Commit ba89b4ea authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Herbert Xu
Browse files

crypto: lib/chachapoly - Drop dependency on CRYPTO_ALGAPI 



The ChaCha20-Poly1305 library code uses the sg_miter API to process
input presented via scatterlists, except for the special case where the
digest buffer is not covered entirely by the same scatterlist entry as
the last byte of input. In that case, it uses scatterwalk_map_and_copy()
to access the memory in the input scatterlist where the digest is stored.

This results in a dependency on crypto/scatterwalk.c and therefore on
CONFIG_CRYPTO_ALGAPI, which is unnecessary, as the sg_miter API already
provides this functionality via sg_copy_to_buffer(). So use that
instead, and drop the dependencies on CONFIG_CRYPTO_ALGAPI and
CONFIG_CRYPTO.

Reported-by: default avatarArnd Bergmann <arnd@arndb.de>
Acked-by: default avatarEric Biggers <ebiggers@kernel.org>
Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 06f0e09f

lib/crypto/Kconfig

+0 −2
Original line number Diff line number Diff line
@@ -142,11 +142,9 @@ config CRYPTO_LIB_POLY1305 


config CRYPTO_LIB_CHACHA20POLY1305

	tristate "ChaCha20-Poly1305 AEAD support (8-byte nonce library version)"

	select CRYPTO

	select CRYPTO_LIB_CHACHA

	select CRYPTO_LIB_POLY1305

	select CRYPTO_LIB_UTILS

	select CRYPTO_ALGAPI



config CRYPTO_LIB_SHA1

	tristate

lib/crypto/chacha20poly1305.c

+3 −4
Original line number Diff line number Diff line
@@ -7,11 +7,10 @@ 
 * Information: https://tools.ietf.org/html/rfc8439

 */



#include <crypto/algapi.h>

#include <crypto/chacha20poly1305.h>

#include <crypto/chacha.h>

#include <crypto/poly1305.h>

#include <crypto/scatterwalk.h>

#include <crypto/utils.h>



#include <linux/unaligned.h>

#include <linux/kernel.h>
@@ -318,8 +317,8 @@ bool chacha20poly1305_crypt_sg_inplace(struct scatterlist *src, 


	if (unlikely(sl > -POLY1305_DIGEST_SIZE)) {

		poly1305_final(&poly1305_state, b.mac[1]);

		scatterwalk_map_and_copy(b.mac[encrypt], src, src_len,

					 sizeof(b.mac[1]), encrypt);

		sg_copy_buffer(src, sg_nents(src), b.mac[encrypt],

			       sizeof(b.mac[1]), src_len, !encrypt);

		ret = encrypt ||

		      !crypto_memneq(b.mac[0], b.mac[1], POLY1305_DIGEST_SIZE);

	}