diff options
| author | John Baldwin <jhb@FreeBSD.org> | 2020-04-20 22:24:49 +0000 |
|---|---|---|
| committer | John Baldwin <jhb@FreeBSD.org> | 2020-04-20 22:24:49 +0000 |
| commit | 29fe41ddd714bae92a09fd4098fad614945bedf5 (patch) | |
| tree | 2692b7560f3c90d27ecdfe4de9a81c2c00514d15 /sys/opencrypto/cryptosoft.c | |
| parent | 8cbde414199b0d2fd91c8eb770e74ec23852a9d4 (diff) | |
| download | src-29fe41ddd714bae92a09fd4098fad614945bedf5.tar.gz src-29fe41ddd714bae92a09fd4098fad614945bedf5.zip | |
Retire the CRYPTO_F_IV_GENERATE flag.
The sole in-tree user of this flag has been retired, so remove this
complexity from all drivers. While here, add a helper routine drivers
can use to read the current request's IV into a local buffer. Use
this routine to replace duplicated code in nearly all drivers.
Reviewed by: cem
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D24450
Notes
Notes:
svn path=/head/; revision=360136
Diffstat (limited to 'sys/opencrypto/cryptosoft.c')
| -rw-r--r-- | sys/opencrypto/cryptosoft.c | 25 |
1 files changed, 3 insertions, 22 deletions
diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c index e98f710a4e5b..849a24dfbe2e 100644 --- a/sys/opencrypto/cryptosoft.c +++ b/sys/opencrypto/cryptosoft.c @@ -133,14 +133,7 @@ swcr_encdec(struct swcr_session *ses, struct cryptop *crp) (crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0) return (EINVAL); - /* IV explicitly provided ? */ - if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - bcopy(crp->crp_iv, iv, ivlen); - else if (crp->crp_flags & CRYPTO_F_IV_GENERATE) { - arc4rand(iv, ivlen, 0); - crypto_copyback(crp, crp->crp_iv_start, ivlen, iv); - } else - crypto_copydata(crp, crp->crp_iv_start, ivlen, iv); + crypto_read_iv(crp, iv); if (crp->crp_cipher_key != NULL) { if (sw->sw_kschedule) @@ -510,15 +503,9 @@ swcr_gmac(struct swcr_session *ses, struct cryptop *crp) bcopy(swa->sw_ictx, &ctx, axf->ctxsize); blksz = axf->blocksize; - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) - return (EINVAL); - /* Initialize the IV */ ivlen = AES_GCM_IV_LEN; - if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - bcopy(crp->crp_iv, iv, ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, ivlen, iv); + crypto_read_iv(crp, iv); axf->Reinit(&ctx, iv, ivlen); for (i = 0; i < crp->crp_payload_length; i += blksz) { @@ -669,15 +656,9 @@ swcr_ccm_cbc_mac(struct swcr_session *ses, struct cryptop *crp) bcopy(swa->sw_ictx, &ctx, axf->ctxsize); blksz = axf->blocksize; - if (crp->crp_flags & CRYPTO_F_IV_GENERATE) - return (EINVAL); - /* Initialize the IV */ ivlen = AES_CCM_IV_LEN; - if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - bcopy(crp->crp_iv, iv, ivlen); - else - crypto_copydata(crp, crp->crp_iv_start, ivlen, iv); + crypto_read_iv(crp, iv); /* * AES CCM-CBC-MAC needs to know the length of both the auth |