Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src-draft/trunk]: src/sys/dev Fold `cipher prep' into `cipher' in cgd.
details: https://anonhg.NetBSD.org/src-all/rev/4097210e6df2
branches: trunk
changeset: 934488:4097210e6df2
user: Taylor R Campbell <riastradh%NetBSD.org@localhost>
date: Fri May 29 19:47:25 2020 +0000
description:
Fold `cipher prep' into `cipher' in cgd.
Simplify some logic along the way and u_int*_t -> uint*_t.
diffstat:
sys/dev/cgd.c | 13 +---
sys/dev/cgd_crypto.c | 146 +++++++++++++++++---------------------------------
sys/dev/cgd_crypto.h | 2 -
3 files changed, 53 insertions(+), 108 deletions(-)
diffs (truncated from 387 to 300 lines):
diff -r 4d5925dd3da6 -r 4097210e6df2 sys/dev/cgd.c
--- a/sys/dev/cgd.c Sat Jun 13 13:45:06 2020 +0000
+++ b/sys/dev/cgd.c Fri May 29 19:47:25 2020 +0000
@@ -1535,7 +1535,6 @@
{
char *dst = dstv;
char *src = srcv;
- cfunc_cipher_prep *ciprep = sc->sc_cfuncs->cf_cipher_prep;
cfunc_cipher *cipher = sc->sc_cfuncs->cf_cipher;
struct uio dstuio;
struct uio srcuio;
@@ -1543,7 +1542,7 @@
struct iovec srciov[2];
size_t blocksize = sc->sc_cdata.cf_blocksize;
size_t todo;
- char blkno_buf[CGD_MAXBLOCKSIZE], *iv;
+ char blkno_buf[CGD_MAXBLOCKSIZE];
DPRINTF_FOLLOW(("cgd_cipher() dir=%d\n", dir));
@@ -1576,15 +1575,7 @@
IFDEBUG(CGDB_CRYPTO, hexprint("step 1: blkno_buf",
blkno_buf, blocksize));
- /*
- * Compute an initial IV. All ciphers
- * can convert blkno_buf in-place.
- */
- iv = blkno_buf;
- ciprep(sc->sc_cdata.cf_priv, iv, blkno_buf, blocksize, dir);
- IFDEBUG(CGDB_CRYPTO, hexprint("step 2: iv", iv, blocksize));
-
- cipher(sc->sc_cdata.cf_priv, &dstuio, &srcuio, iv, dir);
+ cipher(sc->sc_cdata.cf_priv, &dstuio, &srcuio, blkno_buf, dir);
dst += todo;
src += todo;
diff -r 4d5925dd3da6 -r 4097210e6df2 sys/dev/cgd_crypto.c
--- a/sys/dev/cgd_crypto.c Sat Jun 13 13:45:06 2020 +0000
+++ b/sys/dev/cgd_crypto.c Fri May 29 19:47:25 2020 +0000
@@ -59,22 +59,18 @@
static cfunc_init cgd_cipher_aes_cbc_init;
static cfunc_destroy cgd_cipher_aes_cbc_destroy;
static cfunc_cipher cgd_cipher_aes_cbc;
-static cfunc_cipher_prep cgd_cipher_aes_cbc_prep;
static cfunc_init cgd_cipher_aes_xts_init;
static cfunc_destroy cgd_cipher_aes_xts_destroy;
static cfunc_cipher cgd_cipher_aes_xts;
-static cfunc_cipher_prep cgd_cipher_aes_xts_prep;
static cfunc_init cgd_cipher_3des_init;
static cfunc_destroy cgd_cipher_3des_destroy;
static cfunc_cipher cgd_cipher_3des_cbc;
-static cfunc_cipher_prep cgd_cipher_3des_cbc_prep;
static cfunc_init cgd_cipher_bf_init;
static cfunc_destroy cgd_cipher_bf_destroy;
static cfunc_cipher cgd_cipher_bf_cbc;
-static cfunc_cipher_prep cgd_cipher_bf_cbc_prep;
static const struct cryptfuncs cf[] = {
{
@@ -82,28 +78,24 @@
.cf_init = cgd_cipher_aes_xts_init,
.cf_destroy = cgd_cipher_aes_xts_destroy,
.cf_cipher = cgd_cipher_aes_xts,
- .cf_cipher_prep = cgd_cipher_aes_xts_prep,
},
{
.cf_name = "aes-cbc",
.cf_init = cgd_cipher_aes_cbc_init,
.cf_destroy = cgd_cipher_aes_cbc_destroy,
.cf_cipher = cgd_cipher_aes_cbc,
- .cf_cipher_prep = cgd_cipher_aes_cbc_prep,
},
{
.cf_name = "3des-cbc",
.cf_init = cgd_cipher_3des_init,
.cf_destroy = cgd_cipher_3des_destroy,
.cf_cipher = cgd_cipher_3des_cbc,
