diff options
| author | Herbert Xu <herbert@gondor.apana.org.au> | 2006-08-20 01:07:14 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2006-09-20 21:46:19 -0400 |
| commit | 1b489e11d4df82514792f9f981f31976f8a94ddf (patch) | |
| tree | fe047012069eb528fc18518fc4340a02ab9b0adc /net/sctp/sm_make_chunk.c | |
| parent | 07d4ee583e21830ec5604d31f65cdc60a6eca19e (diff) | |
[SCTP]: Use HMAC template and hash interface
This patch converts SCTP to use the new HMAC template and hash interface.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sctp/sm_make_chunk.c')
| -rw-r--r-- | net/sctp/sm_make_chunk.c | 37 |
1 files changed, 27 insertions, 10 deletions
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 17b509282cf..7745bdea781 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c | |||
| @@ -1282,10 +1282,8 @@ static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep, | |||
| 1282 | 1282 | ||
| 1283 | retval = kmalloc(*cookie_len, GFP_ATOMIC); | 1283 | retval = kmalloc(*cookie_len, GFP_ATOMIC); |
| 1284 | 1284 | ||
| 1285 | if (!retval) { | 1285 | if (!retval) |
| 1286 | *cookie_len = 0; | ||
| 1287 | goto nodata; | 1286 | goto nodata; |
| 1288 | } | ||
| 1289 | 1287 | ||
| 1290 | /* Clear this memory since we are sending this data structure | 1288 | /* Clear this memory since we are sending this data structure |
| 1291 | * out on the network. | 1289 | * out on the network. |
| @@ -1321,19 +1319,29 @@ static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep, | |||
| 1321 | ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len); | 1319 | ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len); |
| 1322 | 1320 | ||
| 1323 | if (sctp_sk(ep->base.sk)->hmac) { | 1321 | if (sctp_sk(ep->base.sk)->hmac) { |
| 1322 | struct hash_desc desc; | ||
| 1323 | |||
| 1324 | /* Sign the message. */ | 1324 | /* Sign the message. */ |
| 1325 | sg.page = virt_to_page(&cookie->c); | 1325 | sg.page = virt_to_page(&cookie->c); |
| 1326 | sg.offset = (unsigned long)(&cookie->c) % PAGE_SIZE; | 1326 | sg.offset = (unsigned long)(&cookie->c) % PAGE_SIZE; |
| 1327 | sg.length = bodysize; | 1327 | sg.length = bodysize; |
| 1328 | keylen = SCTP_SECRET_SIZE; | 1328 | keylen = SCTP_SECRET_SIZE; |
| 1329 | key = (char *)ep->secret_key[ep->current_key]; | 1329 | key = (char *)ep->secret_key[ep->current_key]; |
| 1330 | desc.tfm = sctp_sk(ep->base.sk)->hmac; | ||
| 1331 | desc.flags = 0; | ||
| 1330 | 1332 | ||
| 1331 | sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen, | 1333 | if (crypto_hash_setkey(desc.tfm, key, keylen) || |
| 1332 | &sg, 1, cookie->signature); | 1334 | crypto_hash_digest(&desc, &sg, bodysize, cookie->signature)) |
| 1335 | goto free_cookie; | ||
| 1333 | } | 1336 | } |
| 1334 | 1337 | ||
| 1335 | nodata: | ||
| 1336 | return retval; | 1338 | return retval; |
| 1339 | |||
| 1340 | free_cookie: | ||
| 1341 | kfree(retval); | ||
| 1342 | nodata: | ||
| 1343 | *cookie_len = 0; | ||
| 1344 | return NULL; | ||
| 1337 | } | 1345 | } |
| 1338 | 1346 | ||
| 1339 | /* Unpack the cookie from COOKIE ECHO chunk, recreating the association. */ | 1347 | /* Unpack the cookie from COOKIE ECHO chunk, recreating the association. */ |
| @@ -1354,6 +1362,7 @@ struct sctp_association *sctp_unpack_cookie( | |||
| 1354 | sctp_scope_t scope; | 1362 | sctp_scope_t scope; |
| 1355 | struct sk_buff *skb = chunk->skb; | 1363 | struct sk_buff *skb = chunk->skb; |
| 1356 | struct timeval tv; | 1364 | struct timeval tv; |
| 1365 | struct hash_desc desc; | ||
| 1357 | 1366 | ||
| 1358 | /* Header size is static data prior to the actual cookie, including | 1367 | /* Header size is static data prior to the actual cookie, including |
| 1359 | * any padding. | 1368 | * any padding. |
| @@ -1389,17 +1398,25 @@ struct sctp_association *sctp_unpack_cookie( | |||
| 1389 | sg.offset = (unsigned long)(bear_cookie) % PAGE_SIZE; | 1398 | sg.offset = (unsigned long)(bear_cookie) % PAGE_SIZE; |
| 1390 | sg.length = bodysize; | 1399 | sg.length = bodysize; |
| 1391 | key = (char *)ep->secret_key[ep->current_key]; | 1400 | key = (char *)ep->secret_key[ep->current_key]; |
| 1401 | desc.tfm = sctp_sk(ep->base.sk)->hmac; | ||
| 1402 | desc.flags = 0; | ||
| 1392 | 1403 | ||
| 1393 | memset(digest, 0x00, SCTP_SIGNATURE_SIZE); | 1404 | memset(digest, 0x00, SCTP_SIGNATURE_SIZE); |
| 1394 | sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen, &sg, | 1405 | if (crypto_hash_setkey(desc.tfm, key, keylen) || |
| 1395 | 1, digest); | 1406 | crypto_hash_digest(&desc, &sg, bodysize, digest)) { |
| 1407 | *error = -SCTP_IERROR_NOMEM; | ||
| 1408 | goto fail; | ||
| 1409 | } | ||
| 1396 | 1410 | ||
| 1397 | if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) { | 1411 | if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) { |
| 1398 | /* Try the previous key. */ | 1412 | /* Try the previous key. */ |
| 1399 | key = (char *)ep->secret_key[ep->last_key]; | 1413 | key = (char *)ep->secret_key[ep->last_key]; |
| 1400 | memset(digest, 0x00, SCTP_SIGNATURE_SIZE); | 1414 | memset(digest, 0x00, SCTP_SIGNATURE_SIZE); |
| 1401 | sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen, | 1415 | if (crypto_hash_setkey(desc.tfm, key, keylen) || |
| 1402 | &sg, 1, digest); | 1416 | crypto_hash_digest(&desc, &sg, bodysize, digest)) { |
| 1417 | *error = -SCTP_IERROR_NOMEM; | ||
| 1418 | goto fail; | ||
| 1419 | } | ||
| 1403 | 1420 | ||
| 1404 | if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) { | 1421 | if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) { |
| 1405 | /* Yikes! Still bad signature! */ | 1422 | /* Yikes! Still bad signature! */ |