Index: head/sys/crypto/chacha20/chacha-sw.c =================================================================== --- head/sys/crypto/chacha20/chacha-sw.c +++ head/sys/crypto/chacha20/chacha-sw.c @@ -7,63 +7,42 @@ #include static int -chacha20_xform_setkey(u_int8_t **sched, const u_int8_t *key, int len) +chacha20_xform_setkey(void *ctx, const uint8_t *key, int len) { - struct chacha_ctx *ctx; if (len != CHACHA_MINKEYLEN && len != 32) return (EINVAL); - ctx = malloc(sizeof(*ctx), M_CRYPTO_DATA, M_NOWAIT | M_ZERO); - *sched = (void *)ctx; - if (ctx == NULL) - return (ENOMEM); - chacha_keysetup(ctx, key, len * 8); return (0); } static void -chacha20_xform_reinit(caddr_t key, const u_int8_t *iv) +chacha20_xform_reinit(void *ctx, const u_int8_t *iv) { - struct chacha_ctx *ctx; - ctx = (void *)key; chacha_ivsetup(ctx, iv + 8, iv); } static void -chacha20_xform_zerokey(u_int8_t **sched) +chacha20_xform_crypt(void *ctx, const uint8_t *in, uint8_t *out) { - struct chacha_ctx *ctx; - ctx = (void *)*sched; - explicit_bzero(ctx, sizeof(*ctx)); - free(ctx, M_CRYPTO_DATA); - *sched = NULL; + chacha_encrypt_bytes(ctx, in, out, 1); } static void -chacha20_xform_crypt(caddr_t cctx, u_int8_t *bytes) +chacha20_xform_crypt_multi(void *ctx, const uint8_t *in, uint8_t *out, + size_t len) { - struct chacha_ctx *ctx; - ctx = (void *)cctx; - chacha_encrypt_bytes(ctx, bytes, bytes, 1); + chacha_encrypt_bytes(ctx, in, out, len); } -static void -chacha20_xform_crypt_multi(void *vctx, uint8_t *bytes, size_t len) -{ - struct chacha_ctx *ctx; - - ctx = vctx; - chacha_encrypt_bytes(ctx, bytes, bytes, len); -} - struct enc_xform enc_xform_chacha20 = { .type = CRYPTO_CHACHA20, .name = "chacha20", + .ctxsize = sizeof(struct chacha_ctx), .blocksize = 1, .ivsize = CHACHA_NONCELEN + CHACHA_CTRLEN, .minkey = CHACHA_MINKEYLEN, @@ -71,7 +50,6 @@ .encrypt = chacha20_xform_crypt, .decrypt = chacha20_xform_crypt, .setkey = chacha20_xform_setkey, - .zerokey = chacha20_xform_zerokey, .reinit = chacha20_xform_reinit, .encrypt_multi = chacha20_xform_crypt_multi, .decrypt_multi = chacha20_xform_crypt_multi, Index: head/sys/dev/cxgbe/crypto/t4_crypto.c =================================================================== --- head/sys/dev/cxgbe/crypto/t4_crypto.c +++ head/sys/dev/cxgbe/crypto/t4_crypto.c @@ -1354,8 +1354,7 @@ { struct auth_hash *axf; struct enc_xform *exf; - void *auth_ctx; - uint8_t *kschedule; + void *auth_ctx, *kschedule; char block[GMAC_BLOCK_LEN]; char digest[GMAC_DIGEST_LEN]; char iv[AES_BLOCK_LEN]; @@ -1389,7 +1388,12 @@ /* Initialize the cipher. */ exf = &enc_xform_aes_nist_gcm; - error = exf->setkey(&kschedule, s->blkcipher.enckey, + kschedule = malloc(exf->ctxsize, M_CCR, M_NOWAIT); + if (kschedule == NULL) { + error = ENOMEM; + goto out; + } + error = exf->setkey(kschedule, s->blkcipher.enckey, s->blkcipher.key_len); if (error) goto out; @@ -1423,7 +1427,7 @@ crypto_copydata(crp, crp->crp_payload_start + i, len, block); bzero(block + len, sizeof(block) - len); if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) { - exf->encrypt(kschedule, block); + exf->encrypt(kschedule, block, block); axf->Update(auth_ctx, block, len); crypto_copyback(crp, crp->crp_payload_start + i, len, block); @@ -1462,7 +1466,7 @@ crypto_copydata(crp, crp->crp_payload_start + i, len, block); bzero(block + len, sizeof(block) - len); - exf->decrypt(kschedule, block); + exf->decrypt(kschedule, block, block); crypto_copyback(crp, crp->crp_payload_start + i, len, block); } @@ -1470,12 +1474,9 @@ error = EBADMSG; } - exf->zerokey(&kschedule); out: - if (auth_ctx != NULL) { - memset(auth_ctx, 0, axf->ctxsize); - free(auth_ctx, M_CCR); - } + zfree(kschedule, M_CCR); + zfree(auth_ctx, M_CCR); crp->crp_etype = error; crypto_done(crp); } @@ -1810,7 +1811,7 @@ struct auth_hash *axf; struct enc_xform *exf; union authctx *auth_ctx; - uint8_t *kschedule; + void *kschedule; char block[CCM_CBC_BLOCK_LEN]; char digest[AES_CBC_MAC_HASH_LEN]; char iv[AES_CCM_IV_LEN]; @@ -1844,7 +1845,12 @@ /* Initialize the cipher. */ exf = &enc_xform_ccm; - error = exf->setkey(&kschedule, s->blkcipher.enckey, + kschedule = malloc(exf->ctxsize, M_CCR, M_NOWAIT); + if (kschedule == NULL) { + error = ENOMEM; + goto out; + } + error = exf->setkey(kschedule, s->blkcipher.enckey, s->blkcipher.key_len); if (error) goto out; @@ -1876,11 +1882,11 @@ bzero(block + len, sizeof(block) - len); if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) { axf->Update(auth_ctx, block, len); - exf->encrypt(kschedule, block); + exf->encrypt(kschedule, block, block); crypto_copyback(crp, crp->crp_payload_start + i, len, block); } else { - exf->decrypt(kschedule, block); + exf->decrypt(kschedule, block, block); axf->Update(auth_ctx, block, len); } } @@ -1910,7 +1916,7 @@ crypto_copydata(crp, crp->crp_payload_start + i, len, block); bzero(block + len, sizeof(block) - len); - exf->decrypt(kschedule, block); + exf->decrypt(kschedule, block, block); crypto_copyback(crp, crp->crp_payload_start + i, len, block); } @@ -1918,12 +1924,9 @@ error = EBADMSG; } - exf->zerokey(&kschedule); out: - if (auth_ctx != NULL) { - memset(auth_ctx, 0, axf->ctxsize); - free(auth_ctx, M_CCR); - } + zfree(kschedule, M_CCR); + zfree(auth_ctx, M_CCR); crp->crp_etype = error; crypto_done(crp); } Index: head/sys/opencrypto/cryptosoft.c =================================================================== --- head/sys/opencrypto/cryptosoft.c +++ head/sys/opencrypto/cryptosoft.c @@ -65,7 +65,7 @@ }; struct swcr_encdec { - uint8_t *sw_kschedule; + void *sw_kschedule; struct enc_xform *sw_exf; }; @@ -131,11 +131,8 @@ crypto_read_iv(crp, iv); if (crp->crp_cipher_key != NULL) { - if (sw->sw_kschedule) - exf->zerokey(&(sw->sw_kschedule)); - csp = crypto_get_params(crp->crp_session); - error = exf->setkey(&sw->sw_kschedule, + error = exf->setkey(sw->sw_kschedule, crp->crp_cipher_key, csp->csp_cipher_klen); if (error) return (error); @@ -197,10 +194,10 @@ /* Actual encryption/decryption */ if (exf->reinit) { if (encrypting) { - exf->encrypt(sw->sw_kschedule, + exf->encrypt(sw->sw_kschedule, blk, blk); } else { - exf->decrypt(sw->sw_kschedule, + exf->decrypt(sw->sw_kschedule, blk, blk); } } else if (encrypting) { @@ -208,7 +205,7 @@ for (j = 0; j < blks; j++) blk[j] ^= ivp[j]; - exf->encrypt(sw->sw_kschedule, blk); + exf->encrypt(sw->sw_kschedule, blk, blk); /* * Keep encrypted block for XOR'ing @@ -224,7 +221,7 @@ nivp = (ivp == iv) ? iv2 : iv; bcopy(blk, nivp, blks); - exf->decrypt(sw->sw_kschedule, blk); + exf->decrypt(sw->sw_kschedule, blk, blk); /* XOR with previous block */ for (j = 0; j < blks; j++) @@ -264,25 +261,25 @@ if (exf->reinit) { if (encrypting && exf->encrypt_multi == NULL) exf->encrypt(sw->sw_kschedule, - idat); + idat, idat); else if (encrypting) { nb = rounddown(rem, blks); exf->encrypt_multi(sw->sw_kschedule, - idat, nb); + idat, idat, nb); } else if (exf->decrypt_multi == NULL) exf->decrypt(sw->sw_kschedule, - idat); + idat, idat); else { nb = rounddown(rem, blks); exf->decrypt_multi(sw->sw_kschedule, - idat, nb); + idat, idat, nb); } } else if (encrypting) { /* XOR with previous block/IV */ for (j = 0; j < blks; j++) idat[j] ^= ivp[j]; - exf->encrypt(sw->sw_kschedule, idat); + exf->encrypt(sw->sw_kschedule, idat, idat); ivp = idat; } else { /* decrypt */ /* @@ -292,7 +289,7 @@ nivp = (ivp == iv) ? iv2 : iv; bcopy(idat, nivp, blks); - exf->decrypt(sw->sw_kschedule, idat); + exf->decrypt(sw->sw_kschedule, idat, idat); /* XOR with previous block/IV */ for (j = 0; j < blks; j++) @@ -543,7 +540,7 @@ bzero(blk, blksz); crypto_copydata(crp, crp->crp_payload_start + i, len, blk); if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) { - exf->encrypt(swe->sw_kschedule, blk); + exf->encrypt(swe->sw_kschedule, blk, blk); axf->Update(&ctx, blk, len); crypto_copyback(crp, crp->crp_payload_start + i, len, blk); @@ -579,7 +576,7 @@ bzero(blk, blksz); crypto_copydata(crp, crp->crp_payload_start + i, len, blk); - exf->decrypt(swe->sw_kschedule, blk); + exf->decrypt(swe->sw_kschedule, blk, blk); crypto_copyback(crp, crp->crp_payload_start + i, len, blk); } @@ -704,7 +701,7 @@ crypto_copydata(crp, crp->crp_payload_start + i, len, blk); if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) { axf->Update(&ctx, blk, len); - exf->encrypt(swe->sw_kschedule, blk); + exf->encrypt(swe->sw_kschedule, blk, blk); crypto_copyback(crp, crp->crp_payload_start + i, len, blk); } else { @@ -716,7 +713,7 @@ * the tag and a second time after the tag is * verified. */ - exf->decrypt(swe->sw_kschedule, blk); + exf->decrypt(swe->sw_kschedule, blk, blk); axf->Update(&ctx, blk, len); } } @@ -741,7 +738,7 @@ bzero(blk, blksz); crypto_copydata(crp, crp->crp_payload_start + i, len, blk); - exf->decrypt(swe->sw_kschedule, blk); + exf->decrypt(swe->sw_kschedule, blk, blk); crypto_copyback(crp, crp->crp_payload_start + i, len, blk); } @@ -854,7 +851,7 @@ } static int -swcr_setup_encdec(struct swcr_session *ses, +swcr_setup_cipher(struct swcr_session *ses, const struct crypto_session_params *csp) { struct swcr_encdec *swe; @@ -864,8 +861,14 @@ swe = &ses->swcr_encdec; txf = crypto_cipher(csp); MPASS(txf->ivsize == csp->csp_ivlen); + if (txf->ctxsize != 0) { + swe->sw_kschedule = malloc(txf->ctxsize, M_CRYPTO_DATA, + M_NOWAIT); + if (swe->sw_kschedule == NULL) + return (ENOMEM); + } if (csp->csp_cipher_key != NULL) { - error = txf->setkey(&swe->sw_kschedule, + error = txf->setkey(swe->sw_kschedule, csp->csp_cipher_key, csp->csp_cipher_klen); if (error) return (error); @@ -962,11 +965,8 @@ swcr_setup_gcm(struct swcr_session *ses, const struct crypto_session_params *csp) { - struct swcr_encdec *swe; struct swcr_auth *swa; - struct enc_xform *txf; struct auth_hash *axf; - int error; if (csp->csp_ivlen != AES_GCM_IV_LEN) return (EINVAL); @@ -1002,28 +1002,15 @@ csp->csp_cipher_klen); /* Second, setup the cipher side. */ - swe = &ses->swcr_encdec; - txf = &enc_xform_aes_nist_gcm; - if (csp->csp_cipher_key != NULL) { - error = txf->setkey(&swe->sw_kschedule, - csp->csp_cipher_key, csp->csp_cipher_klen); - if (error) - return (error); - } - swe->sw_exf = txf; - - return (0); + return (swcr_setup_cipher(ses, csp)); } static int swcr_setup_ccm(struct swcr_session *ses, const struct crypto_session_params *csp) { - struct swcr_encdec *swe; struct swcr_auth *swa; - struct enc_xform *txf; struct auth_hash *axf; - int error; if (csp->csp_ivlen != AES_CCM_IV_LEN) return (EINVAL); @@ -1059,17 +1046,7 @@ csp->csp_cipher_klen); /* Second, setup the cipher side. */ - swe = &ses->swcr_encdec; - txf = &enc_xform_ccm; - if (csp->csp_cipher_key != NULL) { - error = txf->setkey(&swe->sw_kschedule, - csp->csp_cipher_key, csp->csp_cipher_klen); - if (error) - return (error); - } - swe->sw_exf = txf; - - return (0); + return (swcr_setup_cipher(ses, csp)); } static bool @@ -1246,7 +1223,7 @@ panic("bad cipher algo"); #endif default: - error = swcr_setup_encdec(ses, csp); + error = swcr_setup_cipher(ses, csp); if (error == 0) ses->swcr_process = swcr_encdec; } @@ -1295,7 +1272,7 @@ break; } - error = swcr_setup_encdec(ses, csp); + error = swcr_setup_cipher(ses, csp); if (error == 0) ses->swcr_process = swcr_eta; break; @@ -1313,18 +1290,13 @@ { struct swcr_session *ses; struct swcr_auth *swa; - struct enc_xform *txf; struct auth_hash *axf; ses = crypto_get_driver_session(cses); mtx_destroy(&ses->swcr_lock); - txf = ses->swcr_encdec.sw_exf; - if (txf != NULL) { - if (ses->swcr_encdec.sw_kschedule != NULL) - txf->zerokey(&(ses->swcr_encdec.sw_kschedule)); - } + zfree(ses->swcr_encdec.sw_kschedule, M_CRYPTO_DATA); axf = ses->swcr_auth.sw_axf; if (axf != NULL) { Index: head/sys/opencrypto/xform_aes_icm.c =================================================================== --- head/sys/opencrypto/xform_aes_icm.c +++ head/sys/opencrypto/xform_aes_icm.c @@ -52,43 +52,50 @@ #include -static int aes_icm_setkey(u_int8_t **, const u_int8_t *, int); -static void aes_icm_crypt(caddr_t, u_int8_t *); -static void aes_icm_zerokey(u_int8_t **); -static void aes_icm_reinit(caddr_t, const u_int8_t *); -static void aes_gcm_reinit(caddr_t, const u_int8_t *); -static void aes_ccm_reinit(caddr_t, const u_int8_t *); +static int aes_icm_setkey(void *, const uint8_t *, int); +static void aes_icm_crypt(void *, const uint8_t *, uint8_t *); +static void aes_icm_reinit(void *, const uint8_t *); +static void aes_gcm_reinit(void *, const uint8_t *); +static void aes_ccm_reinit(void *, const uint8_t *); /* Encryption instances */ struct enc_xform enc_xform_aes_icm = { - CRYPTO_AES_ICM, "AES-ICM", - AES_BLOCK_LEN, AES_BLOCK_LEN, AES_MIN_KEY, AES_MAX_KEY, - aes_icm_crypt, - aes_icm_crypt, - aes_icm_setkey, - aes_icm_zerokey, - aes_icm_reinit, + .type = CRYPTO_AES_ICM, + .name = "AES-ICM", + .ctxsize = sizeof(struct aes_icm_ctx), + .blocksize = AES_BLOCK_LEN, + .ivsize = AES_BLOCK_LEN, + .minkey = AES_MIN_KEY, + .maxkey = AES_MAX_KEY, + .encrypt = aes_icm_crypt, + .decrypt = aes_icm_crypt, + .setkey = aes_icm_setkey, + .reinit = aes_icm_reinit, }; struct enc_xform enc_xform_aes_nist_gcm = { - CRYPTO_AES_NIST_GCM_16, "AES-GCM", - AES_ICM_BLOCK_LEN, AES_GCM_IV_LEN, AES_MIN_KEY, AES_MAX_KEY, - aes_icm_crypt, - aes_icm_crypt, - aes_icm_setkey, - aes_icm_zerokey, - aes_gcm_reinit, + .type = CRYPTO_AES_NIST_GCM_16, + .name = "AES-GCM", + .ctxsize = sizeof(struct aes_icm_ctx), + .blocksize = AES_ICM_BLOCK_LEN, + .ivsize = AES_GCM_IV_LEN, + .minkey = AES_MIN_KEY, + .maxkey = AES_MAX_KEY, + .encrypt = aes_icm_crypt, + .decrypt = aes_icm_crypt, + .setkey = aes_icm_setkey, + .reinit = aes_gcm_reinit, }; struct enc_xform enc_xform_ccm = { .type = CRYPTO_AES_CCM_16, .name = "AES-CCM", + .ctxsize = sizeof(struct aes_icm_ctx), .blocksize = AES_ICM_BLOCK_LEN, .ivsize = AES_CCM_IV_LEN, .minkey = AES_MIN_KEY, .maxkey = AES_MAX_KEY, .encrypt = aes_icm_crypt, .decrypt = aes_icm_crypt, .setkey = aes_icm_setkey, - .zerokey = aes_icm_zerokey, .reinit = aes_ccm_reinit, }; @@ -96,33 +103,33 @@ * Encryption wrapper routines. */ static void -aes_icm_reinit(caddr_t key, const u_int8_t *iv) +aes_icm_reinit(void *key, const uint8_t *iv) { struct aes_icm_ctx *ctx; - ctx = (struct aes_icm_ctx *)key; + ctx = key; bcopy(iv, ctx->ac_block, AESICM_BLOCKSIZE); } static void -aes_gcm_reinit(caddr_t key, const u_int8_t *iv) +aes_gcm_reinit(void *key, const uint8_t *iv) { struct aes_icm_ctx *ctx; aes_icm_reinit(key, iv); - ctx = (struct aes_icm_ctx *)key; + ctx = key; /* GCM starts with 2 as counter 1 is used for final xor of tag. */ bzero(&ctx->ac_block[AESICM_BLOCKSIZE - 4], 4); ctx->ac_block[AESICM_BLOCKSIZE - 1] = 2; } static void -aes_ccm_reinit(caddr_t key, const u_int8_t *iv) +aes_ccm_reinit(void *key, const uint8_t *iv) { struct aes_icm_ctx *ctx; - ctx = (struct