crypto: rng - RNGs must return 0 in success case

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Change the RNGs to always return 0 in success case.

This patch ensures that seqiv.c works with RNGs other than krng. seqiv
expects that any return code other than 0 is an error. Without the
patch, rfc4106(gcm(aes)) will not work when using a DRBG or an ANSI
X9.31 RNG.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Stephan Mueller and committed by

Herbert Xu 11 years ago cde001e4 4842234f

+12 -4

3 changed files

expand all

crypto

ansi_cprng.c

drbg.c

include

crypto

rng.h

+5 -1

crypto/ansi_cprng.c

··· 210 210 byte_count = DEFAULT_BLK_SZ; 211 211 } 212 212 213 - err = byte_count; 213 + /* 214 + * Return 0 in case of success as mandated by the kernel 215 + * crypto API interface definition. 216 + */ 217 + err = 0; 214 218 215 219 dbgprint(KERN_CRIT "getting %d random bytes for context %p\n", 216 220 byte_count, ctx);

+6 -1

crypto/drbg.c

··· 1280 1280 * as defined in SP800-90A. The additional input is mixed into 1281 1281 * the state in addition to the pulled entropy. 1282 1282 * 1283 - * return: generated number of bytes 1283 + * return: 0 when all bytes are generated; < 0 in case of an error 1284 1284 */ 1285 1285 static int drbg_generate(struct drbg_state *drbg, 1286 1286 unsigned char *buf, unsigned int buflen, ··· 1419 1419 } 1420 1420 #endif 1421 1421 1422 + /* 1423 + * All operations were successful, return 0 as mandated by 1424 + * the kernel crypto API interface. 1425 + */ 1426 + len = 0; 1422 1427 err: 1423 1428 shadow->d_ops->crypto_fini(shadow); 1424 1429 drbg_restore_shadow(drbg, &shadow);

+1 -2

include/crypto/rng.h

··· 103 103 * This function fills the caller-allocated buffer with random numbers using the 104 104 * random number generator referenced by the cipher handle. 105 105 * 106 - * Return: > 0 function was successful and returns the number of generated 107 - * bytes; < 0 if an error occurred 106 + * Return: 0 function was successful; < 0 if an error occurred 108 107 */ 109 108 static inline int crypto_rng_get_bytes(struct crypto_rng *tfm, 110 109 u8 *rdata, unsigned int dlen)