Hi:

[SCTP]: Use HMAC template

This patch converts SCTP to use the new HMAC template.

Signed-off-by: Herbert Xu <[EMAIL PROTECTED]>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h
--- a/include/net/sctp/constants.h
+++ b/include/net/sctp/constants.h
@@ -312,9 +312,9 @@ enum { SCTP_MAX_GABS = 16 };
                                 */
 
 #if defined (CONFIG_SCTP_HMAC_MD5)
-#define SCTP_COOKIE_HMAC_ALG "md5"
+#define SCTP_COOKIE_HMAC_ALG "hmac(md5)"
 #elif defined (CONFIG_SCTP_HMAC_SHA1)
-#define SCTP_COOKIE_HMAC_ALG "sha1"
+#define SCTP_COOKIE_HMAC_ALG "hmac(sha1)"
 #else
 #define SCTP_COOKIE_HMAC_ALG NULL
 #endif
diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h
--- a/include/net/sctp/sctp.h
+++ b/include/net/sctp/sctp.h
@@ -330,17 +330,6 @@ static inline void sctp_v6_exit(void) { 
 
 #endif /* #if defined(CONFIG_IPV6) */
 
-/* Some wrappers, in case crypto not available. */
-#if defined (CONFIG_CRYPTO_HMAC)
-#define sctp_crypto_alloc_tfm crypto_alloc_tfm
-#define sctp_crypto_free_tfm crypto_free_tfm
-#define sctp_crypto_hmac crypto_hmac
-#else
-#define sctp_crypto_alloc_tfm(x...) NULL
-#define sctp_crypto_free_tfm(x...)
-#define sctp_crypto_hmac(x...)
-#endif
-
 
 /* Map an association to an assoc_id. */
 static inline sctp_assoc_t sctp_assoc2id(const struct sctp_association *asoc)
diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
--- a/net/sctp/endpointola.c
+++ b/net/sctp/endpointola.c
@@ -172,7 +172,7 @@ static void sctp_endpoint_destroy(struct
        sctp_unhash_endpoint(ep);
 
        /* Free up the HMAC transform. */
-       sctp_crypto_free_tfm(sctp_sk(ep->base.sk)->hmac);
+       crypto_free_tfm(sctp_sk(ep->base.sk)->hmac);
 
        /* Cleanup. */
        sctp_inq_free(&ep->base.inqueue);
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -1340,8 +1340,9 @@ static sctp_cookie_param_t *sctp_pack_co
                keylen = SCTP_SECRET_SIZE;
                key = (char *)ep->secret_key[ep->current_key];
 
-               sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen,
-                                &sg, 1, cookie->signature);
+               crypto_digest_setkey(sctp_sk(ep->base.sk)->hmac, key, keylen);
+               crypto_digest_digest(sctp_sk(ep->base.sk)->hmac, &sg, 1,
+                                    cookie->signature);
        }
 
 nodata:
@@ -1403,15 +1404,16 @@ struct sctp_association *sctp_unpack_coo
        key = (char *)ep->secret_key[ep->current_key];
 
        memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
-       sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen, &sg,
-                        1, digest);
+       crypto_digest_setkey(sctp_sk(ep->base.sk)->hmac, key, keylen);
+       crypto_digest_digest(sctp_sk(ep->base.sk)->hmac, &sg, 1, digest);
 
        if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
                /* Try the previous key. */
                key = (char *)ep->secret_key[ep->last_key];
                memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
-               sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen,
-                                &sg, 1, digest);
+               crypto_digest_setkey(sctp_sk(ep->base.sk)->hmac, key, keylen);
+               crypto_digest_digest(sctp_sk(ep->base.sk)->hmac, &sg, 1,
+                                    digest);
 
                if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
                        /* Yikes!  Still bad signature! */
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -4856,7 +4856,7 @@ int sctp_inet_listen(struct socket *sock
 
        /* Allocate HMAC for generating cookie. */
        if (sctp_hmac_alg) {
-               tfm = sctp_crypto_alloc_tfm(sctp_hmac_alg, 0);
+               tfm = crypto_alloc_tfm(sctp_hmac_alg, 0);
                if (!tfm) {
                        err = -ENOSYS;
                        goto out;
@@ -4882,7 +4882,7 @@ out:
        sctp_release_sock(sk);
        return err;
 cleanup:
-       sctp_crypto_free_tfm(tfm);
+       crypto_free_tfm(tfm);
        goto out;
 }
 
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to