diff options
| author | Sabrina Dubroca | 2023-08-25 23:35:22 +0200 |
|---|---|---|
| committer | Jakub Kicinski | 2023-08-27 17:17:42 -0700 |
| commit | f3e444e31f9fa45ad59cc2d0e0c1bcc86eef4780 (patch) | |
| tree | 2efd76b5e4cbdddecd2a5d313fda6e6b8c21777e /net | |
| parent | 48dfad27fd4045df82eee54186c2513cbfc54c1d (diff) | |
tls: get cipher_name from cipher_desc in tls_set_sw_offload
tls_cipher_desc also contains the algorithm name needed by
crypto_alloc_aead, use it.
Finally, use get_cipher_desc to check if the cipher_type coming from
userspace is valid, and remove the cipher_type switch.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Link: https://lore.kernel.org/r/53d021d80138aa125a9cef4468aa5ce531975a7b.1692977948.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/tls/tls_sw.c | 29 |
1 files changed, 4 insertions, 25 deletions
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 9c18ddf0d568..1ed4a611631f 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -2591,7 +2591,7 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) struct cipher_context *cctx; struct crypto_aead **aead; struct crypto_tfm *tfm; - char *iv, *rec_seq, *key, *salt, *cipher_name; + char *iv, *rec_seq, *key, *salt; const struct tls_cipher_desc *cipher_desc; u16 nonce_size; int rc = 0; @@ -2647,33 +2647,12 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) aead = &sw_ctx_rx->aead_recv; } - switch (crypto_info->cipher_type) { - case TLS_CIPHER_AES_GCM_128: - case TLS_CIPHER_AES_GCM_256: - cipher_name = "gcm(aes)"; - break; - case TLS_CIPHER_AES_CCM_128: - cipher_name = "ccm(aes)"; - break; - case TLS_CIPHER_CHACHA20_POLY1305: - cipher_name = "rfc7539(chacha20,poly1305)"; - break; - case TLS_CIPHER_SM4_GCM: - cipher_name = "gcm(sm4)"; - break; - case TLS_CIPHER_SM4_CCM: - cipher_name = "ccm(sm4)"; - break; - case TLS_CIPHER_ARIA_GCM_128: - case TLS_CIPHER_ARIA_GCM_256: - cipher_name = "gcm(aria)"; - break; - default: + cipher_desc = get_cipher_desc(crypto_info->cipher_type); + if (!cipher_desc) { rc = -EINVAL; goto free_priv; } - cipher_desc = get_cipher_desc(crypto_info->cipher_type); nonce_size = cipher_desc->nonce; iv = crypto_info_iv(crypto_info, cipher_desc); @@ -2721,7 +2700,7 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) } if (!*aead) { - *aead = crypto_alloc_aead(cipher_name, 0, 0); + *aead = crypto_alloc_aead(cipher_desc->cipher_name, 0, 0); if (IS_ERR(*aead)) { rc = PTR_ERR(*aead); *aead = NULL; |