static const u8 zero[IEEE80211_CMAC_256_MIC_LEN];
int ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad,
- const u8 *data, size_t data_len, u8 *mic)
+ const u8 *data, size_t data_len, u8 *mic,
+ unsigned int mic_len)
{
int err;
SHASH_DESC_ON_STACK(desc, tfm);
err = crypto_shash_update(desc, zero, 8);
if (err)
return err;
- err = crypto_shash_update(desc, data + 8, data_len - 8 -
- IEEE80211_CMAC_128_MIC_LEN);
+ err = crypto_shash_update(desc, data + 8,
+ data_len - 8 - mic_len);
if (err)
return err;
} else {
- err = crypto_shash_update(desc, data, data_len -
- IEEE80211_CMAC_128_MIC_LEN);
+ err = crypto_shash_update(desc, data, data_len - mic_len);
if (err)
return err;
}
- err = crypto_shash_finup(desc, zero, IEEE80211_CMAC_128_MIC_LEN, out);
+ err = crypto_shash_finup(desc, zero, mic_len, out);
if (err)
return err;
- memcpy(mic, out, IEEE80211_CMAC_128_MIC_LEN);
+ memcpy(mic, out, mic_len);
return 0;
}
-int ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad,
- const u8 *data, size_t data_len, u8 *mic)
-{
- int err;
- SHASH_DESC_ON_STACK(desc, tfm);
- const __le16 *fc;
-
- desc->tfm = tfm;
-
- err = crypto_shash_init(desc);
- if (err)
- return err;
- err = crypto_shash_update(desc, aad, AAD_LEN);
- if (err)
- return err;
- fc = (const __le16 *)aad;
- if (ieee80211_is_beacon(*fc)) {
- /* mask Timestamp field to zero */
- err = crypto_shash_update(desc, zero, 8);
- if (err)
- return err;
- err = crypto_shash_update(desc, data + 8, data_len - 8 -
- IEEE80211_CMAC_256_MIC_LEN);
- if (err)
- return err;
- } else {
- err = crypto_shash_update(desc, data, data_len -
- IEEE80211_CMAC_256_MIC_LEN);
- if (err)
- return err;
- }
- return crypto_shash_finup(desc, zero, IEEE80211_CMAC_256_MIC_LEN, mic);
-}
-
struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[],
size_t key_len)
{
struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[],
size_t key_len);
int ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad,
- const u8 *data, size_t data_len, u8 *mic);
-int ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad,
- const u8 *data, size_t data_len, u8 *mic);
+ const u8 *data, size_t data_len, u8 *mic,
+ unsigned int mic_len);
void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm);
#endif /* AES_CMAC_H */
* MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64)
*/
if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad,
- skb->data + 24, skb->len - 24, mmie->mic))
+ skb->data + 24, skb->len - 24, mmie->mic,
+ IEEE80211_CMAC_128_MIC_LEN))
return TX_DROP;
return TX_CONTINUE;
/* MIC = AES-256-CMAC(IGTK, AAD || Management Frame Body || MMIE, 128)
*/
- if (ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
- skb->data + 24, skb->len - 24, mmie->mic))
+ if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad,
+ skb->data + 24, skb->len - 24, mmie->mic,
+ IEEE80211_CMAC_256_MIC_LEN))
return TX_DROP;
return TX_CONTINUE;
/* hardware didn't decrypt/verify MIC */
bip_aad(skb, aad);
if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad,
- skb->data + 24, skb->len - 24, mic))
+ skb->data + 24, skb->len - 24, mic,
+ IEEE80211_CMAC_128_MIC_LEN))
return RX_DROP_U_DECRYPT_FAIL;
if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) {
key->u.aes_cmac.icverrors++;
if (!(status->flag & RX_FLAG_DECRYPTED)) {
/* hardware didn't decrypt/verify MIC */
bip_aad(skb, aad);
- if (ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad,
- skb->data + 24, skb->len - 24, mic))
+ if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad,
+ skb->data + 24, skb->len - 24, mic,
+ IEEE80211_CMAC_256_MIC_LEN))
return RX_DROP_U_DECRYPT_FAIL;
if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) {
key->u.aes_cmac.icverrors++;
projects / thirdparty / kernel / linux.git / commitdiff
