aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2006-08-20 01:07:14 -0400
committerHerbert Xu <herbert@gondor.apana.org.au>2006-09-20 21:46:19 -0400
commit1b489e11d4df82514792f9f981f31976f8a94ddf (patch)
treefe047012069eb528fc18518fc4340a02ab9b0adc /net
parent07d4ee583e21830ec5604d31f65cdc60a6eca19e (diff)
[SCTP]: Use HMAC template and hash interface
This patch converts SCTP to use the new HMAC template and hash interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/sctp/endpointola.c2
-rw-r--r--net/sctp/sm_make_chunk.c37
-rw-r--r--net/sctp/socket.c6
3 files changed, 31 insertions, 14 deletions
diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
index ffda1d680529..35c49ff2d062 100644
--- a/net/sctp/endpointola.c
+++ b/net/sctp/endpointola.c
@@ -173,7 +173,7 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep)
173 SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return); 173 SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return);
174 174
175 /* Free up the HMAC transform. */ 175 /* Free up the HMAC transform. */
176 sctp_crypto_free_tfm(sctp_sk(ep->base.sk)->hmac); 176 crypto_free_hash(sctp_sk(ep->base.sk)->hmac);
177 177
178 /* Cleanup. */ 178 /* Cleanup. */
179 sctp_inq_free(&ep->base.inqueue); 179 sctp_inq_free(&ep->base.inqueue);
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 17b509282cf2..7745bdea7817 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -1282,10 +1282,8 @@ static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep,
1282 1282
1283 retval = kmalloc(*cookie_len, GFP_ATOMIC); 1283 retval = kmalloc(*cookie_len, GFP_ATOMIC);
1284 1284
1285 if (!retval) { 1285 if (!retval)
1286 *cookie_len = 0;
1287 goto nodata; 1286 goto nodata;
1288 }
1289 1287
1290 /* Clear this memory since we are sending this data structure 1288 /* Clear this memory since we are sending this data structure
1291 * out on the network. 1289 * out on the network.
@@ -1321,19 +1319,29 @@ static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep,
1321 ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len); 1319 ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len);
1322 1320
1323 if (sctp_sk(ep->base.sk)->hmac) { 1321 if (sctp_sk(ep->base.sk)->hmac) {
1322 struct hash_desc desc;
1323
1324 /* Sign the message. */ 1324 /* Sign the message. */
1325 sg.page = virt_to_page(&cookie->c); 1325 sg.page = virt_to_page(&cookie->c);
1326 sg.offset = (unsigned long)(&cookie->c) % PAGE_SIZE; 1326 sg.offset = (unsigned long)(&cookie->c) % PAGE_SIZE;
1327 sg.length = bodysize; 1327 sg.length = bodysize;
1328 keylen = SCTP_SECRET_SIZE; 1328 keylen = SCTP_SECRET_SIZE;
1329 key = (char *)ep->secret_key[ep->current_key]; 1329 key = (char *)ep->secret_key[ep->current_key];
1330 desc.tfm = sctp_sk(ep->base.sk)->hmac;
1331 desc.flags = 0;
1330 1332
1331 sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen, 1333 if (crypto_hash_setkey(desc.tfm, key, keylen) ||
1332 &sg, 1, cookie->signature); 1334 crypto_hash_digest(&desc, &sg, bodysize, cookie->signature))
1335 goto free_cookie;
1333 } 1336 }
1334 1337
1335nodata:
1336 return retval; 1338 return retval;
1339
1340free_cookie:
1341 kfree(retval);
1342nodata:
1343 *cookie_len = 0;
1344 return NULL;
1337} 1345}
1338 1346
1339/* Unpack the cookie from COOKIE ECHO chunk, recreating the association. */ 1347/* Unpack the cookie from COOKIE ECHO chunk, recreating the association. */
@@ -1354,6 +1362,7 @@ struct sctp_association *sctp_unpack_cookie(
1354 sctp_scope_t scope; 1362 sctp_scope_t scope;
1355 struct sk_buff *skb = chunk->skb; 1363 struct sk_buff *skb = chunk->skb;
1356 struct timeval tv; 1364 struct timeval tv;
1365 struct hash_desc desc;
1357 1366
1358 /* Header size is static data prior to the actual cookie, including 1367 /* Header size is static data prior to the actual cookie, including
1359 * any padding. 1368 * any padding.
