svn commit: r274340 - in head/sys: crypto/rijndael dev/random geom/bde
Bjoern A. Zeeb
bz at FreeBSD.org
Mon Nov 10 15:10:58 UTC 2014
On 10 Nov 2014, at 09:44 , Dag-Erling Smørgrav <des at FreeBSD.org> wrote:
> Author: des
> Date: Mon Nov 10 09:44:38 2014
> New Revision: 274340
> URL: https://svnweb.freebsd.org/changeset/base/274340
>
> Log:
> Constify the AES code and propagate to consumers. This allows us to
> update the Fortuna code to use SHAd-256 as defined in FS&K.
>
> Approved by: so (self)
This fails to compile on all gcc platforms.
cc1: warnings being treated as errors
/scratch/tmp/bz/head.svn/sys/modules/geom/geom_bde/../../../crypto/rijndael/rijndael-api-fst.c: In function 'rijndael_padEncrypt':
/scratch/tmp/bz/head.svn/sys/modules/geom/geom_bde/../../../crypto/rijndael/rijndael-api-fst.c:236: warning: cast discards qualifiers from pointer target type
/scratch/tmp/bz/head.svn/sys/modules/geom/geom_bde/../../../crypto/rijndael/rijndael-api-fst.c:237: warning: cast discards qualifiers from pointer target type
/scratch/tmp/bz/head.svn/sys/modules/geom/geom_bde/../../../crypto/rijndael/rijndael-api-fst.c:238: warning: cast discards qualifiers from pointer target type
/scratch/tmp/bz/head.svn/sys/modules/geom/geom_bde/../../../crypto/rijndael/rijndael-api-fst.c:239: warning: cast discards qualifiers from pointer target type
--- rijndael-api-fst.o ---
*** [rijndael-api-fst.o] Error code 1
bmake: stopped in /scratch/tmp/bz/head.svn/sys/modules/geom/geom_bde
cc1: warnings being treated as errors
/scratch/tmp/bz/head.svn/sys/modules/random/../../crypto/rijndael/rijndael-api-fst.c: In function 'rijndael_padEncrypt':
/scratch/tmp/bz/head.svn/sys/modules/random/../../crypto/rijndael/rijndael-api-fst.c:236: warning: cast discards qualifiers from pointer target type
/scratch/tmp/bz/head.svn/sys/modules/random/../../crypto/rijndael/rijndael-api-fst.c:237: warning: cast discards qualifiers from pointer target type
/scratch/tmp/bz/head.svn/sys/modules/random/../../crypto/rijndael/rijndael-api-fst.c:238: warning: cast discards qualifiers from pointer target type
/scratch/tmp/bz/head.svn/sys/modules/random/../../crypto/rijndael/rijndael-api-fst.c:239: warning: cast discards qualifiers from pointer target type
--- rijndael-api-fst.o ---
*** [rijndael-api-fst.o] Error code 1
…
>
> Modified:
> head/sys/crypto/rijndael/rijndael-api-fst.c
> head/sys/crypto/rijndael/rijndael-api-fst.h
> head/sys/dev/random/fortuna.c
> head/sys/dev/random/hash.c
> head/sys/dev/random/hash.h
> head/sys/geom/bde/g_bde.h
>
> Modified: head/sys/crypto/rijndael/rijndael-api-fst.c
> ==============================================================================
> --- head/sys/crypto/rijndael/rijndael-api-fst.c Mon Nov 10 09:11:23 2014 (r274339)
> +++ head/sys/crypto/rijndael/rijndael-api-fst.c Mon Nov 10 09:44:38 2014 (r274340)
> @@ -34,7 +34,8 @@ __FBSDID("$FreeBSD$");
>
> typedef u_int8_t BYTE;
>
> -int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, char *keyMaterial) {
> +int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen,
> + const char *keyMaterial) {
> u_int8_t cipherKey[RIJNDAEL_MAXKB];
>
> if (key == NULL) {
> @@ -83,7 +84,7 @@ int rijndael_cipherInit(cipherInstance *
> }
>
> int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key,
> - BYTE *input, int inputLen, BYTE *outBuffer) {
> + const BYTE *input, int inputLen, BYTE *outBuffer) {
> int i, k, numBlocks;
> u_int8_t block[16], iv[4][4];
>
> @@ -198,7 +199,7 @@ int rijndael_blockEncrypt(cipherInstance
> * @return length in octets (not bits) of the encrypted output buffer.
