[net-next,4/5] net/tls: add CHACHA20-POLY1305 configuration

Commit Message

Vadim Fedorenko Nov. 22, 2020, 1:57 a.m. UTC

Add ChaCha-Poly specific configuration code.

Signed-off-by: Vadim Fedorenko <vfedorenko@novek.ru>
---
 net/tls/tls_main.c |  3 +++
 net/tls/tls_sw.c   | 18 ++++++++++++++++++
 2 files changed, 21 insertions(+)

Comments

Jakub Kicinski Nov. 24, 2020, 2:12 a.m. UTC | #1

The series LGTM, great to see chacha support!

One nit here, and when you post v2 would you mind ccing crypto?

From TLS perspective I think this code is ready to be merged, but
my crypto knowledge is close to none, so best if we give crypto
folks a chance to take a look.

On Sun, 22 Nov 2020 04:57:44 +0300 Vadim Fedorenko wrote:
> +	case TLS_CIPHER_CHACHA20_POLY1305: {
> +		nonce_size = 0;
> +		tag_size = TLS_CIPHER_CHACHA20_POLY1305_TAG_SIZE;
> +		iv_size = TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE;
> +		iv = ((struct tls12_crypto_info_chacha20_poly1305 *)crypto_info)->iv;

[1]

> +		rec_seq_size = TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE;
> +		rec_seq =
> +		((struct tls12_crypto_info_chacha20_poly1305 *)crypto_info)->rec_seq;

[2]

> +		chacha20_poly1305_info =
> +		(struct tls12_crypto_info_chacha20_poly1305 *)crypto_info;

Move this line up, and use it in [1] and [2].

You can also make it:

	chacha20_poly1305_info = (void *)crypto_info;

> +		keysize = TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE;
> +		key = chacha20_poly1305_info->key;
> +		salt = chacha20_poly1305_info->salt;
> +		salt_size = TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE;
> +		cipher_name = "rfc7539(chacha20,poly1305)";
> +		break;
> +	}

Patch

diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index 8d93cea..47b7c53 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -521,6 +521,9 @@  static int do_tls_setsockopt_conf(struct sock *sk, sockptr_t optval,
 	case TLS_CIPHER_AES_CCM_128:
 		optsize = sizeof(struct tls12_crypto_info_aes_ccm_128);
 		break;
+	case TLS_CIPHER_CHACHA20_POLY1305:
+		optsize = sizeof(struct tls12_crypto_info_chacha20_poly1305);
+		break;
 	default:
 		rc = -EINVAL;
 		goto err_crypto_info;
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index b4eefdb..6bb33d5 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -2290,6 +2290,7 @@  int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
 	struct tls12_crypto_info_aes_gcm_128 *gcm_128_info;
 	struct tls12_crypto_info_aes_gcm_256 *gcm_256_info;
 	struct tls12_crypto_info_aes_ccm_128 *ccm_128_info;
+	struct tls12_crypto_info_chacha20_poly1305 *chacha20_poly1305_info;
 	struct tls_sw_context_tx *sw_ctx_tx = NULL;
 	struct tls_sw_context_rx *sw_ctx_rx = NULL;
 	struct cipher_context *cctx;
@@ -2402,6 +2403,23 @@  int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
 		cipher_name = "ccm(aes)";
 		break;
 	}
+	case TLS_CIPHER_CHACHA20_POLY1305: {
+		nonce_size = 0;
+		tag_size = TLS_CIPHER_CHACHA20_POLY1305_TAG_SIZE;
+		iv_size = TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE;
+		iv = ((struct tls12_crypto_info_chacha20_poly1305 *)crypto_info)->iv;
+		rec_seq_size = TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE;
+		rec_seq =
+		((struct tls12_crypto_info_chacha20_poly1305 *)crypto_info)->rec_seq;
+		chacha20_poly1305_info =
+		(struct tls12_crypto_info_chacha20_poly1305 *)crypto_info;
+		keysize = TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE;
+		key = chacha20_poly1305_info->key;
+		salt = chacha20_poly1305_info->salt;
+		salt_size = TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE;
+		cipher_name = "rfc7539(chacha20,poly1305)";
+		break;
+	}
 	default:
 		rc = -EINVAL;
 		goto free_priv;