aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
Diffstat (limited to 'include/net')
-rw-r--r--include/net/ah.h30
-rw-r--r--include/net/esp.h31
-rw-r--r--include/net/ipcomp.h5
-rw-r--r--include/net/sctp/constants.h4
-rw-r--r--include/net/sctp/sctp.h11
-rw-r--r--include/net/sctp/structs.h3
-rw-r--r--include/net/xfrm.h12
7 files changed, 52 insertions, 44 deletions
diff --git a/include/net/ah.h b/include/net/ah.h
index ceff00afae09..8f257c159902 100644
--- a/include/net/ah.h
+++ b/include/net/ah.h
@@ -1,6 +1,7 @@
1#ifndef _NET_AH_H 1#ifndef _NET_AH_H
2#define _NET_AH_H 2#define _NET_AH_H
3 3
4#include <linux/crypto.h>
4#include <net/xfrm.h> 5#include <net/xfrm.h>
5 6
6/* This is the maximum truncated ICV length that we know of. */ 7/* This is the maximum truncated ICV length that we know of. */
@@ -14,22 +15,29 @@ struct ah_data
14 int icv_full_len; 15 int icv_full_len;
15 int icv_trunc_len; 16 int icv_trunc_len;
16 17
17 void (*icv)(struct ah_data*, 18 struct crypto_hash *tfm;
18 struct sk_buff *skb, u8 *icv);
19
20 struct crypto_tfm *tfm;
21}; 19};
22 20
23static inline void 21static inline int ah_mac_digest(struct ah_data *ahp, struct sk_buff *skb,
24ah_hmac_digest(struct ah_data *ahp, struct sk_buff *skb, u8 *auth_data) 22 u8 *auth_data)
25{ 23{
26 struct crypto_tfm *tfm = ahp->tfm; 24 struct hash_desc desc;
25 int err;
26
27 desc.tfm = ahp->tfm;
28 desc.flags = 0;
27 29
28 memset(auth_data, 0, ahp->icv_trunc_len); 30 memset(auth_data, 0, ahp->icv_trunc_len);
29 crypto_hmac_init(tfm, ahp->key, &ahp->key_len); 31 err = crypto_hash_init(&desc);
30 skb_icv_walk(skb, tfm, 0, skb->len, crypto_hmac_update); 32 if (unlikely(err))
31 crypto_hmac_final(tfm, ahp->key, &ahp->key_len, ahp->work_icv); 33 goto out;
32 memcpy(auth_data, ahp->work_icv, ahp->icv_trunc_len); 34 err = skb_icv_walk(skb, &desc, 0, skb->len, crypto_hash_update);
35 if (unlikely(err))
36 goto out;
37 err = crypto_hash_final(&desc, ahp->work_icv);
38
39out:
40 return err;
33} 41}
34 42
35#endif 43#endif
diff --git a/include/net/esp.h b/include/net/esp.h
index 90cd94fad7d9..064366d66eea 100644
--- a/include/net/esp.h
+++ b/include/net/esp.h
@@ -1,6 +1,7 @@
1#ifndef _NET_ESP_H 1#ifndef _NET_ESP_H
2#define _NET_ESP_H 2#define _NET_ESP_H
3 3
4#include <linux/crypto.h>
4#include <net/xfrm.h> 5#include <net/xfrm.h>
5#include <asm/scatterlist.h> 6#include <asm/scatterlist.h>
6 7
@@ -21,7 +22,7 @@ struct esp_data
21 * >= crypto_tfm_alg_ivsize(tfm). */ 22 * >= crypto_tfm_alg_ivsize(tfm). */
22 int ivlen; 23 int ivlen;
23 int padlen; /* 0..255 */ 24 int padlen; /* 0..255 */
24 struct crypto_tfm *tfm; /* crypto handle */ 25 struct crypto_blkcipher *tfm; /* crypto handle */
25 } conf; 26 } conf;
26 27
27 /* Integrity. It is active when icv_full_len != 0 */ 28 /* Integrity. It is active when icv_full_len != 0 */
@@ -34,7 +35,7 @@ struct esp_data
34 void (*icv)(struct esp_data*, 35 void (*icv)(struct esp_data*,
35 struct sk_buff *skb, 36 struct sk_buff *skb,
36 int offset, int len, u8 *icv); 37 int offset, int len, u8 *icv);
37 struct crypto_tfm *tfm; 38 struct crypto_hash *tfm;
38 } auth; 39 } auth;
39}; 40};
40 41
@@ -42,18 +43,22 @@ extern int skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset,
