git: d8787d4f7848 - main - crypto: Constify all transform descriptors
Mark Johnston
markj at FreeBSD.org
Mon Jul 26 20:54:51 UTC 2021
The branch main has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=d8787d4f7848bad8bd69325969806e1a76d0c3df
commit d8787d4f7848bad8bd69325969806e1a76d0c3df
Author: Mark Johnston <markj at FreeBSD.org>
AuthorDate: 2021-07-26 20:41:05 +0000
Commit: Mark Johnston <markj at FreeBSD.org>
CommitDate: 2021-07-26 20:41:05 +0000
crypto: Constify all transform descriptors
No functional change intended.
Reviewed by: ae, jhb
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31196
---
sys/crypto/blake2/blake2-sw.c | 4 +--
sys/crypto/ccp/ccp.c | 4 +--
sys/crypto/ccp/ccp.h | 2 +-
sys/crypto/ccp/ccp_hardware.c | 6 ++---
sys/crypto/chacha20/chacha-sw.c | 2 +-
sys/crypto/via/padlock.h | 2 +-
sys/crypto/via/padlock_hash.c | 16 +++++------
sys/dev/cxgbe/adapter.h | 3 ++-
sys/dev/cxgbe/crypto/t4_crypto.c | 18 ++++++-------
sys/dev/cxgbe/crypto/t4_keyctx.c | 4 +--
sys/dev/glxsb/glxsb.h | 2 +-
sys/dev/glxsb/glxsb_hash.c | 4 +--
sys/dev/safexcel/safexcel.c | 4 +--
sys/opencrypto/crypto.c | 6 ++---
sys/opencrypto/cryptodev.c | 6 ++---
sys/opencrypto/cryptodev.h | 4 +--
sys/opencrypto/cryptosoft.c | 46 ++++++++++++++++----------------
sys/opencrypto/xform_aes_icm.c | 6 ++---
sys/opencrypto/xform_aes_xts.c | 2 +-
sys/opencrypto/xform_auth.h | 46 ++++++++++++++++----------------
sys/opencrypto/xform_cbc_mac.c | 6 ++---
sys/opencrypto/xform_chacha20_poly1305.c | 4 +--
sys/opencrypto/xform_cml.c | 2 +-
sys/opencrypto/xform_comp.h | 2 +-
sys/opencrypto/xform_deflate.c | 2 +-
sys/opencrypto/xform_enc.h | 22 +++++++--------
sys/opencrypto/xform_gmac.c | 8 +++---
sys/opencrypto/xform_null.c | 4 +--
sys/opencrypto/xform_poly1305.c | 2 +-
sys/opencrypto/xform_rijndael.c | 2 +-
sys/opencrypto/xform_rmd160.c | 2 +-
sys/opencrypto/xform_sha1.c | 4 +--
sys/opencrypto/xform_sha2.c | 16 +++++------
33 files changed, 132 insertions(+), 131 deletions(-)
diff --git a/sys/crypto/blake2/blake2-sw.c b/sys/crypto/blake2/blake2-sw.c
index b7291ac6ef46..449ef2be94f5 100644
--- a/sys/crypto/blake2/blake2-sw.c
+++ b/sys/crypto/blake2/blake2-sw.c
@@ -82,7 +82,7 @@ blake2b_xform_final(uint8_t *out, void *vctx)
panic("blake2b_final: invalid");
}
-struct auth_hash auth_hash_blake2b = {
+const struct auth_hash auth_hash_blake2b = {
.type = CRYPTO_BLAKE2B,
.name = "Blake2b",
.keysize = BLAKE2B_KEYBYTES,
@@ -150,7 +150,7 @@ blake2s_xform_final(uint8_t *out, void *vctx)
panic("blake2s_final: invalid");
}
-struct auth_hash auth_hash_blake2s = {
+const struct auth_hash auth_hash_blake2s = {
.type = CRYPTO_BLAKE2S,
.name = "Blake2s",
.keysize = BLAKE2S_KEYBYTES,
diff --git a/sys/crypto/ccp/ccp.c b/sys/crypto/ccp/ccp.c
index 7cc38b14f3fd..51679942c386 100644
--- a/sys/crypto/ccp/ccp.c
+++ b/sys/crypto/ccp/ccp.c
@@ -234,7 +234,7 @@ static void
ccp_init_hmac_digest(struct ccp_session *s, const char *key, int klen)
{
union authctx auth_ctx;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
u_int i;
/*
@@ -408,7 +408,7 @@ ccp_newsession(device_t dev, crypto_session_t cses,
{
struct ccp_softc *sc;
struct ccp_session *s;
- struct auth_hash *auth_hash;
+ const struct auth_hash *auth_hash;
enum ccp_aes_mode cipher_mode;
unsigned auth_mode;
unsigned q;
diff --git a/sys/crypto/ccp/ccp.h b/sys/crypto/ccp/ccp.h
index 197cbc6b4c36..14e42a9e9d1f 100644
--- a/sys/crypto/ccp/ccp.h
+++ b/sys/crypto/ccp/ccp.h
@@ -64,7 +64,7 @@ enum sha_version {
* than a single request in flight at a time.