- .cf_cipher_prep = cgd_cipher_3des_cbc_prep,
},
{
.cf_name = "blowfish-cbc",
.cf_init = cgd_cipher_bf_init,
.cf_destroy = cgd_cipher_bf_destroy,
.cf_cipher = cgd_cipher_bf_cbc,
- .cf_cipher_prep = cgd_cipher_bf_cbc_prep,
},
};
const struct cryptfuncs *
@@ -150,9 +142,9 @@
src = srcuio->uio_iov;
srcnum = srcuio->uio_iovcnt;
for (;;) {
- int l = MIN(dst->iov_len - dstoff, src->iov_len - srcoff);
- u_int8_t *d = (u_int8_t *)dst->iov_base + dstoff;
- const u_int8_t *s = (const u_int8_t *)src->iov_base + srcoff;
+ int l = MIN(dst->iov_len - dstoff, src->iov_len - srcoff);
+ uint8_t *d = (uint8_t *)dst->iov_base + dstoff;
+ const uint8_t *s = (const uint8_t *)src->iov_base + srcoff;
cipher(privdata, d, s, l);
@@ -193,7 +185,7 @@
struct aes_encdata {
keyInstance *ae_key; /* key for this direction */
- u_int8_t ae_iv[CGD_AES_BLOCK_SIZE]; /* Initialization Vector */
+ uint8_t ae_iv[CGD_AES_BLOCK_SIZE]; /* Initialization Vector */
};
static void *
@@ -227,24 +219,6 @@
}
static void
-cgd_cipher_aes_cbc_prep(void *privdata, char *iv,
- const char *blkno_buf, size_t blocksize, int dir)
-{
- struct aes_privdata *apd = privdata;
- cipherInstance cipher;
- int cipher_ok __diagused;
-
- cipher_ok = rijndael_cipherInit(&cipher, MODE_CBC, NULL);
- KASSERT(cipher_ok > 0);
- rijndael_blockEncrypt(&cipher, &apd->ap_enckey,
- blkno_buf, blocksize * 8, iv);
- if (blocksize > CGD_AES_BLOCK_SIZE) {
- (void)memmove(iv, iv + blocksize - CGD_AES_BLOCK_SIZE,
- CGD_AES_BLOCK_SIZE);
- }
-}
-
-static void
aes_cbc_enc_int(void *privdata, void *dst, const void *src, size_t len)
{
struct aes_encdata *ae = privdata;
@@ -253,8 +227,9 @@
cipher_ok = rijndael_cipherInit(&cipher, MODE_CBC, ae->ae_iv);
KASSERT(cipher_ok > 0);
- rijndael_blockEncrypt(&cipher, ae->ae_key, src, len * 8, dst);
- (void)memcpy(ae->ae_iv, (u_int8_t *)dst +
+ rijndael_blockEncrypt(&cipher, ae->ae_key, src, /*inputbits*/len * 8,
+ dst);
+ (void)memcpy(ae->ae_iv, (uint8_t *)dst +
(len - CGD_AES_BLOCK_SIZE), CGD_AES_BLOCK_SIZE);
}
@@ -267,8 +242,9 @@
cipher_ok = rijndael_cipherInit(&cipher, MODE_CBC, ae->ae_iv);
KASSERT(cipher_ok > 0);
- rijndael_blockDecrypt(&cipher, ae->ae_key, src, len * 8, dst);
- (void)memcpy(ae->ae_iv, (const u_int8_t *)src +
+ rijndael_blockDecrypt(&cipher, ae->ae_key, src, /*inputbits*/len * 8,
+ dst);
+ (void)memcpy(ae->ae_iv, (const uint8_t *)src +
(len - CGD_AES_BLOCK_SIZE), CGD_AES_BLOCK_SIZE);
}
@@ -278,8 +254,15 @@
{
struct aes_privdata *apd = privdata;
struct aes_encdata encd;
+ cipherInstance cipher;
+ int cipher_ok __diagused;
- (void)memcpy(encd.ae_iv, iv, CGD_AES_BLOCK_SIZE);
+ /* Compute the CBC IV as AES_k(iv). */
+ cipher_ok = rijndael_cipherInit(&cipher, MODE_ECB, NULL);
+ KASSERT(cipher_ok > 0);
+ rijndael_blockEncrypt(&cipher, &apd->ap_enckey, iv, /*inputbits*/128,
+ encd.ae_iv);
+
switch (dir) {
case CGD_CIPHER_ENCRYPT:
encd.ae_key = &apd->ap_enckey;
@@ -333,20 +316,6 @@
}
static void
-cgd_cipher_aes_xts_prep(void *privdata, char *iv,
- const char *blkno_buf, size_t blocksize, int dir)
-{
- struct aes_privdata *apd = privdata;
- cipherInstance cipher;
- int cipher_ok __diagused;
-
- cipher_ok = rijndael_cipherInit(&cipher, MODE_ECB, NULL);
- KASSERT(cipher_ok > 0);