> */
> int rijndael_padEncrypt(cipherInstance *cipher, keyInstance *key,
> - BYTE *input, int inputOctets, BYTE *outBuffer) {
> + const BYTE *input, int inputOctets, BYTE *outBuffer) {
> int i, numBlocks, padLen;
> u_int8_t block[16], *iv, *cp;
>
> @@ -261,7 +262,7 @@ int rijndael_padEncrypt(cipherInstance *
> }
>
> int rijndael_blockDecrypt(cipherInstance *cipher, keyInstance *key,
> - BYTE *input, int inputLen, BYTE *outBuffer) {
> + const BYTE *input, int inputLen, BYTE *outBuffer) {
> int i, k, numBlocks;
> u_int8_t block[16], iv[4][4];
>
> @@ -360,7 +361,7 @@ int rijndael_blockDecrypt(cipherInstance
> }
>
> int rijndael_padDecrypt(cipherInstance *cipher, keyInstance *key,
> - BYTE *input, int inputOctets, BYTE *outBuffer) {
> + const BYTE *input, int inputOctets, BYTE *outBuffer) {
> int i, numBlocks, padLen;
> u_int8_t block[16];
> u_int32_t iv[4];
>
> Modified: head/sys/crypto/rijndael/rijndael-api-fst.h
> ==============================================================================
> --- head/sys/crypto/rijndael/rijndael-api-fst.h Mon Nov 10 09:11:23 2014 (r274339)
> +++ head/sys/crypto/rijndael/rijndael-api-fst.h Mon Nov 10 09:44:38 2014 (r274340)
> @@ -56,18 +56,18 @@ typedef struct { /* c
>
> /* Function prototypes */
>
> -int rijndael_makeKey(keyInstance *, u_int8_t, int, char *);
> +int rijndael_makeKey(keyInstance *, u_int8_t, int, const char *);
>
> int rijndael_cipherInit(cipherInstance *, u_int8_t, char *);
>
> -int rijndael_blockEncrypt(cipherInstance *, keyInstance *, u_int8_t *, int,
> - u_int8_t *);
> -int rijndael_padEncrypt(cipherInstance *, keyInstance *, u_int8_t *, int,
> - u_int8_t *);
> -
> -int rijndael_blockDecrypt(cipherInstance *, keyInstance *, u_int8_t *, int,
> - u_int8_t *);
> -int rijndael_padDecrypt(cipherInstance *, keyInstance *, u_int8_t *, int,
> - u_int8_t *);
> +int rijndael_blockEncrypt(cipherInstance *, keyInstance *, const u_int8_t *,
> + int, u_int8_t *);
> +int rijndael_padEncrypt(cipherInstance *, keyInstance *, const u_int8_t *,
> + int, u_int8_t *);
> +
> +int rijndael_blockDecrypt(cipherInstance *, keyInstance *, const u_int8_t *,
> + int, u_int8_t *);
> +int rijndael_padDecrypt(cipherInstance *, keyInstance *, const u_int8_t *,
> + int, u_int8_t *);
>
> #endif /* __RIJNDAEL_API_FST_H */
>
> Modified: head/sys/dev/random/fortuna.c
> ==============================================================================
> --- head/sys/dev/random/fortuna.c Mon Nov 10 09:11:23 2014 (r274339)
> +++ head/sys/dev/random/fortuna.c Mon Nov 10 09:44:38 2014 (r274340)
> @@ -27,13 +27,11 @@
>
> /* This implementation of Fortuna is based on the descriptions found in
> * ISBN 0-471-22357-3 "Practical Cryptography" by Ferguson and Schneier
> - * ("K&S").
> + * ("F&S").
> *
> - * The above book is superceded by ISBN 978-0-470-47424-2 "Cryptography
> - * Engineering" by Ferguson, Schneier and Kohno ("FS&K").
> - *
> - * This code has not yet caught up with FS&K, but differences are not
> - * expected to be complex.
> + * The above book is superseded by ISBN 978-0-470-47424-2 "Cryptography
> + * Engineering" by Ferguson, Schneier and Kohno ("FS&K"). The code has
> + * not yet fully caught up with FS&K.
