Author: jhb Date: Mon May 11 21:17:08 2020 New Revision: 360928 URL: https://svnweb.freebsd.org/changeset/base/360928
Log: Remove support for the ARC4 algorithm from OCF. There are no longer any in-kernel consumers. The software implementation was also a non-functional stub. Reviewed by: cem Relnotes: yes Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D24771 Modified: head/share/man/man4/hifn.4 head/share/man/man9/crypto.9 head/sys/dev/hifn/hifn7751.c head/sys/mips/nlm/dev/sec/nlmsec.c head/sys/mips/nlm/dev/sec/nlmseclib.c head/sys/opencrypto/crypto.c head/sys/opencrypto/cryptodev.h head/sys/opencrypto/xform.c head/sys/opencrypto/xform_enc.h Modified: head/share/man/man4/hifn.4 ============================================================================== --- head/share/man/man4/hifn.4 Mon May 11 21:04:59 2020 (r360927) +++ head/share/man/man4/hifn.4 Mon May 11 21:17:08 2020 (r360928) @@ -57,7 +57,7 @@ driver supports various cards containing the Hifn 7751 The .Nm driver registers itself to accelerate DES, Triple-DES, -AES (7955 and 7956 only), ARC4, +AES (7955 and 7956 only), MD5-HMAC, SHA1, and SHA1-HMAC operations for .Xr ipsec 4 and Modified: head/share/man/man9/crypto.9 ============================================================================== --- head/share/man/man9/crypto.9 Mon May 11 21:04:59 2020 (r360927) +++ head/share/man/man9/crypto.9 Mon May 11 21:17:08 2020 (r360928) @@ -129,7 +129,6 @@ The following encryption algorithms are supported: .It Dv CRYPTO_AES_CBC .It Dv CRYPTO_AES_ICM .It Dv CRYPTO_AES_XTS -.It Dv CRYPTO_ARC4 .It Dv CRYPTO_BLF_CBC .It Dv CRYPTO_CAMELLIA_CBC .It Dv CRYPTO_CHACHA20 Modified: head/sys/dev/hifn/hifn7751.c ============================================================================== --- head/sys/dev/hifn/hifn7751.c Mon May 11 21:04:59 2020 (r360927) +++ head/sys/dev/hifn/hifn7751.c Mon May 11 21:17:08 2020 (r360928) @@ -1546,7 +1546,7 @@ hifn_write_command(struct hifn_command *cmd, u_int8_t hifn_base_command_t *base_cmd; hifn_mac_command_t *mac_cmd; hifn_crypt_command_t *cry_cmd; - int using_mac, using_crypt, len, ivlen; + int using_mac, using_crypt, ivlen; u_int32_t dlen, slen; crp = cmd->crp; @@ -1612,19 +1612,6 @@ hifn_write_command(struct hifn_command *cmd, u_int8_t bcopy(cmd->ck, buf_pos, HIFN_DES_KEY_LENGTH); buf_pos += HIFN_DES_KEY_LENGTH; break; - case HIFN_CRYPT_CMD_ALG_RC4: - len = 256; - do { - int clen; - - clen = MIN(cmd->cklen, len); - bcopy(cmd->ck, buf_pos, clen); - len -= clen; - buf_pos += clen; - } while (len > 0); - bzero(buf_pos, 4); - buf_pos += 4; - break; case HIFN_CRYPT_CMD_ALG_AES: /* * AES keys are variable 128, 192 and @@ -2342,7 +2329,6 @@ hifn_cipher_supported(struct hifn_softc *sc, case HIFN_PUSTAT_ENA_2: switch (csp->csp_cipher_alg) { case CRYPTO_3DES_CBC: - case CRYPTO_ARC4: break; case CRYPTO_AES_CBC: if ((sc->sc_flags & HIFN_HAS_AES) == 0) @@ -2462,9 +2448,6 @@ hifn_process(device_t dev, struct cryptop *crp, int hi cmd->base_masks |= HIFN_BASE_CMD_DECODE; cmd->base_masks |= HIFN_BASE_CMD_CRYPT; switch (csp->csp_cipher_alg) { - case CRYPTO_ARC4: - cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_RC4; - break; case CRYPTO_DES_CBC: cmd->cry_masks |= HIFN_CRYPT_CMD_ALG_DES | HIFN_CRYPT_CMD_MODE_CBC | @@ -2484,8 +2467,7 @@ hifn_process(device_t dev, struct cryptop *crp, int hi err = EINVAL; goto errout; } - if (csp->csp_cipher_alg != CRYPTO_ARC4) - crypto_read_iv(crp, cmd->iv); + crypto_read_iv(crp, cmd->iv); if (crp->crp_cipher_key != NULL) cmd->ck = crp->crp_cipher_key; Modified: head/sys/mips/nlm/dev/sec/nlmsec.c ============================================================================== --- head/sys/mips/nlm/dev/sec/nlmsec.c Mon May 11 21:04:59 2020 (r360927) +++ head/sys/mips/nlm/dev/sec/nlmsec.c Mon May 11 21:17:08 2020 (r360928) @@ -400,10 +400,6 @@ xlp_sec_cipher_supported(const struct crypto_session_p if (csp->csp_ivlen != XLP_SEC_AES_IV_LENGTH) return (false); break; - case CRYPTO_ARC4: - if (csp->csp_ivlen != XLP_SEC_ARC4_IV_LENGTH) - return (false); - break; default: return (false); } @@ -468,10 +464,8 @@ xlp_copyiv(struct xlp_sec_softc *sc, struct xlp_sec_co crp = cmd->crp; - if (csp->csp_cipher_alg != CRYPTO_ARC4) { - if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) - memcpy(cmd->iv, crp->crp_iv, csp->csp_ivlen); - } + if (crp->crp_flags & CRYPTO_F_IV_SEPARATE) + memcpy(cmd->iv, crp->crp_iv, csp->csp_ivlen); } static int Modified: head/sys/mips/nlm/dev/sec/nlmseclib.c ============================================================================== --- head/sys/mips/nlm/dev/sec/nlmseclib.c Mon May 11 21:04:59 2020 (r360927) +++ head/sys/mips/nlm/dev/sec/nlmseclib.c Mon May 11 21:17:08 2020 (r360928) @@ -311,11 +311,6 @@ nlm_get_cipher_param(struct xlp_sec_command *cmd, cmd->ciphermode = NLM_CIPHER_MODE_CBC; cmd->ivlen = XLP_SEC_AES_IV_LENGTH; break; - case CRYPTO_ARC4: - cmd->cipheralg = NLM_CIPHER_ARC4; - cmd->ciphermode = NLM_CIPHER_MODE_ECB; - cmd->ivlen = XLP_SEC_ARC4_IV_LENGTH; - break; default: /* Not supported */ return (-1); Modified: head/sys/opencrypto/crypto.c ============================================================================== --- head/sys/opencrypto/crypto.c Mon May 11 21:04:59 2020 (r360927) +++ head/sys/opencrypto/crypto.c Mon May 11 21:17:08 2020 (r360928) @@ -687,7 +687,6 @@ static enum alg_type { [CRYPTO_SHA1_HMAC] = ALG_KEYED_DIGEST, [CRYPTO_RIPEMD160_HMAC] = ALG_KEYED_DIGEST, [CRYPTO_AES_CBC] = ALG_CIPHER, - [CRYPTO_ARC4] = ALG_CIPHER, [CRYPTO_SHA1] = ALG_DIGEST, [CRYPTO_NULL_HMAC] = ALG_DIGEST, [CRYPTO_NULL_CBC] = ALG_CIPHER, @@ -793,10 +792,8 @@ check_csp(const struct crypto_session_params *csp) if (csp->csp_cipher_alg != CRYPTO_NULL_CBC) { if (csp->csp_cipher_klen == 0) return (false); - if (csp->csp_cipher_alg != CRYPTO_ARC4) { - if (csp->csp_ivlen == 0) - return (false); - } + if (csp->csp_ivlen == 0) + return (false); } if (csp->csp_ivlen >= EALG_MAX_BLOCK_LEN) return (false); @@ -860,10 +857,8 @@ check_csp(const struct crypto_session_params *csp) if (csp->csp_cipher_alg != CRYPTO_NULL_CBC) { if (csp->csp_cipher_klen == 0) return (false); - if (csp->csp_cipher_alg != CRYPTO_ARC4) { - if (csp->csp_ivlen == 0) - return (false); - } + if (csp->csp_ivlen == 0) + return (false); } if (csp->csp_ivlen >= EALG_MAX_BLOCK_LEN) return (false); Modified: head/sys/opencrypto/cryptodev.h ============================================================================== --- head/sys/opencrypto/cryptodev.h Mon May 11 21:04:59 2020 (r360927) +++ head/sys/opencrypto/cryptodev.h Mon May 11 21:17:08 2020 (r360928) @@ -119,14 +119,12 @@ #define RIJNDAEL128_BLOCK_LEN 16 #define AES_BLOCK_LEN 16 #define AES_ICM_BLOCK_LEN 1 -#define ARC4_BLOCK_LEN 1 #define CAMELLIA_BLOCK_LEN 16 #define CHACHA20_NATIVE_BLOCK_LEN 64 #define EALG_MAX_BLOCK_LEN CHACHA20_NATIVE_BLOCK_LEN /* Keep this updated */ /* IV Lengths */ -#define ARC4_IV_LEN 1 #define AES_GCM_IV_LEN 12 #define AES_CCM_IV_LEN 12 #define AES_XTS_IV_LEN 8 @@ -147,8 +145,6 @@ #define AES_MAX_KEY RIJNDAEL_MAX_KEY #define AES_XTS_MIN_KEY (2 * AES_MIN_KEY) #define AES_XTS_MAX_KEY (2 * AES_MAX_KEY) -#define ARC4_MIN_KEY 1 -#define ARC4_MAX_KEY 32 #define CAMELLIA_MIN_KEY 8 #define CAMELLIA_MAX_KEY 32 Modified: head/sys/opencrypto/xform.c ============================================================================== --- head/sys/opencrypto/xform.c Mon May 11 21:04:59 2020 (r360927) +++ head/sys/opencrypto/xform.c Mon May 11 21:17:08 2020 (r360928) @@ -75,18 +75,6 @@ __FBSDID("$FreeBSD$"); MALLOC_DEFINE(M_XDATA, "xform", "xform data buffers"); -/* Encryption instances */ -struct enc_xform enc_xform_arc4 = { - CRYPTO_ARC4, "ARC4", - ARC4_BLOCK_LEN, ARC4_IV_LEN, ARC4_MIN_KEY, ARC4_MAX_KEY, - NULL, - NULL, - NULL, - NULL, - NULL, -}; - - /* Include the encryption algorithms */ #include "xform_null.c" #include "xform_des1.c" Modified: head/sys/opencrypto/xform_enc.h ============================================================================== --- head/sys/opencrypto/xform_enc.h Mon May 11 21:04:59 2020 (r360927) +++ head/sys/opencrypto/xform_enc.h Mon May 11 21:17:08 2020 (r360928) @@ -77,7 +77,6 @@ extern struct enc_xform enc_xform_aes_icm; extern struct enc_xform enc_xform_aes_nist_gcm; extern struct enc_xform enc_xform_aes_nist_gmac; extern struct enc_xform enc_xform_aes_xts; -extern struct enc_xform enc_xform_arc4; extern struct enc_xform enc_xform_camellia; extern struct enc_xform enc_xform_chacha20; extern struct enc_xform enc_xform_ccm; _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
