Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (64 commits) [BLOCK] dm-crypt: trivial comment improvements [CRYPTO] api: Deprecate crypto_digest_* and crypto_alg_available [CRYPTO] padlock: Convert padlock-sha to use crypto_hash [CRYPTO] users: Use crypto_comp and crypto_has_* [CRYPTO] api: Add crypto_comp and crypto_has_* [CRYPTO] users: Use crypto_hash interface instead of crypto_digest [SCSI] iscsi: Use crypto_hash interface instead of crypto_digest [CRYPTO] digest: Remove old HMAC implementation [CRYPTO] doc: Update documentation for hash and me [SCTP]: Use HMAC template and hash interface [IPSEC]: Use HMAC template and hash interface [CRYPTO] tcrypt: Use HMAC template and hash interface [CRYPTO] hmac: Add crypto template implementation [CRYPTO] digest: Added user API for new hash type [CRYPTO] api: Mark parts of cipher interface as deprecated [PATCH] scatterlist: Add const to sg_set_buf/sg_init_one pointer argument [CRYPTO] drivers: Remove obsolete block cipher operations [CRYPTO] users: Use block ciphers where applicable [SUNRPC] GSS: Use block ciphers where applicable [IPSEC] ESP: Use block ciphers where applicable ...
This commit is contained in:
Linus Torvalds
@@ -43,6 +43,7 @@
|
||||
* deprecated in 2.6
|
||||
*/
|
||||
|
||||
#include <linux/err.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/version.h>
|
||||
@@ -64,12 +65,13 @@ MODULE_LICENSE("Dual BSD/GPL");
|
||||
MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE));
|
||||
MODULE_VERSION("1.0.2");
|
||||
|
||||
static void
|
||||
static unsigned int
|
||||
setup_sg(struct scatterlist *sg, const void *address, unsigned int length)
|
||||
{
|
||||
sg[0].page = virt_to_page(address);
|
||||
sg[0].offset = offset_in_page(address);
|
||||
sg[0].length = length;
|
||||
return length;
|
||||
}
|
||||
|
||||
#define SHA1_PAD_SIZE 40
|
||||
@@ -95,8 +97,8 @@ static inline void sha_pad_init(struct sha_pad *shapad)
|
||||
* State for an MPPE (de)compressor.
|
||||
*/
|
||||
struct ppp_mppe_state {
|
||||
struct crypto_tfm *arc4;
|
||||
struct crypto_tfm *sha1;
|
||||
struct crypto_blkcipher *arc4;
|
||||
struct crypto_hash *sha1;
|
||||
unsigned char *sha1_digest;
|
||||
unsigned char master_key[MPPE_MAX_KEY_LEN];
|
||||
unsigned char session_key[MPPE_MAX_KEY_LEN];
|
||||
@@ -136,14 +138,21 @@ struct ppp_mppe_state {
|
||||
*/
|
||||
static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey)
|
||||
{
|
||||
struct hash_desc desc;
|
||||
struct scatterlist sg[4];
|
||||
unsigned int nbytes;
|
||||
|
||||
setup_sg(&sg[0], state->master_key, state->keylen);
|
||||
setup_sg(&sg[1], sha_pad->sha_pad1, sizeof(sha_pad->sha_pad1));
|
||||
setup_sg(&sg[2], state->session_key, state->keylen);
|
||||
setup_sg(&sg[3], sha_pad->sha_pad2, sizeof(sha_pad->sha_pad2));
|
||||
nbytes = setup_sg(&sg[0], state->master_key, state->keylen);
|
||||
nbytes += setup_sg(&sg[1], sha_pad->sha_pad1,
|
||||
sizeof(sha_pad->sha_pad1));
|
||||
nbytes += setup_sg(&sg[2], state->session_key, state->keylen);
|
||||
nbytes += setup_sg(&sg[3], sha_pad->sha_pad2,
|
||||
sizeof(sha_pad->sha_pad2));
|
||||
|
||||
crypto_digest_digest (state->sha1, sg, 4, state->sha1_digest);
|
||||
desc.tfm = state->sha1;
|
||||
desc.flags = 0;
|
||||
|
||||
crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest);
|
||||
|
||||
memcpy(InterimKey, state->sha1_digest, state->keylen);
|
||||
}
|
||||
@@ -156,14 +165,15 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key)
|
||||
{
|
||||
unsigned char InterimKey[MPPE_MAX_KEY_LEN];
|
||||
struct scatterlist sg_in[1], sg_out[1];
|
||||
struct blkcipher_desc desc = { .tfm = state->arc4 };
|
||||
|
||||
get_new_key_from_sha(state, InterimKey);
|
||||
if (!initial_key) {
|
||||
crypto_cipher_setkey(state->arc4, InterimKey, state->keylen);
|
||||
crypto_blkcipher_setkey(state->arc4, InterimKey, state->keylen);
|
||||
setup_sg(sg_in, InterimKey, state->keylen);
|
||||
setup_sg(sg_out, state->session_key, state->keylen);
|
||||
if (crypto_cipher_encrypt(state->arc4, sg_out, sg_in,
|
||||
