The branch main has been updated by jhb:
URL:
https://cgit.FreeBSD.org/src/commit/?id=5ae5ed5b8fd2955378ab67ba127cad8c981678ab
commit 5ae5ed5b8fd2955378ab67ba127cad8c981678ab
Author: John Baldwin <j...@freebsd.org>
AuthorDate: 2021-10-06 21:08:46 +0000
Commit: John Baldwin <j...@freebsd.org>
CommitDate: 2021-10-06 21:08:46 +0000
cryptosoft, ccr: Use crp_iv directly for AES-CCM and AES-GCM.
Rather than copying crp_iv to a local array on the stack that is then
passed to xform reinit routines, pass crp_iv directly and remove the
local copy.
Reviewed by: markj
Sponsored by: Chelsio Communications, The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32106
---
sys/dev/cxgbe/crypto/t4_crypto.c | 17 +++++------------
sys/opencrypto/cryptosoft.c | 18 +++++-------------
2 files changed, 10 insertions(+), 25 deletions(-)
diff --git a/sys/dev/cxgbe/crypto/t4_crypto.c b/sys/dev/cxgbe/crypto/t4_crypto.c
index 845bc3c29e38..30d168b60777 100644
--- a/sys/dev/cxgbe/crypto/t4_crypto.c
+++ b/sys/dev/cxgbe/crypto/t4_crypto.c
@@ -1391,7 +1391,6 @@ ccr_gcm_soft(struct ccr_session *s, struct cryptop *crp)
void *auth_ctx, *kschedule;
char block[GMAC_BLOCK_LEN];
char digest[GMAC_DIGEST_LEN];
- char iv[AES_BLOCK_LEN];
int error, i, len;
auth_ctx = NULL;
@@ -1436,10 +1435,8 @@ ccr_gcm_soft(struct ccr_session *s, struct cryptop *crp)
error = EINVAL;
goto out;
}
- crypto_read_iv(crp, iv);
- *(uint32_t *)&iv[12] = htobe32(1);
- axf->Reinit(auth_ctx, iv, sizeof(iv));
+ axf->Reinit(auth_ctx, crp->crp_iv, AES_GCM_IV_LEN);
/* MAC the AAD. */
if (crp->crp_aad != NULL) {
@@ -1462,7 +1459,7 @@ ccr_gcm_soft(struct ccr_session *s, struct cryptop *crp)
}
}
- exf->reinit(kschedule, iv, sizeof(iv));
+ exf->reinit(kschedule, crp->crp_iv, AES_GCM_IV_LEN);
/* Do encryption with MAC */
for (i = 0; i < crp->crp_payload_length; i += sizeof(block)) {
@@ -1522,7 +1519,6 @@ out:
zfree(kschedule, M_CCR);
zfree(auth_ctx, M_CCR);
explicit_bzero(block, sizeof(block));
- explicit_bzero(iv, sizeof(iv));
explicit_bzero(digest, sizeof(digest));
crp->crp_etype = error;
crypto_done(crp);
@@ -1878,7 +1874,6 @@ ccr_ccm_soft(struct ccr_session *s, struct cryptop *crp)
void *kschedule;
char block[CCM_CBC_BLOCK_LEN];
char digest[AES_CBC_MAC_HASH_LEN];
- char iv[AES_CCM_IV_LEN];
int error, i, len;
auth_ctx = NULL;
@@ -1923,11 +1918,10 @@ ccr_ccm_soft(struct ccr_session *s, struct cryptop *crp)
error = EINVAL;
goto out;
}
- crypto_read_iv(crp, iv);
auth_ctx->aes_cbc_mac_ctx.authDataLength = crp->crp_aad_length;
auth_ctx->aes_cbc_mac_ctx.cryptDataLength = crp->crp_payload_length;
- axf->Reinit(auth_ctx, iv, sizeof(iv));
+ axf->Reinit(auth_ctx, crp->crp_iv, AES_CCM_IV_LEN);
/* MAC the AAD. */
if (crp->crp_aad != NULL)
@@ -1939,7 +1933,7 @@ ccr_ccm_soft(struct ccr_session *s, struct cryptop *crp)
if (error)
goto out;
- exf->reinit(kschedule, iv, sizeof(iv));
+ exf->reinit(kschedule, crp->crp_iv, AES_CCM_IV_LEN);
/* Do encryption/decryption with MAC */
for (i = 0; i < crp->crp_payload_length; i += sizeof(block)) {
@@ -1974,7 +1968,7 @@ ccr_ccm_soft(struct ccr_session *s, struct cryptop *crp)
error = 0;
/* Tag matches, decrypt data. */
- exf->reinit(kschedule, iv, sizeof(iv));
+ exf->reinit(kschedule, crp->crp_iv, AES_CCM_IV_LEN);
for (i = 0; i < crp->crp_payload_length;
i += sizeof(block)) {
len = imin(crp->crp_payload_length - i,
@@ -1995,7 +1989,6 @@ out:
zfree(kschedule, M_CCR);
zfree(auth_ctx, M_CCR);
explicit_bzero(block, sizeof(block));