*/
struct ccp_session_hmac {
- struct auth_hash *auth_hash;
+ const struct auth_hash *auth_hash;
int hash_len;
unsigned int auth_mode;
char ipad[CCP_HASH_MAX_BLOCK_SIZE];
diff --git a/sys/crypto/ccp/ccp_hardware.c b/sys/crypto/ccp/ccp_hardware.c
index a2ca8e1cb71a..5175343ffc90 100644
--- a/sys/crypto/ccp/ccp_hardware.c
+++ b/sys/crypto/ccp/ccp_hardware.c
@@ -994,7 +994,7 @@ const struct SHA_Defn {
enum sha_version version;
const void *H_vectors;
size_t H_size;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
enum ccp_sha_type engine_type;
} SHA_definitions[] = {
{
@@ -1206,7 +1206,7 @@ ccp_do_hmac_done(struct ccp_queue *qp, struct ccp_session *s,
{
char ihash[SHA2_512_HASH_LEN /* max hash len */];
union authctx auth_ctx;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
axf = s->hmac.auth_hash;
@@ -1260,7 +1260,7 @@ ccp_do_hmac(struct ccp_queue *qp, struct ccp_session *s, struct cryptop *crp,
const struct ccp_completion_ctx *cctx)
{
device_t dev;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
int error;
dev = qp->cq_softc->dev;
diff --git a/sys/crypto/chacha20/chacha-sw.c b/sys/crypto/chacha20/chacha-sw.c
index 2c28b9a0c459..b1bf0a106bfd 100644
--- a/sys/crypto/chacha20/chacha-sw.c
+++ b/sys/crypto/chacha20/chacha-sw.c
@@ -39,7 +39,7 @@ chacha20_xform_crypt_last(void *ctx, const uint8_t *in, uint8_t *out,
chacha_encrypt_bytes(ctx, in, out, len);
}
-struct enc_xform enc_xform_chacha20 = {
+const struct enc_xform enc_xform_chacha20 = {
.type = CRYPTO_CHACHA20,
.name = "chacha20",
.ctxsize = sizeof(struct chacha_ctx),
diff --git a/sys/crypto/via/padlock.h b/sys/crypto/via/padlock.h
index a22e88ba6ee9..da85771f3663 100644
--- a/sys/crypto/via/padlock.h
+++ b/sys/crypto/via/padlock.h
@@ -64,7 +64,7 @@ struct padlock_session {
union padlock_cw ses_cw __aligned(16);
uint32_t ses_ekey[4 * (RIJNDAEL_MAXNR + 1) + 4] __aligned(16); /* 128 bit aligned */
uint32_t ses_dkey[4 * (RIJNDAEL_MAXNR + 1) + 4] __aligned(16); /* 128 bit aligned */
- struct auth_hash *ses_axf;
+ const struct auth_hash *ses_axf;
uint8_t *ses_ictx;
uint8_t *ses_octx;
int ses_mlen;
diff --git a/sys/crypto/via/padlock_hash.c b/sys/crypto/via/padlock_hash.c
index 1640bad4ea74..f09024af4ed5 100644
--- a/sys/crypto/via/padlock_hash.c
+++ b/sys/crypto/via/padlock_hash.c
@@ -78,7 +78,7 @@ static int padlock_sha_update(void *vctx, const void *buf, u_int bufsize);
static void padlock_sha1_final(uint8_t *hash, void *vctx);
static void padlock_sha256_final(uint8_t *hash, void *vctx);
-static struct auth_hash padlock_hmac_sha1 = {
+static const struct auth_hash padlock_hmac_sha1 = {
.type = CRYPTO_SHA1_HMAC,
.name = "HMAC-SHA1",
.keysize = SHA1_BLOCK_LEN,
@@ -90,7 +90,7 @@ static struct auth_hash padlock_hmac_sha1 = {
.Final = padlock_sha1_final,
};
-static struct auth_hash padlock_hmac_sha256 = {
+static const struct auth_hash padlock_hmac_sha256 = {
.type = CRYPTO_SHA2_256_HMAC,
.name = "HMAC-SHA2-256",
.keysize = SHA2_256_BLOCK_LEN,
@@ -227,7 +227,7 @@ padlock_sha256_final(uint8_t *hash, void *vctx)
}
static void
-padlock_copy_ctx(struct auth_hash *axf, void *sctx, void *dctx)
+padlock_copy_ctx(const struct auth_hash *axf, void *sctx, void *dctx)
{
if ((via_feature_xcrypt & VIA_HAS_SHA) != 0 &&
@@ -245,7 +245,7 @@ padlock_copy_ctx(struct auth_hash *axf, void *sctx, void *dctx)
}
static void
-padlock_free_ctx(struct auth_hash *axf, void *ctx)
+padlock_free_ctx(const struct auth_hash *axf, void *ctx)
{
if ((via_feature_xcrypt & VIA_HAS_SHA) != 0 &&
@@ -259,7 +259,7 @@ static void
padlock_hash_key_setup(struct padlock_session *ses, const uint8_t *key,
int klen)
{
- struct auth_hash *axf;
+ const struct auth_hash *axf;
axf = ses->ses_axf;
@@ -282,7 +282,7 @@ static int
padlock_authcompute(struct padlock_session *ses, struct cryptop *crp)
{
u_char hash[HASH_MAX_LEN], hash2[HASH_MAX_LEN];
- struct auth_hash *axf;
+ const struct auth_hash *axf;
union authctx ctx;
int error;
@@ -319,10 +319,10 @@ padlock_authcompute(struct padlock_session *ses, struct cryptop *crp)
}
/* Find software structure which describes HMAC algorithm. */
-static struct auth_hash *
+static const struct auth_hash *
padlock_hash_lookup(int alg)
{
- struct auth_hash *axf;
+ const struct auth_hash *axf;
switch (alg) {
