diff options
| author | Mark Johnston <markj@FreeBSD.org> | 2021-07-26 20:41:05 +0000 |
|---|---|---|
| committer | Mark Johnston <markj@FreeBSD.org> | 2021-07-26 20:41:05 +0000 |
| commit | d8787d4f7848bad8bd69325969806e1a76d0c3df (patch) | |
| tree | e4a527273715df2fa754b500a51a64f1457bd599 | |
| parent | 45cd18ec73dcd262612898bf1a263cacde17d348 (diff) | |
| download | src-d8787d4f7848bad8bd69325969806e1a76d0c3df.tar.gz src-d8787d4f7848bad8bd69325969806e1a76d0c3df.zip | |
crypto: Constify all transform descriptors
No functional change intended.
Reviewed by: ae, jhb
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31196
33 files changed, 132 insertions, 131 deletions
diff --git a/sys/crypto/blake2/blake2-sw.c b/sys/crypto/blake2/blake2-sw.c index b7291ac6ef46..449ef2be94f5 100644 --- a/sys/crypto/blake2/blake2-sw.c +++ b/sys/crypto/blake2/blake2-sw.c @@ -82,7 +82,7 @@ blake2b_xform_final(uint8_t *out, void *vctx) panic("blake2b_final: invalid"); } -struct auth_hash auth_hash_blake2b = { +const struct auth_hash auth_hash_blake2b = { .type = CRYPTO_BLAKE2B, .name = "Blake2b", .keysize = BLAKE2B_KEYBYTES, @@ -150,7 +150,7 @@ blake2s_xform_final(uint8_t *out, void *vctx) panic("blake2s_final: invalid"); } -struct auth_hash auth_hash_blake2s = { +const struct auth_hash auth_hash_blake2s = { .type = CRYPTO_BLAKE2S, .name = "Blake2s", .keysize = BLAKE2S_KEYBYTES, diff --git a/sys/crypto/ccp/ccp.c b/sys/crypto/ccp/ccp.c index 7cc38b14f3fd..51679942c386 100644 --- a/sys/crypto/ccp/ccp.c +++ b/sys/crypto/ccp/ccp.c @@ -234,7 +234,7 @@ static void ccp_init_hmac_digest(struct ccp_session *s, const char *key, int klen) { union authctx auth_ctx; - struct auth_hash *axf; + const struct auth_hash *axf; u_int i; /* @@ -408,7 +408,7 @@ ccp_newsession(device_t dev, crypto_session_t cses, { struct ccp_softc *sc; struct ccp_session *s; - struct auth_hash *auth_hash; + const struct auth_hash *auth_hash; enum ccp_aes_mode cipher_mode; unsigned auth_mode; unsigned q; diff --git a/sys/crypto/ccp/ccp.h b/sys/crypto/ccp/ccp.h index 197cbc6b4c36..14e42a9e9d1f 100644 --- a/sys/crypto/ccp/ccp.h +++ b/sys/crypto/ccp/ccp.h @@ -64,7 +64,7 @@ enum sha_version { * than a single request in flight at a time. */ struct ccp_session_hmac { - struct auth_hash *auth_hash; + const struct auth_hash *auth_hash; int hash_len; unsigned int auth_mode; char ipad[CCP_HASH_MAX_BLOCK_SIZE]; diff --git a/sys/crypto/ccp/ccp_hardware.c b/sys/crypto/ccp/ccp_hardware.c index a2ca8e1cb71a..5175343ffc90 100644 --- a/sys/crypto/ccp/ccp_hardware.c +++ b/sys/crypto/ccp/ccp_hardware.c @@ -994,7 +994,7 @@ const struct SHA_Defn { enum sha_version version; const void *H_vectors; size_t H_size; - struct auth_hash *axf; + const struct auth_hash *axf; enum ccp_sha_type engine_type; } SHA_definitions[] = { { @@ -1206,7 +1206,7 @@ ccp_do_hmac_done(struct ccp_queue *qp, struct ccp_session *s, { char ihash[SHA2_512_HASH_LEN /* max hash len */]; union authctx auth_ctx; - struct auth_hash *axf; + const struct auth_hash *axf; axf = s->hmac.auth_hash; @@ -1260,7 +1260,7 @@ ccp_do_hmac(struct ccp_queue *qp, struct ccp_session *s, struct cryptop *crp, const struct ccp_completion_ctx *cctx) { device_t dev; - struct auth_hash *axf; + const struct auth_hash *axf; int error; dev = qp->cq_softc->dev; diff --git a/sys/crypto/chacha20/chacha-sw.c b/sys/crypto/chacha20/chacha-sw.c index 2c28b9a0c459..b1bf0a106bfd 100644 --- a/sys/crypto/chacha20/chacha-sw.c +++ b/sys/crypto/chacha20/chacha-sw.c @@ -39,7 +39,7 @@ chacha20_xform_crypt_last(void *ctx, const uint8_t *in, uint8_t *out, chacha_encrypt_bytes(ctx, in, out, len); } -struct enc_xform enc_xform_chacha20 = { +const struct enc_xform enc_xform_chacha20 = { .type = CRYPTO_CHACHA20, .name = "chacha20", .ctxsize = sizeof(struct chacha_ctx), diff --git a/sys/crypto/via/padlock.h b/sys/crypto/via/padlock.h index a22e88ba6ee9..da85771f3663 100644 --- a/sys/crypto/via/padlock.h +++ b/sys/crypto/via/padlock.h @@ -64,7 +64,7 @@ struct padlock_session { union padlock_cw ses_cw __aligned(16); uint32_t ses_ekey[4 * (RIJNDAEL_MAXNR + 1) + 4] __aligned(16); /* 128 bit aligned */ uint32_t ses_dkey[4 * (RIJNDAEL_MAXNR + 1) + 4] __aligned(16); /* 128 bit aligned */ - struct auth_hash *ses_axf; + const struct auth_hash *ses_axf; uint8_t *ses_ictx; uint8_t *ses_octx; int ses_mlen; diff --git a/sys/crypto/via/padlock_hash.c b/sys/crypto/via/padlock_hash.c index 1640bad4ea74..f09024af4ed5 