- explicit_bzero(iv, sizeof(iv));
explicit_bzero(digest, sizeof(digest));
crp->crp_etype = error;
crypto_done(crp);
diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c
index 04a2b004799a..19092e56b004 100644
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@@ -463,7 +463,6 @@ swcr_gcm(struct swcr_session *ses, struct cryptop *crp)
uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))];
u_char *blk = (u_char *)blkbuf;
u_char tag[GMAC_DIGEST_LEN];
- u_char iv[AES_BLOCK_LEN];
struct crypto_buffer_cursor cc_in, cc_out;
const u_char *inblk;
u_char *outblk;
@@ -492,12 +491,10 @@ swcr_gcm(struct swcr_session *ses, struct cryptop *crp)
if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0)
return (EINVAL);
- /* Initialize the IV */
ivlen = AES_GCM_IV_LEN;
- bcopy(crp->crp_iv, iv, ivlen);
/* Supply MAC with IV */
- axf->Reinit(&ctx, iv, ivlen);
+ axf->Reinit(&ctx, crp->crp_iv, ivlen);
/* Supply MAC with AAD */
if (crp->crp_aad != NULL) {
@@ -536,7 +533,7 @@ swcr_gcm(struct swcr_session *ses, struct cryptop *crp)
if (crp->crp_cipher_key != NULL)
exf->setkey(swe->sw_kschedule, crp->crp_cipher_key,
crypto_get_params(crp->crp_session)->csp_cipher_klen);
- exf->reinit(swe->sw_kschedule, iv, ivlen);
+ exf->reinit(swe->sw_kschedule, crp->crp_iv, ivlen);
/* Do encryption with MAC */
crypto_cursor_init(&cc_in, &crp->crp_buf);
@@ -635,7 +632,6 @@ swcr_gcm(struct swcr_session *ses, struct cryptop *crp)
out:
explicit_bzero(blkbuf, sizeof(blkbuf));
explicit_bzero(tag, sizeof(tag));
- explicit_bzero(iv, sizeof(iv));
return (error);
}
@@ -701,7 +697,6 @@ swcr_ccm(struct swcr_session *ses, struct cryptop *crp)
uint32_t blkbuf[howmany(AES_BLOCK_LEN, sizeof(uint32_t))];
u_char *blk = (u_char *)blkbuf;
u_char tag[AES_CBC_MAC_HASH_LEN];
- u_char iv[AES_BLOCK_LEN];
struct crypto_buffer_cursor cc_in, cc_out;
const u_char *inblk;
u_char *outblk;
@@ -729,9 +724,7 @@ swcr_ccm(struct swcr_session *ses, struct cryptop *crp)
if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0)
return (EINVAL);
- /* Initialize the IV */
ivlen = AES_CCM_IV_LEN;
- bcopy(crp->crp_iv, iv, ivlen);
/*
* AES CCM-CBC-MAC needs to know the length of both the auth
@@ -741,7 +734,7 @@ swcr_ccm(struct swcr_session *ses, struct cryptop *crp)
ctx.aes_cbc_mac_ctx.cryptDataLength = crp->crp_payload_length;
/* Supply MAC with IV */
- axf->Reinit(&ctx, iv, ivlen);
+ axf->Reinit(&ctx, crp->crp_iv, ivlen);
/* Supply MAC with AAD */
if (crp->crp_aad != NULL)
@@ -755,7 +748,7 @@ swcr_ccm(struct swcr_session *ses, struct cryptop *crp)
if (crp->crp_cipher_key != NULL)
exf->setkey(swe->sw_kschedule, crp->crp_cipher_key,
crypto_get_params(crp->crp_session)->csp_cipher_klen);
- exf->reinit(swe->sw_kschedule, iv, ivlen);
+ exf->reinit(swe->sw_kschedule, crp->crp_iv, ivlen);
/* Do encryption/decryption with MAC */
crypto_cursor_init(&cc_in, &crp->crp_buf);
@@ -826,7 +819,7 @@ swcr_ccm(struct swcr_session *ses, struct cryptop *crp)
}
/* tag matches, decrypt data */
- exf->reinit(swe->sw_kschedule, iv, ivlen);
+ exf->reinit(swe->sw_kschedule, crp->crp_iv, ivlen);
crypto_cursor_init(&cc_in, &crp->crp_buf);
crypto_cursor_advance(&cc_in, crp->crp_payload_start);
for (resid = crp->crp_payload_length; resid > blksz;
@@ -859,7 +852,6 @@ swcr_ccm(struct swcr_session *ses, struct cryptop *crp)
out:
explicit_bzero(blkbuf, sizeof(blkbuf));
explicit_bzero(tag, sizeof(tag));
- explicit_bzero(iv, sizeof(iv));
return (error);
}
