OpenWrt – Blame information for rev 4
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
1 | office | 1 | From: Felix Fietkau <nbd@nbd.name> |
2 | Date: Sat, 7 Oct 2017 09:37:28 +0200 |
||
3 | Subject: [PATCH] Revert "mac80211: aes-cmac: switch to shash CMAC |
||
4 | driver" |
||
5 | |||
6 | This reverts commit 26717828b75dd5c46e97f7f4a9b937d038bb2852. |
||
7 | Reduces mac80211 dependencies for LEDE |
||
8 | |||
9 | Signed-off-by: Felix Fietkau <nbd@nbd.name> |
||
10 | --- |
||
11 | |||
12 | --- a/net/mac80211/aes_cmac.c |
||
13 | +++ b/net/mac80211/aes_cmac.c |
||
14 | @@ -22,50 +22,126 @@ |
||
15 | #define CMAC_TLEN_256 16 /* CMAC TLen = 128 bits (16 octets) */ |
||
16 | #define AAD_LEN 20 |
||
17 | |||
18 | -static const u8 zero[CMAC_TLEN_256]; |
||
19 | |||
20 | -void ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, |
||
21 | - const u8 *data, size_t data_len, u8 *mic) |
||
22 | +void gf_mulx(u8 *pad) |
||
23 | +{ |
||
24 | + int i, carry; |
||
25 | + |
||
26 | + carry = pad[0] & 0x80; |
||
27 | + for (i = 0; i < AES_BLOCK_SIZE - 1; i++) |
||
28 | + pad[i] = (pad[i] << 1) | (pad[i + 1] >> 7); |
||
29 | + pad[AES_BLOCK_SIZE - 1] <<= 1; |
||
30 | + if (carry) |
||
31 | + pad[AES_BLOCK_SIZE - 1] ^= 0x87; |
||
32 | +} |
||
33 | + |
||
34 | +void aes_cmac_vector(struct crypto_cipher *tfm, size_t num_elem, |
||
35 | + const u8 *addr[], const size_t *len, u8 *mac, |
||
36 | + size_t mac_len) |
||
37 | { |
||
38 | - SHASH_DESC_ON_STACK(desc, tfm); |
||
39 | - u8 out[AES_BLOCK_SIZE]; |
||
40 | + u8 cbc[AES_BLOCK_SIZE], pad[AES_BLOCK_SIZE]; |
||
41 | + const u8 *pos, *end; |
||
42 | + size_t i, e, left, total_len; |
||
43 | + |
||
44 | + memset(cbc, 0, AES_BLOCK_SIZE); |
||
45 | + |
||
46 | + total_len = 0; |
||
47 | + for (e = 0; e < num_elem; e++) |
||
48 | + total_len += len[e]; |
||
49 | + left = total_len; |
||
50 | + |
||
51 | + e = 0; |
||
52 | + pos = addr[0]; |
||
53 | + end = pos + len[0]; |
||
54 | + |
||
55 | + while (left >= AES_BLOCK_SIZE) { |
||
56 | + for (i = 0; i < AES_BLOCK_SIZE; i++) { |
||
57 | + cbc[i] ^= *pos++; |
||
58 | + if (pos >= end) { |
||
59 | + e++; |
||
60 | + pos = addr[e]; |
||
61 | + end = pos + len[e]; |
||
62 | + } |
||
63 | + } |
||
64 | + if (left > AES_BLOCK_SIZE) |
||
65 | + crypto_cipher_encrypt_one(tfm, cbc, cbc); |
||
66 | + left -= AES_BLOCK_SIZE; |
||
67 | + } |
||
68 | + |
||
69 | + memset(pad, 0, AES_BLOCK_SIZE); |
||
70 | + crypto_cipher_encrypt_one(tfm, pad, pad); |
||
71 | + gf_mulx(pad); |
||
72 | + |
||
73 | + if (left || total_len == 0) { |
||
74 | + for (i = 0; i < left; i++) { |
||
75 | + cbc[i] ^= *pos++; |
||
76 | + if (pos >= end) { |
||
77 | + e++; |
||
78 | + pos = addr[e]; |
||
79 | + end = pos + len[e]; |
||
80 | + } |
||
81 | + } |
||
82 | + cbc[left] ^= 0x80; |
||
83 | + gf_mulx(pad); |
||
84 | + } |
||
85 | + |
||
86 | + for (i = 0; i < AES_BLOCK_SIZE; i++) |
||
87 | + pad[i] ^= cbc[i]; |
||
88 | + crypto_cipher_encrypt_one(tfm, pad, pad); |
||
89 | + memcpy(mac, pad, mac_len); |
||
90 | +} |
||
91 | |||
92 | - desc->tfm = tfm; |
||
93 | |||
94 | - crypto_shash_init(desc); |
||
95 | - crypto_shash_update(desc, aad, AAD_LEN); |
||
96 | - crypto_shash_update(desc, data, data_len - CMAC_TLEN); |
||
97 | - crypto_shash_finup(desc, zero, CMAC_TLEN, out); |
||
98 | +void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad, |
||
99 | + const u8 *data, size_t data_len, u8 *mic) |
||
100 | +{ |
||
101 | + const u8 *addr[3]; |
||
102 | + size_t len[3]; |
||
103 | + u8 zero[CMAC_TLEN]; |
||
104 | + |
||
105 | + memset(zero, 0, CMAC_TLEN); |
||
106 | + addr[0] = aad; |
||
107 | + len[0] = AAD_LEN; |