@@ -1389,17 +1398,25 @@ struct sctp_association *sctp_unpack_cookie(
1389 sg.offset = (unsigned long)(bear_cookie) % PAGE_SIZE; 1398 sg.offset = (unsigned long)(bear_cookie) % PAGE_SIZE;
1390 sg.length = bodysize; 1399 sg.length = bodysize;
1391 key = (char *)ep->secret_key[ep->current_key]; 1400 key = (char *)ep->secret_key[ep->current_key];
1401 desc.tfm = sctp_sk(ep->base.sk)->hmac;
1402 desc.flags = 0;
1392 1403
1393 memset(digest, 0x00, SCTP_SIGNATURE_SIZE); 1404 memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
1394 sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen, &sg, 1405 if (crypto_hash_setkey(desc.tfm, key, keylen) ||
1395 1, digest); 1406 crypto_hash_digest(&desc, &sg, bodysize, digest)) {
1407 *error = -SCTP_IERROR_NOMEM;
1408 goto fail;
1409 }
1396 1410
1397 if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) { 1411 if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
1398 /* Try the previous key. */ 1412 /* Try the previous key. */
1399 key = (char *)ep->secret_key[ep->last_key]; 1413 key = (char *)ep->secret_key[ep->last_key];
1400 memset(digest, 0x00, SCTP_SIGNATURE_SIZE); 1414 memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
1401 sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen, 1415 if (crypto_hash_setkey(desc.tfm, key, keylen) ||
1402 &sg, 1, digest); 1416 crypto_hash_digest(&desc, &sg, bodysize, digest)) {
1417 *error = -SCTP_IERROR_NOMEM;
1418 goto fail;
1419 }
1403 1420
1404 if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) { 1421 if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
1405 /* Yikes! Still bad signature! */ 1422 /* Yikes! Still bad signature! */
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index dab15949958e..85caf7963886 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -4898,7 +4898,7 @@ SCTP_STATIC int sctp_stream_listen(struct sock *sk, int backlog)
4898int sctp_inet_listen(struct socket *sock, int backlog) 4898int sctp_inet_listen(struct socket *sock, int backlog)
4899{ 4899{
4900 struct sock *sk = sock->sk; 4900 struct sock *sk = sock->sk;
4901 struct crypto_tfm *tfm=NULL; 4901 struct crypto_hash *tfm = NULL;
4902 int err = -EINVAL; 4902 int err = -EINVAL;
4903 4903
4904 if (unlikely(backlog < 0)) 4904 if (unlikely(backlog < 0))
@@ -4911,7 +4911,7 @@ int sctp_inet_listen(struct socket *sock, int backlog)
4911 4911
4912 /* Allocate HMAC for generating cookie. */ 4912 /* Allocate HMAC for generating cookie. */
4913 if (sctp_hmac_alg) { 4913 if (sctp_hmac_alg) {
4914 tfm = sctp_crypto_alloc_tfm(sctp_hmac_alg, 0); 4914 tfm = crypto_alloc_hash(sctp_hmac_alg, 0, CRYPTO_ALG_ASYNC);
4915 if (!tfm) { 4915 if (!tfm) {
4916 err = -ENOSYS; 4916 err = -ENOSYS;
4917 goto out; 4917 goto out;
@@ -4937,7 +4937,7 @@ out:
4937 sctp_release_sock(sk); 4937 sctp_release_sock(sk);
4938 return err; 4938 return err;
4939cleanup: 4939cleanup:
4940 sctp_crypto_free_tfm(tfm); 4940 crypto_free_hash(tfm);
4941 goto out; 4941 goto out;
4942} 4942}
4943 4943