1 files changed, 18 insertions, 13 deletions
diff --git a/include/net/esp.h b/include/net/esp.h
index 90cd94fad7d9..064366d66eea 100644
--- a/include/net/esp.h
+++ b/include/net/esp.h
@@ -1,6 +1,7 @@
 #ifndef _NET_ESP_H
 #define _NET_ESP_H
+#include <linux/crypto.h>
 #include <net/xfrm.h>
 #include <asm/scatterlist.h>
@@ -21,7 +22,7 @@ struct esp_data
                 * >= crypto_tfm_alg_ivsize(tfm). */
                int                     ivlen;
                int                     padlen;         /* 0..255 */
-                struct crypto_tfm       *tfm;           /* crypto handle */
+                struct crypto_blkcipher *tfm;           /* crypto handle */
        } conf;
        /* Integrity. It is active when icv_full_len != 0 */
@@ -34,7 +35,7 @@ struct esp_data
                void                    (*icv)(struct esp_data*,
                                               struct sk_buff *skb,
                                               int offset, int len, u8 *icv);
-                struct crypto_tfm       *tfm;
+                struct crypto_hash      *tfm;
        } auth;
 };
@@ -42,18 +43,22 @@ extern int skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset,
 extern int skb_cow_data(struct sk_buff *skb, int tailbits, struct sk_buff **trailer);
 extern void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len);
-static inline void
+static inline int esp_mac_digest(struct esp_data *esp, struct sk_buff *skb,
-esp_hmac_digest(struct esp_data *esp, struct sk_buff *skb, int offset,
+                                 int offset, int len)
-                int len, u8 *auth_data)
 {
-        struct crypto_tfm *tfm = esp->auth.tfm;
+        struct hash_desc desc;
-        char *icv = esp->auth.work_icv;
+        int err;
-        memset(auth_data, 0, esp->auth.icv_trunc_len);
+        desc.tfm = esp->auth.tfm;
-        crypto_hmac_init(tfm, esp->auth.key, &esp->auth.key_len);
+        desc.flags = 0;
-        skb_icv_walk(skb, tfm, offset, len, crypto_hmac_update);
-        crypto_hmac_final(tfm, esp->auth.key, &esp->auth.key_len, icv);
+        err = crypto_hash_init(&desc);
-        memcpy(auth_data, icv, esp->auth.icv_trunc_len);
+        if (unlikely(err))
+                return err;
+        err = skb_icv_walk(skb, &desc, offset, len, crypto_hash_update);
+        if (unlikely(err))
+                return err;
+        return crypto_hash_final(&desc, esp->auth.work_icv);
 }
 #endif

diff --git a/include/net/esp.h b/include/net/esp.h index 90cd94fad7d9..064366d66eea 100644 --- a/include/net/esp.h +++ b/include/net/esp.h
@@ -1,6 +1,7 @@
1	#ifndef _NET_ESP_H	1	#ifndef _NET_ESP_H
2	#define _NET_ESP_H	2	#define _NET_ESP_H
3		3
		4	#include <linux/crypto.h>
4	#include <net/xfrm.h>	5	#include <net/xfrm.h>
5	#include <asm/scatterlist.h>	6	#include <asm/scatterlist.h>
6		7
@@ -21,7 +22,7 @@ struct esp_data
21	* >= crypto_tfm_alg_ivsize(tfm). */	22	* >= crypto_tfm_alg_ivsize(tfm). */
22	int ivlen;	23	int ivlen;
23	int padlen; /* 0..255 */	24	int padlen; /* 0..255 */
24	struct crypto_tfm tfm; / crypto handle */	25	struct crypto_blkcipher tfm; / crypto handle */
25	} conf;	26	} conf;
26		27
27	/* Integrity. It is active when icv_full_len != 0 */	28	/* Integrity. It is active when icv_full_len != 0 */
@@ -34,7 +35,7 @@ struct esp_data
34	void (icv)(struct esp_data,	35	void (icv)(struct esp_data,
35	struct sk_buff *skb,	36	struct sk_buff *skb,
36	int offset, int len, u8 *icv);	37	int offset, int len, u8 *icv);
37	struct crypto_tfm *tfm;	38	struct crypto_hash *tfm;
38	} auth;	39	} auth;
39	};	40	};
40		41
@@ -42,18 +43,22 @@ extern int skb_to_sgvec(struct sk_buff skb, struct scatterlist sg, int offset,
42	extern int skb_cow_data(struct sk_buff skb, int tailbits, struct sk_buff *trailer);	43	extern int skb_cow_data(struct sk_buff skb, int tailbits, struct sk_buff *trailer);
43	extern void pskb_put(struct sk_buff skb, struct sk_buff *tail, int len);	44	extern void pskb_put(struct sk_buff skb, struct sk_buff *tail, int len);
44		45
45	static inline void	46	static inline int esp_mac_digest(struct esp_data esp, struct sk_buff skb,
46	esp_hmac_digest(struct esp_data esp, struct sk_buff skb, int offset,	47	int offset, int len)
47	int len, u8 *auth_data)
48	{	48	{
49	struct crypto_tfm *tfm = esp->auth.tfm;	49	struct hash_desc desc;
50	char *icv = esp->auth.work_icv;	50	int err;
51		51
52	memset(auth_data, 0, esp->auth.icv_trunc_len);	52	desc.tfm = esp->auth.tfm;
53	crypto_hmac_init(tfm, esp->auth.key, &esp->auth.key_len);	53	desc.flags = 0;
54	skb_icv_walk(skb, tfm, offset, len, crypto_hmac_update);	54
55	crypto_hmac_final(tfm, esp->auth.key, &esp->auth.key_len, icv);	55	err = crypto_hash_init(&desc);
56	memcpy(auth_data, icv, esp->auth.icv_trunc_len);	56	if (unlikely(err))
		57	return err;
		58	err = skb_icv_walk(skb, &desc, offset, len, crypto_hash_update);
		59	if (unlikely(err))
		60	return err;
		61	return crypto_hash_final(&desc, esp->auth.work_icv);
57	}	62	}
58		63
59	#endif	64	#endif