diff options
Diffstat (limited to 'drivers/net/ppp_mppe.c')
| -rw-r--r-- | drivers/net/ppp_mppe.c | 68 |
1 files changed, 42 insertions, 26 deletions
diff --git a/drivers/net/ppp_mppe.c b/drivers/net/ppp_mppe.c index 51ff9a9d1bb5..f3655fd772f5 100644 --- a/drivers/net/ppp_mppe.c +++ b/drivers/net/ppp_mppe.c | |||
| @@ -43,6 +43,7 @@ | |||
| 43 | * deprecated in 2.6 | 43 | * deprecated in 2.6 |
| 44 | */ | 44 | */ |
| 45 | 45 | ||
| 46 | #include <linux/err.h> | ||
| 46 | #include <linux/module.h> | 47 | #include <linux/module.h> |
| 47 | #include <linux/kernel.h> | 48 | #include <linux/kernel.h> |
| 48 | #include <linux/version.h> | 49 | #include <linux/version.h> |
| @@ -64,12 +65,13 @@ MODULE_LICENSE("Dual BSD/GPL"); | |||
| 64 | MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); | 65 | MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); |
| 65 | MODULE_VERSION("1.0.2"); | 66 | MODULE_VERSION("1.0.2"); |
| 66 | 67 | ||
| 67 | static void | 68 | static unsigned int |
| 68 | setup_sg(struct scatterlist *sg, const void *address, unsigned int length) | 69 | setup_sg(struct scatterlist *sg, const void *address, unsigned int length) |
| 69 | { | 70 | { |
| 70 | sg[0].page = virt_to_page(address); | 71 | sg[0].page = virt_to_page(address); |
| 71 | sg[0].offset = offset_in_page(address); | 72 | sg[0].offset = offset_in_page(address); |
| 72 | sg[0].length = length; | 73 | sg[0].length = length; |
| 74 | return length; | ||
| 73 | } | 75 | } |
| 74 | 76 | ||
| 75 | #define SHA1_PAD_SIZE 40 | 77 | #define SHA1_PAD_SIZE 40 |
| @@ -95,8 +97,8 @@ static inline void sha_pad_init(struct sha_pad *shapad) | |||
| 95 | * State for an MPPE (de)compressor. | 97 | * State for an MPPE (de)compressor. |
| 96 | */ | 98 | */ |
| 97 | struct ppp_mppe_state { | 99 | struct ppp_mppe_state { |
| 98 | struct crypto_tfm *arc4; | 100 | struct crypto_blkcipher *arc4; |
| 99 | struct crypto_tfm *sha1; | 101 | struct crypto_hash *sha1; |
| 100 | unsigned char *sha1_digest; | 102 | unsigned char *sha1_digest; |
| 101 | unsigned char master_key[MPPE_MAX_KEY_LEN]; | 103 | unsigned char master_key[MPPE_MAX_KEY_LEN]; |
| 102 | unsigned char session_key[MPPE_MAX_KEY_LEN]; | 104 | unsigned char session_key[MPPE_MAX_KEY_LEN]; |
| @@ -136,14 +138,21 @@ struct ppp_mppe_state { | |||
| 136 | */ | 138 | */ |
| 137 | static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey) | 139 | static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey) |
| 138 | { | 140 | { |
| 141 | struct hash_desc desc; | ||
| 139 | struct scatterlist sg[4]; | 142 | struct scatterlist sg[4]; |
| 143 | unsigned int nbytes; | ||
| 140 | 144 | ||
| 141 | setup_sg(&sg[0], state->master_key, state->keylen); | 145 | nbytes = setup_sg(&sg[0], state->master_key, state->keylen); |
| 142 | setup_sg(&sg[1], sha_pad->sha_pad1, sizeof(sha_pad->sha_pad1)); | 146 | nbytes += setup_sg(&sg[1], sha_pad->sha_pad1, |
| 143 | setup_sg(&sg[2], state->session_key, state->keylen); | 147 | sizeof(sha_pad->sha_pad1)); |
| 144 | setup_sg(&sg[3], sha_pad->sha_pad2, sizeof(sha_pad->sha_pad2)); | 148 | nbytes += setup_sg(&sg[2], state->session_key, state->keylen); |
| 149 | nbytes += setup_sg(&sg[3], sha_pad->sha_pad2, | ||
| 150 | sizeof(sha_pad->sha_pad2)); | ||
| 145 | 151 | ||
| 146 | crypto_digest_digest (state->sha1, sg, 4, state->sha1_digest); | 152 | desc.tfm = state->sha1; |
| 153 | desc.flags = 0; | ||
| 154 | |||
| 155 | crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest); | ||
| 147 | 156 | ||
| 148 | memcpy(InterimKey, state->sha1_digest, state->keylen); | 157 | memcpy(InterimKey, state->sha1_digest, state->keylen); |
| 149 | } | 158 | } |
| @@ -156,14 +165,15 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) | |||
| 156 | { | 165 | { |
| 157 | unsigned char InterimKey[MPPE_MAX_KEY_LEN]; | 166 | unsigned char InterimKey[MPPE_MAX_KEY_LEN]; |