case CRYPTO_NULL_HMAC:
diff --git a/sys/dev/cxgbe/adapter.h b/sys/dev/cxgbe/adapter.h
index 2adc902cc9ac..3eb39ef5e987 100644
--- a/sys/dev/cxgbe/adapter.h
+++ b/sys/dev/cxgbe/adapter.h
@@ -1308,7 +1308,8 @@ struct tls_keyctx;
void t4_aes_getdeckey(void *, const void *, unsigned int);
void t4_copy_partial_hash(int, union authctx *, void *);
void t4_init_gmac_hash(const char *, int, char *);
-void t4_init_hmac_digest(struct auth_hash *, u_int, const char *, int, char *);
+void t4_init_hmac_digest(const struct auth_hash *, u_int, const char *, int,
+ char *);
#ifdef KERN_TLS
u_int t4_tls_key_info_size(const struct ktls_session *);
int t4_tls_proto_ver(const struct ktls_session *);
diff --git a/sys/dev/cxgbe/crypto/t4_crypto.c b/sys/dev/cxgbe/crypto/t4_crypto.c
index 0fc806dc2eb8..3ce3e5c916db 100644
--- a/sys/dev/cxgbe/crypto/t4_crypto.c
+++ b/sys/dev/cxgbe/crypto/t4_crypto.c
@@ -136,7 +136,7 @@ __FBSDID("$FreeBSD$");
static MALLOC_DEFINE(M_CCR, "ccr", "Chelsio T6 crypto");
struct ccr_session_hmac {
- struct auth_hash *auth_hash;
+ const struct auth_hash *auth_hash;
int hash_len;
unsigned int partial_digest_len;
unsigned int auth_mode;
@@ -466,7 +466,7 @@ ccr_hash(struct ccr_softc *sc, struct ccr_session *s, struct cryptop *crp)
{
struct chcr_wr *crwr;
struct wrqe *wr;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
char *dst;
u_int hash_size_in_response, kctx_flits, kctx_len, transhdr_len, wr_len;
u_int hmac_ctrl, imm_len, iopad_size;
@@ -803,7 +803,7 @@ ccr_eta(struct ccr_softc *sc, struct ccr_session *s, struct cryptop *crp)
char iv[CHCR_MAX_CRYPTO_IV_LEN];
struct chcr_wr *crwr;
struct wrqe *wr;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
char *dst;
u_int kctx_len, key_half, op_type, transhdr_len, wr_len;
u_int hash_size_in_response, imm_len, iopad_size, iv_len;
@@ -1402,8 +1402,8 @@ ccr_gcm_done(struct ccr_softc *sc, struct ccr_session *s,
static void
ccr_gcm_soft(struct ccr_session *s, struct cryptop *crp)
{
- struct auth_hash *axf;
- struct enc_xform *exf;
+ const struct auth_hash *axf;
+ const struct enc_xform *exf;
void *auth_ctx, *kschedule;
char block[GMAC_BLOCK_LEN];
char digest[GMAC_DIGEST_LEN];
@@ -1892,8 +1892,8 @@ ccr_ccm_done(struct ccr_softc *sc, struct ccr_session *s,
static void
ccr_ccm_soft(struct ccr_session *s, struct cryptop *crp)
{
- struct auth_hash *axf;
- struct enc_xform *exf;
+ const struct auth_hash *axf;
+ const struct enc_xform *exf;
union authctx *auth_ctx;
void *kschedule;
char block[CCM_CBC_BLOCK_LEN];
@@ -2273,7 +2273,7 @@ static void
ccr_init_hash_digest(struct ccr_session *s)
{
union authctx auth_ctx;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
axf = s->hmac.auth_hash;
axf->Init(&auth_ctx);
@@ -2552,7 +2552,7 @@ ccr_newsession(device_t dev, crypto_session_t cses,
{
struct ccr_softc *sc;
struct ccr_session *s;
- struct auth_hash *auth_hash;
+ const struct auth_hash *auth_hash;
unsigned int auth_mode, cipher_mode, mk_size;
unsigned int partial_digest_len;
diff --git a/sys/dev/cxgbe/crypto/t4_keyctx.c b/sys/dev/cxgbe/crypto/t4_keyctx.c
index b64eb4ff23d7..136aba759a08 100644
--- a/sys/dev/cxgbe/crypto/t4_keyctx.c
+++ b/sys/dev/cxgbe/crypto/t4_keyctx.c
@@ -349,7 +349,7 @@ t4_copy_partial_hash(int alg, union authctx *auth_ctx, void *dst)
}
void
-t4_init_hmac_digest(struct auth_hash *axf, u_int partial_digest_len,
+t4_init_hmac_digest(const struct auth_hash *axf, u_int partial_digest_len,
const char *key, int klen, char *dst)
{
union authctx auth_ctx;
@@ -532,7 +532,7 @@ void
t4_tls_key_ctx(const struct ktls_session *tls, int direction,
struct tls_keyctx *kctx)
{
- struct auth_hash *axf;
+ const struct auth_hash *axf;
u_int mac_key_size;
char *hash;
diff --git a/sys/dev/glxsb/glxsb.h b/sys/dev/glxsb/glxsb.h
index 27e5bb44709c..50b30d718618 100644
--- a/sys/dev/glxsb/glxsb.h
+++ b/sys/dev/glxsb/glxsb.h
@@ -37,7 +37,7 @@
struct glxsb_session {
uint32_t ses_key[4]; /* key */
- struct auth_hash *ses_axf;
+ const struct auth_hash *ses_axf;
uint8_t *ses_ictx;
uint8_t *ses_octx;
int ses_mlen;
diff --git a/sys/dev/glxsb/glxsb_hash.c b/sys/dev/glxsb/glxsb_hash.c
index b9ceb27deb4d..320ffd66a81e 100644
--- a/sys/dev/glxsb/glxsb_hash.c
+++ b/sys/dev/glxsb/glxsb_hash.c
@@ -52,7 +52,7 @@ MALLOC_DECLARE(M_GLXSB);