42extern int skb_cow_data(struct sk_buff *skb, int tailbits, struct sk_buff **trailer); 43extern int skb_cow_data(struct sk_buff *skb, int tailbits, struct sk_buff **trailer);
43extern void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len); 44extern void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len);
44 45
45static inline void 46static inline int esp_mac_digest(struct esp_data *esp, struct sk_buff *skb,
46esp_hmac_digest(struct esp_data *esp, struct sk_buff *skb, int offset, 47 int offset, int len)
47 int len, u8 *auth_data)
48{ 48{
49 struct crypto_tfm *tfm = esp->auth.tfm; 49 struct hash_desc desc;
50 char *icv = esp->auth.work_icv; 50 int err;
51 51
52 memset(auth_data, 0, esp->auth.icv_trunc_len); 52 desc.tfm = esp->auth.tfm;
53 crypto_hmac_init(tfm, esp->auth.key, &esp->auth.key_len); 53 desc.flags = 0;
54 skb_icv_walk(skb, tfm, offset, len, crypto_hmac_update); 54
55 crypto_hmac_final(tfm, esp->auth.key, &esp->auth.key_len, icv); 55 err = crypto_hash_init(&desc);
56 memcpy(auth_data, icv, esp->auth.icv_trunc_len); 56 if (unlikely(err))
57 return err;
58 err = skb_icv_walk(skb, &desc, offset, len, crypto_hash_update);
59 if (unlikely(err))
60 return err;
61 return crypto_hash_final(&desc, esp->auth.work_icv);
57} 62}
58 63
59#endif 64#endif
diff --git a/include/net/ipcomp.h b/include/net/ipcomp.h
index e651a57ecdd5..87c1af3e5e82 100644
--- a/include/net/ipcomp.h
+++ b/include/net/ipcomp.h
@@ -1,11 +1,14 @@
1#ifndef _NET_IPCOMP_H 1#ifndef _NET_IPCOMP_H
2#define _NET_IPCOMP_H 2#define _NET_IPCOMP_H
3 3
4#include <linux/crypto.h>
5#include <linux/types.h>
6
4#define IPCOMP_SCRATCH_SIZE 65400 7#define IPCOMP_SCRATCH_SIZE 65400
5 8
6struct ipcomp_data { 9struct ipcomp_data {
7 u16 threshold; 10 u16 threshold;
8 struct crypto_tfm **tfms; 11 struct crypto_comp **tfms;
9}; 12};
10 13
11#endif 14#endif
diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h
index c51541ee0247..57166bfdf8eb 100644
--- a/include/net/sctp/constants.h
+++ b/include/net/sctp/constants.h
@@ -312,9 +312,9 @@ enum { SCTP_MAX_GABS = 16 };
312 */ 312 */
313 313
314#if defined (CONFIG_SCTP_HMAC_MD5) 314#if defined (CONFIG_SCTP_HMAC_MD5)
315#define SCTP_COOKIE_HMAC_ALG "md5" 315#define SCTP_COOKIE_HMAC_ALG "hmac(md5)"
316#elif defined (CONFIG_SCTP_HMAC_SHA1) 316#elif defined (CONFIG_SCTP_HMAC_SHA1)
317#define SCTP_COOKIE_HMAC_ALG "sha1" 317#define SCTP_COOKIE_HMAC_ALG "hmac(sha1)"
318#else 318#else
319#define SCTP_COOKIE_HMAC_ALG NULL 319#define SCTP_COOKIE_HMAC_ALG NULL
320#endif 320#endif
diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h
index 92eae0e0f3f1..1c1abce5f6b6 100644
--- a/include/net/sctp/sctp.h
+++ b/include/net/sctp/sctp.h
@@ -330,17 +330,6 @@ static inline void sctp_v6_exit(void) { return; }
330 330
331#endif /* #if defined(CONFIG_IPV6) */ 331#endif /* #if defined(CONFIG_IPV6) */
332 332
333/* Some wrappers, in case crypto not available. */
334#if defined (CONFIG_CRYPTO_HMAC)
335#define sctp_crypto_alloc_tfm crypto_alloc_tfm
336#define sctp_crypto_free_tfm crypto_free_tfm
337#define sctp_crypto_hmac crypto_hmac
338#else
339#define sctp_crypto_alloc_tfm(x...) NULL
340#define sctp_crypto_free_tfm(x...)
