/* * AES-GMAC for IEEE 802.11 BIP-GMAC-128 and BIP-GMAC-256 * Copyright 2015, Qualcomm Atheros, Inc. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as * published by the Free Software Foundation. */ #include #include #include #include #include #include #include "key.h" #include "aes_gmac.h" int ieee80211_aes_gmac(struct crypto_aead *tfm, const u8 *aad, u8 *nonce, const u8 *data, size_t data_len, u8 *mic) { struct scatterlist sg[4]; u8 *zero, *__aad, iv[AES_BLOCK_SIZE]; struct aead_request *aead_req; int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm); if (data_len < GMAC_MIC_LEN) return -EINVAL; aead_req = kzalloc(reqsize + GMAC_MIC_LEN + GMAC_AAD_LEN, GFP_ATOMIC); if (!aead_req) return -ENOMEM; zero = (u8 *)aead_req + reqsize; __aad = zero + GMAC_MIC_LEN; memcpy(__aad, aad, GMAC_AAD_LEN); sg_init_table(sg, 4); sg_set_buf(&sg[0], __aad, GMAC_AAD_LEN); sg_set_buf(&sg[1], data, data_len - GMAC_MIC_LEN); sg_set_buf(&sg[2], zero, GMAC_MIC_LEN); sg_set_buf(&sg[3], mic, GMAC_MIC_LEN); memcpy(iv, nonce, GMAC_NONCE_LEN); memset(iv + GMAC_NONCE_LEN, 0, sizeof(iv) - GMAC_NONCE_LEN); iv[AES_BLOCK_SIZE - 1] = 0x01; aead_request_set_tfm(aead_req, tfm); aead_request_set_crypt(aead_req, sg, sg, 0, iv); aead_request_set_ad(aead_req, GMAC_AAD_LEN + data_len); crypto_aead_encrypt(aead_req); kzfree(aead_req); return 0; } struct crypto_aead *ieee80211_aes_gmac_key_setup(const u8 key[], size_t key_len) { struct crypto_aead *tfm; int err; tfm = crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC); if (IS_ERR(tfm)) return tfm; err = crypto_aead_setkey(tfm, key, key_len); if (!err) err = crypto_aead_setauthsize(tfm, GMAC_MIC_LEN); if (!err) return tfm; crypto_free_aead(tfm); return ERR_PTR(err); } void ieee80211_aes_gmac_key_free(struct crypto_aead *tfm) { crypto_free_aead(tfm); } /net/ieee802154/nl802154.h?id=1930b60352e7e195f55b27cde15d2a8f43342a8b'>diff
path: root/net/ieee802154/nl802154.h
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2017-01-30 15:55:48 -0500
committerDavid S. Miller <davem@davemloft.net>2017-01-30 15:56:40 -0500
commit1930b60352e7e195f55b27cde15d2a8f43342a8b (patch)
treeec3f66cd8d8110bf7b4f61e0446bdea505915db9 /net/ieee802154/nl802154.h
parent4be9993493bc7ee3fdf950a83bc050a3e6cf2a45 (diff)
parentec960de61503ef349588dccfa3ae02efabcc2762 (diff)
Merge branch 'dsa-port-mirroring'
Florian Fainelli says: ==================== net: dsa: Port mirroring support This patch series adds support for port mirroring in the two Broadcom switch drivers. The major part of the functional are actually with the plumbing between tc and the drivers. Changes in v5: - Added Jiri's Reviewed-by tag to first patch - rebase against latest net-next/master after bcm_sf2 CFP series Changes in v4: - rebased against latest net-next/master after Vivien's changes Changes in v3: - removed multiline comments from added structures - simplify error handling in dsa_slave_add_cls_matchall Changes in v2: - fixed filter removal logic to disable the ingress or egress mirroring when there are no longer ports being monitored in ingress or egress - removed a stray list_head in dsa_port structure that is not used Tested using the two iproute2 examples: tc qdisc add dev eth1 handle ffff: ingress tc filter add dev eth1 parent ffff: \ matchall skip_sw \ action mirred egress mirror \ dev eth2 tc qdisc add dev eth1 handle 1: root prio tc filter add dev eth1 parent 1: \ matchall skip_sw \ action mirred egress mirror \ dev eth2 ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ieee802154/nl802154.h')