static void
glxsb_hash_key_setup(struct glxsb_session *ses, const char *key, int klen)
{
- struct auth_hash *axf;
+ const struct auth_hash *axf;
axf = ses->ses_axf;
hmac_init_ipad(axf, key, klen, ses->ses_ictx);
@@ -66,7 +66,7 @@ static int
glxsb_authcompute(struct glxsb_session *ses, struct cryptop *crp)
{
u_char hash[HASH_MAX_LEN];
- struct auth_hash *axf;
+ const struct auth_hash *axf;
union authctx ctx;
int error;
diff --git a/sys/dev/safexcel/safexcel.c b/sys/dev/safexcel/safexcel.c
index 71300dcb0393..3940361561d0 100644
--- a/sys/dev/safexcel/safexcel.c
+++ b/sys/dev/safexcel/safexcel.c
@@ -1318,7 +1318,7 @@ safexcel_setkey_xcbcmac(const uint8_t *key, int klen, uint32_t *hashkey)
}
static void
-safexcel_setkey_hmac_digest(struct auth_hash *ahash, union authctx *ctx,
+safexcel_setkey_hmac_digest(const struct auth_hash *ahash, union authctx *ctx,
char *buf)
{
int hashwords, i;
@@ -1360,7 +1360,7 @@ safexcel_setkey_hmac(const struct crypto_session_params *csp,
const uint8_t *key, int klen, uint8_t *ipad, uint8_t *opad)
{
union authctx ctx;
- struct auth_hash *ahash;
+ const struct auth_hash *ahash;
ahash = crypto_auth_hash(csp);
hmac_init_ipad(ahash, key, klen, &ctx);
diff --git a/sys/opencrypto/crypto.c b/sys/opencrypto/crypto.c
index b6c4441b4284..9a992100f222 100644
--- a/sys/opencrypto/crypto.c
+++ b/sys/opencrypto/crypto.c
@@ -489,7 +489,7 @@ crypto_get_params(crypto_session_t crypto_session)
return (&crypto_session->csp);
}
-struct auth_hash *
+const struct auth_hash *
crypto_auth_hash(const struct crypto_session_params *csp)
{
@@ -551,7 +551,7 @@ crypto_auth_hash(const struct crypto_session_params *csp)
}
}
-struct enc_xform *
+const struct enc_xform *
crypto_cipher(const struct crypto_session_params *csp)
{
@@ -719,7 +719,7 @@ alg_is_aead(int alg)
static bool
check_csp(const struct crypto_session_params *csp)
{
- struct auth_hash *axf;
+ const struct auth_hash *axf;
/* Mode-independent checks. */
if ((csp->csp_flags & ~(SUPPORTED_SES)) != 0)
diff --git a/sys/opencrypto/cryptodev.c b/sys/opencrypto/cryptodev.c
index d179dd6348e5..6bbcf977ac72 100644
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@@ -262,7 +262,7 @@ struct csession {
uint32_t ses;
struct mtx lock; /* for op submission */
- struct enc_xform *txform;
+ const struct enc_xform *txform;
int hashsize;
int ivsize;
int mode;
@@ -328,8 +328,8 @@ cse_create(struct fcrypt *fcr, struct session2_op *sop)
{
struct crypto_session_params csp;
struct csession *cse;
- struct enc_xform *txform;
- struct auth_hash *thash;
+ const struct enc_xform *txform;
+ const struct auth_hash *thash;
void *key = NULL;
void *mackey = NULL;
crypto_session_t cses;
diff --git a/sys/opencrypto/cryptodev.h b/sys/opencrypto/cryptodev.h
index ce5bfefaed9d..79dec8c44f51 100644
--- a/sys/opencrypto/cryptodev.h
+++ b/sys/opencrypto/cryptodev.h
@@ -589,8 +589,8 @@ uint32_t crypto_ses2caps(crypto_session_t crypto_session);
void *crypto_get_driver_session(crypto_session_t crypto_session);
const struct crypto_session_params *crypto_get_params(
crypto_session_t crypto_session);
-struct auth_hash *crypto_auth_hash(const struct crypto_session_params *csp);
-struct enc_xform *crypto_cipher(const struct crypto_session_params *csp);
+const struct auth_hash *crypto_auth_hash(const struct crypto_session_params *csp);
+const struct enc_xform *crypto_cipher(const struct crypto_session_params *csp);
MALLOC_DECLARE(M_CRYPTO_DATA);
diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c
index 9e551ba9652b..ef927f117bcc 100644
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@@ -60,17 +60,17 @@ __FBSDID("$FreeBSD$");
struct swcr_auth {
void *sw_ictx;
void *sw_octx;
- struct auth_hash *sw_axf;
+ const struct auth_hash *sw_axf;
uint16_t sw_mlen;
};
struct swcr_encdec {
void *sw_kschedule;
- struct enc_xform *sw_exf;
+ const struct enc_xform *sw_exf;
};
struct swcr_compdec {
- struct comp_algo *sw_cxf;
+ const struct comp_algo *sw_cxf;
};
struct swcr_session {
@@ -103,8 +103,8 @@ swcr_encdec(struct swcr_session *ses, struct cryptop *crp)
unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN];
unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN];
const struct crypto_session_params *csp;
