diff options
author | Sabrina Dubroca <sd@queasysnail.net> | 2023-08-25 23:35:17 +0200 |
---|---|---|
committer | Jakub Kicinski <kuba@kernel.org> | 2023-08-27 17:17:42 -0700 |
commit | e907277aeb6caad1c4be96e20195f24531fcfefc (patch) | |
tree | ee435352d8ded7e1e9b9521c83551b50e8a73314 /net | |
parent | d2322cf5ed59f084ac86d9339f7c3acccd177bfd (diff) |
tls: expand use of tls_cipher_desc in tls_sw_fallback_init
tls_sw_fallback_init already gets the key and tag size from
tls_cipher_desc. We can now also check that the cipher type is valid,
and stop hard-coding the algorithm name passed to crypto_alloc_aead.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Link: https://lore.kernel.org/r/c8c94b8fcafbfb558e09589c1f1ad48dbdf92f76.1692977948.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/tls/tls_device_fallback.c | 20 |
1 files changed, 6 insertions, 14 deletions
diff --git a/net/tls/tls_device_fallback.c b/net/tls/tls_device_fallback.c index 4de9061f38f5..1d743f310f4f 100644 --- a/net/tls/tls_device_fallback.c +++ b/net/tls/tls_device_fallback.c @@ -472,24 +472,14 @@ int tls_sw_fallback_init(struct sock *sk, struct tls_crypto_info *crypto_info) { const struct tls_cipher_desc *cipher_desc; - const u8 *key; int rc; - switch (crypto_info->cipher_type) { - case TLS_CIPHER_AES_GCM_128: - key = ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->key; - break; - case TLS_CIPHER_AES_GCM_256: - key = ((struct tls12_crypto_info_aes_gcm_256 *)crypto_info)->key; - break; - default: - rc = -EINVAL; - goto err_out; - } cipher_desc = get_cipher_desc(crypto_info->cipher_type); + if (!cipher_desc || !cipher_desc->offloadable) + return -EINVAL; offload_ctx->aead_send = - crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC); + crypto_alloc_aead(cipher_desc->cipher_name, 0, CRYPTO_ALG_ASYNC); if (IS_ERR(offload_ctx->aead_send)) { rc = PTR_ERR(offload_ctx->aead_send); pr_err_ratelimited("crypto_alloc_aead failed rc=%d\n", rc); @@ -497,7 +487,9 @@ int tls_sw_fallback_init(struct sock *sk, goto err_out; } - rc = crypto_aead_setkey(offload_ctx->aead_send, key, cipher_desc->key); + rc = crypto_aead_setkey(offload_ctx->aead_send, + crypto_info_key(crypto_info, cipher_desc), + cipher_desc->key); if (rc) goto free_aead; |