100644 --- a/sys/crypto/via/padlock_hash.c +++ b/sys/crypto/via/padlock_hash.c @@ -78,7 +78,7 @@ static int padlock_sha_update(void *vctx, const void *buf, u_int bufsize); static void padlock_sha1_final(uint8_t *hash, void *vctx); static void padlock_sha256_final(uint8_t *hash, void *vctx); -static struct auth_hash padlock_hmac_sha1 = { +static const struct auth_hash padlock_hmac_sha1 = { .type = CRYPTO_SHA1_HMAC, .name = "HMAC-SHA1", .keysize = SHA1_BLOCK_LEN, @@ -90,7 +90,7 @@ static struct auth_hash padlock_hmac_sha1 = { .Final = padlock_sha1_final, }; -static struct auth_hash padlock_hmac_sha256 = { +static const struct auth_hash padlock_hmac_sha256 = { .type = CRYPTO_SHA2_256_HMAC, .name = "HMAC-SHA2-256", .keysize = SHA2_256_BLOCK_LEN, @@ -227,7 +227,7 @@ padlock_sha256_final(uint8_t *hash, void *vctx) } static void -padlock_copy_ctx(struct auth_hash *axf, void *sctx, void *dctx) +padlock_copy_ctx(const struct auth_hash *axf, void *sctx, void *dctx) { if ((via_feature_xcrypt & VIA_HAS_SHA) != 0 && @@ -245,7 +245,7 @@ padlock_copy_ctx(struct auth_hash *axf, void *sctx, void *dctx) } static void -padlock_free_ctx(struct auth_hash *axf, void *ctx) +padlock_free_ctx(const struct auth_hash *axf, void *ctx) { if ((via_feature_xcrypt & VIA_HAS_SHA) != 0 && @@ -259,7 +259,7 @@ static void padlock_hash_key_setup(struct padlock_session *ses, const uint8_t *key, int klen) { - struct auth_hash *axf; + const struct auth_hash *axf; axf = ses->ses_axf; @@ -282,7 +282,7 @@ static int padlock_authcompute(struct padlock_session *ses, struct cryptop *crp) { u_char hash[HASH_MAX_LEN], hash2[HASH_MAX_LEN]; - struct auth_hash *axf; + const struct auth_hash *axf; union authctx ctx; int error; @@ -319,10 +319,10 @@ padlock_authcompute(struct padlock_session *ses, struct cryptop *crp) } /* Find software structure which describes HMAC algorithm. */ -static struct auth_hash * +static const struct auth_hash * padlock_hash_lookup(int alg) { - struct auth_hash *axf; + const struct auth_hash *axf; switch (alg) { case CRYPTO_NULL_HMAC: diff --git a/sys/dev/cxgbe/adapter.h b/sys/dev/cxgbe/adapter.h index 2adc902cc9ac..3eb39ef5e987 100644 --- a/sys/dev/cxgbe/adapter.h +++ b/sys/dev/cxgbe/adapter.h @@ -1308,7 +1308,8 @@ struct tls_keyctx; void t4_aes_getdeckey(void *, const void *, unsigned int); void t4_copy_partial_hash(int, union authctx *, void *); void t4_init_gmac_hash(const char *, int, char *); -void t4_init_hmac_digest(struct auth_hash *, u_int, const char *, int, char *); +void t4_init_hmac_digest(const struct auth_hash *, u_int, const char *, int, + char *); #ifdef KERN_TLS u_int t4_tls_key_info_size(const struct ktls_session *); int t4_tls_proto_ver(const struct ktls_session *); diff --git a/sys/dev/cxgbe/crypto/t4_crypto.c b/sys/dev/cxgbe/crypto/t4_crypto.c index 0fc806dc2eb8..3ce3e5c916db 100644 --- a/sys/dev/cxgbe/crypto/t4_crypto.c +++ b/sys/dev/cxgbe/crypto/t4_crypto.c @@ -136,7 +136,7 @@ __FBSDID("$FreeBSD$"); static MALLOC_DEFINE(M_CCR, "ccr", "Chelsio T6 crypto"); struct ccr_session_hmac { - struct auth_hash *auth_hash; + const struct auth_hash *auth_hash; int hash_len; unsigned int partial_digest_len; unsigned int auth_mode; @@ -466,7 +466,7 @@ ccr_hash(struct ccr_softc *sc, struct ccr_session *s, struct cryptop *crp) { struct chcr_wr *crwr; struct wrqe *wr; - struct auth_hash *axf; + const struct auth_hash *axf; char *dst; u_int hash_size_in_response, kctx_flits, kctx_len, transhdr_len, wr_len; u_int hmac_ctrl, imm_len, iopad_size; @@ -803,7 +803,7 @@ ccr_eta(struct ccr_softc *sc, struct ccr_session *s, struct cryptop *crp) char iv[CHCR_MAX_CRYPTO_IV_LEN]; struct chcr_wr *crwr; struct wrqe *wr; - struct auth_hash *axf; + const struct auth_hash *axf; char *dst; u_int kctx_len, key_half, op_type, transhdr_len, wr_len; u_int hash_size_in_response, imm_len, iopad_size, iv_len; @@ -1402,8 +1402,8 @@ ccr_gcm_done(struct ccr_softc *sc, struct ccr_session *s, static void ccr_gcm_soft(struct ccr_session *s, struct cryptop *crp) { - struct auth_hash *axf; - struct enc_xform *exf; + const struct auth_hash *axf; + const struct enc_xform *exf; void *auth_ctx, *kschedule; char block[GMAC_BLOCK_LEN]; char digest[GMAC_DIGEST_LEN]; @@ -1892,8 +1892,8 @@ ccr_ccm_done(struct ccr_softc *sc, struct ccr_session *s, static void ccr_ccm_soft(struct ccr_session *s, struct cryptop *crp) { - struct auth_hash *axf; - struct enc_xform *exf; + const struct auth_hash *axf; + const