Skip to content

Commit fdb89b1

Browse files
herbertxherbertx
committed
ppp_mppe: Use skcipher and ahash
This patch replaces uses of blkcipher with skcipher, and the long obsolete hash interface with ahash. This is a bug-for-bug conversion and no attempt has been made to fix bugs such as the ignored return values of the crypto operations. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
1 parent 84a2c93 commit fdb89b1

File tree

1 file changed

+58
-41
lines changed

1 file changed

+58
-41
lines changed

drivers/net/ppp/ppp_mppe.c

Lines changed: 58 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -42,14 +42,15 @@
4242
* deprecated in 2.6
4343
*/
4444

45+
#include <crypto/hash.h>
46+
#include <crypto/skcipher.h>
4547
#include <linux/err.h>
4648
#include <linux/module.h>
4749
#include <linux/kernel.h>
4850
#include <linux/init.h>
4951
#include <linux/types.h>
5052
#include <linux/slab.h>
5153
#include <linux/string.h>
52-
#include <linux/crypto.h>
5354
#include <linux/mm.h>
5455
#include <linux/ppp_defs.h>
5556
#include <linux/ppp-comp.h>
@@ -94,8 +95,8 @@ static inline void sha_pad_init(struct sha_pad *shapad)
9495
* State for an MPPE (de)compressor.
9596
*/
9697
struct ppp_mppe_state {
97-
struct crypto_blkcipher *arc4;
98-
struct crypto_hash *sha1;
98+
struct crypto_skcipher *arc4;
99+
struct crypto_ahash *sha1;
99100
unsigned char *sha1_digest;
100101
unsigned char master_key[MPPE_MAX_KEY_LEN];
101102
unsigned char session_key[MPPE_MAX_KEY_LEN];
@@ -135,7 +136,7 @@ struct ppp_mppe_state {
135136
*/
136137
static void get_new_key_from_sha(struct ppp_mppe_state * state)
137138
{
138-
struct hash_desc desc;
139+
AHASH_REQUEST_ON_STACK(req, state->sha1);
139140
struct scatterlist sg[4];
140141
unsigned int nbytes;
141142

@@ -148,10 +149,12 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state)
148149
nbytes += setup_sg(&sg[3], sha_pad->sha_pad2,
149150
sizeof(sha_pad->sha_pad2));
150151

151-
desc.tfm = state->sha1;
152-
desc.flags = 0;
152+
ahash_request_set_tfm(req, state->sha1);
153+
ahash_request_set_callback(req, 0, NULL, NULL);
154+
ahash_request_set_crypt(req, sg, state->sha1_digest, nbytes);
153155

154-
crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest);
156+
crypto_ahash_digest(req);
157+
ahash_request_zero(req);
155158
}
156159

157160
/*
@@ -161,20 +164,23 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state)
161164
static void mppe_rekey(struct ppp_mppe_state * state, int initial_key)
162165
{
163166
struct scatterlist sg_in[1], sg_out[1];
164-
struct blkcipher_desc desc = { .tfm = state->arc4 };
167+
SKCIPHER_REQUEST_ON_STACK(req, state->arc4);
168+
169+
skcipher_request_set_tfm(req, state->arc4);
170+
skcipher_request_set_callback(req, 0, NULL, NULL);
165171

166172
get_new_key_from_sha(state);
167173
if (!initial_key) {
168-
crypto_blkcipher_setkey(state->arc4, state->sha1_digest,
169-
state->keylen);
174+
crypto_skcipher_setkey(state->arc4, state->sha1_digest,
175+
state->keylen);
170176
sg_init_table(sg_in, 1);
171177
sg_init_table(sg_out, 1);
172178
setup_sg(sg_in, state->sha1_digest, state->keylen);
173179
setup_sg(sg_out, state->session_key, state->keylen);
174-
if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in,
175-
state->keylen) != 0) {
180+
skcipher_request_set_crypt(req, sg_in, sg_out, state->keylen,
181+
NULL);
182+
if (crypto_skcipher_encrypt(req))
176183
printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n");
177-
}
178184
} else {
179185
memcpy(state->session_key, state->sha1_digest, state->keylen);
180186
}
@@ -184,7 +190,8 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key)
184190
state->session_key[1] = 0x26;
185191
state->session_key[2] = 0x9e;
186192
}
187-
crypto_blkcipher_setkey(state->arc4, state->session_key, state->keylen);
193+
crypto_skcipher_setkey(state->arc4, state->session_key, state->keylen);
194+
skcipher_request_zero(req);
188195
}
189196

190197
/*
@@ -204,19 +211,19 @@ static void *mppe_alloc(unsigned char *options, int optlen)
204211
goto out;
205212

206213

207-
state->arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
214+
state->arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
208215
if (IS_ERR(state->arc4)) {
209216
state->arc4 = NULL;
210217
goto out_free;
211218
}
212219

213-
state->sha1 = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC);
220+
state->sha1 = crypto_alloc_ahash("sha1", 0, CRYPTO_ALG_ASYNC);
214221
if (IS_ERR(state->sha1)) {
215222
state->sha1 = NULL;
216223
goto out_free;
217224
}
218225