> */
>
> #include <sys/cdefs.h>
> @@ -252,12 +250,9 @@ reseed(uint8_t *junk, u_int length)
> mtx_assert(&random_reseed_mtx, MA_OWNED);
> #endif
>
> - /* F&S - K = Hd(K|s) where Hd(m) is H(H(m)) */
> + /* FS&K - K = Hd(K|s) where Hd(m) is H(H(0^512|m)) */
> randomdev_hash_init(&context);
> -#if 0
> - /* FS&K defines Hd(m) as H(H(0^512|m)) */
> - randomdev_hash_iterate(&context, zero_region, KEYSIZE);
> -#endif
> + randomdev_hash_iterate(&context, zero_region, 512/8);
> randomdev_hash_iterate(&context, &fortuna_state.key, sizeof(fortuna_state.key));
> randomdev_hash_iterate(&context, junk, length);
> randomdev_hash_finish(&context, hash);
> @@ -270,7 +265,7 @@ reseed(uint8_t *junk, u_int length)
> /* Unblock the device if it was blocked due to being unseeded */
> if (uint128_is_zero(fortuna_state.counter.whole))
> random_adaptor_unblock();
> - /* F&S - C = C + 1 */
> + /* FS&K - C = C + 1 */
> uint128_increment(&fortuna_state.counter.whole);
> }
>
>
> Modified: head/sys/dev/random/hash.c
> ==============================================================================
> --- head/sys/dev/random/hash.c Mon Nov 10 09:11:23 2014 (r274339)
> +++ head/sys/dev/random/hash.c Mon Nov 10 09:44:38 2014 (r274340)
> @@ -60,7 +60,7 @@ randomdev_hash_init(struct randomdev_has
>
> /* Iterate the hash */
> void
> -randomdev_hash_iterate(struct randomdev_hash *context, void *data, size_t size)
> +randomdev_hash_iterate(struct randomdev_hash *context, const void *data, size_t size)
> {
>
> SHA256_Update(&context->sha, data, size);
> @@ -81,7 +81,7 @@ randomdev_hash_finish(struct randomdev_h
> * data. Use CBC mode for better avalanche.
> */
> void
> -randomdev_encrypt_init(struct randomdev_key *context, void *data)
> +randomdev_encrypt_init(struct randomdev_key *context, const void *data)
> {
>
> rijndael_cipherInit(&context->cipher, MODE_CBC, NULL);
> @@ -93,7 +93,7 @@ randomdev_encrypt_init(struct randomdev_
> * a multiple of BLOCKSIZE.
> */
> void
> -randomdev_encrypt(struct randomdev_key *context, void *d_in, void *d_out, u_int length)
> +randomdev_encrypt(struct randomdev_key *context, const void *d_in, void *d_out, u_int length)
> {
>
> rijndael_blockEncrypt(&context->cipher, &context->key, d_in, length*8, d_out);
>
> Modified: head/sys/dev/random/hash.h
> ==============================================================================
> --- head/sys/dev/random/hash.h Mon Nov 10 09:11:23 2014 (r274339)
> +++ head/sys/dev/random/hash.h Mon Nov 10 09:44:38 2014 (r274340)
> @@ -42,9 +42,9 @@ struct randomdev_key { /* Big! Make sta
> };
>
> void randomdev_hash_init(struct randomdev_hash *);
> -void randomdev_hash_iterate(struct randomdev_hash *, void *, size_t);
> +void randomdev_hash_iterate(struct randomdev_hash *, const void *, size_t);
> void randomdev_hash_finish(struct randomdev_hash *, void *);
> -void randomdev_encrypt_init(struct randomdev_key *, void *);
> -void randomdev_encrypt(struct randomdev_key *context, void *, void *, u_int);
> +void randomdev_encrypt_init(struct randomdev_key *, const void *);
> +void randomdev_encrypt(struct randomdev_key *context, const void *, void *, u_int);
>
> #endif
>
> Modified: head/sys/geom/bde/g_bde.h
> ==============================================================================
> --- head/sys/geom/bde/g_bde.h Mon Nov 10 09:11:23 2014 (r274339)
> +++ head/sys/geom/bde/g_bde.h Mon Nov 10 09:44:38 2014 (r274340)
> @@ -182,7 +182,7 @@ AES_init(cipherInstance *ci)
> }
>
> static __inline void
> -AES_makekey(keyInstance *ki, int dir, u_int len, void *key)
> +AES_makekey(keyInstance *ki, int dir, u_int len, const void *key)
> {
> int error;
>
> @@ -191,7 +191,7 @@ AES_makekey(keyInstance *ki, int dir, u_
> }
>
> static __inline void
> -AES_encrypt(cipherInstance *ci, keyInstance *ki, void *in, void *out, u_int len)
> +AES_encrypt(cipherInstance *ci, keyInstance *ki, const void *in, void *out, u_int len)
> {
> int error;
>
> @@ -200,7 +200,7 @@ AES_encrypt(cipherInstance *ci, keyInsta
> }
>
> static __inline void
> -AES_decrypt(cipherInstance *ci, keyInstance *ki, void *in, void *out, u_int len)
> +AES_decrypt(cipherInstance *ci, keyInstance *ki, const void *in, void *out, u_int len)
> {
> int error;
>
>
—
Bjoern A. Zeeb "Come on. Learn, goddamn it.", WarGames, 1983
More information about the svn-src-head
mailing list