Changeset View
Changeset View
Standalone View
Standalone View
head/sys/netipsec/xform_esp.c
Show First 20 Lines • Show All 231 Lines • ▼ Show 20 Lines | csp.csp_cipher_klen = _KEYBITS(sav->key_enc) / 8 - | ||||
SAV_ISCTRORGCM(sav) * 4; | SAV_ISCTRORGCM(sav) * 4; | ||||
}; | }; | ||||
csp.csp_ivlen = txform->ivsize; | csp.csp_ivlen = txform->ivsize; | ||||
error = crypto_newsession(&sav->tdb_cryptoid, &csp, V_crypto_support); | error = crypto_newsession(&sav->tdb_cryptoid, &csp, V_crypto_support); | ||||
return error; | return error; | ||||
} | } | ||||
/* | static void | ||||
* Paranoia. | esp_cleanup(struct secasvar *sav) | ||||
*/ | |||||
static int | |||||
esp_zeroize(struct secasvar *sav) | |||||
{ | { | ||||
/* NB: ah_zeroize free's the crypto session state */ | |||||
int error = ah_zeroize(sav); | |||||
crypto_freesession(sav->tdb_cryptoid); | |||||
sav->tdb_cryptoid = NULL; | |||||
sav->tdb_authalgxform = NULL; | |||||
sav->tdb_encalgxform = NULL; | sav->tdb_encalgxform = NULL; | ||||
sav->tdb_xform = NULL; | |||||
return error; | |||||
} | } | ||||
/* | /* | ||||
* ESP input processing, called (eventually) through the protocol switch. | * ESP input processing, called (eventually) through the protocol switch. | ||||
*/ | */ | ||||
static int | static int | ||||
esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) | esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) | ||||
{ | { | ||||
▲ Show 20 Lines • Show All 699 Lines • ▼ Show 20 Lines | bad: | ||||
key_freesp(&sp); | key_freesp(&sp); | ||||
return (error); | return (error); | ||||
} | } | ||||
static struct xformsw esp_xformsw = { | static struct xformsw esp_xformsw = { | ||||
.xf_type = XF_ESP, | .xf_type = XF_ESP, | ||||
.xf_name = "IPsec ESP", | .xf_name = "IPsec ESP", | ||||
.xf_init = esp_init, | .xf_init = esp_init, | ||||
.xf_zeroize = esp_zeroize, | .xf_cleanup = esp_cleanup, | ||||
.xf_input = esp_input, | .xf_input = esp_input, | ||||
.xf_output = esp_output, | .xf_output = esp_output, | ||||
}; | }; | ||||
SYSINIT(esp_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, | SYSINIT(esp_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, | ||||
xform_attach, &esp_xformsw); | xform_attach, &esp_xformsw); | ||||
SYSUNINIT(esp_xform_uninit, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, | SYSUNINIT(esp_xform_uninit, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, | ||||
xform_detach, &esp_xformsw); | xform_detach, &esp_xformsw); |