svn commit: r201898 - head/sys/opencrypto
Bjoern A. Zeeb
bz at FreeBSD.org
Sat Jan 9 15:43:48 UTC 2010
Author: bz
Date: Sat Jan 9 15:43:47 2010
New Revision: 201898
URL: http://svn.freebsd.org/changeset/base/201898
Log:
Add comments trying to explain what bad things happen here, i.e.
how hashed MD5/SHA are implemented, abusing Final() for padding and
sw_octx to transport the key from the beginning to the end.
Enlightened about what was going on here by: cperciva
Reviewed by: cperciva
MFC After: 3 days
X-MFC with: r187826
PR: kern/126468
Modified:
head/sys/opencrypto/cryptosoft.c
Modified: head/sys/opencrypto/cryptosoft.c
==============================================================================
--- head/sys/opencrypto/cryptosoft.c Sat Jan 9 15:37:24 2010 (r201897)
+++ head/sys/opencrypto/cryptosoft.c Sat Jan 9 15:43:47 2010 (r201898)
@@ -434,7 +434,16 @@ swcr_authprepare(struct auth_hash *axf,
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
{
- /* We need a buffer that can hold an md5 and a sha1 result. */
+ /*
+ * We need a buffer that can hold an md5 and a sha1 result
+ * just to throw it away.
+ * What we do here is the initial part of:
+ * ALGO( key, keyfill, .. )
+ * adding the key to sw_ictx and abusing Final() to get the
+ * "keyfill" padding.
+ * In addition we abuse the sw_octx to save the key to have
+ * it to be able to append it at the end in swcr_authcompute().
+ */
u_char buf[SHA1_RESULTLEN];
sw->sw_klen = klen;
@@ -495,9 +504,17 @@ swcr_authcompute(struct cryptodesc *crd,
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
+ /* If we have no key saved, return error. */
if (sw->sw_octx == NULL)
return EINVAL;
+ /*
+ * Add the trailing copy of the key (see comment in
+ * swcr_authprepare()) after the data:
+ * ALGO( .., key, algofill )
+ * and let Final() do the proper, natural "algofill"
+ * padding.
+ */
axf->Update(&ctx, sw->sw_octx, sw->sw_klen);
axf->Final(aalg, &ctx);
break;
More information about the svn-src-head
mailing list