Page MenuHomeFreeBSD
Files F131565658

D11757.diff
No OneTemporary
Actions

D11757.diff
View Options

Index: head/share/man/man4/crypto.4
===================================================================
--- head/share/man/man4/crypto.4
+++ head/share/man/man4/crypto.4
@@ -60,7 +60,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 15, 2015
+.Dd September 21, 2017
.Dt CRYPTO 4
.Os
.Sh NAME
@@ -127,7 +127,9 @@
.It
Submit requests, synchronously with
.Dv CIOCCRYPT
-(symmetric)
+(symmetric),
+.Dv CIOCCRYPTAEAD
+(symmetric),
or
.Dv CIOCKEY
(asymmetric).
@@ -279,6 +281,16 @@
.Fa cr_op-\*[Gt]iv
supply the addresses of the input buffer, output buffer,
one-way hash, and initialization vector, respectively.
+If a session is using both a privacy algorithm and a hash algorithm,
+the request will generate a hash of the input buffer before
+generating the output buffer by default.
+If the
+.Dv COP_F_CIPHER_FIRST
+flag is included in the
+.Fa cr_op-\*[Gt]flags
+field,
+then the request will generate a hash of the output buffer after
+executing the privacy algorithm.
.It Dv CIOCCRYPTAEAD Fa struct crypt_aead *cr_aead
.Bd -literal
struct crypt_aead {
Index: head/sys/opencrypto/cryptodev.h
===================================================================
--- head/sys/opencrypto/cryptodev.h
+++ head/sys/opencrypto/cryptodev.h
@@ -238,7 +238,8 @@
#define COP_ENCRYPT 1
#define COP_DECRYPT 2
u_int16_t flags;
-#define COP_F_BATCH 0x0008 /* Batch op if possible */
+#define COP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */
+#define COP_F_BATCH 0x0008 /* Batch op if possible */
u_int len;
c_caddr_t src; /* become iov[] inside kernel */
caddr_t dst;
Index: head/sys/opencrypto/cryptodev.c
===================================================================
--- head/sys/opencrypto/cryptodev.c
+++ head/sys/opencrypto/cryptodev.c
@@ -731,18 +731,22 @@
goto bail;
}
- if (cse->thash) {
- crda = crp->crp_desc;
- if (cse->txform)
- crde = crda->crd_next;
- } else {
- if (cse->txform)
+ if (cse->thash && cse->txform) {
+ if (cop->flags & COP_F_CIPHER_FIRST) {
crde = crp->crp_desc;
- else {
- SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
- error = EINVAL;
- goto bail;
+ crda = crde->crd_next;
+ } else {
+ crda = crp->crp_desc;
+ crde = crda->crd_next;
}
+ } else if (cse->thash) {
+ crda = crp->crp_desc;
+ } else if (cse->txform) {
+ crde = crp->crp_desc;
+ } else {
+ SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
+ error = EINVAL;
+ goto bail;
}
if ((error = copyin(cop->src, cse->uio.uio_iov[0].iov_base,

File Metadata

Mime Type
text/plain
Expires
Fri, Oct 10, 7:57 AM (21 h, 47 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
23524228
Default Alt Text
D11757.diff (2 KB)

Event Timeline