diff options
| author | Michal Schmidt <mschmidt@redhat.com> | 2007-09-26 02:05:39 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2007-09-26 02:05:39 -0400 |
| commit | 45dfd5b5dd20f17fe23dafc5cfe921474d27f849 (patch) | |
| tree | 92974c06987b359adc4dc6bceb68d234365db2a5 /drivers/net/ppp_mppe.c | |
| parent | 6f4c618ddb0e6b7e6d49cfc8134e694be1c0bc9b (diff) | |
[PPP_MPPE]: Don't put InterimKey on the stack
Signed-off-by: Michal Schmidt <mschmidt@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/net/ppp_mppe.c')
| -rw-r--r-- | drivers/net/ppp_mppe.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/drivers/net/ppp_mppe.c b/drivers/net/ppp_mppe.c index f79cf87a2bff..c0b6d19d1457 100644 --- a/drivers/net/ppp_mppe.c +++ b/drivers/net/ppp_mppe.c | |||
| @@ -136,7 +136,7 @@ struct ppp_mppe_state { | |||
| 136 | * Key Derivation, from RFC 3078, RFC 3079. | 136 | * Key Derivation, from RFC 3078, RFC 3079. |
| 137 | * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. | 137 | * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. |
| 138 | */ | 138 | */ |
| 139 | static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey) | 139 | static void get_new_key_from_sha(struct ppp_mppe_state * state) |
| 140 | { | 140 | { |
| 141 | struct hash_desc desc; | 141 | struct hash_desc desc; |
| 142 | struct scatterlist sg[4]; | 142 | struct scatterlist sg[4]; |
| @@ -153,8 +153,6 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *I | |||
| 153 | desc.flags = 0; | 153 | desc.flags = 0; |
| 154 | 154 | ||
| 155 | crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest); | 155 | crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest); |
| 156 | |||
| 157 | memcpy(InterimKey, state->sha1_digest, state->keylen); | ||
| 158 | } | 156 | } |
| 159 | 157 | ||
| 160 | /* | 158 | /* |
| @@ -163,21 +161,21 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *I | |||
| 163 | */ | 161 | */ |
| 164 | static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) | 162 | static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) |
| 165 | { | 163 | { |
| 166 | unsigned char InterimKey[MPPE_MAX_KEY_LEN]; | ||
| 167 | struct scatterlist sg_in[1], sg_out[1]; | 164 | struct scatterlist sg_in[1], sg_out[1]; |
| 168 | struct blkcipher_desc desc = { .tfm = state->arc4 }; | 165 | struct blkcipher_desc desc = { .tfm = state->arc4 }; |
| 169 | 166 | ||
| 170 | get_new_key_from_sha(state, InterimKey); | 167 | get_new_key_from_sha(state); |
| 171 | if (!initial_key) { | 168 | if (!initial_key) { |
| 172 | crypto_blkcipher_setkey(state->arc4, InterimKey, state->keylen); | 169 | crypto_blkcipher_setkey(state->arc4, state->sha1_digest, |
| 173 | setup_sg(sg_in, InterimKey, state->keylen); | 170 | state->keylen); |
| 171 | setup_sg(sg_in, state->sha1_digest, state->keylen); | ||
| 174 | setup_sg(sg_out, state->session_key, state->keylen); | 172 | setup_sg(sg_out, state->session_key, state->keylen); |
| 175 | if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, | 173 | if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, |
| 176 | state->keylen) != 0) { | 174 | state->keylen) != 0) { |
| 177 | printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); | 175 | printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); |
| 178 | } | 176 | } |
| 179 | } else { | 177 | } else { |
| 180 | memcpy(state->session_key, InterimKey, state->keylen); | 178 | memcpy(state->session_key, state->sha1_digest, state->keylen); |
| 181 | } | 179 | } |
| 182 | if (state->keylen == 8) { | 180 | if (state->keylen == 8) { |
| 183 | /* See RFC 3078 */ | 181 | /* See RFC 3078 */ |