state->keylen) != 0) {
|
||||
if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
|
||||
state->keylen) != 0) {
|
||||
printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n");
|
||||
}
|
||||
} else {
|
||||
@@ -175,7 +185,7 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key)
|
||||
state->session_key[1] = 0x26;
|
||||
state->session_key[2] = 0x9e;
|
||||
}
|
||||
crypto_cipher_setkey(state->arc4, state->session_key, state->keylen);
|
||||
crypto_blkcipher_setkey(state->arc4, state->session_key, state->keylen);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -196,15 +206,19 @@ static void *mppe_alloc(unsigned char *options, int optlen)
|
||||
|
||||
memset(state, 0, sizeof(*state));
|
||||
|
||||
state->arc4 = crypto_alloc_tfm("arc4", 0);
|
||||
if (!state->arc4)
|
||||
state->arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
|
||||
if (IS_ERR(state->arc4)) {
|
||||
state->arc4 = NULL;
|
||||
goto out_free;
|
||||
}
|
||||
|
||||
state->sha1 = crypto_alloc_tfm("sha1", 0);
|
||||
if (!state->sha1)
|
||||
state->sha1 = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC);
|
||||
if (IS_ERR(state->sha1)) {
|
||||
state->sha1 = NULL;
|
||||
goto out_free;
|
||||
}
|
||||
|
||||
digestsize = crypto_tfm_alg_digestsize(state->sha1);
|
||||
digestsize = crypto_hash_digestsize(state->sha1);
|
||||
if (digestsize < MPPE_MAX_KEY_LEN)
|
||||
goto out_free;
|
||||
|
||||
@@ -229,9 +243,9 @@ static void *mppe_alloc(unsigned char *options, int optlen)
|
||||
if (state->sha1_digest)
|
||||
kfree(state->sha1_digest);
|
||||
if (state->sha1)
|
||||
crypto_free_tfm(state->sha1);
|
||||
crypto_free_hash(state->sha1);
|
||||
if (state->arc4)
|
||||
crypto_free_tfm(state->arc4);
|
||||
crypto_free_blkcipher(state->arc4);
|
||||
kfree(state);
|
||||
out:
|
||||
return NULL;
|
||||
@@ -247,9 +261,9 @@ static void mppe_free(void *arg)
|
||||
if (state->sha1_digest)
|
||||
kfree(state->sha1_digest);
|
||||
if (state->sha1)
|
||||
crypto_free_tfm(state->sha1);
|
||||
crypto_free_hash(state->sha1);
|
||||
if (state->arc4)
|
||||
crypto_free_tfm(state->arc4);
|
||||
crypto_free_blkcipher(state->arc4);
|
||||
kfree(state);
|
||||
}
|
||||
}
|
||||
@@ -356,6 +370,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
|
||||
int isize, int osize)
|
||||
{
|
||||
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
|
||||
struct blkcipher_desc desc = { .tfm = state->arc4 };
|
||||
int proto;
|
||||
struct scatterlist sg_in[1], sg_out[1];
|
||||
|
||||
@@ -413,7 +428,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
|
||||
/* Encrypt packet */
|
||||
setup_sg(sg_in, ibuf, isize);
|
||||
setup_sg(sg_out, obuf, osize);
|
||||
if (crypto_cipher_encrypt(state->arc4, sg_out, sg_in, isize) != 0) {
|
||||
if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, isize) != 0) {
|
||||
printk(KERN_DEBUG "crypto_cypher_encrypt failed\n");
|
||||
return -1;
|
||||
}
|
||||
@@ -462,6 +477,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
|
||||
int osize)
|
||||
{
|
||||
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
|
||||
struct blkcipher_desc desc = { .tfm = state->arc4 };
|
||||
unsigned ccount;
|
||||
int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED;
|
||||
int sanity = 0;
|
||||
@@ -599,7 +615,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
|
||||
*/
|
||||
setup_sg(sg_in, ibuf, 1);
|
||||
setup_sg(sg_out, obuf, 1);
|
||||
if (crypto_cipher_decrypt(state->arc4, sg_out, sg_in, 1) != 0) {
|
||||
if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, 1) != 0) {
|
||||
printk(KERN_DEBUG "crypto_cypher_decrypt failed\n");
|
||||
return DECOMP_ERROR;
|
||||
}
|
||||
@@ -619,7 +635,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
|
||||
/* And finally, decrypt the rest of the packet. */
|
||||
setup_sg(sg_in, ibuf + 1, isize - 1);
|
||||
setup_sg(sg_out, obuf + 1, osize - 1);
|
||||
if (crypto_cipher_decrypt(state->arc4, sg_out, sg_in, isize - 1) != 0) {
|
||||
if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, isize - 1)) {
|
||||