aes_icm_ctx*)key; + ctx = key; /* CCM has flags, then the IV, then the counter, which starts at 1 */ bzero(ctx->ac_block, sizeof(ctx->ac_block)); @@ -133,16 +140,16 @@ } static void -aes_icm_crypt(caddr_t key, u_int8_t *data) +aes_icm_crypt(void *key, const uint8_t *in, uint8_t *out) { struct aes_icm_ctx *ctx; - u_int8_t keystream[AESICM_BLOCKSIZE]; + uint8_t keystream[AESICM_BLOCKSIZE]; int i; - ctx = (struct aes_icm_ctx *)key; + ctx = key; rijndaelEncrypt(ctx->ac_ek, ctx->ac_nr, ctx->ac_block, keystream); for (i = 0; i < AESICM_BLOCKSIZE; i++) - data[i] ^= keystream[i]; + out[i] = in[i] ^ keystream[i]; explicit_bzero(keystream, sizeof(keystream)); /* increment counter */ @@ -153,28 +160,14 @@ } static int -aes_icm_setkey(u_int8_t **sched, const u_int8_t *key, int len) +aes_icm_setkey(void *sched, const uint8_t *key, int len) { struct aes_icm_ctx *ctx; if (len != 16 && len != 24 && len != 32) - return EINVAL; + return (EINVAL); - *sched = KMALLOC(sizeof(struct aes_icm_ctx), M_CRYPTO_DATA, - M_NOWAIT | M_ZERO); - if (*sched == NULL) - return ENOMEM; - - ctx = (struct aes_icm_ctx *)*sched; + ctx = sched; ctx->ac_nr = rijndaelKeySetupEnc(ctx->ac_ek, key, len * 8); - return 0; -} - -static void -aes_icm_zerokey(u_int8_t **sched) -{ - - bzero(*sched, sizeof(struct aes_icm_ctx)); - KFREE(*sched, M_CRYPTO_DATA); - *sched = NULL; + return (0); } Index: head/sys/opencrypto/xform_aes_xts.c =================================================================== --- head/sys/opencrypto/xform_aes_xts.c +++ head/sys/opencrypto/xform_aes_xts.c @@ -52,31 +52,34 @@ #include -static int aes_xts_setkey(u_int8_t **, const u_int8_t *, int); -static void aes_xts_encrypt(caddr_t, u_int8_t *); -static void aes_xts_decrypt(caddr_t, u_int8_t *); -static void aes_xts_zerokey(u_int8_t **); -static void aes_xts_reinit(caddr_t, const u_int8_t *); +static int aes_xts_setkey(void *, const uint8_t *, int); +static void aes_xts_encrypt(void *, const uint8_t *, uint8_t *); +static void aes_xts_decrypt(void *, const uint8_t *, uint8_t *); +static void aes_xts_reinit(void *, const uint8_t *); /* Encryption instances */ struct enc_xform enc_xform_aes_xts = { - CRYPTO_AES_XTS, "AES-XTS", - AES_BLOCK_LEN, AES_XTS_IV_LEN, AES_XTS_MIN_KEY, AES_XTS_MAX_KEY, - aes_xts_encrypt, - aes_xts_decrypt, - aes_xts_setkey, - aes_xts_zerokey, - aes_xts_reinit + .type = CRYPTO_AES_XTS, + .name = "AES-XTS", + .ctxsize = sizeof(struct aes_xts_ctx), + .blocksize = AES_BLOCK_LEN, + .ivsize = AES_XTS_IV_LEN, + .minkey = AES_XTS_MIN_KEY, + .maxkey = AES_XTS_MAX_KEY, + .encrypt = aes_xts_encrypt, + .decrypt = aes_xts_decrypt, + .setkey = aes_xts_setkey, + .reinit = aes_xts_reinit }; /* * Encryption wrapper routines. */ static void -aes_xts_reinit(caddr_t key, const u_int8_t *iv) +aes_xts_reinit(void *key, const uint8_t *iv) { - struct aes_xts_ctx *ctx = (struct aes_xts_ctx *)key; - u_int64_t blocknum; + struct aes_xts_ctx *ctx = key; + uint64_t blocknum; u_int i; /* @@ -95,21 +98,22 @@ } static void -aes_xts_crypt(struct aes_xts_ctx *ctx, u_int8_t *data, u_int do_encrypt) +aes_xts_crypt(struct aes_xts_ctx *ctx, const uint8_t *in, uint8_t *out, + u_int do_encrypt) { - u_int8_t block[AES_XTS_BLOCKSIZE]; + uint8_t block[AES_XTS_BLOCKSIZE]; u_int i, carry_in, carry_out; for (i = 0; i < AES_XTS_BLOCKSIZE; i++) - block[i] = data[i] ^ ctx->tweak[i]; + block[i] = in[i] ^ ctx->tweak[i]; if (do_encrypt) - rijndael_encrypt(&ctx->key1, block, data); + rijndael_encrypt(&ctx->key1, block, out); else - rijndael_decrypt(&ctx->key1, block, data); + rijndael_decrypt(&ctx->key1, block, out); for (i = 0; i < AES_XTS_BLOCKSIZE; i++) - data[i] ^= ctx->tweak[i]; + out[i] ^= ctx->tweak[i]; /* Exponentiate