D32106.id95640.diff
No OneTemporary
Actions

Size

5 KB

Referenced Files

None

Subscribers

None

D32106.id95640.diff
View Options

	Index: sys/dev/cxgbe/crypto/t4_crypto.c
	===================================================================
	--- sys/dev/cxgbe/crypto/t4_crypto.c
	+++ sys/dev/cxgbe/crypto/t4_crypto.c
	@@ -1391,7 +1391,6 @@
	void auth_ctx, kschedule;
	char block[GMAC_BLOCK_LEN];
	char digest[GMAC_DIGEST_LEN];
	- char iv[AES_BLOCK_LEN];
	int error, i, len;

	auth_ctx = NULL;
	@@ -1436,10 +1435,8 @@
	error = EINVAL;
	goto out;
	}
	- crypto_read_iv(crp, iv);
	- (uint32_t )&iv[12] = htobe32(1);

	- axf->Reinit(auth_ctx, iv, sizeof(iv));
	+ axf->Reinit(auth_ctx, crp->crp_iv, AES_GCM_IV_LEN);

	/* MAC the AAD. */
	if (crp->crp_aad != NULL) {
	@@ -1462,7 +1459,7 @@
	}
	}

	- exf->reinit(kschedule, iv, sizeof(iv));
	+ exf->reinit(kschedule, crp->crp_iv, AES_GCM_IV_LEN);

	/* Do encryption with MAC */
	for (i = 0; i < crp->crp_payload_length; i += sizeof(block)) {
	@@ -1522,7 +1519,6 @@
	zfree(kschedule, M_CCR);
	zfree(auth_ctx, M_CCR);
	explicit_bzero(block, sizeof(block));
	- explicit_bzero(iv, sizeof(iv));
	explicit_bzero(digest, sizeof(digest));
	crp->crp_etype = error;
	crypto_done(crp);
	@@ -1878,7 +1874,6 @@
	void *kschedule;
	char block[CCM_CBC_BLOCK_LEN];
	char digest[AES_CBC_MAC_HASH_LEN];
	- char iv[AES_CCM_IV_LEN];
	int error, i, len;

	auth_ctx = NULL;
	@@ -1923,11 +1918,10 @@
	error = EINVAL;
	goto out;
	}
	- crypto_read_iv(crp, iv);

	auth_ctx->aes_cbc_mac_ctx.authDataLength = crp->crp_aad_length;
	auth_ctx->aes_cbc_mac_ctx.cryptDataLength = crp->crp_payload_length;
	- axf->Reinit(auth_ctx, iv, sizeof(iv));
	+ axf->Reinit(auth_ctx, crp->crp_iv, AES_CCM_IV_LEN);

	/* MAC the AAD. */
	if (crp->crp_aad != NULL)
	@@ -1939,7 +1933,7 @@
	if (error)
	goto out;

	- exf->reinit(kschedule, iv, sizeof(iv));
	+ exf->reinit(kschedule, crp->crp_iv, AES_CCM_IV_LEN);

	/* Do encryption/decryption with MAC */
	for (i = 0; i < crp->crp_payload_length; i += sizeof(block)) {
	@@ -1974,7 +1968,7 @@
	error = 0;

	/* Tag matches, decrypt data. */
	- exf->reinit(kschedule, iv, sizeof(iv));
	+ exf->reinit(kschedule, crp->crp_iv, AES_CCM_IV_LEN);
	for (i = 0; i < crp->crp_payload_length;
	i += sizeof(block)) {
	len = imin(crp->crp_payload_length - i,
	@@ -1995,7 +1989,6 @@
	zfree(kschedule, M_CCR);
	zfree(auth_ctx, M_CCR);
	explicit_bzero(block, sizeof(block));
	- explicit_bzero(iv, sizeof(iv));
	explicit_bzero(digest, sizeof(digest));
	crp->crp_etype = error;
	crypto_done(crp);
	Index: sys/opencrypto/cryptosoft.c
	===================================================================
	--- sys/opencrypto/cryptosoft.c
	+++ sys/opencrypto/cryptosoft.c
	@@ -463,7 +463,6 @@
	uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))];
	u_char blk = (u_char )blkbuf;
	u_char tag[GMAC_DIGEST_LEN];
	- u_char iv[AES_BLOCK_LEN];
	struct crypto_buffer_cursor cc_in, cc_out;
	const u_char *inblk;
	u_char *outblk;
	@@ -492,12 +491,10 @@
	if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0)
	return (EINVAL);

