[v2,1/2] mptcp: Re-factor mptcp_crypto_hmac_sha()

Message ID	20200225005255.14943-2-peter.krystad@linux.intel.com
State	Superseded, archived
Headers	show Return-Path: <mptcp-bounces@lists.01.org> Received-SPF: None (mailfrom) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=peter.krystad@linux.intel.com; receiver=<UNKNOWN> From: Peter Krystad <peter.krystad@linux.intel.com> To: mptcp@lists.01.org Date: Mon, 24 Feb 2020 16:52:54 -0800 Message-Id: <20200225005255.14943-2-peter.krystad@linux.intel.com> In-Reply-To: <20200225005255.14943-1-peter.krystad@linux.intel.com> References: <20200225005255.14943-1-peter.krystad@linux.intel.com> Message-ID-Hash: VL26E4UDAVJKVHYMALZOY6DNBU443NW7 Precedence: list Subject: [MPTCP] [PATCH v2 1/2] mptcp: Re-factor mptcp_crypto_hmac_sha() Archived-At: <https://lists.01.org/hyperkitty/list/mptcp@lists.01.org/message/VL26E4UDAVJKVHYMALZOY6DNBU443NW7/> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit
Series	Add support for v1 of ADD_ADDR option \| expand [v2,0/2] Add support for v1 of ADD_ADDR option [v2,1/2] mptcp: Re-factor mptcp_crypto_hmac_sha() [v2,2/2] mptcp: Make v1 changes for ADD_ADDR and RM_ADDR options

diff --git a/net/mptcp/crypto.c b/net/mptcp/crypto.c index 40d1bb18fd60..c151628bd416 100644 --- a/net/mptcp/crypto.c +++ b/net/mptcp/crypto.c @@ -44,8 +44,7 @@ void mptcp_crypto_key_sha(u64 key, u32 *token, u64 *idsn) *idsn = be64_to_cpu(*((__be64 *)&mptcp_hashed_key[6])); } -void mptcp_crypto_hmac_sha(u64 key1, u64 key2, u32 nonce1, u32 nonce2, - void *hmac) +void mptcp_crypto_hmac_sha(u64 key1, u64 key2, u8 *msg, int len, void *hmac) { u8 input[SHA256_BLOCK_SIZE + SHA256_DIGEST_SIZE]; __be32 mptcp_hashed_key[SHA256_DIGEST_WORDS]; @@ -55,6 +54,9 @@ void mptcp_crypto_hmac_sha(u64 key1, u64 key2, u32 nonce1, u32 nonce2, u8 key2be[8]; int i; + if (WARN_ON_ONCE(len > SHA256_DIGEST_SIZE)) + len = SHA256_DIGEST_SIZE; + put_unaligned_be64(key1, key1be); put_unaligned_be64(key2, key2be); @@ -65,11 +67,10 @@ void mptcp_crypto_hmac_sha(u64 key1, u64 key2, u32 nonce1, u32 nonce2, for (i = 0; i < 8; i++) input[i + 8] ^= key2be[i]; - put_unaligned_be32(nonce1, &input[SHA256_BLOCK_SIZE]); - put_unaligned_be32(nonce2, &input[SHA256_BLOCK_SIZE + 4]); + memcpy(&input[SHA256_BLOCK_SIZE], msg, len); sha256_init(&state); - sha256_update(&state, input, SHA256_BLOCK_SIZE + 8); + sha256_update(&state, input, SHA256_BLOCK_SIZE + len); /* emit sha256(K1 || msg) on the second input block, so we can * reuse 'input' for the last hashing @@ -125,6 +126,7 @@ static int __init test_mptcp_crypto(void) char hmac[20], hmac_hex[41]; u32 nonce1, nonce2; u64 key1, key2; + u8 msg[8]; int i, j; for (i = 0; i < ARRAY_SIZE(tests); ++i) { @@ -134,7 +136,10 @@ static int __init test_mptcp_crypto(void) nonce1 = be32_to_cpu(*((__be32 *)&tests[i].msg[0])); nonce2 = be32_to_cpu(*((__be32 *)&tests[i].msg[4])); - mptcp_crypto_hmac_sha(key1, key2, nonce1, nonce2, hmac); + put_unaligned_be32(nonce1, &msg[0]); + put_unaligned_be32(nonce2, &msg[4]); + + mptcp_crypto_hmac_sha(key1, key2, msg, 8, hmac); for (j = 0; j < 20; ++j) sprintf(&hmac_hex[j << 1], "%02x", hmac[j] & 0xff); hmac_hex[40] = 0; diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index 944f14ac3017..e5a50930869d 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -339,8 +339,7 @@ static inline void mptcp_crypto_key_gen_sha(u64 *key, u32 *token, u64 *idsn) mptcp_crypto_key_sha(*key, token, idsn); } -void mptcp_crypto_hmac_sha(u64 key1, u64 key2, u32 nonce1, u32 nonce2, - void *hash_out); +void mptcp_crypto_hmac_sha(u64 key1, u64 key2, u8 *msg, int len, void *hmac); void mptcp_pm_init(void); void mptcp_pm_new_connection(struct mptcp_sock *msk, int server_side); diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 547d5ffef070..8a41f6b661c9 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -61,6 +61,17 @@ static void subflow_req_destructor(struct request_sock *req) tcp_request_sock_ops.destructor(req); } +static void subflow_generate_hmac(u64 key1, u64 key2, u32 nonce1, u32 nonce2, + void *hmac) +{ + u8 msg[8]; + + put_unaligned_be32(nonce1, &msg[0]); + put_unaligned_be32(nonce2, &msg[4]); + + mptcp_crypto_hmac_sha(key1, key2, msg, 8, (u32 *)hmac); +} + /* validate received token and create truncated hmac and nonce for SYN-ACK */ static bool subflow_token_join_request(struct request_sock *req, const struct sk_buff *skb) @@ -82,7 +93,7 @@ static bool subflow_token_join_request(struct request_sock *req, get_random_bytes(&subflow_req->local_nonce, sizeof(u32)); - mptcp_crypto_hmac_sha(msk->local_key, msk->remote_key, + subflow_generate_hmac(msk->local_key, msk->remote_key, subflow_req->local_nonce, subflow_req->remote_nonce, (u32 *)hmac); @@ -180,7 +191,7 @@ static bool subflow_thmac_valid(struct mptcp_subflow_context *subflow) u8 hmac[MPTCPOPT_HMAC_LEN]; u64 thmac; - mptcp_crypto_hmac_sha(subflow->remote_key, subflow->local_key, + subflow_generate_hmac(subflow->remote_key, subflow->local_key, subflow->remote_nonce, subflow->local_nonce, (u32 *)hmac); @@ -225,7 +236,7 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) goto do_reset; } - mptcp_crypto_hmac_sha(subflow->local_key, subflow->remote_key, + subflow_generate_hmac(subflow->local_key, subflow->remote_key, subflow->local_nonce, subflow->remote_nonce, (u32 *)subflow->hmac); @@ -305,7 +316,7 @@ static bool subflow_hmac_valid(const struct request_sock *req, if (!msk) return false; - mptcp_crypto_hmac_sha(msk->remote_key, msk->local_key, + subflow_generate_hmac(msk->remote_key, msk->local_key, subflow_req->remote_nonce, subflow_req->local_nonce, (u32 *)hmac);

[v2,1/2] mptcp: Re-factor mptcp_crypto_hmac_sha()

Commit Message

Patch