(conn->conn_cpumask);

 * GNU General Public License for more details.

 ******************************************************************************/

#include <crypto/hash.h>

#include <linux/kernel.h>

#include <linux/string.h>

#include <linux/crypto.h>

#include <linux/err.h>

#include <linux/scatterlist.h>

	unsigned char chap_n[MAX_CHAP_N_SIZE], chap_r[MAX_RESPONSE_LENGTH];

	size_t compare_len;

	struct iscsi_chap *chap = conn->auth_protocol;

	struct crypto_hash *tfm;

	struct hash_desc desc;

	struct scatterlist sg;

	struct crypto_shash *tfm = NULL;

	struct shash_desc *desc = NULL;

	int auth_ret = -1, ret, challenge_len;

	memset(identifier, 0, 10);

	pr_debug("[server] Got CHAP_R=%s\n", chap_r);

	chap_string_to_hex(client_digest, chap_r, strlen(chap_r));

	tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);

	tfm = crypto_alloc_shash("md5", 0, 0);

	if (IS_ERR(tfm)) {

		pr_err("Unable to allocate struct crypto_hash\n");

		tfm = NULL;

		pr_err("Unable to allocate struct crypto_shash\n");

		goto out;

	}

	desc.tfm = tfm;

	desc.flags = 0;

	ret = crypto_hash_init(&desc);

	if (ret < 0) {

		pr_err("crypto_hash_init() failed\n");

		crypto_free_hash(tfm);

	desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL);

	if (!desc) {

		pr_err("Unable to allocate struct shash_desc\n");

		goto out;

	}

	sg_init_one(&sg, &chap->id, 1);

	ret = crypto_hash_update(&desc, &sg, 1);

	desc->tfm = tfm;

	desc->flags = 0;

	ret = crypto_shash_init(desc);

	if (ret < 0) {

		pr_err("crypto_hash_update() failed for id\n");

		crypto_free_hash(tfm);

		pr_err("crypto_shash_init() failed\n");

		goto out;

	}

	sg_init_one(&sg, &auth->password, strlen(auth->password));

	ret = crypto_hash_update(&desc, &sg, strlen(auth->password));

	ret = crypto_shash_update(desc, &chap->id, 1);

	if (ret < 0) {

		pr_err("crypto_hash_update() failed for password\n");

		crypto_free_hash(tfm);

		pr_err("crypto_shash_update() failed for id\n");

		goto out;

	}

	sg_init_one(&sg, chap->challenge, CHAP_CHALLENGE_LENGTH);

	ret = crypto_hash_update(&desc, &sg, CHAP_CHALLENGE_LENGTH);

	ret = crypto_shash_update(desc, (char *)&auth->password,

				  strlen(auth->password));

	if (ret < 0) {

		pr_err("crypto_hash_update() failed for challenge\n");

		crypto_free_hash(tfm);

		pr_err("crypto_shash_update() failed for password\n");

		goto out;

	}

	ret = crypto_hash_final(&desc, server_digest);

	ret = crypto_shash_finup(desc, chap->challenge,

				 CHAP_CHALLENGE_LENGTH, server_digest);

	if (ret < 0) {

		pr_err("crypto_hash_final() failed for server digest\n");

		crypto_free_hash(tfm);

		pr_err("crypto_shash_finup() failed for challenge\n");

		goto out;

	}

	crypto_free_hash(tfm);

	chap_binaryhex_to_asciihex(response, server_digest, MD5_SIGNATURE_SIZE);

	pr_debug("[server] MD5 Server Digest: %s\n", response);

	 * authentication is not enabled.

	 */

	if (!auth->authenticate_target) {

		kfree(challenge);

		kfree(challenge_binhex);

		return 0;

		auth_ret = 0;

		goto out;

	}

	/*

	 * Get CHAP_I.

	/*

	 * Generate CHAP_N and CHAP_R for mutual authentication.

	 */

	tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);

	if (IS_ERR(tfm)) {

		pr_err("Unable to allocate struct crypto_hash\n");

		goto out;

	}

	desc.tfm = tfm;

	desc.flags = 0;

	ret = crypto_hash_init(&desc);

	ret = crypto_shash_init(desc);

	if (ret < 0) {

		pr_err("crypto_hash_init() failed\n");

		crypto_free_hash(tfm);

		pr_err("crypto_shash_init() failed\n");

		goto out;

	}

	/* To handle both endiannesses */

	id_as_uchar = id;

	sg_init_one(&sg, &id_as_uchar, 1);

	ret = crypto_hash_update(&desc, &sg, 1);

	ret = crypto_shash_update(desc, &id_as_uchar, 1);

	if (ret < 0) {

		pr_err("crypto_hash_update() failed for id\n");

		crypto_free_hash(tfm);

		pr_err("crypto_shash_update() failed for id\n");

		goto out;

	}

	sg_init_one(&sg, auth->password_mutual,

	ret = crypto_shash_update(desc, auth->password_mutual,

				  strlen(auth->password_mutual));

	ret = crypto_hash_update(&desc, &sg, strlen(auth->password_mutual));

	if (ret < 0) {

		pr_err("crypto_hash_update() failed for"

		pr_err("crypto_shash_update() failed for"

				" password_mutual\n");

		crypto_free_hash(tfm);

		goto out;

	}

	/*

	 * Convert received challenge to binary hex.