219-
digestsize = crypto_hash_digestsize(state->sha1);
226+
digestsize = crypto_ahash_digestsize(state->sha1);
220227
if (digestsize < MPPE_MAX_KEY_LEN)
221228
goto out_free;
222229

@@ -237,15 +244,12 @@ static void *mppe_alloc(unsigned char *options, int optlen)
237244

238245
return (void *)state;
239246

240-
out_free:
241-
if (state->sha1_digest)
242-
kfree(state->sha1_digest);
243-
if (state->sha1)
244-
crypto_free_hash(state->sha1);
245-
if (state->arc4)
246-
crypto_free_blkcipher(state->arc4);
247-
kfree(state);
248-
out:
247+
out_free:
248+
kfree(state->sha1_digest);
249+
crypto_free_ahash(state->sha1);
250+
crypto_free_skcipher(state->arc4);
251+
kfree(state);
252+
out:
249253
return NULL;
250254
}
251255

@@ -256,13 +260,10 @@ static void mppe_free(void *arg)
256260
{
257261
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
258262
if (state) {
259-
if (state->sha1_digest)
260263
kfree(state->sha1_digest);
261-
if (state->sha1)
262-
crypto_free_hash(state->sha1);
263-
if (state->arc4)
264-
crypto_free_blkcipher(state->arc4);
265-
kfree(state);
264+
crypto_free_ahash(state->sha1);
265+
crypto_free_skcipher(state->arc4);
266+
kfree(state);
266267
}
267268
}
268269

@@ -368,8 +369,9 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
368369
int isize, int osize)
369370
{
370371
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
371-
struct blkcipher_desc desc = { .tfm = state->arc4 };
372+
SKCIPHER_REQUEST_ON_STACK(req, state->arc4);
372373
int proto;
374+
int err;
373375
struct scatterlist sg_in[1], sg_out[1];
374376

375377
/*
@@ -426,7 +428,13 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf,
426428
sg_init_table(sg_out, 1);
427429
setup_sg(sg_in, ibuf, isize);
428430
setup_sg(sg_out, obuf, osize);
429-
if (crypto_blkcipher_encrypt(&desc, sg_out, sg_in, isize) != 0) {
431+
432+
skcipher_request_set_tfm(req, state->arc4);
433+
skcipher_request_set_callback(req, 0, NULL, NULL);
434+
skcipher_request_set_crypt(req, sg_in, sg_out, isize, NULL);
435+
err = crypto_skcipher_encrypt(req);
436+
skcipher_request_zero(req);
437+
if (err) {
430438
printk(KERN_DEBUG "crypto_cypher_encrypt failed\n");
431439
return -1;
432440
}
@@ -475,7 +483,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
475483
int osize)
476484
{
477485
struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg;
478-
struct blkcipher_desc desc = { .tfm = state->arc4 };
486+
SKCIPHER_REQUEST_ON_STACK(req, state->arc4);
479487
unsigned ccount;
480488
int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED;
481489
struct scatterlist sg_in[1], sg_out[1];
@@ -609,9 +617,14 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
609617
sg_init_table(sg_out, 1);
610618
setup_sg(sg_in, ibuf, 1);
611619
setup_sg(sg_out, obuf, 1);
612-
if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, 1) != 0) {
620+
621+
skcipher_request_set_tfm(req, state->arc4);
622+
skcipher_request_set_callback(req, 0, NULL, NULL);
623+
skcipher_request_set_crypt(req, sg_in, sg_out, 1, NULL);
624+
if (crypto_skcipher_decrypt(req)) {
613625
printk(KERN_DEBUG "crypto_cypher_decrypt failed\n");
614-
return DECOMP_ERROR;
626+
osize = DECOMP_ERROR;
627+
goto out_zap_req;
615628
}
616629

617630
/*
@@ -629,9 +642,11 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
629642
/* And finally, decrypt the rest of the packet. */
630643
setup_sg(sg_in, ibuf + 1, isize - 1);
631644
setup_sg(sg_out, obuf + 1, osize - 1);
632-
if (crypto_blkcipher_decrypt(&desc, sg_out, sg_in, isize - 1)) {
645+
skcipher_request_set_crypt(req, sg_in, sg_out, isize - 1, NULL);
646+
if (crypto_skcipher_decrypt(req)) {
633647
printk(KERN_DEBUG "crypto_cypher_decrypt failed\n");
634-
return DECOMP_ERROR;
648+
osize = DECOMP_ERROR;
649+
goto out_zap_req;
635650
}
636651

637652
state->stats.unc_bytes += osize;
@@ -642,6 +657,8 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf,
642657
/* good packet credit */
643658
state->sanity_errors >>= 1;
644659

660+
out_zap_req:
661+
skcipher_request_zero(req);
645662
return osize;
646663

647664
sanity_error:
@@ -714,8 +731,8 @@ static struct compressor ppp_mppe = {
714731
static int __init ppp_mppe_init(void)
715732
{
716733
int answer;
717-
if (!(crypto_has_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) &&
718-
crypto_has_hash("sha1", 0, CRYPTO_ALG_ASYNC)))
734+
if (!(crypto_has_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) &&
735+
crypto_has_ahash("sha1", 0, CRYPTO_ALG_ASYNC)))
719736
return -ENODEV;
720737

721738
sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL);

0 commit comments

Comments
 (0)