aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/crypto
diff options
context:
space:
mode:
authorHoria Geanta <horia.geanta@freescale.com>2013-03-20 10:31:38 -0400
committerHerbert Xu <herbert@gondor.apana.org.au>2013-03-21 05:36:02 -0400
commit991155bacb91c988c45586525771758ddadd44ce (patch)
tree863e0347cbfae5294fda07f02ece153cef4b3b70 /drivers/crypto
parent32dc43e40a2707d0cb1ab8768d080c3e9bcfed52 (diff)
Revert "crypto: talitos - add IPsec ESN support"
This reverts commit e763eb699be723fb41af818118068c6b3afdaf8d. Current IPsec ESN implementation for authencesn(cbc(aes), hmac(sha)) (separate encryption and integrity algorithms) does not conform to RFC4303. ICV is generated by hashing the sequence SPI, SeqNum-High, SeqNum-Low, IV, Payload instead of SPI, SeqNum-Low, IV, Payload, SeqNum-High. Cc: <stable@vger.kernel.org> # 3.8, 3.7 Reported-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com> Signed-off-by: Horia Geanta <horia.geanta@freescale.com> Reviewed-by: Kim Phillips <kim.phillips@freescale.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers/crypto')
-rw-r--r--drivers/crypto/talitos.c30
1 files changed, 2 insertions, 28 deletions
diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c
index 09b184adf31b..5b2b5e61e4f9 100644
--- a/drivers/crypto/talitos.c
+++ b/drivers/crypto/talitos.c
@@ -38,7 +38,6 @@
38#include <linux/spinlock.h> 38#include <linux/spinlock.h>
39#include <linux/rtnetlink.h> 39#include <linux/rtnetlink.h>
40#include <linux/slab.h> 40#include <linux/slab.h>
41#include <linux/string.h>
42 41
43#include <crypto/algapi.h> 42#include <crypto/algapi.h>
44#include <crypto/aes.h> 43#include <crypto/aes.h>
@@ -1974,11 +1973,7 @@ struct talitos_alg_template {
1974}; 1973};
1975 1974
1976static struct talitos_alg_template driver_algs[] = { 1975static struct talitos_alg_template driver_algs[] = {
1977 /* 1976 /* AEAD algorithms. These use a single-pass ipsec_esp descriptor */
1978 * AEAD algorithms. These use a single-pass ipsec_esp descriptor.
1979 * authencesn(*,*) is also registered, although not present
1980 * explicitly here.
1981 */
1982 { .type = CRYPTO_ALG_TYPE_AEAD, 1977 { .type = CRYPTO_ALG_TYPE_AEAD,
1983 .alg.crypto = { 1978 .alg.crypto = {
1984 .cra_name = "authenc(hmac(sha1),cbc(aes))", 1979 .cra_name = "authenc(hmac(sha1),cbc(aes))",
@@ -2820,9 +2815,7 @@ static int talitos_probe(struct platform_device *ofdev)
2820 if (hw_supports(dev, driver_algs[i].desc_hdr_template)) { 2815 if (hw_supports(dev, driver_algs[i].desc_hdr_template)) {
2821 struct talitos_crypto_alg *t_alg; 2816 struct talitos_crypto_alg *t_alg;
2822 char *name = NULL; 2817 char *name = NULL;
2823 bool authenc = false;
2824 2818
2825authencesn:
2826 t_alg = talitos_alg_alloc(dev, &driver_algs[i]); 2819 t_alg = talitos_alg_alloc(dev, &driver_algs[i]);
2827 if (IS_ERR(t_alg)) { 2820 if (IS_ERR(t_alg)) {
2828 err = PTR_ERR(t_alg); 2821 err = PTR_ERR(t_alg);
@@ -2837,8 +2830,6 @@ authencesn:
2837 err = crypto_register_alg( 2830 err = crypto_register_alg(
2838 &t_alg->algt.alg.crypto); 2831 &t_alg->algt.alg.crypto);
2839 name = t_alg->algt.alg.crypto.cra_driver_name; 2832 name = t_alg->algt.alg.crypto.cra_driver_name;
2840 authenc = authenc ? !authenc :
2841 !(bool)memcmp(name, "authenc", 7);
2842 break; 2833 break;
2843 case CRYPTO_ALG_TYPE_AHASH: 2834 case CRYPTO_ALG_TYPE_AHASH:
2844 err = crypto_register_ahash( 2835 err = crypto_register_ahash(
@@ -2851,25 +2842,8 @@ authencesn:
2851 dev_err(dev, "%s alg registration failed\n", 2842 dev_err(dev, "%s alg registration failed\n",
2852 name); 2843 name);
2853 kfree(t_alg); 2844 kfree(t_alg);
2854 } else { 2845 } else
2855 list_add_tail(&t_alg->entry, &priv->alg_list); 2846 list_add_tail(&t_alg->entry, &priv->alg_list);
2856 if (authenc) {
2857 struct crypto_alg *alg =
2858 &driver_algs[i].alg.crypto;
2859
2860 name = alg->cra_name;
2861 memmove(name + 10, name + 7,
2862 strlen(name) - 7);
2863 memcpy(name + 7, "esn", 3);
2864
2865 name = alg->cra_driver_name;
2866 memmove(name + 10, name + 7,
2867 strlen(name) - 7);
2868 memcpy(name + 7, "esn", 3);
2869
2870 goto authencesn;
2871 }
2872 }
2873 } 2847 }
2874 } 2848 }
2875 if (!list_empty(&priv->alg_list)) 2849 if (!list_empty(&priv->alg_list))