| 158 | struct scatterlist sg_in[1], sg_out[1]; | 167 | struct scatterlist sg_in[1], sg_out[1]; |
| 168 | struct blkcipher_desc desc = { .tfm = state->arc4 }; | ||
| 159 | 169 | ||
| 160 | get_new_key_from_sha(state, InterimKey); | 170 | get_new_key_from_sha(state, InterimKey); |
| 161 | if (!initial_key) { | 171 | if (!initial_key) { |
| 162 | crypto_cipher_setkey(state->arc4, InterimKey, state->keylen); | 172 | crypto_blkcipher_setkey(state->arc4, InterimKey, state->keylen); |
| 163 | setup_sg(sg_in, InterimKey, state->keylen); | 173 | setup_sg(sg_in, InterimKey, state->keylen); |
| 164 | setup_sg(sg_out, state->session_key, state->keylen); | 174 | setup_sg(sg_out, state->session_key, state->keylen); |
| 165 | if (crypto_cipher_encrypt(state->arc4, sg_out, sg_in, | 175 | if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, |
| 166 | state->keylen) != 0) { | 176 | state->keylen) != 0) { |
| 167 | printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); | 177 | printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); |
| 168 | } | 178 | } |
| 169 | } else { | 179 | } else { |
| @@ -175,7 +185,7 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) | |||
| 175 | state->session_key[1] = 0x26; | 185 | state->session_key[1] = 0x26; |
| 176 | state->session_key[2] = 0x9e; | 186 | state->session_key[2] = 0x9e; |
| 177 | } | 187 | } |
| 178 | crypto_cipher_setkey(state->arc4, state->session_key, state->keylen); | 188 | crypto_blkcipher_setkey(state->arc4, state->session_key, state->keylen); |
| 179 | } | 189 | } |
| 180 | 190 | ||
| 181 | /* | 191 | /* |
| @@ -196,15 +206,19 @@ static void *mppe_alloc(unsigned char *options, int optlen) | |||
| 196 | 206 | ||
| 197 | memset(state, 0, sizeof(*state)); | 207 | memset(state, 0, sizeof(*state)); |
| 198 | 208 | ||
| 199 | state->arc4 = crypto_alloc_tfm("arc4", 0); | 209 | state->arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC); |
| 200 | if (!state->arc4) | 210 | if (IS_ERR(state->arc4)) { |
| 211 | state->arc4 = NULL; | ||
| 201 | goto out_free; | 212 | goto out_free; |
| 213 | } | ||
| 202 | 214 | ||
| 203 | state->sha1 = crypto_alloc_tfm("sha1", 0); | 215 | state->sha1 = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC); |
| 204 | if (!state->sha1) | 216 | if (IS_ERR(state->sha1)) { |
| 217 | state->sha1 = NULL; | ||
| 205 | goto out_free; | 218 | goto out_free; |
| 219 | } | ||
| 206 | 220 | ||
| 207 | digestsize = crypto_tfm_alg_digestsize(state->sha1); | 221 | digestsize = crypto_hash_digestsize(state->sha1); |
| 208 | if (digestsize < MPPE_MAX_KEY_LEN) | 222 | if (digestsize < MPPE_MAX_KEY_LEN) |
| 209 | goto out_free; | 223 | goto out_free; |
| 210 | 224 | ||
| @@ -229,9 +243,9 @@ static void *mppe_alloc(unsigned char *options, int optlen) | |||
| 229 | if (state->sha1_digest) | 243 | if (state->sha1_digest) |
| 230 | kfree(state->sha1_digest); | 244 | kfree(state->sha1_digest); |
| 231 | if (state->sha1) | 245 | if (state->sha1) |
| 232 | crypto_free_tfm(state->sha1); | 246 | crypto_free_hash(state->sha1); |
| 233 | if (state->arc4) | 247 | if (state->arc4) |
| 234 | crypto_free_tfm(state->arc4); | 248 | crypto_free_blkcipher(state->arc4); |
| 235 | kfree(state); | 249 | kfree(state); |
| 236 | out: | 250 | out: |
| 237 | return NULL; | 251 | return NULL; |
| @@ -247,9 +261,9 @@ static void mppe_free(void *arg) | |||
| 247 | if (state->sha1_digest) | 261 | if (state->sha1_digest) |
| 248 | kfree(state->sha1_digest); | 262 | kfree(state->sha1_digest); |
| 249 | if (state->sha1) | 263 | if (state->sha1) |
| 250 | crypto_free_tfm(state->sha1); | 264 | crypto_free_hash(state->sha1); |
| 251 | if (state->arc4) | 265 | if (state->arc4) |
| 252 | crypto_free_tfm(state->arc4); | 266 | crypto_free_blkcipher(state->arc4); |
| 253 | kfree(state); | 267 | kfree(state); |