+ const struct enc_xform *exf;
struct swcr_encdec *sw;
- struct enc_xform *exf;
size_t inlen, outlen;
int i, blks, ivlen, resid;
struct crypto_buffer_cursor cc_in, cc_out;
@@ -278,7 +278,7 @@ swcr_encdec(struct swcr_session *ses, struct cryptop *crp)
}
static void
-swcr_authprepare(struct auth_hash *axf, struct swcr_auth *sw,
+swcr_authprepare(const struct auth_hash *axf, struct swcr_auth *sw,
const uint8_t *key, int klen)
{
@@ -313,7 +313,7 @@ swcr_authcompute(struct swcr_session *ses, struct cryptop *crp)
u_char aalg[HASH_MAX_LEN];
const struct crypto_session_params *csp;
struct swcr_auth *sw;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
union authctx ctx;
int err;
@@ -389,7 +389,7 @@ swcr_gmac(struct swcr_session *ses, struct cryptop *crp)
const u_char *inblk;
union authctx ctx;
struct swcr_auth *swa;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
uint32_t *blkp;
size_t len;
int blksz, error, ivlen, resid;
@@ -468,8 +468,8 @@ swcr_gcm(struct swcr_session *ses, struct cryptop *crp)
union authctx ctx;
struct swcr_auth *swa;
struct swcr_encdec *swe;
- struct auth_hash *axf;
- struct enc_xform *exf;
+ const struct auth_hash *axf;
+ const struct enc_xform *exf;
uint32_t *blkp;
size_t len;
int blksz, error, ivlen, r, resid;
@@ -645,7 +645,7 @@ swcr_ccm_cbc_mac(struct swcr_session *ses, struct cryptop *crp)
u_char iv[AES_BLOCK_LEN];
union authctx ctx;
struct swcr_auth *swa;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
int error, ivlen;
swa = &ses->swcr_auth;
@@ -706,8 +706,8 @@ swcr_ccm(struct swcr_session *ses, struct cryptop *crp)
union authctx ctx;
struct swcr_auth *swa;
struct swcr_encdec *swe;
- struct auth_hash *axf;
- struct enc_xform *exf;
+ const struct auth_hash *axf;
+ const struct enc_xform *exf;
size_t len;
int blksz, error, ivlen, r, resid;
@@ -875,8 +875,8 @@ swcr_chacha20_poly1305(struct swcr_session *ses, struct cryptop *crp)
union authctx ctx;
struct swcr_auth *swa;
struct swcr_encdec *swe;
- struct auth_hash *axf;
- struct enc_xform *exf;
+ const struct auth_hash *axf;
+ const struct enc_xform *exf;
size_t len;
int blksz, error, r, resid;
@@ -1046,8 +1046,8 @@ swcr_eta(struct swcr_session *ses, struct cryptop *crp)
static int
swcr_compdec(struct swcr_session *ses, struct cryptop *crp)
{
+ const struct comp_algo *cxf;
uint8_t *data, *out;
- struct comp_algo *cxf;
int adj;
uint32_t result;
@@ -1131,7 +1131,7 @@ swcr_setup_cipher(struct swcr_session *ses,
const struct crypto_session_params *csp)
{
struct swcr_encdec *swe;
- struct enc_xform *txf;
+ const struct enc_xform *txf;
int error;
swe = &ses->swcr_encdec;
@@ -1158,7 +1158,7 @@ swcr_setup_auth(struct swcr_session *ses,
const struct crypto_session_params *csp)
{
struct swcr_auth *swa;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
swa = &ses->swcr_auth;
@@ -1242,7 +1242,7 @@ swcr_setup_gcm(struct swcr_session *ses,
const struct crypto_session_params *csp)
{
struct swcr_auth *swa;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
if (csp->csp_ivlen != AES_GCM_IV_LEN)
return (EINVAL);
@@ -1286,7 +1286,7 @@ swcr_setup_ccm(struct swcr_session *ses,
const struct crypto_session_params *csp)
{
struct swcr_auth *swa;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
if (csp->csp_ivlen != AES_CCM_IV_LEN)
return (EINVAL);
@@ -1330,7 +1330,7 @@ swcr_setup_chacha20_poly1305(struct swcr_session *ses,
const struct crypto_session_params *csp)
{
struct swcr_auth *swa;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
if (csp->csp_ivlen != CHACHA20_POLY1305_IV_LEN)
return (EINVAL);
@@ -1355,7 +1355,7 @@ swcr_setup_chacha20_poly1305(struct swcr_session *ses,
static bool
swcr_auth_supported(const struct crypto_session_params *csp)
{
- struct auth_hash *axf;
+ const struct auth_hash *axf;
axf = crypto_auth_hash(csp);
if (axf == NULL)
@@ -1408,7 +1408,7 @@ swcr_auth_supported(const struct crypto_session_params *csp)
static bool
swcr_cipher_supported(const struct crypto_session_params *csp)
{
- struct enc_xform *txf;
+ const struct enc_xform *txf;
txf = crypto_cipher(csp);
if (txf == NULL)
@@ -1496,7 +1496,7 @@ swcr_newsession(device_t dev, crypto_session_t cses,
struct swcr_session *ses;
struct swcr_encdec *swe;
struct swcr_auth *swa;
- struct comp_algo *cxf;
