ieee80211_aes_cmac() and ieee80211_aes_cmac_256() are almost the same. Merge them. This removes duplication. All references to the refactored functions in the tree are adapted. Complie test only. Signed-off-by: Chien Wong --- net/mac80211/aes_cmac.c | 49 +++++++---------------------------------- net/mac80211/aes_cmac.h | 4 +--- net/mac80211/wpa.c | 16 +++++++++----- 3 files changed, 19 insertions(+), 50 deletions(-) diff --git a/net/mac80211/aes_cmac.c b/net/mac80211/aes_cmac.c index 2c2d15c50b65..a44dda08aaa4 100644 --- a/net/mac80211/aes_cmac.c +++ b/net/mac80211/aes_cmac.c @@ -16,52 +16,20 @@ #include "key.h" #include "aes_cmac.h" -#define CMAC_TLEN IEEE80211_CMAC_128_MIC_LEN -#define CMAC_TLEN_256 IEEE80211_CMAC_256_MIC_LEN #define AAD_LEN 20 -static const u8 zero[CMAC_TLEN_256]; +static const u8 zero[IEEE80211_CMAC_256_MIC_LEN]; int ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic) + const u8 *data, size_t data_len, u8 *mic, unsigned int mic_len) { int err; SHASH_DESC_ON_STACK(desc, tfm); const __le16 *fc; - desc->tfm = tfm; - - err = crypto_shash_init(desc); - if (err) - goto out; - err = crypto_shash_update(desc, aad, AAD_LEN); - if (err) - goto out; - fc = (const __le16 *)aad; - if (ieee80211_is_beacon(*fc)) { - /* mask Timestamp field to zero */ - err = crypto_shash_update(desc, zero, 8); - if (err) - goto out; - err = crypto_shash_update(desc, data + 8, data_len - 8 - CMAC_TLEN); - if (err) - goto out; - } else { - err = crypto_shash_update(desc, data, data_len - CMAC_TLEN); - if (err) - goto out; - } - err = crypto_shash_finup(desc, zero, CMAC_TLEN, mic); -out: - return err; -} - -int ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic) -{ - int err; - SHASH_DESC_ON_STACK(desc, tfm); - const __le16 *fc; + if (mic_len != IEEE80211_CMAC_128_MIC_LEN && + mic_len != IEEE80211_CMAC_256_MIC_LEN) + return -EINVAL; desc->tfm = tfm; @@ -77,16 +45,15 @@ int ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, err = crypto_shash_update(desc, zero, 8); if (err) goto out; - err = crypto_shash_update(desc, data + 8, - data_len - 8 - CMAC_TLEN_256); + err = crypto_shash_update(desc, data + 8, data_len - 8 - mic_len); if (err) goto out; } else { - err = crypto_shash_update(desc, data, data_len - CMAC_TLEN_256); + err = crypto_shash_update(desc, data, data_len - mic_len); if (err) goto out; } - err = crypto_shash_finup(desc, zero, CMAC_TLEN_256, mic); + err = crypto_shash_finup(desc, zero, mic_len, mic); out: return err; } diff --git a/net/mac80211/aes_cmac.h b/net/mac80211/aes_cmac.h index f74150542142..631fc3033576 100644 --- a/net/mac80211/aes_cmac.h +++ b/net/mac80211/aes_cmac.h @@ -12,9 +12,7 @@ struct crypto_shash *ieee80211_aes_cmac_key_setup(const u8 key[], size_t key_len); int ieee80211_aes_cmac(struct crypto_shash *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic); -int ieee80211_aes_cmac_256(struct crypto_shash *tfm, const u8 *aad, - const u8 *data, size_t data_len, u8 *mic); + const u8 *data, size_t data_len, u8 *mic, unsigned int mic_len); void ieee80211_aes_cmac_key_free(struct crypto_shash *tfm); #endif /* AES_CMAC_H */ diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index bb0fa505cdca..2c1ee4b8e205 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -870,7 +870,8 @@ ieee80211_crypto_aes_cmac_encrypt(struct ieee80211_tx_data *tx) * MIC = AES-128-CMAC(IGTK, AAD || Management Frame Body || MMIE, 64) */ if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, - skb->data + 24, skb->len - 24, mmie->mic)) + skb->data + 24, skb->len - 24, mmie->mic, + IEEE80211_CMAC_128_MIC_LEN)) return TX_DROP; return TX_CONTINUE; @@ -917,8 +918,9 @@ ieee80211_crypto_aes_cmac_256_encrypt(struct ieee80211_tx_data *tx) /* MIC = AES-256-CMAC(IGTK, AAD || Management Frame Body || MMIE, 128) */ - if (ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad, - skb->data + 24, skb->len - 24, mmie->mic)) + if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, + skb->data + 24, skb->len - 24, mmie->mic, + IEEE80211_CMAC_256_MIC_LEN)) return TX_DROP; return TX_CONTINUE; @@ -959,7 +961,8 @@ ieee80211_crypto_aes_cmac_decrypt(struct ieee80211_rx_data *rx) /* hardware didn't decrypt/verify MIC */ bip_aad(skb, aad); if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, - skb->data + 24, skb->len - 24, mic)) + skb->data + 24, skb->len - 24, mic, + IEEE80211_CMAC_128_MIC_LEN)) return RX_DROP_U_DECRYPT_FAIL; if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) { key->u.aes_cmac.icverrors++; @@ -1009,8 +1012,9 @@ ieee80211_crypto_aes_cmac_256_decrypt(struct ieee80211_rx_data *rx) if (!(status->flag & RX_FLAG_DECRYPTED)) { /* hardware didn't decrypt/verify MIC */ bip_aad(skb, aad); - if (ieee80211_aes_cmac_256(key->u.aes_cmac.tfm, aad, - skb->data + 24, skb->len - 24, mic)) + if (ieee80211_aes_cmac(key->u.aes_cmac.tfm, aad, + skb->data + 24, skb->len - 24, mic, + IEEE80211_CMAC_256_MIC_LEN)) return RX_DROP_U_DECRYPT_FAIL; if (crypto_memneq(mic, mmie->mic, sizeof(mmie->mic))) { key->u.aes_cmac.icverrors++; -- 2.51.2