printk(KERN_DEBUG "crypto_cypher_decrypt failed\n");
|
||||
return DECOMP_ERROR;
|
||||
}
|
||||
@@ -694,8 +710,8 @@ static struct compressor ppp_mppe = {
|
||||
static int __init ppp_mppe_init(void)
|
||||
{
|
||||
int answer;
|
||||
if (!(crypto_alg_available("arc4", 0) &&
|
||||
crypto_alg_available("sha1", 0)))
|
||||
if (!(crypto_has_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) &&
|
||||
crypto_has_hash("sha1", 0, CRYPTO_ALG_ASYNC)))
|
||||
return -ENODEV;
|
||||
|
||||
sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL);
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
|
||||
======================================================================*/
|
||||
|
||||
#include <linux/err.h>
|
||||
#include <linux/init.h>
|
||||
|
||||
#include <linux/kernel.h>
|
||||
@@ -1203,7 +1204,7 @@ struct airo_info {
|
||||
struct iw_spy_data spy_data;
|
||||
struct iw_public_data wireless_data;
|
||||
/* MIC stuff */
|
||||
struct crypto_tfm *tfm;
|
||||
struct crypto_cipher *tfm;
|
||||
mic_module mod[2];
|
||||
mic_statistics micstats;
|
||||
HostRxDesc rxfids[MPI_MAX_FIDS]; // rx/tx/config MPI350 descriptors
|
||||
@@ -1271,7 +1272,8 @@ static int flashrestart(struct airo_info *ai,struct net_device *dev);
|
||||
|
||||
static int RxSeqValid (struct airo_info *ai,miccntx *context,int mcast,u32 micSeq);
|
||||
static void MoveWindow(miccntx *context, u32 micSeq);
|
||||
static void emmh32_setseed(emmh32_context *context, u8 *pkey, int keylen, struct crypto_tfm *);
|
||||
static void emmh32_setseed(emmh32_context *context, u8 *pkey, int keylen,
|
||||
struct crypto_cipher *tfm);
|
||||
static void emmh32_init(emmh32_context *context);
|
||||
static void emmh32_update(emmh32_context *context, u8 *pOctets, int len);
|
||||
static void emmh32_final(emmh32_context *context, u8 digest[4]);
|
||||
@@ -1339,10 +1341,11 @@ static int micsetup(struct airo_info *ai) {
|
||||
int i;
|
||||
|
||||
if (ai->tfm == NULL)
|
||||
ai->tfm = crypto_alloc_tfm("aes", CRYPTO_TFM_REQ_MAY_SLEEP);
|
||||
ai->tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
|
||||
|
||||
if (ai->tfm == NULL) {
|
||||
if (IS_ERR(ai->tfm)) {
|
||||
airo_print_err(ai->dev->name, "failed to load transform for AES");
|
||||
ai->tfm = NULL;
|
||||
return ERROR;
|
||||
}
|
||||
|
||||
@@ -1608,7 +1611,8 @@ static void MoveWindow(miccntx *context, u32 micSeq)
|
||||
static unsigned char aes_counter[16];
|
||||
|
||||
/* expand the key to fill the MMH coefficient array */
|
||||
static void emmh32_setseed(emmh32_context *context, u8 *pkey, int keylen, struct crypto_tfm *tfm)
|
||||
static void emmh32_setseed(emmh32_context *context, u8 *pkey, int keylen,
|
||||
struct crypto_cipher *tfm)
|
||||
{
|
||||
/* take the keying material, expand if necessary, truncate at 16-bytes */
|
||||
/* run through AES counter mode to generate context->coeff[] */
|
||||
@@ -1616,7 +1620,6 @@ static void emmh32_setseed(emmh32_context *context, u8 *pkey, int keylen, struct
|
||||
int i,j;
|
||||
u32 counter;
|
||||
u8 *cipher, plain[16];
|
||||
struct scatterlist sg[1];
|
||||
|
||||
crypto_cipher_setkey(tfm, pkey, 16);
|
||||
counter = 0;
|
||||
@@ -1627,9 +1630,8 @@ static void emmh32_setseed(emmh32_context *context, u8 *pkey, int keylen, struct
|
||||
aes_counter[12] = (u8)(counter >> 24);
|
||||
counter++;
|
||||
memcpy (plain, aes_counter, 16);
|
||||
sg_set_buf(sg, plain, 16);
|
||||
crypto_cipher_encrypt(tfm, sg, sg, 16);
|
||||
cipher = kmap(sg->page) + sg->offset;
|
||||
crypto_cipher_encrypt_one(tfm, plain, plain);
|
||||
cipher = plain;
|
||||
for (j=0; (j<16) && (i< (sizeof(context->coeff)/sizeof(context->coeff[0]))); ) {
|
||||
context->coeff[i++] = ntohl(*(u32 *)&cipher[j]);
|
||||
j += 4;
|
||||
@@ -2432,7 +2434,7 @@ void stop_airo_card( struct net_device *dev, int freeres )
|
||||
ai->shared, ai->shared_dma);
|
||||
}
|
||||
}
|
||||
crypto_free_tfm(ai->tfm);
|
||||
crypto_free_cipher(ai->tfm);
|
||||
del_airo_dev( dev );
|
||||
free_netdev( dev );
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user