| 254 | } | 268 | } |
| 255 | } | 269 | } |
| @@ -356,6 +370,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, | |||
| 356 | int isize, int osize) | 370 | int isize, int osize) |
| 357 | { | 371 | { |
| 358 | struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; | 372 | struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; |
| 373 | struct blkcipher_desc desc = { .tfm = state->arc4 }; | ||
| 359 | int proto; | 374 | int proto; |
| 360 | struct scatterlist sg_in[1], sg_out[1]; | 375 | struct scatterlist sg_in[1], sg_out[1]; |
| 361 | 376 | ||
| @@ -413,7 +428,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, | |||
| 413 | /* Encrypt packet */ | 428 | /* Encrypt packet */ |
| 414 | setup_sg(sg_in, ibuf, isize); | 429 | setup_sg(sg_in, ibuf, isize); |
| 415 | setup_sg(sg_out, obuf, osize); | 430 | setup_sg(sg_out, obuf, osize); |
| 416 | if (crypto_cipher_encrypt(state->arc4, sg_out, sg_in, isize) != 0) { | 431 | if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, isize) != 0) { |
| 417 | printk(KERN_DEBUG "crypto_cypher_encrypt failed\n"); | 432 | printk(KERN_DEBUG "crypto_cypher_encrypt failed\n"); |
| 418 | return -1; | 433 | return -1; |
| 419 | } | 434 | } |
| @@ -462,6 +477,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, | |||
| 462 | int osize) | 477 | int osize) |
| 463 | { | 478 | { |
| 464 | struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; | 479 | struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; |
| 480 | struct blkcipher_desc desc = { .tfm = state->arc4 }; | ||
| 465 | unsigned ccount; | 481 | unsigned ccount; |
| 466 | int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED; | 482 | int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED; |
| 467 | int sanity = 0; | 483 | int sanity = 0; |
| @@ -599,7 +615,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, | |||
| 599 | */ | 615 | */ |
| 600 | setup_sg(sg_in, ibuf, 1); | 616 | setup_sg(sg_in, ibuf, 1); |
| 601 | setup_sg(sg_out, obuf, 1); | 617 | setup_sg(sg_out, obuf, 1); |
| 602 | if (crypto_cipher_decrypt(state->arc4, sg_out, sg_in, 1) != 0) { | 618 | if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, 1) != 0) { |
| 603 | printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); | 619 | printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); |
| 604 | return DECOMP_ERROR; | 620 | return DECOMP_ERROR; |
| 605 | } | 621 | } |
| @@ -619,7 +635,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, | |||
| 619 | /* And finally, decrypt the rest of the packet. */ | 635 | /* And finally, decrypt the rest of the packet. */ |
| 620 | setup_sg(sg_in, ibuf + 1, isize - 1); | 636 | setup_sg(sg_in, ibuf + 1, isize - 1); |
| 621 | setup_sg(sg_out, obuf + 1, osize - 1); | 637 | setup_sg(sg_out, obuf + 1, osize - 1); |
| 622 | if (crypto_cipher_decrypt(state->arc4, sg_out, sg_in, isize - 1) != 0) { | 638 | if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, isize - 1)) { |
| 623 | printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); | 639 | printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); |
| 624 | return DECOMP_ERROR; | 640 | return DECOMP_ERROR; |
| 625 | } | 641 | } |
| @@ -694,8 +710,8 @@ static struct compressor ppp_mppe = { | |||
| 694 | static int __init ppp_mppe_init(void) | 710 | static int __init ppp_mppe_init(void) |
| 695 | { | 711 | { |
| 696 | int answer; | 712 | int answer; |
| 697 | if (!(crypto_alg_available("arc4", 0) && | 713 | if (!(crypto_has_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) && |
| 698 | crypto_alg_available("sha1", 0))) | 714 | crypto_has_hash("sha1", 0, CRYPTO_ALG_ASYNC))) |
| 699 | return -ENODEV; | 715 | return -ENODEV; |
| 700 | 716 | ||
| 701 | sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL); | 717 | sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL); |