Differential D26688

Simplify swcr_authcompute() after removal of deprecated algorithms.
ClosedPublic
Actions

Authored by jhb on Oct 5 2020, 8:41 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Fri, Nov 21, 12:10 AM

	Unknown Object (File)
	Fri, Nov 21, 12:07 AM

	Unknown Object (File)
	Fri, Nov 21, 12:06 AM

	Unknown Object (File)
	Fri, Nov 21, 12:01 AM

	Unknown Object (File)
	Fri, Nov 14, 9:45 PM

	Unknown Object (File)
	Nov 9 2025, 9:34 AM

	Unknown Object (File)
	Nov 3 2025, 6:45 PM

	Unknown Object (File)
	Nov 3 2025, 12:17 AM

View All 69 Files

Subscribers

Details

Reviewers

cem
markj
jmg

Commits

rS366493: Simplify swcr_authcompute() after removal of deprecated algorithms.

Summary

Just use sw->octx != NULL to handle the HMAC case when finalizing the MAC.
Explicitly zero the on-stack auth context.

Test Plan

cryptocheck -d soft -all -z
also tested with some KTLS changes which used HMAC with AES-CBC

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb requested review of this revision.Oct 5 2020, 8:41 PM

jhb created this revision.

Harbormaster completed remote builds in B34006: Diff 77916.Oct 5 2020, 8:41 PM

markj accepted this revision.Oct 6 2020, 12:32 PM

markj added inline comments.

sys/opencrypto/cryptosoft.c
361 ↗	(On Diff #77916)	We are now doing some extra work for CRYPTO_NULL_HMAC, but I doubt it matters in any meaningful way.

This revision is now accepted and ready to land.Oct 6 2020, 12:32 PM

jhb added inline comments.Oct 6 2020, 5:56 PM

sys/opencrypto/cryptosoft.c
361 ↗	(On Diff #77916)	Ah, the correct fix for that would be to not allocate a sw_octx for NULL_HMAC then. However, it's probably not worth fixing. I do think the real solution for NULL_CBC and NULL_HMAC is that IPsec should handle NULL ciphers explicitly and not (ab)use OCF. That would avoid the need for having to deal with the context switches, etc.

Closed by commit rS366493: Simplify swcr_authcompute() after removal of deprecated algorithms. (authored by jhb). · Explain WhyOct 6 2020, 6:08 PM

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rS366493: Simplify swcr_authcompute() after removal of deprecated algorithms..

Herald added a reviewer: jmg. · View Herald TranscriptOct 6 2020, 6:08 PM

Herald added a subscriber: imp. · View Herald Transcript

Revision Contents
Changeset List

Path

Size

head/

sys/

opencrypto/

35 lines

Diff 77949

head/sys/opencrypto/cryptosoft.c

Loading...