||
108 | + addr[1] = data; |
||
109 | + len[1] = data_len - CMAC_TLEN; |
||
110 | + addr[2] = zero; |
||
111 | + len[2] = CMAC_TLEN; |
||
112 | |||
113 | - memcpy(mic, out, CMAC_TLEN); |
||
114 | + aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN); |
||
115 | } |
||
116 | |||
117 | -void ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, |
||
118 | +void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad, |
||
119 | const u8 *data, size_t data_len, u8 *mic) |
||
120 | { |
||
121 | - SHASH_DESC_ON_STACK(desc, tfm); |
||
122 | + const u8 *addr[3]; |
||
123 | + size_t len[3]; |
||
124 | + u8 zero[CMAC_TLEN_256]; |
||
125 | + |
||
126 | + memset(zero, 0, CMAC_TLEN_256); |
||
127 | + addr[0] = aad; |
||
128 | + len[0] = AAD_LEN; |
||
129 | + addr[1] = data; |
||
130 | + len[1] = data_len - CMAC_TLEN_256; |
||
131 | + addr[2] = zero; |
||
132 | + len[2] = CMAC_TLEN_256; |
||
133 | |||
134 | - desc->tfm = tfm; |
||
135 | - |
||
136 | - crypto_shash_init(desc); |
||
137 | - crypto_shash_update(desc, aad, AAD_LEN); |
||
138 | - crypto_shash_update(desc, data, data_len - CMAC_TLEN_256); |
||
139 | - crypto_shash_finup(desc, zero, CMAC_TLEN_256, mic); |
||
140 | + aes_cmac_vector(tfm, 3, addr, len, mic, CMAC_TLEN_256); |
||
141 | } |
||
142 | |||
143 | -struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[], |
||
144 | - size_t key_len) |
||
145 | +struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[], |
||
146 | + size_t key_len) |
||
147 | { |
||
148 | - struct crypto_shash *tfm; |
||
149 | + struct crypto_cipher *tfm; |
||
150 | |||
151 | - tfm = crypto_alloc_shash("cmac(aes)", 0, 0); |
||
152 | + tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC); |
||
153 | if (!IS_ERR(tfm)) |
||
154 | - crypto_shash_setkey(tfm, key, key_len); |
||
155 | + crypto_cipher_setkey(tfm, key, key_len); |
||
156 | |||
157 | return tfm; |
||
158 | } |
||
159 | |||
160 | -void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm) |
||
161 | + |
||
162 | +void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm) |
||
163 | { |
||
164 | - crypto_free_shash(tfm); |
||
165 | + crypto_free_cipher(tfm); |
||
166 | } |
||
167 | --- a/net/mac80211/aes_cmac.h |
||
168 | +++ b/net/mac80211/aes_cmac.h |
||
169 | @@ -10,14 +10,13 @@ |
||
170 | #define AES_CMAC_H |
||
171 | |||
172 | #include <linux/crypto.h> |
||
173 | -#include <crypto/hash.h> |
||
174 | |||
175 | -struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[], |
||
176 | - size_t key_len); |
||
177 | -void ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, |
||
178 | +struct crypto_cipher *ieee80211_aes_cmac_key_setup(const u8 key[], |
||
179 | + size_t key_len); |
||
180 | +void ieee80211_aes_cmac(struct crypto_cipher *tfm, const u8 *aad, |
||
181 | const u8 *data, size_t data_len, u8 *mic); |
||
182 | -void ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, |
||
183 | +void ieee80211_aes_cmac_256(struct crypto_cipher *tfm, const u8 *aad, |
||
184 | const u8 *data, size_t data_len, u8 *mic); |
||
185 | -void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm); |
||
186 | +void ieee80211_aes_cmac_key_free(struct crypto_cipher *tfm); |
||
187 | |||
188 | #endif /* AES_CMAC_H */ |
||
189 | --- a/net/mac80211/key.h |
||
190 | +++ b/net/mac80211/key.h |
||
191 | @@ -93,7 +93,7 @@ struct ieee80211_key { |
||
192 | } ccmp; |
||
193 | struct { |
||
194 | u8 rx_pn[IEEE80211_CMAC_PN_LEN]; |
||
195 | - struct crypto_shash *tfm; |
||
196 | + struct crypto_cipher *tfm; |
||
197 | u32 replays; /* dot11RSNAStatsCMACReplays */ |
||
198 | u32 icverrors; /* dot11RSNAStatsCMACICVErrors */ |
||
199 | } aes_cmac; |