linux/include/net/ah.h
Herbert Xu bc31d3b2c7 [IPSEC] ah: Remove keys from ah_data structure
The keys are only used during initialisation so we don't need to carry them
in esp_data.  Since we don't have to allocate them again, there is no need
to place a limit on the authentication key length anymore.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10 16:54:53 -07:00

42 lines
738 B
C

#ifndef _NET_AH_H
#define _NET_AH_H
#include <linux/crypto.h>
#include <net/xfrm.h>
/* This is the maximum truncated ICV length that we know of. */
#define MAX_AH_AUTH_LEN 12
struct ah_data
{
u8 *work_icv;
int icv_full_len;
int icv_trunc_len;
struct crypto_hash *tfm;
};
static inline int ah_mac_digest(struct ah_data *ahp, struct sk_buff *skb,
u8 *auth_data)
{
struct hash_desc desc;
int err;
desc.tfm = ahp->tfm;
desc.flags = 0;
memset(auth_data, 0, ahp->icv_trunc_len);
err = crypto_hash_init(&desc);
if (unlikely(err))
goto out;
err = skb_icv_walk(skb, &desc, 0, skb->len, crypto_hash_update);
if (unlikely(err))
goto out;
err = crypto_hash_final(&desc, ahp->work_icv);
out:
return err;
}
#endif