+ const struct comp_algo *cxf;
int error;
ses = crypto_get_driver_session(cses);
diff --git a/sys/opencrypto/xform_aes_icm.c b/sys/opencrypto/xform_aes_icm.c
index 5f81f8df8a87..618b812ceebf 100644
--- a/sys/opencrypto/xform_aes_icm.c
+++ b/sys/opencrypto/xform_aes_icm.c
@@ -60,7 +60,7 @@ static void aes_gcm_reinit(void *, const uint8_t *);
static void aes_ccm_reinit(void *, const uint8_t *);
/* Encryption instances */
-struct enc_xform enc_xform_aes_icm = {
+const struct enc_xform enc_xform_aes_icm = {
.type = CRYPTO_AES_ICM,
.name = "AES-ICM",
.ctxsize = sizeof(struct aes_icm_ctx),
@@ -77,7 +77,7 @@ struct enc_xform enc_xform_aes_icm = {
.decrypt_last = aes_icm_crypt_last,
};
-struct enc_xform enc_xform_aes_nist_gcm = {
+const struct enc_xform enc_xform_aes_nist_gcm = {
.type = CRYPTO_AES_NIST_GCM_16,
.name = "AES-GCM",
.ctxsize = sizeof(struct aes_icm_ctx),
@@ -94,7 +94,7 @@ struct enc_xform enc_xform_aes_nist_gcm = {
.decrypt_last = aes_icm_crypt_last,
};
-struct enc_xform enc_xform_ccm = {
+const struct enc_xform enc_xform_ccm = {
.type = CRYPTO_AES_CCM_16,
.name = "AES-CCM",
.ctxsize = sizeof(struct aes_icm_ctx),
diff --git a/sys/opencrypto/xform_aes_xts.c b/sys/opencrypto/xform_aes_xts.c
index 0b415f1d6346..457535621511 100644
--- a/sys/opencrypto/xform_aes_xts.c
+++ b/sys/opencrypto/xform_aes_xts.c
@@ -59,7 +59,7 @@ static void aes_xts_decrypt(void *, const uint8_t *, uint8_t *);
static void aes_xts_reinit(void *, const uint8_t *);
/* Encryption instances */
-struct enc_xform enc_xform_aes_xts = {
+const struct enc_xform enc_xform_aes_xts = {
.type = CRYPTO_AES_XTS,
.name = "AES-XTS",
.ctxsize = sizeof(struct aes_xts_ctx),
diff --git a/sys/opencrypto/xform_auth.h b/sys/opencrypto/xform_auth.h
index 6427965671d3..aa2f55564c5f 100644
--- a/sys/opencrypto/xform_auth.h
+++ b/sys/opencrypto/xform_auth.h
@@ -51,7 +51,7 @@
/* Declarations */
struct auth_hash {
int type;
- char *name;
+ const char *name;
uint16_t keysize;
uint16_t hashsize;
uint16_t ctxsize;
@@ -63,28 +63,28 @@ struct auth_hash {
void (*Final) (uint8_t *, void *);
};
-extern struct auth_hash auth_hash_null;
-extern struct auth_hash auth_hash_hmac_sha1;
-extern struct auth_hash auth_hash_hmac_ripemd_160;
-extern struct auth_hash auth_hash_hmac_sha2_224;
-extern struct auth_hash auth_hash_hmac_sha2_256;
-extern struct auth_hash auth_hash_hmac_sha2_384;
-extern struct auth_hash auth_hash_hmac_sha2_512;
-extern struct auth_hash auth_hash_sha1;
-extern struct auth_hash auth_hash_sha2_224;
-extern struct auth_hash auth_hash_sha2_256;
-extern struct auth_hash auth_hash_sha2_384;
-extern struct auth_hash auth_hash_sha2_512;
-extern struct auth_hash auth_hash_nist_gmac_aes_128;
-extern struct auth_hash auth_hash_nist_gmac_aes_192;
-extern struct auth_hash auth_hash_nist_gmac_aes_256;
-extern struct auth_hash auth_hash_blake2b;
-extern struct auth_hash auth_hash_blake2s;
-extern struct auth_hash auth_hash_poly1305;
-extern struct auth_hash auth_hash_ccm_cbc_mac_128;
-extern struct auth_hash auth_hash_ccm_cbc_mac_192;
-extern struct auth_hash auth_hash_ccm_cbc_mac_256;
-extern struct auth_hash auth_hash_chacha20_poly1305;
+extern const struct auth_hash auth_hash_null;
+extern const struct auth_hash auth_hash_hmac_sha1;
+extern const struct auth_hash auth_hash_hmac_ripemd_160;
+extern const struct auth_hash auth_hash_hmac_sha2_224;
+extern const struct auth_hash auth_hash_hmac_sha2_256;
+extern const struct auth_hash auth_hash_hmac_sha2_384;
+extern const struct auth_hash auth_hash_hmac_sha2_512;
+extern const struct auth_hash auth_hash_sha1;
+extern const struct auth_hash auth_hash_sha2_224;
+extern const struct auth_hash auth_hash_sha2_256;
+extern const struct auth_hash auth_hash_sha2_384;
+extern const struct auth_hash auth_hash_sha2_512;
+extern const struct auth_hash auth_hash_nist_gmac_aes_128;
+extern const struct auth_hash auth_hash_nist_gmac_aes_192;
+extern const struct auth_hash auth_hash_nist_gmac_aes_256;
+extern const struct auth_hash auth_hash_blake2b;
+extern const struct auth_hash auth_hash_blake2s;
+extern const struct auth_hash auth_hash_poly1305;
+extern const struct auth_hash auth_hash_ccm_cbc_mac_128;
+extern const struct auth_hash auth_hash_ccm_cbc_mac_192;