	- /* Initialize the IV */
	ivlen = AES_GCM_IV_LEN;
	- bcopy(crp->crp_iv, iv, ivlen);

	/* Supply MAC with IV */
	- axf->Reinit(&ctx, iv, ivlen);
	+ axf->Reinit(&ctx, crp->crp_iv, ivlen);

	/* Supply MAC with AAD */
	if (crp->crp_aad != NULL) {
	@@ -536,7 +533,7 @@
	if (crp->crp_cipher_key != NULL)
	exf->setkey(swe->sw_kschedule, crp->crp_cipher_key,
	crypto_get_params(crp->crp_session)->csp_cipher_klen);
	- exf->reinit(swe->sw_kschedule, iv, ivlen);
	+ exf->reinit(swe->sw_kschedule, crp->crp_iv, ivlen);

	/* Do encryption with MAC */
	crypto_cursor_init(&cc_in, &crp->crp_buf);
	@@ -635,7 +632,6 @@
	out:
	explicit_bzero(blkbuf, sizeof(blkbuf));
	explicit_bzero(tag, sizeof(tag));
	- explicit_bzero(iv, sizeof(iv));

	return (error);
	}
	@@ -701,7 +697,6 @@
	uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))];
	u_char blk = (u_char )blkbuf;
	u_char tag[AES_CBC_MAC_HASH_LEN];
	- u_char iv[AES_BLOCK_LEN];
	struct crypto_buffer_cursor cc_in, cc_out;
	const u_char *inblk;
	u_char *outblk;
	@@ -729,9 +724,7 @@
	if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0)
	return (EINVAL);

	- /* Initialize the IV */
	ivlen = AES_CCM_IV_LEN;
	- bcopy(crp->crp_iv, iv, ivlen);

	/*
	* AES CCM-CBC-MAC needs to know the length of both the auth
	@@ -741,7 +734,7 @@
	ctx.aes_cbc_mac_ctx.cryptDataLength = crp->crp_payload_length;

	/* Supply MAC with IV */
	- axf->Reinit(&ctx, iv, ivlen);
	+ axf->Reinit(&ctx, crp->crp_iv, ivlen);

	/* Supply MAC with AAD */
	if (crp->crp_aad != NULL)
	@@ -755,7 +748,7 @@
	if (crp->crp_cipher_key != NULL)
	exf->setkey(swe->sw_kschedule, crp->crp_cipher_key,
	crypto_get_params(crp->crp_session)->csp_cipher_klen);
	- exf->reinit(swe->sw_kschedule, iv, ivlen);
	+ exf->reinit(swe->sw_kschedule, crp->crp_iv, ivlen);

	/* Do encryption/decryption with MAC */
	crypto_cursor_init(&cc_in, &crp->crp_buf);
	@@ -826,7 +819,7 @@
	}

	/* tag matches, decrypt data */
	- exf->reinit(swe->sw_kschedule, iv, ivlen);
	+ exf->reinit(swe->sw_kschedule, crp->crp_iv, ivlen);
	crypto_cursor_init(&cc_in, &crp->crp_buf);
	crypto_cursor_advance(&cc_in, crp->crp_payload_start);
	for (resid = crp->crp_payload_length; resid > blksz;
	@@ -859,7 +852,6 @@
	out:
	explicit_bzero(blkbuf, sizeof(blkbuf));
	explicit_bzero(tag, sizeof(tag));
	- explicit_bzero(iv, sizeof(iv));
	return (error);
	}

File Metadata

Mime Type: text/plain
Expires: Sat, Dec 21, 11:32 PM (20 h, 46 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 15548770
Default Alt Text: D32106.id95640.diff (5 KB)

D32106.id95640.diffNo OneTemporaryActions

D32106.id95640.diffView Options

File Metadata

Event Timeline

D32106.id95640.diff
No OneTemporary
Actions

D32106.id95640.diff
View Options