svn commit: r361404 - head/sys/crypto/ccp
John Baldwin
jhb at FreeBSD.org
Fri May 22 20:52:37 UTC 2020
Author: jhb
Date: Fri May 22 20:52:36 2020
New Revision: 361404
URL: https://svnweb.freebsd.org/changeset/base/361404
Log:
Remove a workaround for GCM requests with an empty payload.
This was copied from ccr(4) (which does require the workaround), but
is reportedly not needed for ccp(4).
Discussed with: cem
Sponsored by: Netflix
Modified:
head/sys/crypto/ccp/ccp.c
Modified: head/sys/crypto/ccp/ccp.c
==============================================================================
--- head/sys/crypto/ccp/ccp.c Fri May 22 19:09:43 2020 (r361403)
+++ head/sys/crypto/ccp/ccp.c Fri May 22 20:52:36 2020 (r361404)
@@ -113,67 +113,6 @@ ccp_populate_sglist(struct sglist *sg, struct cryptop
return (error);
}
-/*
- * Handle a GCM request with an empty payload by performing the
- * operation in software.
- */
-static void
-ccp_gcm_soft(struct ccp_session *s, struct cryptop *crp)
-{
- struct aes_gmac_ctx gmac_ctx;
- char block[GMAC_BLOCK_LEN];
- char digest[GMAC_DIGEST_LEN];
- char iv[AES_BLOCK_LEN];
- int i, len;
-
- /*
- * This assumes a 12-byte IV from the crp. See longer comment
- * above in ccp_gcm() for more details.
- */
- if ((crp->crp_flags & CRYPTO_F_IV_SEPARATE) == 0) {
- crp->crp_etype = EINVAL;
- goto out;
- }
- memcpy(iv, crp->crp_iv, 12);
- *(uint32_t *)&iv[12] = htobe32(1);
-
- /* Initialize the MAC. */
- AES_GMAC_Init(&gmac_ctx);
- AES_GMAC_Setkey(&gmac_ctx, s->blkcipher.enckey, s->blkcipher.key_len);
- AES_GMAC_Reinit(&gmac_ctx, iv, sizeof(iv));
-
- /* MAC the AAD. */
- for (i = 0; i < crp->crp_aad_length; i += sizeof(block)) {
- len = imin(crp->crp_aad_length - i, sizeof(block));
- crypto_copydata(crp, crp->crp_aad_start + i, len, block);
- bzero(block + len, sizeof(block) - len);
- AES_GMAC_Update(&gmac_ctx, block, sizeof(block));
- }
-
- /* Length block. */
- bzero(block, sizeof(block));
- ((uint32_t *)block)[1] = htobe32(crp->crp_aad_length * 8);
- AES_GMAC_Update(&gmac_ctx, block, sizeof(block));
- AES_GMAC_Final(digest, &gmac_ctx);
-
- if (CRYPTO_OP_IS_ENCRYPT(crp->crp_op)) {
- crypto_copyback(crp, crp->crp_digest_start, sizeof(digest),
- digest);
- crp->crp_etype = 0;
- } else {
- char digest2[GMAC_DIGEST_LEN];
-
- crypto_copydata(crp, crp->crp_digest_start, sizeof(digest2),
- digest2);
- if (timingsafe_bcmp(digest, digest2, sizeof(digest)) == 0)
- crp->crp_etype = 0;
- else
- crp->crp_etype = EBADMSG;
- }
-out:
- crypto_done(crp);
-}
-
static int
ccp_probe(device_t dev)
{
@@ -643,11 +582,6 @@ ccp_process(device_t dev, struct cryptop *crp, int hin
error = ccp_authenc(qp, s, crp);
break;
case GCM:
- if (crp->crp_payload_length == 0) {
- mtx_unlock(&qp->cq_lock);
- ccp_gcm_soft(s, crp);
- return (0);
- }
if (s->pending != 0) {
error = EAGAIN;
break;
More information about the svn-src-all
mailing list