+extern const struct auth_hash auth_hash_ccm_cbc_mac_256;
+extern const struct auth_hash auth_hash_chacha20_poly1305;
union authctx {
SHA1_CTX sha1ctx;
diff --git a/sys/opencrypto/xform_cbc_mac.c b/sys/opencrypto/xform_cbc_mac.c
index 755dd51d9517..d55e66e45255 100644
--- a/sys/opencrypto/xform_cbc_mac.c
+++ b/sys/opencrypto/xform_cbc_mac.c
@@ -5,7 +5,7 @@ __FBSDID("$FreeBSD$");
#include <opencrypto/xform_auth.h>
/* Authentication instances */
-struct auth_hash auth_hash_ccm_cbc_mac_128 = {
+const struct auth_hash auth_hash_ccm_cbc_mac_128 = {
.type = CRYPTO_AES_CCM_CBC_MAC,
.name = "CBC-CCM-AES-128",
.keysize = AES_128_CBC_MAC_KEY_LEN,
@@ -18,7 +18,7 @@ struct auth_hash auth_hash_ccm_cbc_mac_128 = {
.Update = AES_CBC_MAC_Update,
.Final = AES_CBC_MAC_Final,
};
-struct auth_hash auth_hash_ccm_cbc_mac_192 = {
+const struct auth_hash auth_hash_ccm_cbc_mac_192 = {
.type = CRYPTO_AES_CCM_CBC_MAC,
.name = "CBC-CCM-AES-192",
.keysize = AES_192_CBC_MAC_KEY_LEN,
@@ -31,7 +31,7 @@ struct auth_hash auth_hash_ccm_cbc_mac_192 = {
.Update = AES_CBC_MAC_Update,
.Final = AES_CBC_MAC_Final,
};
-struct auth_hash auth_hash_ccm_cbc_mac_256 = {
+const struct auth_hash auth_hash_ccm_cbc_mac_256 = {
.type = CRYPTO_AES_CCM_CBC_MAC,
.name = "CBC-CCM-AES-256",
.keysize = AES_256_CBC_MAC_KEY_LEN,
diff --git a/sys/opencrypto/xform_chacha20_poly1305.c b/sys/opencrypto/xform_chacha20_poly1305.c
index 3a72c06f931b..543c16bcc4e0 100644
--- a/sys/opencrypto/xform_chacha20_poly1305.c
+++ b/sys/opencrypto/xform_chacha20_poly1305.c
@@ -84,7 +84,7 @@ chacha20_poly1305_crypt_last(void *vctx, const uint8_t *in, uint8_t *out,
KASSERT(error == 0, ("%s failed: %d", __func__, error));
}
-struct enc_xform enc_xform_chacha20_poly1305 = {
+const struct enc_xform enc_xform_chacha20_poly1305 = {
.type = CRYPTO_CHACHA20_POLY1305,
.name = "ChaCha20-Poly1305",
.ctxsize = sizeof(struct chacha20_poly1305_cipher_ctx),
@@ -148,7 +148,7 @@ chacha20_poly1305_Final(uint8_t *digest, void *vctx)
crypto_onetimeauth_poly1305_final(&ctx->state, digest);
}
-struct auth_hash auth_hash_chacha20_poly1305 = {
+const struct auth_hash auth_hash_chacha20_poly1305 = {
.type = CRYPTO_POLY1305,
.name = "ChaCha20-Poly1305",
.keysize = POLY1305_KEY_LEN,
diff --git a/sys/opencrypto/xform_cml.c b/sys/opencrypto/xform_cml.c
index 3f25f2cb6aaf..ac1dabd90d30 100644
--- a/sys/opencrypto/xform_cml.c
+++ b/sys/opencrypto/xform_cml.c
@@ -58,7 +58,7 @@ static void cml_encrypt(void *, const uint8_t *, uint8_t *);
static void cml_decrypt(void *, const uint8_t *, uint8_t *);
/* Encryption instances */
-struct enc_xform enc_xform_camellia = {
+const struct enc_xform enc_xform_camellia = {
.type = CRYPTO_CAMELLIA_CBC,
.name = "Camellia-CBC",
.ctxsize = sizeof(camellia_ctx),
diff --git a/sys/opencrypto/xform_comp.h b/sys/opencrypto/xform_comp.h
index 1d0ba7a505bf..11bf59a94b39 100644
--- a/sys/opencrypto/xform_comp.h
+++ b/sys/opencrypto/xform_comp.h
@@ -46,6 +46,6 @@ struct comp_algo {
uint32_t (*decompress) (uint8_t *, uint32_t, uint8_t **);
};
-extern struct comp_algo comp_algo_deflate;
+extern const struct comp_algo comp_algo_deflate;
#endif /* _CRYPTO_XFORM_COMP_H_ */
diff --git a/sys/opencrypto/xform_deflate.c b/sys/opencrypto/xform_deflate.c
index 8d93f4843244..b295ceb2ea9b 100644
--- a/sys/opencrypto/xform_deflate.c
+++ b/sys/opencrypto/xform_deflate.c
@@ -57,7 +57,7 @@ static uint32_t deflate_compress(uint8_t *, uint32_t, uint8_t **);
static uint32_t deflate_decompress(uint8_t *, uint32_t, uint8_t **);
/* Compression instance */
-struct comp_algo comp_algo_deflate = {
+const struct comp_algo comp_algo_deflate = {
CRYPTO_DEFLATE_COMP, "Deflate",
90, deflate_compress,
deflate_decompress
diff --git a/sys/opencrypto/xform_enc.h b/sys/opencrypto/xform_enc.h
index e8325f20917b..6f95b49986c5 100644
--- a/sys/opencrypto/xform_enc.h
+++ b/sys/opencrypto/xform_enc.h
@@ -48,7 +48,7 @@
/* Declarations */
struct enc_xform {
int type;
- char *name;
+ const char *name;
size_t ctxsize;
uint16_t blocksize; /* Required input block size -- 1 for stream ciphers. */
uint16_t native_blocksize; /* Used for stream ciphers. */
@@ -73,16 +73,16 @@ struct enc_xform {
};
-extern struct enc_xform enc_xform_null;
-extern struct enc_xform enc_xform_rijndael128;
