diff options
author | Michal Schmidt <mschmidt@redhat.com> | 2007-09-26 02:05:39 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2007-09-26 02:05:39 -0400 |
commit | 45dfd5b5dd20f17fe23dafc5cfe921474d27f849 (patch) | |
tree | 92974c06987b359adc4dc6bceb68d234365db2a5 /drivers/net/ppp_mppe.c | |
parent | 6f4c618ddb0e6b7e6d49cfc8134e694be1c0bc9b (diff) |
[PPP_MPPE]: Don't put InterimKey on the stack
Signed-off-by: Michal Schmidt <mschmidt@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/net/ppp_mppe.c')
-rw-r--r-- | drivers/net/ppp_mppe.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/drivers/net/ppp_mppe.c b/drivers/net/ppp_mppe.c index f79cf87a2bf..c0b6d19d145 100644 --- a/drivers/net/ppp_mppe.c +++ b/drivers/net/ppp_mppe.c | |||
@@ -136,7 +136,7 @@ struct ppp_mppe_state { | |||
136 | * Key Derivation, from RFC 3078, RFC 3079. | 136 | * Key Derivation, from RFC 3078, RFC 3079. |
137 | * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. | 137 | * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. |
138 | */ | 138 | */ |
139 | static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey) | 139 | static void get_new_key_from_sha(struct ppp_mppe_state * state) |
140 | { | 140 | { |
141 | struct hash_desc desc; | 141 | struct hash_desc desc; |
142 | struct scatterlist sg[4]; | 142 | struct scatterlist sg[4]; |
@@ -153,8 +153,6 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *I | |||
153 | desc.flags = 0; | 153 | desc.flags = 0; |
154 | 154 | ||
155 | crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest); | 155 | crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest); |
156 | |||
157 | memcpy(InterimKey, state->sha1_digest, state->keylen); | ||
158 | } | 156 | } |
159 | 157 | ||
160 | /* | 158 | /* |
@@ -163,21 +161,21 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *I | |||
163 | */ | 161 | */ |
164 | static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) | 162 | static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) |
165 | { | 163 | { |
166 | unsigned char InterimKey[MPPE_MAX_KEY_LEN]; | ||
167 | struct scatterlist sg_in[1], sg_out[1]; | 164 | struct scatterlist sg_in[1], sg_out[1]; |
168 | struct blkcipher_desc desc = { .tfm = state->arc4 }; | 165 | struct blkcipher_desc desc = { .tfm = state->arc4 }; |
169 | 166 | ||
170 | get_new_key_from_sha(state, InterimKey); | 167 | get_new_key_from_sha(state); |
171 | if (!initial_key) { | 168 | if (!initial_key) { |
172 | crypto_blkcipher_setkey(state->arc4, InterimKey, state->keylen); | 169 | crypto_blkcipher_setkey(state->arc4, state->sha1_digest, |
173 | setup_sg(sg_in, InterimKey, state->keylen); | 170 | state->keylen); |
171 | setup_sg(sg_in, state->sha1_digest, state->keylen); | ||
174 | setup_sg(sg_out, state->session_key, state->keylen); | 172 | setup_sg(sg_out, state->session_key, state->keylen); |
175 | if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, | 173 | if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, |
176 | state->keylen) != 0) { | 174 | state->keylen) != 0) { |
177 | printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); | 175 | printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); |
178 | } | 176 | } |
179 | } else { | 177 | } else { |
180 | memcpy(state->session_key, InterimKey, state->keylen); | 178 | memcpy(state->session_key, state->sha1_digest, state->keylen); |
181 | } | 179 | } |
182 | if (state->keylen == 8) { | 180 | if (state->keylen == 8) { |
183 | /* See RFC 3078 */ | 181 | /* See RFC 3078 */ |