mirror of
https://github.com/torvalds/linux.git
synced 2024-11-15 00:21:59 +00:00
87bdc48d30
This patch removes the duplicate ipv6_{auth,esp,comp}_hdr structures since they're identical to the IPv4 versions. Duplicating them would only create problems for ourselves later when we need to add things like extended sequence numbers. I've also added transport header type conversion headers for these types which are now used by the transforms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
49 lines
894 B
C
49 lines
894 B
C
#ifndef _NET_AH_H
|
|
#define _NET_AH_H
|
|
|
|
#include <linux/crypto.h>
|
|
#include <net/xfrm.h>
|
|
|
|
/* This is the maximum truncated ICV length that we know of. */
|
|
#define MAX_AH_AUTH_LEN 12
|
|
|
|
struct ah_data
|
|
{
|
|
u8 *work_icv;
|
|
int icv_full_len;
|
|
int icv_trunc_len;
|
|
|
|
struct crypto_hash *tfm;
|
|
};
|
|
|
|
static inline int ah_mac_digest(struct ah_data *ahp, struct sk_buff *skb,
|
|
u8 *auth_data)
|
|
{
|
|
struct hash_desc desc;
|
|
int err;
|
|
|
|
desc.tfm = ahp->tfm;
|
|
desc.flags = 0;
|
|
|
|
memset(auth_data, 0, ahp->icv_trunc_len);
|
|
err = crypto_hash_init(&desc);
|
|
if (unlikely(err))
|
|
goto out;
|
|
err = skb_icv_walk(skb, &desc, 0, skb->len, crypto_hash_update);
|
|
if (unlikely(err))
|
|
goto out;
|
|
err = crypto_hash_final(&desc, ahp->work_icv);
|
|
|
|
out:
|
|
return err;
|
|
}
|
|
|
|
struct ip_auth_hdr;
|
|
|
|
static inline struct ip_auth_hdr *ip_auth_hdr(const struct sk_buff *skb)
|
|
{
|
|
return (struct ip_auth_hdr *)skb_transport_header(skb);
|
|
}
|
|
|
|
#endif
|