-extern struct enc_xform enc_xform_aes_icm;
-extern struct enc_xform enc_xform_aes_nist_gcm;
-extern struct enc_xform enc_xform_aes_nist_gmac;
-extern struct enc_xform enc_xform_aes_xts;
-extern struct enc_xform enc_xform_camellia;
-extern struct enc_xform enc_xform_chacha20;
-extern struct enc_xform enc_xform_chacha20_poly1305;
-extern struct enc_xform enc_xform_ccm;
+extern const struct enc_xform enc_xform_null;
+extern const struct enc_xform enc_xform_rijndael128;
+extern const struct enc_xform enc_xform_aes_icm;
+extern const struct enc_xform enc_xform_aes_nist_gcm;
+extern const struct enc_xform enc_xform_aes_nist_gmac;
+extern const struct enc_xform enc_xform_aes_xts;
+extern const struct enc_xform enc_xform_camellia;
+extern const struct enc_xform enc_xform_chacha20;
+extern const struct enc_xform enc_xform_chacha20_poly1305;
+extern const struct enc_xform enc_xform_ccm;
struct aes_icm_ctx {
uint32_t ac_ek[4*(RIJNDAEL_MAXNR + 1)];
diff --git a/sys/opencrypto/xform_gmac.c b/sys/opencrypto/xform_gmac.c
index 0b981f2c95c3..0cd5ef9b60be 100644
--- a/sys/opencrypto/xform_gmac.c
+++ b/sys/opencrypto/xform_gmac.c
@@ -54,7 +54,7 @@ __FBSDID("$FreeBSD$");
#include <opencrypto/xform_auth.h>
/* Encryption instances */
-struct enc_xform enc_xform_aes_nist_gmac = {
+const struct enc_xform enc_xform_aes_nist_gmac = {
.type = CRYPTO_AES_NIST_GMAC,
.name = "AES-GMAC",
.blocksize = AES_ICM_BLOCK_LEN,
@@ -64,7 +64,7 @@ struct enc_xform enc_xform_aes_nist_gmac = {
};
/* Authentication instances */
-struct auth_hash auth_hash_nist_gmac_aes_128 = {
+const struct auth_hash auth_hash_nist_gmac_aes_128 = {
.type = CRYPTO_AES_NIST_GMAC,
.name = "GMAC-AES-128",
.keysize = AES_128_GMAC_KEY_LEN,
@@ -78,7 +78,7 @@ struct auth_hash auth_hash_nist_gmac_aes_128 = {
.Final = AES_GMAC_Final,
};
-struct auth_hash auth_hash_nist_gmac_aes_192 = {
+const struct auth_hash auth_hash_nist_gmac_aes_192 = {
.type = CRYPTO_AES_NIST_GMAC,
.name = "GMAC-AES-192",
.keysize = AES_192_GMAC_KEY_LEN,
@@ -92,7 +92,7 @@ struct auth_hash auth_hash_nist_gmac_aes_192 = {
.Final = AES_GMAC_Final,
};
-struct auth_hash auth_hash_nist_gmac_aes_256 = {
+const struct auth_hash auth_hash_nist_gmac_aes_256 = {
.type = CRYPTO_AES_NIST_GMAC,
.name = "GMAC-AES-256",
.keysize = AES_256_GMAC_KEY_LEN,
diff --git a/sys/opencrypto/xform_null.c b/sys/opencrypto/xform_null.c
index d1b79e1385b2..6cd49baab0ac 100644
--- a/sys/opencrypto/xform_null.c
+++ b/sys/opencrypto/xform_null.c
@@ -62,7 +62,7 @@ static int null_update(void *, const void *, u_int);
static void null_final(uint8_t *, void *);
/* Encryption instances */
-struct enc_xform enc_xform_null = {
+const struct enc_xform enc_xform_null = {
.type = CRYPTO_NULL_CBC,
.name = "NULL",
/* NB: blocksize of 4 is to generate a properly aligned ESP header */
@@ -76,7 +76,7 @@ struct enc_xform enc_xform_null = {
};
/* Authentication instances */
-struct auth_hash auth_hash_null = {
+const struct auth_hash auth_hash_null = {
.type = CRYPTO_NULL_HMAC,
.name = "NULL-HMAC",
.keysize = 0,
diff --git a/sys/opencrypto/xform_poly1305.c b/sys/opencrypto/xform_poly1305.c
index d8ceab47deca..c885192f9df6 100644
--- a/sys/opencrypto/xform_poly1305.c
+++ b/sys/opencrypto/xform_poly1305.c
@@ -58,7 +58,7 @@ xform_Poly1305_Final(uint8_t *digest, void *ctx)
panic("%s: Invariant violated: %d", __func__, rc);
}
-struct auth_hash auth_hash_poly1305 = {
+const struct auth_hash auth_hash_poly1305 = {
.type = CRYPTO_POLY1305,
.name = "Poly-1305",
.keysize = POLY1305_KEY_LEN,
diff --git a/sys/opencrypto/xform_rijndael.c b/sys/opencrypto/xform_rijndael.c
index d9e2497e7e53..685e53640c48 100644
--- a/sys/opencrypto/xform_rijndael.c
+++ b/sys/opencrypto/xform_rijndael.c
@@ -58,7 +58,7 @@ static void rijndael128_encrypt(void *, const uint8_t *, uint8_t *);
static void rijndael128_decrypt(void *, const uint8_t *, uint8_t *);
/* Encryption instances */
-struct enc_xform enc_xform_rijndael128 = {
+const struct enc_xform enc_xform_rijndael128 = {
.type = CRYPTO_RIJNDAEL128_CBC,
.name = "Rijndael-128/AES",
.ctxsize = sizeof(rijndael_ctx),
diff --git a/sys/opencrypto/xform_rmd160.c b/sys/opencrypto/xform_rmd160.c
*** 110 LINES SKIPPED ***
More information about the dev-commits-src-main
mailing list