struct enc_xform *exf; union authctx *auth_ctx; void *kschedule; char block[CCM_CBC_BLOCK_LEN]; @@ -2273,7 +2273,7 @@ static void ccr_init_hash_digest(struct ccr_session *s) { union authctx auth_ctx; - struct auth_hash *axf; + const struct auth_hash *axf; axf = s->hmac.auth_hash; axf->Init(&auth_ctx); @@ -2552,7 +2552,7 @@ ccr_newsession(device_t dev, crypto_session_t cses, { struct ccr_softc *sc; struct ccr_session *s; - struct auth_hash *auth_hash; + const struct auth_hash *auth_hash; unsigned int auth_mode, cipher_mode, mk_size; unsigned int partial_digest_len; diff --git a/sys/dev/cxgbe/crypto/t4_keyctx.c b/sys/dev/cxgbe/crypto/t4_keyctx.c index b64eb4ff23d7..136aba759a08 100644 --- a/sys/dev/cxgbe/crypto/t4_keyctx.c +++ b/sys/dev/cxgbe/crypto/t4_keyctx.c @@ -349,7 +349,7 @@ t4_copy_partial_hash(int alg, union authctx *auth_ctx, void *dst) } void -t4_init_hmac_digest(struct auth_hash *axf, u_int partial_digest_len, +t4_init_hmac_digest(const struct auth_hash *axf, u_int partial_digest_len, const char *key, int klen, char *dst) { union authctx auth_ctx; @@ -532,7 +532,7 @@ void t4_tls_key_ctx(const struct ktls_session *tls, int direction, struct tls_keyctx *kctx) { - struct auth_hash *axf; + const struct auth_hash *axf; u_int mac_key_size; char *hash; diff --git a/sys/dev/glxsb/glxsb.h b/sys/dev/glxsb/glxsb.h index 27e5bb44709c..50b30d718618 100644 --- a/sys/dev/glxsb/glxsb.h +++ b/sys/dev/glxsb/glxsb.h @@ -37,7 +37,7 @@ struct glxsb_session { uint32_t ses_key[4]; /* key */ - struct auth_hash *ses_axf; + const struct auth_hash *ses_axf; uint8_t *ses_ictx; uint8_t *ses_octx; int ses_mlen; diff --git a/sys/dev/glxsb/glxsb_hash.c b/sys/dev/glxsb/glxsb_hash.c index b9ceb27deb4d..320ffd66a81e 100644 --- a/sys/dev/glxsb/glxsb_hash.c +++ b/sys/dev/glxsb/glxsb_hash.c @@ -52,7 +52,7 @@ MALLOC_DECLARE(M_GLXSB); static void glxsb_hash_key_setup(struct glxsb_session *ses, const char *key, int klen) { - struct auth_hash *axf; + const struct auth_hash *axf; axf = ses->ses_axf; hmac_init_ipad(axf, key, klen, ses->ses_ictx); @@ -66,7 +66,7 @@ static int glxsb_authcompute(struct glxsb_session *ses, struct cryptop *crp) { u_char hash[HASH_MAX_LEN]; - struct auth_hash *axf; + const struct auth_hash *axf; union authctx ctx; int error; diff --git a/sys/dev/safexcel/safexcel.c b/sys/dev/safexcel/safexcel.c index 71300dcb0393..3940361561d0 100644 --- a/sys/dev/safexcel/safexcel.c +++ b/sys/dev/safexcel/safexcel.c @@ -1318,7 +1318,7 @@ safexcel_setkey_xcbcmac(const uint8_t *key, int klen, uint32_t *hashkey) } static void -safexcel_setkey_hmac_digest(struct auth_hash *ahash, union authctx *ctx, +safexcel_setkey_hmac_digest(const struct auth_hash *ahash, union authctx *ctx, char *buf) { int hashwords, i; @@ -1360,7 +1360,7 @@ safexcel_setkey_hmac(const struct crypto_session_params *csp, const uint8_t *key, int klen, uint8_t *ipad, uint8_t *opad) { union authctx ctx; - struct auth_hash *ahash; + const struct auth_hash *ahash; ahash = crypto_auth_hash(csp); hmac_init_ipad(ahash, key, klen, &ctx); diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c index b6c4441b4284..9a992100f222 100644 --- a/sys/opencrypto/crypto.c +++ b/sys/opencrypto/crypto.c @@ -489,7 +489,7 @@ crypto_get_params(crypto_session_t crypto_session) return (&crypto_session->csp); } -struct auth_hash * +const struct auth_hash * crypto_auth_hash(const struct crypto_session_params *csp) { @@ -551,7 +551,7 @@ crypto_auth_hash(const struct crypto_session_params *csp) } } -struct enc_xform * +const struct enc_xform * crypto_cipher(const struct crypto_session_params *csp) { @@ -719,7 +719,7 @@ alg_is_aead(int alg) static bool check_csp(const struct crypto_session_params *csp) { - struct auth_hash *axf; + const struct auth_hash *axf; /* Mode-independent checks. */ if ((csp->csp_flags & ~(SUPPORTED_SES)) != 0) diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c index d179dd6348e5..6bbcf977ac72 100644 --- a/sys/opencrypto/cryptodev.c +++ b/sys/opencrypto/cryptodev.c @@ -262,7 +262,7 @@ struct csession { uint32_t ses; struct mtx lock; /* for op submission */ - struct enc_xform *txform; + const struct enc_xform *txform; int hashsize; int ivsize; int mode; @@ -328,8 +328,8 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop) { struct crypto_session_params csp; struct csession *cse; - struct enc_xform *txform; - struct auth_hash *thash; + const struct enc_xform *txform; + const struct auth_hash *thash; void *key = NULL; void *mackey = NULL; crypto_session_t cses; diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h index ce5bfefaed9d..79dec8c44f51 100644 --- a/sys/opencrypto/cryptodev.h +++ b/sys/opencrypto/cryptodev.h @@ -589,8 +589,8 @@ uint32_t crypto_ses2caps(crypto_session_t crypto_session); void *crypto_get_driver_session(crypto_session_t crypto_session); const struct crypto_session_params *crypto_get_params( crypto_session_t crypto_session); -struct auth_hash *crypto_auth_hash(const struct crypto_session_params *csp); -struct enc_xform *crypto_cipher(const struct crypto_session_params *csp); +const struct auth_hash *crypto_auth_hash(const struct crypto_session_params *csp); +const struct enc_xform *crypto_cipher(const struct crypto_session_params *csp); MALLOC_DECLARE(M_CRYPTO_DATA); diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c index 9e551ba9652b..ef927f117bcc 100644 --- a/sys/opencrypto/cryptosoft.c +++ b/sys/opencrypto/cryptosoft.c @@ -60,17 +60,17 @@ __FBSDID("$FreeBSD$"); struct swcr_auth { void *sw_ictx; void *sw_octx; - struct auth_hash *sw_axf; + const struct auth_hash *sw_axf; uint16_t sw_mlen; }; struct swcr_encdec { void *sw_kschedule; - struct enc_xform *sw_exf; + const struct enc_xform *sw_exf; }; struct swcr_compdec { - struct comp_algo *sw_cxf; + const struct comp_algo *sw_cxf; }; struct swcr_session { @@ -103,8 +103,8 @@ swcr_encdec(struct swcr_session *ses, struct cryptop *crp) unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN]; unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN]; const struct crypto_session_params *csp; + const struct enc_xform *exf; struct swcr_encdec *sw; - struct enc_xform *exf; size_t inlen, outlen; int i, blks, ivlen, resid; struct crypto_buffer_cursor cc_in, cc_out; @@ -278,7 +278,7 @@ swcr_encdec(struct swcr_session *ses, struct cryptop *crp) } static void -swcr_authprepare(struct auth_hash *axf, struct swcr_auth *sw, +swcr_authprepare(const struct auth_hash *axf, struct swcr_auth *sw, const uint8_t *key, int klen) { @@ -313,7 +313,7 @@ swcr_authcompute(struct swcr_session *ses, struct cryptop *crp) u_char aalg[HASH_MAX_LEN]; const struct crypto_session_params *csp; struct swcr_auth *sw; - struct auth_hash *axf; + const struct auth_hash *axf; union authctx ctx; int err; @@ -389,7 +389,7 @@ swcr_gmac(struct swcr_session *ses, struct cryptop *crp) const u_char *inblk; union authctx ctx; struct swcr_auth *swa; - struct auth_hash *axf; + const struct auth_hash *axf; uint32_t *blkp; size_t len; int blksz, error, ivlen, resid; @@ -468,8 +468,8 @@ swcr_gcm(struct swcr_session *ses, struct cryptop *crp) union authctx ctx; struct swcr_auth *swa; struct swcr_encdec *swe; - struct auth_hash *axf; - struct enc_xform *exf; + const struct auth_hash *axf; + const struct enc_xform *exf; uint32_t *blkp; size_t len; int blksz, error, ivlen, r, resid; @@ -645,7 +645,7 @@ swcr_ccm_cbc_mac(struct swcr_session *ses, struct cryptop *crp) u_char iv[AES_BLOCK_LEN]; union authctx ctx; struct swcr_auth *swa; - struct auth_hash *axf; + const struct auth_hash *axf; int error, ivlen; swa = &ses->swcr_auth; @@ -706,8 +706,8 @@ swcr_ccm(struct swcr_session *ses, struct cryptop *crp) union authctx ctx; struct swcr_auth *swa; struct swcr_encdec *swe; - struct auth_hash *axf; - struct enc_xform *exf; + const struct auth_hash *axf; + const struct enc_xform *exf; size_t len; int blksz, error, ivlen, r, resid; @@ -875,8 +875,8 @@ swcr_chacha20_poly1305(struct swcr_session *ses, struct cryptop *crp) union authctx ctx; struct swcr_auth *swa; struct swcr_encdec *swe; - struct auth_hash *axf; - struct enc_xform *exf; + const struct auth_hash *axf; + const struct enc_xform *exf; size_t len; int blksz, error, r, resid; @@ -1046,8 +1046,8 @@ swcr_eta(struct swcr_session *ses, struct cryptop *crp) static int swcr_compdec(struct swcr_session *ses, struct cryptop *crp) { + const struct comp_algo *cxf; uint8_t *data, *out; - struct comp_algo *cxf; int adj; uint32_t result; @@ -1131,7 +1131,7 @@ swcr_setup_cipher(struct swcr_session *ses, const struct crypto_session_params *csp) { struct swcr_encdec *swe; - struct enc_xform *txf; + const struct enc_xform *txf; int error; swe = &ses->swcr_encdec; @@ -1158,7 +1158,7 @@ swcr_setup_auth(struct swcr_session *ses, const struct crypto_session_params *csp) { struct swcr_auth *swa; - struct auth_hash *axf; + const struct auth_hash *axf; swa = &ses->swcr_auth; @@ -1242,7 +1242,7 @@ swcr_setup_gcm(struct swcr_session *ses, const struct crypto_session_params *csp) { struct swcr_auth *swa; - struct auth_hash *axf; + const struct auth_hash *axf; if (csp->csp_ivlen != AES_GCM_IV_LEN) return (EINVAL); @@ -1286,7 +1286,7 @@ swcr_setup_ccm(struct swcr_session *ses, const struct crypto_session_params *csp) { struct swcr_auth *swa; - struct auth_hash *axf; + const struct auth_hash *axf; if (csp->csp_ivlen != AES_CCM_IV_LEN) return (EINVAL); @@ -1330,7 +1330,7 @@ swcr_setup_chacha20_poly1305(struct swcr_session *ses, const struct crypto_session_params *csp) { struct swcr_auth *swa; - struct auth_hash *axf; + const struct auth_hash *axf; if (csp->csp_ivlen != CHACHA20_POLY1305_IV_LEN) return (EINVAL); @@ -1355,7 +1355,7 @@ swcr_setup_chacha20_poly1305(struct swcr_session *ses, static bool swcr_auth_supported(const struct crypto_session_params *csp) { - struct auth_hash *axf; + const struct auth_hash *axf; axf = crypto_auth_hash(csp); if (axf == NULL) @@ -1408,7 +1408,7 @@ swcr_auth_supported(const struct crypto_session_params *csp) static bool swcr_cipher_supported(const struct crypto_session_params *csp) { - struct enc_xform *txf; + const struct enc_xform *txf; txf = crypto_cipher(csp); if (txf == NULL) @@ -1496,7 +1496,7 @@ swcr_newsession(device_t dev, crypto_session_t cses, struct swcr_session *ses; struct swcr_encdec *swe; struct swcr_auth *swa; - struct comp_algo *cxf; + const struct comp_algo *cxf; int error; ses = crypto_get_driver_session(cses); diff --git a/sys/opencrypto/xform_aes_icm.c b/sys/opencrypto/xform_aes_icm.c index 5f81f8df8a87..618b812ceebf 100644 --- a/sys/opencrypto/xform_aes_icm.c +++ b/sys/opencrypto/xform_aes_icm.c @@ -60,7 +60,7 @@ static void aes_gcm_reinit(void *, const uint8_t *); static void aes_ccm_reinit(void *, const uint8_t *); /* Encryption instances */ -struct enc_xform enc_xform_aes_icm = { +const struct enc_xform enc_xform_aes_icm = { .type = CRYPTO_AES_ICM, .name = "AES-ICM", .ctxsize = sizeof(struct aes_icm_ctx), @@ -77,7 +77,7 @@ struct enc_xform enc_xform_aes_icm = { .decrypt_last = aes_icm_crypt_last, }; -struct enc_xform enc_xform_aes_nist_gcm = { +const struct enc_xform enc_xform_aes_nist_gcm = { .type = CRYPTO_AES_NIST_GCM_16, .name = "AES-GCM", .ctxsize = sizeof(struct aes_icm_ctx), @@ -94,7 +94,7 @@ struct enc_xform enc_xform_aes_nist_gcm = { .decrypt_last = aes_icm_crypt_last, }; -struct enc_xform enc_xform_ccm = { +const struct enc_xform enc_xform_ccm = { .type = CRYPTO_AES_CCM_16, .name = "AES-CCM", .ctxsize = sizeof(struct aes_icm_ctx), diff --git a/sys/opencrypto/xform_aes_xts.c b/sys/opencrypto/xform_aes_xts.c index 0b415f1d6346..457535621511 100644 --- a/sys/opencrypto/xform_aes_xts.c +++ b/sys/opencrypto/xform_aes_xts.c @@ -59,7 +59,7 @@ static void aes_xts_decrypt(void *, const uint8_t *, uint8_t *); static void aes_xts_reinit(void *, const uint8_t *); /* Encryption instances */ -struct enc_xform enc_xform_aes_xts = { +const struct enc_xform enc_xform_aes_xts = { .type = CRYPTO_AES_XTS, .name = "AES-XTS", .ctxsize = sizeof(struct aes_xts_ctx), diff --git a/sys/opencrypto/xform_auth.h b/sys/opencrypto/xform_auth.h index 6427965671d3..aa2f55564c5f 100644 --- a/sys/opencrypto/xform_auth.h +++ b/sys/opencrypto/xform_auth.h @@ -51,7 +51,7 @@ /* Declarations */ struct auth_hash { int type; - char *name; + const char *name; uint16_t keysize; uint16_t hashsize; uint16_t ctxsize; @@ -63,28 +63,28 @@ struct auth_hash { void (*Final) (uint8_t *, void *); }; -extern struct auth_hash auth_hash_null; -extern struct auth_hash auth_hash_hmac_sha1; -extern struct auth_hash auth_hash_hmac_ripemd_160; -extern struct auth_hash auth_hash_hmac_sha2_224; -extern struct auth_hash auth_hash_hmac_sha2_256; -extern struct auth_hash auth_hash_hmac_sha2_384; -extern struct auth_hash auth_hash_hmac_sha2_512; -extern struct auth_hash auth_hash_sha1; -extern struct auth_hash auth_hash_sha2_224; -extern struct auth_hash auth_hash_sha2_256; -extern struct auth_hash auth_hash_sha2_384; -extern struct auth_hash auth_hash_sha2_512; -extern struct auth_hash auth_hash_nist_gmac_aes_128; -extern struct auth_hash auth_hash_nist_gmac_aes_192; -extern struct auth_hash auth_hash_nist_gmac_aes_256; -extern struct auth_hash auth_hash_blake2b; -extern struct auth_hash auth_hash_blake2s; -extern struct auth_hash auth_hash_poly1305; -extern struct auth_hash auth_hash_ccm_cbc_mac_128; -extern struct auth_hash