- rijndael_blockEncrypt(&cipher, &apd[1].ap_enckey,
- blkno_buf, blocksize * 8, iv);
-}
-
-static void
aes_xts_enc_int(void *privdata, void *dst, const void *src, size_t len)
{
struct aes_encdata *ae = privdata;
@@ -355,7 +324,8 @@
cipher_ok = rijndael_cipherInit(&cipher, MODE_XTS, ae->ae_iv);
KASSERT(cipher_ok > 0);
- rijndael_blockEncrypt(&cipher, ae->ae_key, src, len * 8, dst);
+ rijndael_blockEncrypt(&cipher, ae->ae_key, src, /*inputbits*/len * 8,
+ dst);
(void)memcpy(ae->ae_iv, cipher.IV, CGD_AES_BLOCK_SIZE);
}
@@ -368,7 +338,8 @@
cipher_ok = rijndael_cipherInit(&cipher, MODE_XTS, ae->ae_iv);
KASSERT(cipher_ok > 0);
- rijndael_blockDecrypt(&cipher, ae->ae_key, src, len * 8, dst);
+ rijndael_blockDecrypt(&cipher, ae->ae_key, src, /*inputbits*/len * 8,
+ dst);
(void)memcpy(ae->ae_iv, cipher.IV, CGD_AES_BLOCK_SIZE);
}
@@ -378,8 +349,14 @@
{
struct aes_privdata *apd = privdata;
struct aes_encdata encd;
+ cipherInstance cipher;
+ int cipher_ok __diagused;
- (void)memcpy(encd.ae_iv, iv, CGD_AES_BLOCK_SIZE);
+ cipher_ok = rijndael_cipherInit(&cipher, MODE_ECB, NULL);
+ KASSERT(cipher_ok > 0);
+ rijndael_blockEncrypt(&cipher, &apd[1].ap_enckey, iv, /*inputbits*/128,
+ encd.ae_iv);
+
switch (dir) {
case CGD_CIPHER_ENCRYPT:
encd.ae_key = &apd->ap_enckey;
@@ -408,7 +385,7 @@
des_key_schedule *ce_key1;
des_key_schedule *ce_key2;
des_key_schedule *ce_key3;
- u_int8_t ce_iv[CGD_3DES_BLOCK_SIZE];
+ uint8_t ce_iv[CGD_3DES_BLOCK_SIZE];
};
static void *
@@ -449,29 +426,13 @@
}
static void
-cgd_cipher_3des_cbc_prep(void *privdata, char *iv,
- const char *blkno_buf, size_t blocksize, int dir)
-{
- struct c3des_privdata *cp = privdata;
- char zero_iv[CGD_3DES_BLOCK_SIZE];
-
- memset(zero_iv, 0, sizeof(zero_iv));
- des_ede3_cbc_encrypt(blkno_buf, iv, blocksize,
- cp->cp_key1, cp->cp_key2, cp->cp_key3, (des_cblock *)zero_iv, 1);
- if (blocksize > CGD_3DES_BLOCK_SIZE) {
- (void)memmove(iv, iv + blocksize - CGD_3DES_BLOCK_SIZE,
- CGD_3DES_BLOCK_SIZE);
- }
-}
-
-static void
c3des_cbc_enc_int(void *privdata, void *dst, const void *src, size_t len)
{
struct c3des_encdata *ce = privdata;
des_ede3_cbc_encrypt(src, dst, len, *ce->ce_key1, *ce->ce_key2,
- *ce->ce_key3, (des_cblock *)ce->ce_iv, 1);
- (void)memcpy(ce->ce_iv, (const u_int8_t *)dst +
+ *ce->ce_key3, (des_cblock *)ce->ce_iv, /*encrypt*/1);
+ (void)memcpy(ce->ce_iv, (const uint8_t *)dst +
(len - CGD_3DES_BLOCK_SIZE), CGD_3DES_BLOCK_SIZE);
}
@@ -481,8 +442,8 @@
struct c3des_encdata *ce = privdata;
des_ede3_cbc_encrypt(src, dst, len, *ce->ce_key1, *ce->ce_key2,
- *ce->ce_key3, (des_cblock *)ce->ce_iv, 0);
- (void)memcpy(ce->ce_iv, (const u_int8_t *)src +
+ *ce->ce_key3, (des_cblock *)ce->ce_iv, /*encrypt*/0);
+ (void)memcpy(ce->ce_iv, (const uint8_t *)src +
(len - CGD_3DES_BLOCK_SIZE), CGD_3DES_BLOCK_SIZE);
}
@@ -492,8 +453,13 @@
{
struct c3des_privdata *cp = privdata;
struct c3des_encdata ce;
+ des_cblock zero;
- (void)memcpy(ce.ce_iv, iv, CGD_3DES_BLOCK_SIZE);
+ /* Compute the CBC IV as 3DES_k(iv) = 3DES-CBC_k(iv, 0). */
+ memset(&zero, 0, sizeof(zero));
+ des_ede3_cbc_encrypt(iv, ce.ce_iv, CGD_3DES_BLOCK_SIZE,
+ cp->cp_key1, cp->cp_key2, cp->cp_key3, &zero, /*encrypt*/1);
Home |
Main Index |
Thread Index |
Old Index