svn commit: r285526 - head/sys/opencrypto
John-Mark Gurney
jmg at FreeBSD.org
Tue Jul 14 07:45:20 UTC 2015
Author: jmg
Date: Tue Jul 14 07:45:18 2015
New Revision: 285526
URL: https://svnweb.freebsd.org/changeset/base/285526
Log:
Fix XTS, and name things a bit better...
Though confusing, GCM using ICM_BLOCK_LEN, but ICM does not is
correct... GCM is built on ICM, but uses a function other than
swcr_encdec... swcr_encdec cannot handle partial blocks which is
why it must still use AES_BLOCK_LEN and is why XTS was broken by the
commit...
Thanks to the tests for helping sure I didn't break GCM w/ an earlier
patch...
I did run the tests w/o this patch, and need to figure out why they
did not fail, clearly more tests are needed...
Prodded by: peter
Modified:
head/sys/opencrypto/cryptodev.h
head/sys/opencrypto/xform.c
Modified: head/sys/opencrypto/cryptodev.h
==============================================================================
--- head/sys/opencrypto/cryptodev.h Tue Jul 14 06:34:57 2015 (r285525)
+++ head/sys/opencrypto/cryptodev.h Tue Jul 14 07:45:18 2015 (r285526)
@@ -115,7 +115,7 @@
#define CAST128_BLOCK_LEN 8
#define RIJNDAEL128_BLOCK_LEN 16
#define AES_BLOCK_LEN 16
-#define AES_MIN_BLOCK_LEN 1
+#define AES_ICM_BLOCK_LEN 1
#define ARC4_BLOCK_LEN 1
#define CAMELLIA_BLOCK_LEN 16
#define EALG_MAX_BLOCK_LEN AES_BLOCK_LEN /* Keep this updated */
@@ -123,12 +123,10 @@
/* IV Lengths */
#define ARC4_IV_LEN 1
-#define AES_IV_LEN 12
+#define AES_GCM_IV_LEN 12
#define AES_XTS_IV_LEN 8
#define AES_XTS_ALPHA 0x87 /* GF(2^128) generator polynomial */
-#define AES_CTR_NONCE_SIZE 4
-
/* Min and Max Encryption Key Sizes */
#define NULL_MIN_KEY 0
#define NULL_MAX_KEY 256 /* 2048 bits, max key */
@@ -144,10 +142,10 @@
#define SKIPJACK_MAX_KEY SKIPJACK_MIN_KEY
#define RIJNDAEL_MIN_KEY 16
#define RIJNDAEL_MAX_KEY 32
-#define AES_MIN_KEY 16
-#define AES_MAX_KEY 32
-#define AES_XTS_MIN_KEY 32
-#define AES_XTS_MAX_KEY 64
+#define AES_MIN_KEY RIJNDAEL_MIN_KEY
+#define AES_MAX_KEY RIJNDAEL_MAX_KEY
+#define AES_XTS_MIN_KEY (2 * AES_MIN_KEY)
+#define AES_XTS_MAX_KEY (2 * AES_MAX_KEY)
#define ARC4_MIN_KEY 1
#define ARC4_MAX_KEY 32
#define CAMELLIA_MIN_KEY 8
Modified: head/sys/opencrypto/xform.c
==============================================================================
--- head/sys/opencrypto/xform.c Tue Jul 14 06:34:57 2015 (r285525)
+++ head/sys/opencrypto/xform.c Tue Jul 14 07:45:18 2015 (r285526)
@@ -227,7 +227,7 @@ struct enc_xform enc_xform_rijndael128 =
struct enc_xform enc_xform_aes_icm = {
CRYPTO_AES_ICM, "AES-ICM",
- RIJNDAEL128_BLOCK_LEN, RIJNDAEL128_BLOCK_LEN, AES_MIN_KEY, AES_MAX_KEY,
+ AES_BLOCK_LEN, AES_BLOCK_LEN, AES_MIN_KEY, AES_MAX_KEY,
aes_icm_crypt,
aes_icm_crypt,
aes_icm_setkey,
@@ -237,7 +237,7 @@ struct enc_xform enc_xform_aes_icm = {
struct enc_xform enc_xform_aes_nist_gcm = {
CRYPTO_AES_NIST_GCM_16, "AES-GCM",
- AES_MIN_BLOCK_LEN, AES_IV_LEN, AES_MIN_KEY, AES_MAX_KEY,
+ AES_ICM_BLOCK_LEN, AES_GCM_IV_LEN, AES_MIN_KEY, AES_MAX_KEY,
aes_icm_crypt,
aes_icm_crypt,
aes_icm_setkey,
@@ -247,7 +247,7 @@ struct enc_xform enc_xform_aes_nist_gcm
struct enc_xform enc_xform_aes_nist_gmac = {
CRYPTO_AES_NIST_GMAC, "AES-GMAC",
- AES_MIN_BLOCK_LEN, AES_IV_LEN, AES_MIN_KEY, AES_MAX_KEY,
+ AES_ICM_BLOCK_LEN, AES_GCM_IV_LEN, AES_MIN_KEY, AES_MAX_KEY,
NULL,
NULL,
NULL,
@@ -257,7 +257,7 @@ struct enc_xform enc_xform_aes_nist_gmac
struct enc_xform enc_xform_aes_xts = {
CRYPTO_AES_XTS, "AES-XTS",
- AES_MIN_BLOCK_LEN, AES_XTS_IV_LEN, AES_XTS_MIN_KEY, AES_XTS_MAX_KEY,
+ AES_BLOCK_LEN, AES_XTS_IV_LEN, AES_XTS_MIN_KEY, AES_XTS_MAX_KEY,
aes_xts_encrypt,
aes_xts_decrypt,
aes_xts_setkey,
More information about the svn-src-all
mailing list