auth_hash_ccm_cbc_mac_192; -extern struct auth_hash auth_hash_ccm_cbc_mac_256; -extern struct auth_hash auth_hash_chacha20_poly1305; +extern const struct auth_hash auth_hash_null; +extern const struct auth_hash auth_hash_hmac_sha1; +extern const struct auth_hash auth_hash_hmac_ripemd_160; +extern const struct auth_hash auth_hash_hmac_sha2_224; +extern const struct auth_hash auth_hash_hmac_sha2_256; +extern const struct auth_hash auth_hash_hmac_sha2_384; +extern const struct auth_hash auth_hash_hmac_sha2_512; +extern const struct auth_hash auth_hash_sha1; +extern const struct auth_hash auth_hash_sha2_224; +extern const struct auth_hash auth_hash_sha2_256; +extern const struct auth_hash auth_hash_sha2_384; +extern const struct auth_hash auth_hash_sha2_512; +extern const struct auth_hash auth_hash_nist_gmac_aes_128; +extern const struct auth_hash auth_hash_nist_gmac_aes_192; +extern const struct auth_hash auth_hash_nist_gmac_aes_256; +extern const struct auth_hash auth_hash_blake2b; +extern const struct auth_hash auth_hash_blake2s; +extern const struct auth_hash auth_hash_poly1305; +extern const struct auth_hash auth_hash_ccm_cbc_mac_128; +extern const struct auth_hash auth_hash_ccm_cbc_mac_192; +extern const struct auth_hash auth_hash_ccm_cbc_mac_256; +extern const struct auth_hash auth_hash_chacha20_poly1305; union authctx { SHA1_CTX sha1ctx; diff --git a/sys/opencrypto/xform_cbc_mac.c b/sys/opencrypto/xform_cbc_mac.c index 755dd51d9517..d55e66e45255 100644 --- a/sys/opencrypto/xform_cbc_mac.c +++ b/sys/opencrypto/xform_cbc_mac.c @@ -5,7 +5,7 @@ __FBSDID("$FreeBSD$"); #include <opencrypto/xform_auth.h> /* Authentication instances */ -struct auth_hash auth_hash_ccm_cbc_mac_128 = { +const struct auth_hash auth_hash_ccm_cbc_mac_128 = { .type = CRYPTO_AES_CCM_CBC_MAC, .name = "CBC-CCM-AES-128", .keysize = AES_128_CBC_MAC_KEY_LEN, @@ -18,7 +18,7 @@ struct auth_hash auth_hash_ccm_cbc_mac_128 = { .Update = AES_CBC_MAC_Update, .Final = AES_CBC_MAC_Final, }; -struct auth_hash auth_hash_ccm_cbc_mac_192 = { +const struct auth_hash auth_hash_ccm_cbc_mac_192 = { .type = CRYPTO_AES_CCM_CBC_MAC, .name = "CBC-CCM-AES-192", .keysize = AES_192_CBC_MAC_KEY_LEN, @@ -31,7 +31,7 @@ struct auth_hash auth_hash_ccm_cbc_mac_192 = { .Update = AES_CBC_MAC_Update, .Final = AES_CBC_MAC_Final, }; -struct auth_hash auth_hash_ccm_cbc_mac_256 = { +const struct auth_hash auth_hash_ccm_cbc_mac_256 = { .type = CRYPTO_AES_CCM_CBC_MAC, .name = "CBC-CCM-AES-256", .keysize = AES_256_CBC_MAC_KEY_LEN, diff --git a/sys/opencrypto/xform_chacha20_poly1305.c b/sys/opencrypto/xform_chacha20_poly1305.c index 3a72c06f931b..543c16bcc4e0 100644 --- a/sys/opencrypto/xform_chacha20_poly1305.c +++ b/sys/opencrypto/xform_chacha20_poly1305.c @@ -84,7 +84,7 @@ chacha20_poly1305_crypt_last(void *vctx, const uint8_t *in, uint8_t *out, KASSERT(error == 0, ("%s failed: %d", __func__, error)); } -struct enc_xform enc_xform_chacha20_poly1305 = { +const struct enc_xform enc_xform_chacha20_poly1305 = { .type = CRYPTO_CHACHA20_POLY1305, .name = "ChaCha20-Poly1305", .ctxsize = sizeof(struct chacha20_poly1305_cipher_ctx), @@ -148,7 +148,7 @@ chacha20_poly1305_Final(uint8_t *digest, void *vctx) crypto_onetimeauth_poly1305_final(&ctx->state, digest); } -struct auth_hash auth_hash_chacha20_poly1305 = { +const struct auth_hash auth_hash_chacha20_poly1305 = { .type = CRYPTO_POLY1305, .name = "ChaCha20-Poly1305", .keysize = POLY1305_KEY_LEN, diff --git a/sys/opencrypto/xform_cml.c b/sys/opencrypto/xform_cml.c index 3f25f2cb6aaf..ac1dabd90d30 100644 --- a/sys/opencrypto/xform_cml.c +++ b/sys/opencrypto/xform_cml.c @@ -58,7 +58,7 @@ static void cml_encrypt(void *, const uint8_t *, uint8_t *); static void cml_decrypt(void *, const uint8_t *, uint8_t *); /* Encryption instances */ -struct enc_xform enc_xform_camellia = { +const struct enc_xform enc_xform_camellia = { .type = CRYPTO_CAMELLIA_CBC, .name = "Camellia-CBC", .ctxsize = sizeof(camellia_ctx), diff --git a/sys/opencrypto/xform_comp.h b/sys/opencrypto/xform_comp.h index 1d0ba7a505bf..11bf59a94b39 100644 --- a/sys/opencrypto/xform_comp.h +++ b/sys/opencrypto/xform_comp.h @@ -46,6 +46,6 @@ struct comp_algo { uint32_t (*decompress) (uint8_t *, uint32_t, uint8_t **); }; -extern struct comp_algo comp_algo_deflate; +extern const struct comp_algo comp_algo_deflate; #endif /* _CRYPTO_XFORM_COMP_H_ */ diff --git a/sys/opencrypto/xform_deflate.c b/sys/opencrypto/xform_deflate.c