tweak */ carry_in = 0; @@ -120,45 +124,33 @@ } if (carry_in) ctx->tweak[0] ^= AES_XTS_ALPHA; - bzero(block, sizeof(block)); + explicit_bzero(block, sizeof(block)); } static void -aes_xts_encrypt(caddr_t key, u_int8_t *data) +aes_xts_encrypt(void *key, const uint8_t *in, uint8_t *out) { - aes_xts_crypt((struct aes_xts_ctx *)key, data, 1); + aes_xts_crypt(key, in, out, 1); } static void -aes_xts_decrypt(caddr_t key, u_int8_t *data) +aes_xts_decrypt(void *key, const uint8_t *in, uint8_t *out) { - aes_xts_crypt((struct aes_xts_ctx *)key, data, 0); + aes_xts_crypt(key, in, out, 0); } static int -aes_xts_setkey(u_int8_t **sched, const u_int8_t *key, int len) +aes_xts_setkey(void *sched, const uint8_t *key, int len) { struct aes_xts_ctx *ctx; if (len != 32 && len != 64) - return EINVAL; + return (EINVAL); - *sched = KMALLOC(sizeof(struct aes_xts_ctx), M_CRYPTO_DATA, - M_NOWAIT | M_ZERO); - if (*sched == NULL) - return ENOMEM; - ctx = (struct aes_xts_ctx *)*sched; + ctx = sched; rijndael_set_key(&ctx->key1, key, len * 4); rijndael_set_key(&ctx->key2, key + (len / 2), len * 4); - return 0; -} - -static void -aes_xts_zerokey(u_int8_t **sched) -{ - bzero(*sched, sizeof(struct aes_xts_ctx)); - KFREE(*sched, M_CRYPTO_DATA); - *sched = NULL; + return (0); } Index: head/sys/opencrypto/xform_auth.h =================================================================== --- head/sys/opencrypto/xform_auth.h +++ head/sys/opencrypto/xform_auth.h @@ -44,7 +44,6 @@ #include #include -#include /* XXX use a define common with other hash stuff ! */ #define AH_ALEN_MAX 64 /* max authenticator hash length */ Index: head/sys/opencrypto/xform_cml.c =================================================================== --- head/sys/opencrypto/xform_cml.c +++ head/sys/opencrypto/xform_cml.c @@ -53,61 +53,46 @@ #include #include -static int cml_setkey(u_int8_t **, const u_int8_t *, int); -static void cml_encrypt(caddr_t, u_int8_t *); -static void cml_decrypt(caddr_t, u_int8_t *); -static void cml_zerokey(u_int8_t **); +static int cml_setkey(void *, const uint8_t *, int); +static void cml_encrypt(void *, const uint8_t *, uint8_t *); +static void cml_decrypt(void *, const uint8_t *, uint8_t *); /* Encryption instances */ struct enc_xform enc_xform_camellia = { - CRYPTO_CAMELLIA_CBC, "Camellia", - CAMELLIA_BLOCK_LEN, CAMELLIA_BLOCK_LEN, CAMELLIA_MIN_KEY, - CAMELLIA_MAX_KEY, - cml_encrypt, - cml_decrypt, - cml_setkey, - cml_zerokey, - NULL, + .type = CRYPTO_CAMELLIA_CBC, + .name = "Camellia-CBC", + .ctxsize = sizeof(camellia_ctx), + .blocksize = CAMELLIA_BLOCK_LEN, + .ivsize = CAMELLIA_BLOCK_LEN, + .minkey = CAMELLIA_MIN_KEY, + .maxkey = CAMELLIA_MAX_KEY, + .encrypt = cml_encrypt, + .decrypt = cml_decrypt, + .setkey = cml_setkey, }; /* * Encryption wrapper routines. */ static void -cml_encrypt(caddr_t key, u_int8_t *blk) +cml_encrypt(void *ctx, const uint8_t *in, uint8_t *out) { - camellia_encrypt((camellia_ctx *) key, (u_char *) blk, (u_char *) blk); + camellia_encrypt(ctx, in, out); } static void -cml_decrypt(caddr_t key, u_int8_t *blk) +cml_decrypt(void *ctx, const uint8_t *in, uint8_t *out) { - camellia_decrypt(((camellia_ctx *) key), (u_char *) blk, - (u_char *) blk); + camellia_decrypt(ctx, in, out); } static int -cml_setkey(u_int8_t **sched, const u_int8_t *key, int len) +cml_setkey(void *ctx, const uint8_t *key, int len) { - int err; if (len != 16 && len != 24 && len != 32) return (EINVAL); - *sched = KMALLOC(sizeof(camellia_ctx), M_CRYPTO_DATA, - M_NOWAIT|M_ZERO); - if (*sched != NULL) { - camellia_set_key((camellia_ctx *) *sched, key, - len * 8); - err = 0; - } else - err = ENOMEM; - return err; -} -static void -cml_zerokey(u_int8_t **sched) -{ - bzero(*sched, sizeof(camellia_ctx)); - KFREE(*sched, M_CRYPTO_DATA); - *sched = NULL; + camellia_set_key(ctx, key, len * 8); + return (0); } Index: head/sys/opencrypto/xform_comp.h =================================================================== --- head/sys/opencrypto/xform_comp.h +++ head/sys/opencrypto/xform_comp.h @@ -36,7 +36,6 @@ #include #include -#include /* Declarations */ struct comp_algo { Index: head/sys/opencrypto/xform_enc.h =================================================================== --- head/sys/opencrypto/xform_enc.h +++ head/sys/opencrypto/xform_enc.h @@ -36,7 +36,6 @@ #include #include #include -#include #define AESICM_BLOCKSIZE AES_BLOCK_LEN #define AES_XTS_BLOCKSIZE 16 @@ -47,22 +46,22 @@ struct enc_xform { int type; char *name; + size_t ctxsize; u_int16_t blocksize; /* Required input block size -- 1 for stream ciphers. */ u_int16_t ivsize; u_int16_t minkey, maxkey; - void (*encrypt) (caddr_t, u_int8_t *); - void (*decrypt) (caddr_t, u_int8_t *); - int (*setkey) (u_int8_t **, const u_int8_t *, int len); - void (*zerokey) (u_int8_t **); - void (*reinit) (caddr_t, const u_int8_t *); + void (*encrypt) (void *, const uint8_t *, uint8_t *); + void (*decrypt) (void *, const uint8_t *, uint8_t *); + int (*setkey) (void *, const uint8_t *, int len); + void (*reinit) (void *, const u_int8_t *); /* * Encrypt/decrypt 1+ blocks of input -- total size is 'len' bytes. * Len is guaranteed to be a multiple of the defined 'blocksize'. * Optional interface -- most useful for stream ciphers with a small * blocksize (1). */ - void (*encrypt_multi) (void *, uint8_t *, size_t len); - void (*decrypt_multi) (void *, uint8_t *, size_t len); + void (*encrypt_multi) (void *, const uint8_t *, uint8_t *, size_t len); + void (*decrypt_multi) (void *, const uint8_t *, uint8_t *, size_t len); }; Index: head/sys/opencrypto/xform_gmac.c =================================================================== --- head/sys/opencrypto/xform_gmac.c +++ head/sys/opencrypto/xform_gmac.c @@ -55,13 +55,12 @@ /* Encryption instances */ struct enc_xform enc_xform_aes_nist_gmac = { - CRYPTO_AES_NIST_GMAC, "AES-GMAC", - AES_ICM_BLOCK_LEN, AES_GCM_IV_LEN, AES_MIN_KEY, AES_MAX_KEY, - NULL, - NULL, - NULL, - NULL, - NULL, + .type = CRYPTO_AES_NIST_GMAC, + .name = "AES-GMAC", + .blocksize = AES_ICM_BLOCK_LEN, + .ivsize = AES_GCM_IV_LEN, + .minkey = AES_MIN_KEY, + .maxkey = AES_MAX_KEY, }; /* Authentication instances */ Index: head/sys/opencrypto/xform_null.c =================================================================== --- head/sys/opencrypto/xform_null.c +++ head/sys/opencrypto/xform_null.c @@ -53,10 +53,8 @@ #include #include -static int null_setkey(u_int8_t **, const u_int8_t *, int); -static void null_encrypt(caddr_t, u_int8_t *); -static void null_decrypt(caddr_t, u_int8_t *); -static void null_zerokey(u_int8_t **); +static int null_setkey(void *, const u_int8_t *, int); +static void null_crypt(void *, const uint8_t *, uint8_t *); static void null_init(void *); static void null_reinit(void *ctx, const u_int8_t *buf, u_int16_t len); @@ -65,14 +63,16 @@ /* Encryption instances */ struct enc_xform enc_xform_null = { - CRYPTO_NULL_CBC, "NULL", + .type = CRYPTO_NULL_CBC, + .name = "NULL", /* NB: blocksize of 4 is to generate a properly aligned ESP header */ - NULL_BLOCK_LEN, 0, NULL_MIN_KEY, NULL_MAX_KEY, - null_encrypt, - null_decrypt, - null_setkey, - null_zerokey, - NULL, + .blocksize = NULL_BLOCK_LEN, + .ivsize = 0, + .minkey = NULL_MIN_KEY, + .maxkey = NULL_MAX_KEY, + .encrypt = null_crypt, + .decrypt = null_crypt, + .setkey = null_setkey, }; /* Authentication instances */ @@ -94,26 +94,14 @@ * Encryption wrapper routines. */ static void -null_encrypt(caddr_t key, u_int8_t *blk) +null_crypt(void *key, const uint8_t *in, uint8_t *out) { } -static void -null_decrypt(caddr_t key, u_int8_t *blk) -{ -} - static int -null_setkey(u_int8_t **sched, const u_int8_t *key, int len) +null_setkey(void *sched, const uint8_t *key, int len) { - *sched = NULL; - return 0; -} - -static void -null_zerokey(u_int8_t **sched) -{ - *sched = NULL; + return (0); } /* Index: head/sys/opencrypto/xform_rijndael.c =================================================================== --- head/sys/opencrypto/xform_rijndael.c +++ head/sys/opencrypto/xform_rijndael.c @@ -53,61 +53,46 @@ #include #include -static int rijndael128_setkey(u_int8_t **, const u_int8_t *, int); -static void rijndael128_encrypt(caddr_t, u_int8_t *); -static void rijndael128_decrypt(caddr_t, u_int8_t *); -static void rijndael128_zerokey(u_int8_t **); +static int rijndael128_setkey(void *, const u_int8_t *, int); +static void rijndael128_encrypt(void *, const uint8_t *, uint8_t *); +static void rijndael128_decrypt(void *, const uint8_t *, uint8_t *); /* Encryption instances */ struct enc_xform enc_xform_rijndael128 = { - CRYPTO_RIJNDAEL128_CBC, "Rijndael-128/AES", - RIJNDAEL128_BLOCK_LEN, RIJNDAEL128_BLOCK_LEN, RIJNDAEL_MIN_KEY, - RIJNDAEL_MAX_KEY, - rijndael128_encrypt, - rijndael128_decrypt, - rijndael128_setkey, - rijndael128_zerokey, - NULL, + .type = CRYPTO_RIJNDAEL128_CBC, + .name = "Rijndael-128/AES", + .ctxsize = sizeof(rijndael_ctx), + .blocksize = RIJNDAEL128_BLOCK_LEN, + .ivsize = RIJNDAEL128_BLOCK_LEN, + .minkey = RIJNDAEL_MIN_KEY, + .maxkey = RIJNDAEL_MAX_KEY, + .encrypt = rijndael128_encrypt, + .decrypt = rijndael128_decrypt, + .setkey = rijndael128_setkey, }; /* * Encryption wrapper routines. */ static void -rijndael128_encrypt(caddr_t key, u_int8_t *blk) +rijndael128_encrypt(void *key, const uint8_t *in, uint8_t *out) { - rijndael_encrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk); + rijndael_encrypt(key, in, out); } static void -rijndael128_decrypt(caddr_t key, u_int8_t *blk) +rijndael128_decrypt(void *key, const uint8_t *in, uint8_t *out) { - rijndael_decrypt(((rijndael_ctx *) key), (u_char *) blk, - (u_char *) blk); + rijndael_decrypt(key, in, out); } static int -rijndael128_setkey(u_int8_t **sched, const u_int8_t *key, int len) +rijndael128_setkey(void *sched, const uint8_t *key, int len) { - int err; if (len != 16 && len != 24 && len != 32) return (EINVAL); - *sched = KMALLOC(sizeof(rijndael_ctx), M_CRYPTO_DATA, - M_NOWAIT|M_ZERO); - if (*sched != NULL) { - rijndael_set_key((rijndael_ctx *) *sched, key, - len * 8); - err = 0; - } else - err = ENOMEM; - return err; -} -static void -rijndael128_zerokey(u_int8_t **sched) -{ - bzero(*sched, sizeof(rijndael_ctx)); - KFREE(*sched, M_CRYPTO_DATA); - *sched = NULL; + rijndael_set_key(sched, key, len * 8); + return (0); } Index: head/sys/opencrypto/xform_userland.h =================================================================== --- head/sys/opencrypto/xform_userland.h +++ head/sys/opencrypto/xform_userland.h @@ -1,48 +0,0 @@ -/*- - * Copyright (c) 2015 Allan Jude - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _CRYPTO_XFORM_USERLAND_H_ -#define _CRYPTO_XFORM_USERLAND_H_ - -#ifdef _KERNEL -#include -#define KMALLOC(size, type, flags) malloc(size, type, flags) -#define KFREE(ptr, type) free(ptr, type) -#else /* not _KERNEL */ -#ifdef _STANDALONE -#include -#else /* !_STAND */ -#include -#include -#endif /* _STAND */ -#define KMALLOC(size, type, flags) malloc(size) -#define KFREE(ptr, type) free(ptr) -#endif /* _KERNEL */ - - -#endif /* _CRYPTO_XFORM_USERLAND_H_ */