	 */

	sg_init_one(&sg, challenge_binhex, challenge_len);

	ret = crypto_hash_update(&desc, &sg, challenge_len);

	ret = crypto_shash_finup(desc, challenge_binhex, challenge_len,

				 digest);

	if (ret < 0) {

		pr_err("crypto_hash_update() failed for ma challenge\n");

		crypto_free_hash(tfm);

		pr_err("crypto_shash_finup() failed for ma challenge\n");

		goto out;

	}

	ret = crypto_hash_final(&desc, digest);

	if (ret < 0) {

		pr_err("crypto_hash_final() failed for ma digest\n");

		crypto_free_hash(tfm);

		goto out;

	}

	crypto_free_hash(tfm);

	/*

	 * Generate CHAP_N and CHAP_R.

	 */

	pr_debug("[server] Sending CHAP_R=0x%s\n", response);

	auth_ret = 0;

out:

	kzfree(desc);

	crypto_free_shash(tfm);

	kfree(challenge);

	kfree(challenge_binhex);

	return auth_ret;

 * GNU General Public License for more details.

 ******************************************************************************/

#include <crypto/hash.h>

#include <linux/string.h>

#include <linux/kthread.h>

#include <linux/crypto.h>

#include <linux/idr.h>

#include <scsi/iscsi_proto.h>

#include <target/target_core_base.h>

 */

int iscsi_login_setup_crypto(struct iscsi_conn *conn)

{

	struct crypto_ahash *tfm;

	/*

	 * Setup slicing by CRC32C algorithm for RX and TX libcrypto contexts

	 * which will default to crc32c_intel.ko for cpu_has_xmm4_2, or fallback

	 * to software 1x8 byte slicing from crc32c.ko

	 */

	conn->conn_rx_hash.flags = 0;

	conn->conn_rx_hash.tfm = crypto_alloc_hash("crc32c", 0,

						CRYPTO_ALG_ASYNC);

	if (IS_ERR(conn->conn_rx_hash.tfm)) {

		pr_err("crypto_alloc_hash() failed for conn_rx_tfm\n");

	tfm = crypto_alloc_ahash("crc32c", 0, CRYPTO_ALG_ASYNC);

	if (IS_ERR(tfm)) {

		pr_err("crypto_alloc_ahash() failed\n");

		return -ENOMEM;

	}

	conn->conn_rx_hash = ahash_request_alloc(tfm, GFP_KERNEL);

	if (!conn->conn_rx_hash) {

		pr_err("ahash_request_alloc() failed for conn_rx_hash\n");

		crypto_free_ahash(tfm);

		return -ENOMEM;

	}

	ahash_request_set_callback(conn->conn_rx_hash, 0, NULL, NULL);

	conn->conn_tx_hash.flags = 0;

	conn->conn_tx_hash.tfm = crypto_alloc_hash("crc32c", 0,

						CRYPTO_ALG_ASYNC);

	if (IS_ERR(conn->conn_tx_hash.tfm)) {

		pr_err("crypto_alloc_hash() failed for conn_tx_tfm\n");

		crypto_free_hash(conn->conn_rx_hash.tfm);

	conn->conn_tx_hash = ahash_request_alloc(tfm, GFP_KERNEL);

	if (!conn->conn_tx_hash) {

		pr_err("ahash_request_alloc() failed for conn_tx_hash\n");

		ahash_request_free(conn->conn_rx_hash);

		conn->conn_rx_hash = NULL;

		crypto_free_ahash(tfm);

		return -ENOMEM;

	}

	ahash_request_set_callback(conn->conn_tx_hash, 0, NULL, NULL);

	return 0;

}

		iscsit_dec_session_usage_count(conn->sess);

	}

	if (!IS_ERR(conn->conn_rx_hash.tfm))

		crypto_free_hash(conn->conn_rx_hash.tfm);

	if (!IS_ERR(conn->conn_tx_hash.tfm))

		crypto_free_hash(conn->conn_tx_hash.tfm);

	ahash_request_free(conn->conn_tx_hash);

	if (conn->conn_rx_hash) {

		struct crypto_ahash *tfm;

		tfm = crypto_ahash_reqtfm(conn->conn_rx_hash);

		ahash_request_free(conn->conn_rx_hash);

		crypto_free_ahash(tfm);

	}

	free_cpumask_var(conn->conn_cpumask);

	spinlock_t		response_queue_lock;

	spinlock_t		state_lock;

	/* libcrypto RX and TX contexts for crc32c */

	struct hash_desc	conn_rx_hash;

	struct hash_desc	conn_tx_hash;

	struct ahash_request	*conn_rx_hash;

	struct ahash_request	*conn_tx_hash;

	/* Used for scheduling TX and RX connection kthreads */

	cpumask_var_t		conn_cpumask;

	unsigned int		conn_rx_reset_cpumask:1;