index 8d93f4843244..b295ceb2ea9b 100644 --- a/sys/opencrypto/xform_deflate.c +++ b/sys/opencrypto/xform_deflate.c @@ -57,7 +57,7 @@ static uint32_t deflate_compress(uint8_t *, uint32_t, uint8_t **); static uint32_t deflate_decompress(uint8_t *, uint32_t, uint8_t **); /* Compression instance */ -struct comp_algo comp_algo_deflate = { +const struct comp_algo comp_algo_deflate = { CRYPTO_DEFLATE_COMP, "Deflate", 90, deflate_compress, deflate_decompress diff --git a/sys/opencrypto/xform_enc.h b/sys/opencrypto/xform_enc.h index e8325f20917b..6f95b49986c5 100644 --- a/sys/opencrypto/xform_enc.h +++ b/sys/opencrypto/xform_enc.h @@ -48,7 +48,7 @@ /* Declarations */ struct enc_xform { int type; - char *name; + const char *name; size_t ctxsize; uint16_t blocksize; /* Required input block size -- 1 for stream ciphers. */ uint16_t native_blocksize; /* Used for stream ciphers. */ @@ -73,16 +73,16 @@ struct enc_xform { }; -extern struct enc_xform enc_xform_null; -extern struct enc_xform enc_xform_rijndael128; -extern struct enc_xform enc_xform_aes_icm; -extern struct enc_xform enc_xform_aes_nist_gcm; -extern struct enc_xform enc_xform_aes_nist_gmac; -extern struct enc_xform enc_xform_aes_xts; -extern struct enc_xform enc_xform_camellia; -extern struct enc_xform enc_xform_chacha20; -extern struct enc_xform enc_xform_chacha20_poly1305; -extern struct enc_xform enc_xform_ccm; +extern const struct enc_xform enc_xform_null; +extern const struct enc_xform enc_xform_rijndael128; +extern const struct enc_xform enc_xform_aes_icm; +extern const struct enc_xform enc_xform_aes_nist_gcm; +extern const struct enc_xform enc_xform_aes_nist_gmac; +extern const struct enc_xform enc_xform_aes_xts; +extern const struct enc_xform enc_xform_camellia; +extern const struct enc_xform enc_xform_chacha20; +extern const struct enc_xform enc_xform_chacha20_poly1305; +extern const struct enc_xform enc_xform_ccm; struct aes_icm_ctx { uint32_t ac_ek[4*(RIJNDAEL_MAXNR + 1)]; diff --git a/sys/opencrypto/xform_gmac.c b/sys/opencrypto/xform_gmac.c index 0b981f2c95c3..0cd5ef9b60be 100644 --- a/sys/opencrypto/xform_gmac.c +++ b/sys/opencrypto/xform_gmac.c @@ -54,7 +54,7 @@ __FBSDID("$FreeBSD$"); #include <opencrypto/xform_auth.h> /* Encryption instances */ -struct enc_xform enc_xform_aes_nist_gmac = { +const struct enc_xform enc_xform_aes_nist_gmac = { .type = CRYPTO_AES_NIST_GMAC, .name = "AES-GMAC", .blocksize = AES_ICM_BLOCK_LEN, @@ -64,7 +64,7 @@ struct enc_xform enc_xform_aes_nist_gmac = { }; /* Authentication instances */ -struct auth_hash auth_hash_nist_gmac_aes_128 = { +const struct auth_hash auth_hash_nist_gmac_aes_128 = { .type = CRYPTO_AES_NIST_GMAC, .name = "GMAC-AES-128", .keysize = AES_128_GMAC_KEY_LEN, @@ -78,7 +78,7 @@ struct auth_hash auth_hash_nist_gmac_aes_128 = { .Final = AES_GMAC_Final, }; -struct auth_hash auth_hash_nist_gmac_aes_192 = { +const struct auth_hash auth_hash_nist_gmac_aes_192 = { .type = CRYPTO_AES_NIST_GMAC, .name = "GMAC-AES-192", .keysize = AES_192_GMAC_KEY_LEN, @@ -92,7 +92,7 @@ struct auth_hash auth_hash_nist_gmac_aes_192 = { .Final = AES_GMAC_Final, }; -struct auth_hash auth_hash_nist_gmac_aes_256 = { +const struct auth_hash auth_hash_nist_gmac_aes_256 = { .type = CRYPTO_AES_NIST_GMAC, .name = "GMAC-AES-256", .keysize = AES_256_GMAC_KEY_LEN, diff --git a/sys/opencrypto/xform_null.c b/sys/opencrypto/xform_null.c index d1b79e1385b2..6cd49baab0ac 100644 --- a/sys/opencrypto/xform_null.c +++ b/sys/opencrypto/xform_null.c @@ -62,7 +62,7 @@ static int null_update(void *, const void *, u_int); static void null_final(uint8_t *, void *); /* Encryption instances */ -struct enc_xform enc_xform_null = { +const struct enc_xform enc_xform_null = { .type = CRYPTO_NULL_CBC, .name = "NULL", /* NB: blocksize of 4 is to generate a properly aligned ESP header */ @@ -76,7 +76,7 @@ struct enc_xform enc_xform_null = { }; /* Authentication instances */ -struct auth_hash auth_hash_null = { +const struct auth_hash auth_hash_null = { .type = CRYPTO_NULL_HMAC, .name = "NULL-HMAC", .keysize = 0, diff --git a/sys/opencrypto/xform_poly1305.c b/sys/opencrypto/xform_poly1305.c index d8ceab47deca..c885192f9df6 100644 --- a/sys/opencrypto/xform_poly1305.c +++ b/sys/opencrypto/xform_poly1305.c @@ -58,7 +58,7 @@ xform_Poly1305_Final(uint8_t *digest, void *ctx) panic("%s: Invariant violated: %d", __func__, rc); } -struct auth_hash auth_hash_poly1305 = { +const struct auth_hash