341#define sctp_crypto_hmac(x...)
342#endif
343
344 333
345/* Map an association to an assoc_id. */ 334/* Map an association to an assoc_id. */
346static inline sctp_assoc_t sctp_assoc2id(const struct sctp_association *asoc) 335static inline sctp_assoc_t sctp_assoc2id(const struct sctp_association *asoc)
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index e5aa7ff1f5b5..0412e730c765 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -87,6 +87,7 @@ struct sctp_bind_addr;
87struct sctp_ulpq; 87struct sctp_ulpq;
88struct sctp_ep_common; 88struct sctp_ep_common;
89struct sctp_ssnmap; 89struct sctp_ssnmap;
90struct crypto_hash;
90 91
91 92
92#include <net/sctp/tsnmap.h> 93#include <net/sctp/tsnmap.h>
@@ -264,7 +265,7 @@ struct sctp_sock {
264 struct sctp_pf *pf; 265 struct sctp_pf *pf;
265 266
266 /* Access to HMAC transform. */ 267 /* Access to HMAC transform. */
267 struct crypto_tfm *hmac; 268 struct crypto_hash *hmac;
268 269
269 /* What is our base endpointer? */ 270 /* What is our base endpointer? */
270 struct sctp_endpoint *ep; 271 struct sctp_endpoint *ep;
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 9c5ee9f20b65..3ecd9fa1ed4b 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -8,7 +8,6 @@
8#include <linux/list.h> 8#include <linux/list.h>
9#include <linux/skbuff.h> 9#include <linux/skbuff.h>
10#include <linux/socket.h> 10#include <linux/socket.h>
11#include <linux/crypto.h>
12#include <linux/pfkeyv2.h> 11#include <linux/pfkeyv2.h>
13#include <linux/in6.h> 12#include <linux/in6.h>
14#include <linux/mutex.h> 13#include <linux/mutex.h>
@@ -855,6 +854,7 @@ struct xfrm_algo_comp_info {
855 854
856struct xfrm_algo_desc { 855struct xfrm_algo_desc {
857 char *name; 856 char *name;
857 char *compat;
858 u8 available:1; 858 u8 available:1;
859 union { 859 union {
860 struct xfrm_algo_auth_info auth; 860 struct xfrm_algo_auth_info auth;
@@ -984,11 +984,13 @@ extern struct xfrm_algo_desc *xfrm_aalg_get_byname(char *name, int probe);
984extern struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe); 984extern struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe);
985extern struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe); 985extern struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe);
986 986
987struct crypto_tfm; 987struct hash_desc;
988typedef void (icv_update_fn_t)(struct crypto_tfm *, struct scatterlist *, unsigned int); 988struct scatterlist;
989typedef int (icv_update_fn_t)(struct hash_desc *, struct scatterlist *,
990 unsigned int);
989 991
990extern void skb_icv_walk(const struct sk_buff *skb, struct crypto_tfm *tfm, 992extern int skb_icv_walk(const struct sk_buff *skb, struct hash_desc *tfm,
991 int offset, int len, icv_update_fn_t icv_update); 993 int offset, int len, icv_update_fn_t icv_update);
992 994
993static inline int xfrm_addr_cmp(xfrm_address_t *a, xfrm_address_t *b, 995static inline int xfrm_addr_cmp(xfrm_address_t *a, xfrm_address_t *b,
994 int family) 996 int family)