ieee80211_aes_cmac() and ieee80211_aes_cmac_256() are almost the same. Merge them. This removes duplication. Signed-off-by: Chien Wong --- net/mac80211/aes_cmac.c | 48 ++++++----------------------------------- net/mac80211/aes_cmac.h | 5 ++--- net/mac80211/wpa.c | 16 ++++++++------ 3 files changed, 19 insertions(+), 50 deletions(-) diff --git a/net/mac80211/aes_cmac.c b/net/mac80211/aes_cmac.c index 672ed80ee4ff..0827965455dc 100644 --- a/net/mac80211/aes_cmac.c +++ b/net/mac80211/aes_cmac.c @@ -21,7 +21,8 @@ static const u8 zero[IEEE80211_CMAC_256_MIC_LEN]; int ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic) + const u8 *data, size_t data_len, u8 *mic, + unsigned int mic_len) { int err; SHASH_DESC_ON_STACK(desc, tfm); @@ -42,58 +43,23 @@ int ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, err = crypto_shash_update(desc, zero, 8); if (err) return err; - err = crypto_shash_update(desc, data + 8, data_len - 8 - - IEEE80211_CMAC_128_MIC_LEN); + err = crypto_shash_update(desc, data + 8, + data_len - 8 - mic_len); if (err) return err; } else { - err = crypto_shash_update(desc, data, data_len - - IEEE80211_CMAC_128_MIC_LEN); + err = crypto_shash_update(desc, data, data_len - mic_len); if (err) return err; } - err = crypto_shash_finup(desc, zero, IEEE80211_CMAC_128_MIC_LEN, out); + err = crypto_shash_finup(desc, zero, mic_len, out); if (err) return err; - memcpy(mic, out, IEEE80211_CMAC_128_MIC_LEN); + memcpy(mic, out, mic_len); return 0; } -int ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic) -{ - int err; - SHASH_DESC_ON_STACK(desc, tfm); - const __le16 *fc; - - desc->tfm = tfm; - - err = crypto_shash_init(desc); - if (err) - return err; - err = crypto_shash_update(desc, aad, AAD_LEN); - if (err) - return err; - fc = (const __le16 *)aad; - if (ieee80211_is_beacon(*fc)) { - /* mask Timestamp field to zero */ - err = crypto_shash_update(desc, zero, 8); - if (err) - return err; - err = crypto_shash_update(desc, data + 8, data_len - 8 - - IEEE80211_CMAC_256_MIC_LEN); - if (err) - return err; - } else { - err = crypto_shash_update(desc, data, data_len - - IEEE80211_CMAC_256_MIC_LEN); - if (err) - return err; - } - return crypto_shash_finup(desc, zero, IEEE80211_CMAC_256_MIC_LEN, mic); -} - struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[], size_t key_len) { diff --git a/net/mac80211/aes_cmac.h b/net/mac80211/aes_cmac.h index f74150542142..5f971a8298cb 100644 --- a/net/mac80211/aes_cmac.h +++ b/net/mac80211/aes_cmac.h @@ -12,9 +12,8 @@ struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[], size_t key_len); int ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic); -int ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic); + const u8 *data, size_t data_len, u8 *mic, + unsigned int mic_len); void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm); #endif /* AES_CMAC_H */ diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 3d5efd8c6e2d..7431ccecd17f 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -870,7 +870,8 @@ ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx) * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64) */ if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, - skb->data + 24, skb->len - 24, mmie->mic)) + skb->data + 24, skb->len - 24, mmie->mic, + IEEE80211_CMAC_128_MIC_LEN)) return TX_DROP; return TX_CONTINUE; @@ -917,8 +918,9 @@ ieee80211_crypto_aes_cmac_256_encrypt(struct ieee80211_tx_data *tx) /* MIC = AES-256-CMAC(IGTK, AAD || Management Frame Body || MMIE, 128) */ - if (ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad, - skb->data + 24, skb->len - 24, mmie->mic)) + if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, + skb->data + 24, skb->len - 24, mmie->mic, + IEEE80211_CMAC_256_MIC_LEN)) return TX_DROP; return TX_CONTINUE; @@ -959,7 +961,8 @@ ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx) /* hardware didn't decrypt/verify MIC */ bip_aad(skb, aad); if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, - skb->data + 24, skb->len - 24, mic)) + skb->data + 24, skb->len - 24, mic, + IEEE80211_CMAC_128_MIC_LEN)) return RX_DROP_U_DECRYPT_FAIL; if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) { key->u.aes_cmac.icverrors++; @@ -1009,8 +1012,9 @@ ieee80211_crypto_aes_cmac_256_decrypt(struct ieee80211_rx_data *rx) if (!(status->flag & RX_FLAG_DECRYPTED)) { /* hardware didn't decrypt/verify MIC */ bip_aad(skb, aad); - if (ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad, - skb->data + 24, skb->len - 24, mic)) + if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, + skb->data + 24, skb->len - 24, mic, + IEEE80211_CMAC_256_MIC_LEN)) return RX_DROP_U_DECRYPT_FAIL; if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) { key->u.aes_cmac.icverrors++; -- 2.51.2