auth_hash_poly1305 = { .type = CRYPTO_POLY1305, .name = "Poly-1305", .keysize = POLY1305_KEY_LEN, diff --git a/sys/opencrypto/xform_rijndael.c b/sys/opencrypto/xform_rijndael.c index d9e2497e7e53..685e53640c48 100644 --- a/sys/opencrypto/xform_rijndael.c +++ b/sys/opencrypto/xform_rijndael.c @@ -58,7 +58,7 @@ static void rijndael128_encrypt(void *, const uint8_t *, uint8_t *); static void rijndael128_decrypt(void *, const uint8_t *, uint8_t *); /* Encryption instances */ -struct enc_xform enc_xform_rijndael128 = { +const struct enc_xform enc_xform_rijndael128 = { .type = CRYPTO_RIJNDAEL128_CBC, .name = "Rijndael-128/AES", .ctxsize = sizeof(rijndael_ctx), diff --git a/sys/opencrypto/xform_rmd160.c b/sys/opencrypto/xform_rmd160.c index b4a845a7b323..8480a63d12dc 100644 --- a/sys/opencrypto/xform_rmd160.c +++ b/sys/opencrypto/xform_rmd160.c @@ -58,7 +58,7 @@ static int RMD160Update_int(void *, const void *, u_int); static void RMD160Final_int(uint8_t *, void *); /* Authentication instances */ -struct auth_hash auth_hash_hmac_ripemd_160 = { +const struct auth_hash auth_hash_hmac_ripemd_160 = { .type = CRYPTO_RIPEMD160_HMAC, .name = "HMAC-RIPEMD-160", .keysize = RIPEMD160_BLOCK_LEN, diff --git a/sys/opencrypto/xform_sha1.c b/sys/opencrypto/xform_sha1.c index a96f5024f57c..25bed2dc20b5 100644 --- a/sys/opencrypto/xform_sha1.c +++ b/sys/opencrypto/xform_sha1.c @@ -58,7 +58,7 @@ static int SHA1Update_int(void *, const void *, u_int); static void SHA1Final_int(uint8_t *, void *); /* Plain hash */ -struct auth_hash auth_hash_sha1 = { +const struct auth_hash auth_hash_sha1 = { .type = CRYPTO_SHA1, .name = "SHA1", .hashsize = SHA1_HASH_LEN, @@ -70,7 +70,7 @@ struct auth_hash auth_hash_sha1 = { }; /* Authentication instances */ -struct auth_hash auth_hash_hmac_sha1 = { +const struct auth_hash auth_hash_hmac_sha1 = { .type = CRYPTO_SHA1_HMAC, .name = "HMAC-SHA1", .keysize = SHA1_BLOCK_LEN, diff --git a/sys/opencrypto/xform_sha2.c b/sys/opencrypto/xform_sha2.c index b4a5533baa19..39795bbda639 100644 --- a/sys/opencrypto/xform_sha2.c +++ b/sys/opencrypto/xform_sha2.c @@ -62,7 +62,7 @@ static int SHA384Update_int(void *, const void *, u_int); static int SHA512Update_int(void *, const void *, u_int); /* Plain hashes */ -struct auth_hash auth_hash_sha2_224 = { +const struct auth_hash auth_hash_sha2_224 = { .type = CRYPTO_SHA2_224, .name = "SHA2-224", .hashsize = SHA2_224_HASH_LEN, @@ -73,7 +73,7 @@ struct auth_hash auth_hash_sha2_224 = { .Final = (void (*)(uint8_t *, void *)) SHA224_Final, }; -struct auth_hash auth_hash_sha2_256 = { +const struct auth_hash auth_hash_sha2_256 = { .type = CRYPTO_SHA2_256, .name = "SHA2-256", .keysize = SHA2_256_BLOCK_LEN, @@ -85,7 +85,7 @@ struct auth_hash auth_hash_sha2_256 = { .Final = (void (*)(uint8_t *, void *)) SHA256_Final, }; -struct auth_hash auth_hash_sha2_384 = { +const struct auth_hash auth_hash_sha2_384 = { .type = CRYPTO_SHA2_384, .name = "SHA2-384", .keysize = SHA2_384_BLOCK_LEN, @@ -97,7 +97,7 @@ struct auth_hash auth_hash_sha2_384 = { .Final = (void (*)(uint8_t *, void *)) SHA384_Final, }; -struct auth_hash auth_hash_sha2_512 = { +const struct auth_hash auth_hash_sha2_512 = { .type = CRYPTO_SHA2_512, .name = "SHA2-512", .keysize = SHA2_512_BLOCK_LEN, @@ -110,7 +110,7 @@ struct auth_hash auth_hash_sha2_512 = { }; /* Authentication instances */ -struct auth_hash auth_hash_hmac_sha2_224 = { +const struct auth_hash auth_hash_hmac_sha2_224 = { .type = CRYPTO_SHA2_224_HMAC, .name = "HMAC-SHA2-224", .keysize = SHA2_224_BLOCK_LEN, @@ -122,7 +122,7 @@ struct auth_hash auth_hash_hmac_sha2_224 = { .Final = (void (*)(uint8_t *, void *)) SHA224_Final, }; -struct auth_hash auth_hash_hmac_sha2_256 = { +const struct auth_hash auth_hash_hmac_sha2_256 = { .type = CRYPTO_SHA2_256_HMAC, .name = "HMAC-SHA2-256", .keysize = SHA2_256_BLOCK_LEN, @@ -134,7 +134,7 @@ struct auth_hash auth_hash_hmac_sha2_256 = { .Final = (void (*)(uint8_t *, void *)) SHA256_Final, }; -struct auth_hash auth_hash_hmac_sha2_384 = { +const struct auth_hash auth_hash_hmac_sha2_384 = { .type = CRYPTO_SHA2_384_HMAC, .name = "HMAC-SHA2-384", .keysize = SHA2_384_BLOCK_LEN, @@ -146,7 +146,7 @@ struct auth_hash auth_hash_hmac_sha2_384 = { .Final = (void (*)(uint8_t *, void *)) SHA384_Final, }; -struct auth_hash auth_hash_hmac_sha2_512 = { +const struct auth_hash auth_hash_hmac_sha2_512 = { .type = CRYPTO_SHA2_512_HMAC, .name = "HMAC-SHA2-512", .keysize = SHA2_512_BLOCK_LEN, |