summaryrefslogtreecommitdiffstats
path: root/include/net/ah.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/net/ah.h')
-rw-r--r--include/net/ah.h30
1 files changed, 19 insertions, 11 deletions
diff --git a/include/net/ah.h b/include/net/ah.h
index ceff00afae0..8f257c15990 100644
--- a/include/net/ah.h
+++ b/include/net/ah.h
@@ -1,6 +1,7 @@
#ifndef _NET_AH_H
#define _NET_AH_H
+#include <linux/crypto.h>
#include <net/xfrm.h>
/* This is the maximum truncated ICV length that we know of. */
@@ -14,22 +15,29 @@ struct ah_data
int icv_full_len;
int icv_trunc_len;
- void (*icv)(struct ah_data*,
- struct sk_buff *skb, u8 *icv);
-
- struct crypto_tfm *tfm;
+ struct crypto_hash *tfm;
};
-static inline void
-ah_hmac_digest(struct ah_data *ahp, struct sk_buff *skb, u8 *auth_data)
+static inline int ah_mac_digest(struct ah_data *ahp, struct sk_buff *skb,
+ u8 *auth_data)
{
- struct crypto_tfm *tfm = ahp->tfm;
+ struct hash_desc desc;
+ int err;
+
+ desc.tfm = ahp->tfm;
+ desc.flags = 0;
memset(auth_data, 0, ahp->icv_trunc_len);
- crypto_hmac_init(tfm, ahp->key, &ahp->key_len);
- skb_icv_walk(skb, tfm, 0, skb->len, crypto_hmac_update);
- crypto_hmac_final(tfm, ahp->key, &ahp->key_len, ahp->work_icv);
- memcpy(auth_data, ahp->work_icv, ahp->icv_trunc_len);
+ err = crypto_hash_init(&desc);
+ if (unlikely(err))
+ goto out;
+ err = skb_icv_walk(skb, &desc, 0, skb->len, crypto_hash_update);
+ if (unlikely(err))
+ goto out;
+ err = crypto_hash_final(&desc, ahp->work_icv);
+
+out:
+ return err;
}
#endif